We collect a variety of information about our users and visitors to our Site and users of our services.
This personal data falls into these categories:
- Identity Data includes first name, last name
- Contact Data includes address, email address and telephone numbers.
- Profile Data includes your username and password, as well as any profile data which we have added (for example, using analytics and profiling).
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, and other technology on the devices you use to access this website.
- Usage Data includes information about how you use our Site and services.
- Tracking Data includes information we or others collect about you from cookies and similar tracking technologies, such as web beacons, pixels, and mobile identifiers.
- Marketing and Communications Data includes your preferences in receiving direct marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Site feature.
How is your Personal Data Collected?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Identity and Contact Data by filling in forms or by corresponding with us by mail, in person, phone and/or email.
This includes personal data you provide when you:
- fill in a form or questionnaire;
- make inquiries or request information be sent to you;
- ask for marketing to be sent to you;
- contact us via email, phone or post.
Automated technologies or interactions. As you interact with us, including via the Site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We may also collect Tracking Data or Usage Data when you use our Site, or when you click on one of our advertisements or marketing emails.
How we use your Personal Data
- Where we need to perform the contract we are about to enter into or have entered into with you. For example, when you sign a contract with us for our services, that’s a contract.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, when we ensure that you are authorized to login to the Site or services.
- Where we need to comply with a legal or regulatory obligation. For example, keeping records of our sales for tax compliance.
- Where we have your consent such as for certain cookies or in relation to sending certain direct marketing communications. Where our legal basis is consent, you have the right to withdraw consent any time.
See Explaining the legal bases we rely on to process personal data to find out more about the types of lawful basis that we will rely on to process your personal data.
Explaining the legal bases we rely on to process personal data
The table below shows you a description of all the ways we plan to use personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
|Purpose/Activity||Type of data||Lawful basis for processing|
|To register you as a customer to use our services||Identity, Contact||Performance of a contract with you|
|To process your transaction for our Services including:
(a) Manage payments, fees and charges (
b) Collect and recover money owed to us
|Identity, Contact||Performance of a contract with you Necessary for our legitimate interests (including to recover debts due to us)|
|To provide our services and to manage our relationship with you which will include:
(b) Providing you with the services and support
(c) Ensuring you are authorized to login to the Site and services
|Identity, Contact, Profile, Marketing and Communications||Performance of a contract with you Necessary to comply with a legal obligation Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)|
|To deliver direct marketing to you||Identity, Contact, Profile, Usage, Marketing and Communications Tracking, Technical||For direct marketing communications, we rely on consent or our legitimate interests to use your personal data in this way. (Please see Advertising, marketing and your communications preferences below)|
|To administer and protect our business and this Site and services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||Identity, Contact, Technical, Tracking||Necessary for our legitimate interests (for running our business, provision of administration and services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise) Necessary to comply with a legal obligation|
|To deliver relevant Site content and marketing to you and measure or understand the effectiveness of the advertising we serve to you||Identity, Contact, Profile, Usage, Marketing and Communications, Technical, Tracking||Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)|
|To use data analytics to improve our Site, products/services, marketing, customer relationships and experiences||Technical, Tracking, Usage||Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Site updated and relevant, to develop our business and to inform our marketing strategy)|
|To make suggestions and recommendations to you about services that may be of interest to you||Identity, Contact, Technical, Usage, Profile||Necessary for our legitimate interests (to develop our products/services and grow our business)|
|To prevent and detect unlawful acts||Identity, Contact, Technical, Tracking||Necessary for our legitimate interests (to protect our business and our customers by way of undertaking fraud monitoring and suspicious transaction monitoring) Necessary to comply with a legal or contractual obligation to share personal data for the purposes of law enforcement|
|In order to resolve legal claims or disputes involving you or us||All relevant data categories, depending on the nature of the allegation or claim||Necessary to bring or defend a claim|
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
We do not carry out any automated decision making.
Advertising, marketing and your communications preferences
We may use your Identity, Contact, Technical, Tracking, Usage and Profile Data to form a picture of what we think you may want or need, or what may be of interest to you. This is how we decide which services and offers may be relevant for you and tell you about them. This is what we call direct marketing. We may carry out direct marketing by email.
On our Site, we try to make it clear what we are doing and what communications you will be sent, and you have a right at any time to change your mind and opt out. The easiest way to opt out is to use the unsubscribe link at the bottom of the emails, to tell you something that might be relevant to you and your business.
Tracking Data, and in particular cookies, help us to deliver Site.
Cookies can also tell us if you have seen a specific marketing email. Cookies help us understand if you’ve opened a marketing email because we don’t want to send you things you don’t read.
If you want more information about Tracking Data, in particular cookies, see Cookies below.
Aviatrix recognizes the privacy interests of children and we encourage parents and guardians to take an active role in their children’s online activities and interests. Neither our Site nor our services are intended for children under the age of 16. Aviatrix does not target its services or this Site to children under 16. Aviatrix does not knowingly collect personal data from children under the age of 16.
We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file.
On our Site, we use session cookies to make it easier for you to navigate the Site by saving your preferences and to improve and track the overall Site experience. For our Site, we set a persistent cookie to authenticate your login and authorization to use the services. If you reject cookies, you may still use our Site, but your ability to use some areas and functionality of our Site may be limited.
Cookies help our Site work better and provide lots of help in the background to make the process of being an Aviatrix user a lot easier.
Other cookies collect information about how visitors use our Site, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and used to improve how our Site works.
There are also cookies that allow our Site to remember choices you make (such as your account to use the Site) and provide enhanced, more personal features.
There are cookies that collect information about your browsing habits in order to make advertising delivered to you more relevant to you and your interests (see Advertising, marketing and your communications preferences above). They are usually placed by advertising networks with our permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organization.
Through these cookies and third party analytic tools below, we may track users over time over our Site and other websites. We do not follow browser do not track signals.
When you use our Site, your device or browser may be sent cookies from third parties, for example when using embedded content and social network links. It’s important for you to know that we have no access to or control over cookies used by these companies or third-party websites. We suggest you check the third-party websites for more information about their cookies and how to manage them.
You can see more information about the cookies we use below:
- Microsoft Bing
- Google (You Tube)
- Google Adwords
- Marketo Munchkin
- Hot Jar
- Google Analytics
Third Party Analytics Tools
Beyond the personal data you voluntarily provide to us, Aviatrix utilizes analytics tools including third party technologies, such as Google Analytics and Marketo, to collect non-personal data utilizing cookies. Certain types of information, including geolocation, device type, onsite website usage and behavior, demographic data, and purchase history, is collected and aggregated across Aviatrix Site users for our analysis and advertising efforts.
Aviatrix uses Remarketing with Google Analytics to display relevant advertisements to users who have previously visited our Site. Referred to as remarketing or retargeting, Aviatrix may utilize previous session information to serve display advertisements to you on the Site and based on such session information Google may set a cookie and serve ads to you on third party websites on the Google Display Network. Third party vendors such as Google may display Aviatrix ads on websites across the Internet. Aggregated user data may be utilized to create remarketing/retargeting “lists,” or groups of users with similar onsite behaviors or demographics.
Disclosure of Personal data
Service Providers. We may provide your personal data and the data generated by cookies and the aggregate information to the vendors and service agencies that we may engage to assist us in providing our services to you. For example, we use AWS, Azure, Google Cloud for hosting. Such third party entities are obligated to use your personal data solely to provide the services to us.
Links to Third Party Sites
Social Plugins on Our Services
We may use social plugins on our Site and may include icons that allow you to interact with third party social networks such as, without limitation, Facebook, Google, LinkedIn. The third party social plugin may set a cookie when your browser creates a connection to the servers of such social networks and the plugin may transmit your data to the social networks.
Your use of these social plugins is subject to the privacy policies of the third party social networks.
We employ industry standard procedural and technological measures that are reasonably designed to help protect your personal data from loss, unauthorized access, disclosure, alteration or destruction. Aviatrix uses, without limitation, firewalls, password protection, encryption, and other security measures to help prevent unauthorized access to your personal data. We have internal procedures and policies, guidelines, and documented practices for the safe handling and protection of data and conduct audits of the same.
We will only keep your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers, such as Payment Data, generally for seven years after they stop being customers for tax purposes.
In some circumstances you can ask us to delete your data; see Your rights below for further information.
Notice to European Users
If the General Data Protection Regulation applies to you because you are in the European Union and if we are the controller of such personal data, you have rights under data protection laws in relation to your personal data:
- The right of access – that’s a right to make what’s known as a ‘data subject access request’ for copy of the personal data we hold about you;
- The right to rectification – that’s a right to make us correct personal data about you that may be incomplete or inaccurate;
- The right to erasure – that’s also known as the ‘right to be forgotten’ where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
- The right to restrict processing – that’s a right for you in certain circumstances to ask us to suspend processing personal data;
- The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
- The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
- Rights in relation to automated decision making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision making.
These rights are subject to certain rules around when you can exercise them. You can see a lot more information on them, if you are interested, on the UK Information Commissioner’s Office website.
If you wish to exercise any of the rights set out above, please contact us (see How to contact Aviatrix about privacy).
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority so please contact us in the first instance.