Privacy Policy for Ramprasand Meena Technologies Pvt. Ltd. related to the Flyzy Project.
(Last updated 9th November 2021)
Introduction
This privacy policy (the “Privacy Policy”) describes how Ramprasand Meena Technologies Pvt. Ltd, a Gujarat based company with a registered office at B-304, Lav Kush 4, PDPU Road, Nr. Shahi Kutir, Bungalows, Raysan, Gandhinagar, Gujarat, India, 382007, processes the personal data obtained through the Flyzy Project.
The Privacy Policy is an integral part of the Terms of Service of the Flyzy project(available here). When you push the “I accept” button, you confirm that you have read the Privacy Policy carefully and that you accept its terms.
The Privacy Policy is prepared in accordance with the General Data Protection Regulation (GDPR), applicable US legislation (i.e. Acts of the Federal Trade Commission, the Electronic Communications Privacy Act and others) and the best international practices in the field of personal data protection.
The Privacy Policy Addendum addresses non-standard PII data and includes the Google Limited Use disclosure to demonstrate compliance with Google API Services User Data Policy
Data Protection Officer
Having the greatest respect for your personal data, we appointed Hansraj Patel to be our data protection officer. You can email our data protection officer at [email protected] with any questions you may have.
If you also have any requests regarding privacy matters, you can also contact us at any time at [email protected]
Content
The Privacy Policy covers the following questions:
1. For what purposes do we process your data and to what extent?
The Flyzy project is a flight and travel service that is available to end-users via iOS and Android mobile apps (the “App”). We also have an official website, which is https://flyzygo.com/ (the “Website”).
Our IT infrastructure is constructed in such a way that we use the Google Cloud platform for storing all data, with servers located worldwide. Please make sure that such storage of data corresponds with your interests.
Our key purpose for collecting and processing your personal data is to provide you with services and the opportunity to use the App. The legal basis on which we process your personal data for this purpose is the performance of a contract with you(Terms of Services). The scope of the data we process directly depends on the services you use in the App, i.e. if you do not use any of the App’s features, we do not require or process any corresponding data. However, we cannot provide you with a service that requires the processing of some data if you refuse to provide such data.
If you provide us with any data on behalf of another person (when booking tickets or hotels, auto check-in for flights or subscribing for notifications on flights), you should ensure that such person (i) requested these services and is aware that we render them in his/her interest and (ii) agree that we process his/her personal data for these services.
We also collect and process your personal data:
As well, we process some data to adjust our promotion strategy. Namely, if you install the App through Apple Search Ads we may receive the name of the ad campaign, keyword, ad group and click date. We use this data to adjust our future ad campaigns. No direct marketing is performed based on these data.
The legal basis on which we process your personal data for these purposes is ourlegitimate interest to make the App and the Website correspond to your needs and to keep them secure as well as to facilitate access to information about the App for other persons who may be interested in it.
The legal basis on which we process your personal data for this purpose is ourlegitimate interest in tracking and analyzing trends in the airline industry.
According to our assessment, processing based on specified legitimate interests does not adversely affect your rights and freedoms. Regardless, you are entitled to object to and request the restriction of processing at any time.
We do not process any special categories of personal data (e.g. data revealing racial and ethnic origins, political opinions, religious or philosophical beliefs, trade union memberships or genetic and biometric data) or data related to criminal convictions and offenses.
2. How do we collect your personal data?
We collect your data from:
When parsing your emails to collect data on flights and bookings, we only parse emails that:
When parsing your calendar to collect data on events related to flights, we parse calendar events that are created by [email protected] and contain details of flights.
We do not explore or use emails or calendar events that are neither from / created by the named email addresses nor contain email markups. We do not use any data contained in emails and calendar for serving ads, including retargeting, personalized, or interest-based advertising.
3. What are your choices and rights with respect to personal data?
You can access andupdate your personal data on your own in certain sections of the App (e.g. the Settings and Profile sections). You can also delete and export your account in the Settings section.
You have the full legal right to request from us the personal data we collected and information on how we process your data; demand its rectification or erasure; restrict its processing (blocking), or object to data processing. You can also ask us to transfer the personal data we process to any other project, company and/or any other entity or person you deem appropriate (data portability right). We will do our best to fulfil your request in the shortest possible time. You also have the right not to be subject to automated decisions (made solely by machines) that affect you, as defined by law.
In addition to any of the rights explained in this Policy, in case you are not satisfied with our personal data processing activities and/or have any other complaints, contact our Data Protection Officer. You also have the full legal right to lodge a complaint with a supervisory authority.
4. How do we keep your data safe and secure?
No one can guarantee that data transmission over the Internet or the methods used for electronic storage are 100% secure. Bear this in mind before submitting any information about yourself.
However, the security of your personal data is one of our top priorities. We followthe best international practices and applicable laws to protect your personal data, both during transmission and once we receive it. We implemented the appropriate technical and organizational measures to ensure the security and confidentiality of your personal data, and we follow strict procedures to prevent the unauthorized access, loss or destruction of your personal data. Namely, we follow the Payment Card Industry Data Security Standard (PCI DSS) to ensure the secure processing of your bank card information.
We use Google Cloud to store the data in connection with the App functioning. Google designed the security of its infrastructure in layers that build upon one another, from the physical security of data centres to the security protections of hardware and software, to the processes used to support operational security. This layered protection creates a strong security foundation. A full list of data security measures undertaken by Google Cloud please find here.
5. Who has access to your data?
We do not share your data with third parties except as described in the Privacy Policy.
Your personal data can only be accessed by our authorized employees, consultants, vendors and service providers, or by the concerned group entities, inter alia, to Thoth Inc. We take appropriate organizational and technical measures to protect your personal data when interchanging data with such third parties. They are bound by confidentiality obligations, and they must ensure the security and confidentiality of data.
We endeavour to cooperate only with those third parties who respect and comply with personal data processing requirements. Below is a list of third parties we cooperate with and links to their privacy statements or terms of use.
Technical purposes
Purpose | Name, details |
|
Storage of all data | Google LLC We use Google Cloud to store all of the data we process in connection with the Flyzy project. |
Improving and developing the App and the Website
Purpose | Name, details |
|
Improving and developing the App | Google LLC We use Google Analytics for Firebase tools to see how you interact with the App (e.g. when open the App, your session duration, App updates, App crashes, IP addresses, operating systems and device identifiers, and in-App purchases). See a full list of the default events and user properties collected by Google Analytics for Firebase. |
|
Adjusting our further promotion activities | Apple Inc We use Apple Search Ads for promotion of our App on the iOS platform. We do not use the information received from Apple for direct marketing. | |
Improving and developing the Website | Google LLC We use Google Analytics tools to use cookie files set on the Website. |
Services provision
Purpose | Name, details |
|
E-mail communications | Sendgrid |
We may also share personal data with third parties when:
While using the App, you might be interested in inviting random people whom you do not know but with whom you are interested in communicating through the App. In this event, make sure you truly wish to share any of your information or data with such a person. Once you provide the information to such a person, we cannot guarantee that this person will not use this information against you, trade it or misuse it in any other way. We will not be able to prevent such misuse, nor will we be liable for it. We will only be able to block the account or delete the account of any user who violates the Privacy Policy or Terms of Service. However, once any information is provided by you directly to anybody through the App, we are not responsible for any consequences.
We share anonymized statistics with airlines that use these data to improve their client service (e.g. to choose which flights to plan and how to allocate them between airports). Due to the anonymized nature of the data, no direct marketing or profiling can be performed based on them.
When you send us screenshots for their inclusion to our profile on the AppStore page, please keep in mind that we will post such screenshots on the publicly available webpage where everyone can see them. So, please exclude from the screenshots all the information you do not want to be disclosed in such away.
6. For how long do we store your personal data?
We store your personal data for the entire period you use the App unless you delete an account in the App. If you delete your account or any part of the information about you contained in the App, we also delete the corresponding information on our servers.
We do not constantly track if you have the App installed on your device. If you want us to quickly delete information about you, you should delete your account before deleting the App.
We also store data for three years that is the minimum required period to be compliant with the Indian legislative requirements to which we are subject. We do so in order to ensure the possibility of executing regulatory requests and relevant orders from competent courts and authorities unless we receive a demand from you to rectify or erase your personal data.
7. Where do we store your personal data?
We use Google Cloud to store your data. Google Cloud servers are located worldwide and data are stored in Google's network of geographically distributed data centres (see Google’s website for more details). The information may be processed outside of your local state or outside of the EU, including in India, where we are headquartered.
The data protection law and other laws in different countries might not be as comprehensive as those in your country, but please be assured that we have taken steps to ensure that your privacy is protected. With respect to the data of EU users, we ensure that there are appropriate safeguards as set forth in Article 46 of the GDPR (e.g. standard data protection clauses regarding a party storing or otherwise accessing data are in place), or werely on derogations for specific situations as set forth in Article 49 of the GDPR, i.e. the performance of a contract with you.
8. What are our principles of data processing?
We have the greatest respect for your personal data, so during the collection and processing of them, we strictly adhere to the best business practices and principles of applicable legislation, including:
9. How do we process children's data?
The App and the Website is for general audience use and is not directed at children. Should a child whom we know to be under 16 send personal data to us, we will use that data only to respond directly to that child to inform him or her that we must have parental consent before processing personal data.
10. How will we notify you about changes to the Privacy Policy?
We reserve the right to modify the Privacy Policy at any time. If we decide to do so, we will notify you by sending you a message to your personal profile in the App, or by showing the update on the screen of your device when using the App.
11. What will we do if there is a personal data breach?
If there is a personal data breach, we will without undue delay and where feasible, no later than 72 hours after having become aware of it, notify the competent supervisory authority of the personal data breach unless we reasonably decide that such a breach is unlikely to result in any risk to the rights and freedoms of data subjects.
If a data breach is likely to result in a high risk to your rights and freedoms, we will also send a parallel communication to you.
12. What data do we process for each service in the App (table)?
Identification of you in the App
Data | Purpose(s) | Source | Third parties |
· Full name · Phone · Password hash (if an account was created using Flyzy authentication system (currently unavailable for new registrations)) | · To properly identify you within the App · To send you confirmations, updates, security alerts, support and administrative messages, and to otherwise facilitate your use of and our administration and operation of the App | When you enter data manually in the App, or automatically through: · social networks or email accounts that you have linked with the App · From Sign in with Apple feature | · We use Google Cloud (Google LLC) to store data
|
· User ID | Automatically assigned when you start using the App |
Auto-fill (storage of your logins and passwords in the App)
Data | Purpose(s) | Source | Third parties |
· Login and password data from the services you filled in the App (e.g. in the loyalty programs)
| · To provide you with the opportunity to automatically fill in your login details in other apps on your device | When you enter them manually in the App | · Third parties websites or apps on your device in which you choose to use fill-in feature · We use Google Cloud (Google LLC) to store data |
Social communication features in the App
Data | Purpose(s) | Source | Third parties |
· Full name · Work position · Home country · Phone · Address · Job · Known languages · User-picture · Status text | · To provide you with the opportunity to communicate with other App users · To assign you a rating and show these data in your profile that is available to other App users · To show your friends using the App | When you enter them manually in the App | · All users of the App, if you decide so · We use Google Cloud (Google LLC) to store data |
· Aggregated details of your past flights (number of miles/hours spent since start of the current year) · Your rating in the App, list of unlocked achievements, in-App friend’s leaderboard information | Automatically based on the travel information stored in the App | ||
· Content of linked social network accounts (e.g. Google, Facebook, iCloud), including email address name user-picture (URL) friends lists work position | Automatically from your profile and friends’ pages on social networks that you have linked with the App. For accessing your data in Google, Facebook, iCloud, TripIt we do not collect login details or password data. We receive only API authorization tokens from Google, Facebook, iCloud. | ||
· Inbox messages in the App (sender and recipient details, text, attached image, if any) · List of conversations with other users in public chats (names, IDs and user-pictures of the participants) | When you use inbox messages features or participate in public charts in the App | · We use Google Cloud (Google LLC) to store data |
Flight and airport ratings
· Ratings and feedbacks left by you and other users in the App: rating, including flight information airport wait times for check-in, customs, passport control, baggage airport tips, including airport code, text, photo image, timestamp airport tips rating: airport tip ID, rating (+1 / -1) | · To provide you with the opportunity to leave public reviews and tips for flights and airports · To show ratings and feedbacks in the App so that you can choose appropriate flights or airports and use tips of other users | When you post comments or ratings to flights and airports in the App or rate other users’ reviews or tips | · We use Google Cloud (Google LLC) to store data |
Notification on flights
Data | Purpose(s) | Source | Third parties |
· Phone or email · Flight number | · To send SMS/email notifications on the flight you specified and any information on its changes, delays, time of check-in, departure, take-off or other parts associated with the flight | When you enter them manually in the App | · We use Twilio to send messages · We use Google Cloud (Google LLC) to store data |
· Flight details | From airlines and public resources | ||
· Title, subscriber group type (family, follower, attendant, welcomer) | When you enter them manually in the App | · We use Google Cloud (Google LLC) to store data |
Automated check-in for flights
Data | Purpose(s) | Source | Third parties |
· Full name · Gender · Birthdate · Phone number · Country of residence · International and/or national passport details · Visa number/alien registration number · Destination address · Loyalty programme details (frequent flyer number) · Seating preferences · E-ticket number · Airline locator number | · To provide you with automated check-in services | When you enter them manually in the App or from auto-fill features you have on your device (e.g. KeyChain). | · The data are stored at your device, we do not store them at our servers |
· Citizenship · List of submitted requests, reference ID | · We use Google Cloud (Google LLC) to store data | ||
· Boarding pass details | To show boarding pass details in the App | Automatically from Airline | · We use Google Cloud (Google LLC) to store data |
Showing nearest airport and route to it
Data | Purpose(s) | Source | Third parties |
· Geolocation data | · To create a route to an airport · To provide you with the opportunity to quickly choose the nearest airport when you manually add future flights in the App | Automatically from the device on which you use the App | · We use Google Cloud (Google LLC) to store data |
Storage of uploaded documents, checklists, photos, etc.
Data | Purpose(s) | Source | Third parties |
· Uploaded images, documents or other files | · To allow you to store the necessary documents in the App. | When you upload them manually to the App | · All data are stored at your device |
Technical support in the App
Data | Purpose(s) | Source | Third parties |
· Details of feedback requests you submitted in the App: enquiry text local App database file (trips data only) describing database state at the moment of request. | · To resolve your technical or other issues that may arise while you using the App | Automatically when you send us feedback requests | · We use Google Cloud (Google LLC) to store data |