Privacy Policy for Ramprasand Meena Technologies Pvt. Ltd. related to the Flyzy Project.

(Last updated  9th November 2021)

 

Introduction

This privacy policy (the “Privacy Policy”) describes how Ramprasand Meena Technologies Pvt. Ltd, a Gujarat based company with a registered office at B-304, Lav Kush 4, PDPU Road, Nr. Shahi Kutir, Bungalows, Raysan, Gandhinagar, Gujarat, India, 382007, processes the personal data obtained through the Flyzy Project.

The Privacy Policy is an integral part of the Terms of Service of the Flyzy project(available here). When you push the “I accept” button, you confirm that you have read the Privacy Policy carefully and that you accept its terms.

The Privacy Policy is prepared in accordance with the General Data Protection Regulation (GDPR), applicable US legislation (i.e. Acts of the Federal Trade Commission, the Electronic Communications Privacy Act and others) and the best international practices in the field of personal data protection.

The Privacy Policy Addendum addresses non-standard PII data and includes the Google Limited Use disclosure to demonstrate compliance with Google API Services User Data Policy

Data Protection Officer

Having the greatest respect for your personal data, we appointed Hansraj Patel to be our data protection officer. You can email our data protection officer at [email protected] with any questions you may have.

If you also have any requests regarding privacy matters, you can also contact us at any time at [email protected]

 

Content

The Privacy Policy covers the following questions:

1.       For what purposes do we process your data and to what extent?

The Flyzy project is a flight and travel service that is available to end-users via iOS and Android mobile apps (the “App”). We also have an official website, which is https://flyzygo.com/ (the “Website”).

Our IT infrastructure is constructed in such a way that we use the Google Cloud platform for storing all data, with servers located worldwide. Please make sure that such storage of data corresponds with your interests.

Our key purpose for collecting and processing your personal data is to provide you with services and the opportunity to use the App. The legal basis on which we process your personal data for this purpose is the performance of a contract with you(Terms of Services). The scope of the data we process directly depends on the services you use in the App, i.e. if you do not use any of the App’s features, we do not require or process any corresponding data. However, we cannot provide you with a service that requires the processing of some data if you refuse to provide such data.

If you provide us with any data on behalf of another person (when booking tickets or hotels, auto check-in for flights or subscribing for notifications on flights), you should ensure that such person (i) requested these services and is aware that we render them in his/her interest and (ii) agree that we process his/her personal data for these services.

We also collect and process your personal data:

  • to improve and develop the App and the Website. For this purpose, we collect and process cookies, log files and data on your behavior within the App and our Website. These include IP addresses, browser types, Internet service providers (ISP), referring/exit pages, operating systems, device type, App version, session date/time stamps, clickstream data, date of the first App launch, mobile carrier. We do this on our own and with the use of third-party services such as Google Analytics and Facebook.

As well, we process some data to adjust our promotion strategy. Namely, if you install the App through Apple Search Ads we may receive the name of the ad campaign, keyword, ad group and click date. We use this data to adjust our future ad campaigns. No direct marketing is performed based on these data.

The legal basis on which we process your personal data for these purposes is ourlegitimate interest to make the App and the Website correspond to your needs and to keep them secure as well as to facilitate access to information about the App for other persons who may be interested in it.

  • to prepare aggregated statistical reports on people’s behaviour with respect to their choice of airlines and airports. For this purpose, we collect, aggregate and generalize data on your flights, and bookings that are reflected in the App, as well as reviews and ratings you placed on the App. We share anonymized statistics with airlines that use these data to improve their client service (e.g. to choose which flights to plan and how to allocate them between airports). Due to the anonymized nature of the data, no direct marketing or profiling can be performed based on these data.

The legal basis on which we process your personal data for this purpose is ourlegitimate interest in tracking and analyzing trends in the airline industry.

  • to email you promotional offers and news, in accordance with applicable law. You may opt-out of marketing emails or our newsletter at any time by clicking the link labelled “unsubscribe” at the bottom of any newsletter emails we send you or email us at [email protected] Please note that even if you opt-out of receiving email marketing communications, we may still email you with important transactional or administrative information, or respond to your enquiries. Where we are required to have a legal basis for this processing of your personal data, we rely upon consent

According to our assessment, processing based on specified legitimate interests does not adversely affect your rights and freedoms. Regardless, you are entitled to object to and request the restriction of processing at any time.

We do not process any special categories of personal data (e.g. data revealing racial and ethnic origins, political opinions, religious or philosophical beliefs, trade union memberships or genetic and biometric data) or data related to criminal convictions and offenses.

2.       How do we collect your personal data?

We collect your data from:

  • you directly, when you enter data in the App and use the App or Website (we collect log files and cookies)
  • the resources you give us access to (e.g. linked accounts in Facebook, email and TripIt)
  • the auto-fill features and applications on your device that you use in the App (e.g. KeyChain).
  • third parties.

When parsing your emails to collect data on flights and bookings, we only parse emails that:

  • contain email markups that are pre-set by senders. For more details on how such email markups work, see Google’s website.  

When parsing your calendar to collect data on events related to flights, we parse calendar events that are created by [email protected] and contain details of flights.

We do not explore or use emails or calendar events that are neither from / created by the named email addresses nor contain email markups. We do not use any data contained in emails and calendar for serving ads, including retargeting, personalized, or interest-based advertising.

3.       What are your choices and rights with respect to personal data?

You can access andupdate your personal data on your own in certain sections of the App (e.g. the Settings and Profile sections). You can also delete and export your account in the Settings section.

You have the full legal right to request from us the personal data we collected and information on how we process your data; demand its rectification or erasure; restrict its processing (blocking), or object to data processing. You can also ask us to transfer the personal data we process to any other project, company and/or any other entity or person you deem appropriate (data portability right). We will do our best to fulfil your request in the shortest possible time. You also have the right not to be subject to automated decisions (made solely by machines) that affect you, as defined by law.

In addition to any of the rights explained in this Policy, in case you are not satisfied with our personal data processing activities and/or have any other complaints, contact our Data Protection Officer. You also have the full legal right to lodge a complaint with a supervisory authority.

4.       How do we keep your data safe and secure?

No one can guarantee that data transmission over the Internet or the methods used for electronic storage are 100% secure. Bear this in mind before submitting any information about yourself.

However, the security of your personal data is one of our top priorities. We followthe best international practices and applicable laws to protect your personal data, both during transmission and once we receive it. We implemented the appropriate technical and organizational measures to ensure the security and confidentiality of your personal data, and we follow strict procedures to prevent the unauthorized access, loss or destruction of your personal data. Namely, we follow the Payment Card Industry Data Security Standard (PCI DSS) to ensure the secure processing of your bank card information.

We use Google Cloud to store the data in connection with the App functioning. Google designed the security of its infrastructure in layers that build upon one another, from the physical security of data centres to the security protections of hardware and software, to the processes used to support operational security. This layered protection creates a strong security foundation. A full list of data security measures undertaken by Google Cloud please find here. 

5.       Who has access to your data?

We do not share your data with third parties except as described in the Privacy Policy.

Your personal data can only be accessed by our authorized employees, consultants, vendors and service providers, or by the concerned group entities, inter alia, to Thoth Inc. We take appropriate organizational and technical measures to protect your personal data when interchanging data with such third parties. They are bound by confidentiality obligations, and they must ensure the security and confidentiality of data.

We endeavour to cooperate only with those third parties who respect and comply with personal data processing requirements. Below is a list of third parties we cooperate with and links to their privacy statements or terms of use.

Technical purposes

Purpose

Name, details

 

Storage of all data

Google LLC

We use Google Cloud to store all of the data we process in connection with the Flyzy project.

Link

 

Improving and developing the App and the Website

Purpose

Name, details

 

Improving and developing the App

Google LLC

We use Google Analytics for Firebase tools to see how you interact with the App (e.g. when open the App, your session duration, App updates, App crashes, IP addresses, operating systems and device identifiers, and in-App purchases). See a full list of the default events and user properties collected by Google Analytics for Firebase.

Link

 

Adjusting our further promotion activities

Apple Inc

We use Apple Search Ads for promotion of our App on the iOS platform. We do not use the information received from Apple for direct marketing.

Link

Improving and developing the Website

Google LLC

We use Google Analytics tools to use cookie files set on the Website.

Link

 

Services provision

Purpose

Name, details

 

E-mail communications

Sendgrid

Link

We may also share personal data with third parties when:

  • you give us your consent to do so, including if we notify you that the information you provide will be shared with a particular third party in a particular manner, and you provide such information
  • We believe that we are lawfully required or authorized in good faith to do so, or that doing so is reasonably necessary or appropriate to comply with the law or legal procedures or to respond to lawful requests or legal authorities, including in response to lawful subpoenas, warrants or court orders.

While using the App, you might be interested in inviting random people whom you do not know but with whom you are interested in communicating through the App. In this event, make sure you truly wish to share any of your information or data with such a person. Once you provide the information to such a person, we cannot guarantee that this person will not use this information against you, trade it or misuse it in any other way. We will not be able to prevent such misuse, nor will we be liable for it. We will only be able to block the account or delete the account of any user who violates the Privacy Policy or Terms of Service. However, once any information is provided by you directly to anybody through the App, we are not responsible for any consequences.

We share anonymized statistics with airlines that use these data to improve their client service (e.g. to choose which flights to plan and how to allocate them between airports). Due to the anonymized nature of the data, no direct marketing or profiling can be performed based on them.

When you send us screenshots for their inclusion to our profile on the AppStore page, please keep in mind that we will post such screenshots on the publicly available webpage where everyone can see them. So, please exclude from the screenshots all the information you do not want to be disclosed in such away.  

6.       For how long do we store your personal data?

We store your personal data for the entire period you use the App unless you delete an account in the App. If you delete your account or any part of the information about you contained in the App, we also delete the corresponding information on our servers.

We do not constantly track if you have the App installed on your device. If you want us to quickly delete information about you, you should delete your account before deleting the App.

We also store data for three years that is the minimum required period to be compliant with the Indian legislative requirements to which we are subject. We do so in order to ensure the possibility of executing regulatory requests and relevant orders from competent courts and authorities unless we receive a demand from you to rectify or erase your personal data.

7.       Where do we store your personal data?

We use Google Cloud to store your data. Google Cloud servers are located worldwide and data are stored in Google's network of geographically distributed data centres (see Google’s website for more details). The information may be processed outside of your local state or outside of the EU, including in India, where we are headquartered.

The data protection law and other laws in different countries might not be as comprehensive as those in your country, but please be assured that we have taken steps to ensure that your privacy is protected. With respect to the data of EU users, we ensure that there are appropriate safeguards as set forth in Article 46 of the GDPR (e.g. standard data protection clauses regarding a party storing or otherwise accessing data are in place), or werely on derogations for specific situations as set forth in Article 49 of the GDPR, i.e. the performance of a contract with you.

8.       What are our principles of data processing?

We have the greatest respect for your personal data, so during the collection and processing of them, we strictly adhere to the best business practices and principles of applicable legislation, including:

  • making the best efforts to process personal data fairly and in a transparent manner
  • collecting data only for the predetermined, explicit and legitimate purposes described herein. We do not process data in a manner incompatible with initial purposes
  • collecting only personal data that we deem adequate, relevant and in a volume strictly necessary to achieve our purposes
  • keeping personal data accurate and, when necessary, up to date. We erase or rectify personal data that is inaccurate without delay
  • keeping personal data in a form that identifies you forno longer than necessary for the purposes for which the personal data were collected and processed
  • ensuring the appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage by using the appropriate technical or organizational measures.

9.       How do we process children's data?

The App and the Website is for general audience use and is not directed at children. Should a child whom we know to be under 16 send personal data to us, we will use that data only to respond directly to that child to inform him or her that we must have parental consent before processing personal data.

10.    How will we notify you about changes to the Privacy Policy?

We reserve the right to modify the Privacy Policy at any time. If we decide to do so, we will notify you by sending you a message to your personal profile in the App, or by showing the update on the screen of your device when using the App.

11.    What will we do if there is a personal data breach?

If there is a personal data breach, we will without undue delay and where feasible, no later than 72 hours after having become aware of it, notify the competent supervisory authority of the personal data breach unless we reasonably decide that such a breach is unlikely to result in any risk to the rights and freedoms of data subjects.

If a data breach is likely to result in a high risk to your rights and freedoms, we will also send a parallel communication to you.

12.    What data do we process for each service in the App (table)?

Identification of you in the App

Data

Purpose(s)

Source

Third parties

·  Full name

·  Email  

·  Phone

·  Password hash (if an account was created using Flyzy authentication system (currently unavailable for new registrations))

·  To properly identify you within the App

·  To send you confirmations, updates, security alerts, support and administrative messages, and to otherwise facilitate your use of and our administration and operation of the App

When you enter data manually in the App, or automatically through:

·  social networks or email accounts that you have linked with the App

·  From Sign in with Apple feature

·  We use Google Cloud (Google LLC) to store data

 

·  User ID

Automatically assigned when you start using the App

 

Auto-fill (storage of your logins and passwords in the App)

Data

Purpose(s)

Source

Third parties

·  Login and password data from the services you filled in the App (e.g. in the loyalty programs)

 

·  To provide you with the opportunity to   automatically fill in your login details in other apps on your device  

When you enter them manually in the App

·  Third parties websites or apps on your device in which you choose to use fill-in feature  

·  We use Google Cloud (Google LLC) to store data

 

Social communication features in the App

Data

Purpose(s)

Source

Third parties

·  Full name

·  Email

·  Work position

·  Home country

·  Phone

·  Address

·  Job

·  Known languages

·  User-picture

·  Status text  

·  To provide you with the opportunity to communicate with other App users

·  To assign you a rating and show these data in your profile that is available to other App users

·  To show your friends using the App

When you enter them manually in the App

·  All users of the App, if you decide so

·  We use Google Cloud (Google LLC) to store data

·  Aggregated details of your past flights (number of miles/hours spent since start of the current year)

·  Your rating in the App, list of unlocked achievements, in-App friend’s leaderboard information

Automatically based on the travel information stored in the App

·  Content of linked social network accounts (e.g. Google, Facebook, iCloud), including

­   email address

­   name

­   user-picture (URL)

­   friends lists

­   work position

Automatically from your profile and friends’ pages on social networks that you have linked with the App. For accessing your data in Google, Facebook, iCloud, TripIt we do not collect login details or password data. We receive only API authorization tokens from Google, Facebook, iCloud.

·  Inbox messages in the App (sender and recipient details, text, attached image, if any)

·  List of conversations with other users in public chats (names, IDs and user-pictures of the participants)

When you use inbox messages features or participate in public charts in the App

·  We use Google Cloud (Google LLC) to store data

 

Flight and airport ratings

·  Ratings and feedbacks left by you and other users in the App:

­   rating, including flight information

­   airport wait times for check-in, customs, passport control, baggage

­   airport tips, including airport code, text, photo image, timestamp

­   airport tips rating: airport tip ID, rating (+1 / -1)

·  To provide you with the opportunity to leave public reviews and tips for flights and airports

·  To show ratings and feedbacks in the App so that you can choose appropriate flights or airports and use tips of other users

When you post comments or ratings to flights and airports in the App or rate other users’ reviews or tips

·  We use Google Cloud (Google LLC) to store data

  

Notification on flights

Data

Purpose(s)

Source

Third parties

·  Phone or email

·  Flight number

·  To send SMS/email notifications on the flight you specified and any information on its changes, delays, time of check-in, departure, take-off or other parts associated with the flight

When you enter them manually in the App

·  We use Twilio to send messages

·  We use Google Cloud (Google LLC) to store data

·  Flight details

From airlines and public resources

·  Title, subscriber group type (family, follower, attendant, welcomer)  

When you enter them manually in the App

·  We use Google Cloud (Google LLC) to store data

  

Automated check-in for flights

Data

Purpose(s)

Source

Third parties

·  Full name

·  Gender

·  Birthdate

·  Email

·  Phone number

·  Country of residence

·  International and/or national passport details

·  Visa number/alien registration number

·  Destination address

·  Loyalty programme details (frequent flyer number)

·  Seating preferences

·  E-ticket number

·  Airline locator number

·  To provide you with automated check-in services

When you enter them manually in the App or from auto-fill features you have on your device (e.g. KeyChain).

·   The data are stored at your device, we do not store them at our servers

·  Citizenship

·  List of submitted requests, reference ID

·  We use Google Cloud (Google LLC) to store data

·  Boarding pass details

To show boarding pass details in the App

Automatically from Airline

·  We use Google Cloud (Google LLC) to store data

 

 

Showing nearest airport and route to it

Data

Purpose(s)

Source

Third parties

·  Geolocation data

·  To create a route to an airport

·  To provide you with the opportunity to quickly choose the nearest airport when you manually add future flights in the App

Automatically from the device on which you use the App

·  We use Google Cloud (Google LLC) to store data

 

Storage of uploaded documents, checklists, photos, etc.

Data

Purpose(s)

Source

Third parties

·  Uploaded images, documents or other files

·  To allow you to store the necessary documents in the App.

When you upload them manually to the App

·  All data are stored at your device

 

Technical support in the App

Data

Purpose(s)

Source

Third parties

·  Details of feedback requests you submitted in the App:

­   email

­   enquiry text

­   local App database file (trips data only) describing database state at the moment of request.

·  To resolve your technical or other issues that may arise while you using the App

Automatically when you send us feedback requests

·  We use Google Cloud (Google LLC) to store data