DATA PRIVACY POLICY

---

AXIS Aviation is an Aviation Flight Management Platform developed in Switzerland. As your service provider, we are committed to protecting your information. We are financially independent with a source of revenue from our subscribers – we do not sell, rent, loan, or lease ANY of your personal information. This Privacy Policy helps you understand what information we collect, why we use it, and how you can manage and delete your information.

For purposes of this Privacy Policy, the terms “we,” “us,” and “our” refer to AXIS Aviation, located at Seefeldstrasse 283, 8008 Zürich, Switzerland. The terms “AXIS Aviation,” “service,” and “software” refer to our ERP software AXIS Aviation. “You” refers to you, as a user of the application or visitor to the website, as applicable.

This Privacy Policy is effective as of the last modified date listed at the bottom of the policy.

License

As your licensed service provider, AXIS Aviation is the sole and exclusive owner of the AXIS Services and Software including the AXIS Aviation iOS and Android Applications and the Fly AXIS iOS and Android Application. This license agreement outlines your rights and obligations with respect to the use of the Services. The Services are licensed to you, not sold, and shall remain at all times the property of AXIS Aviation. You may make one copy of the Software for archival purposes or copy the Software onto the hard disk of your computer and retain the original for archival purposes. You may use the Services in accordance with any additional permitted uses set forth below. However, you may not sublicense, rent, or lease any portion of the Services, reverse engineer, decompile, disassemble, modify, translate, attempt to discover the source code of the Services, or create derivative works from the Services. You may not use the Services in any manner not authorized by this license, nor use the Software in any manner that contradicts any additional restrictions set forth below.

Under the user-license agreement, the Service is licensed to you as a customer for your own use only.

Account

When you sign up for an AXIS Aviation account, it is important that you provide accurate, complete, and up-to-date information. Failing to do so can result in a violation of our Terms of Service, which may lead to the immediate termination of your account. It is your responsibility to ensure the security of the password that you use to access our Service, as well as any activities that occur under your account. You agree not to share your password with any third party, and you must notify us immediately if you become aware of any security breach or unauthorized use of your account. When selecting a username, you may not use the name of someone else, a name or trademark that belongs to someone else without appropriate authorization, or a name that is offensive, vulgar, or obscene. By using our Service, you agree to comply with these requirements and our Terms of Service.

Personal data

At AXIS Aviation, we take the privacy and security of your personal data very seriously. Personal data refers to any information relating to an identified or identifiable individual, such as their name, passport data, postal address, or email address. We collect and process personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR). We will only use your personal data for the purposes for which it was collected, and we will not share it with third parties without your consent, except as required by law. If you have any questions or concerns about how we handle your personal data contact us directly at privacy@axis-aviation.com.

Account registration information

When registering for an AXIS Aviation account, we collect and store your email address and password. This information is necessary to create and manage your account, and to ensure that you have access to the full range of our services. We understand that the security of your personal data is important, and we take appropriate measures to protect it.

AXIS Aviation information

To deliver the best possible service and ensure the smooth functioning of all AXIS Aviation features, we may collect and store the following types of personal data:

• Your email address, which we process to market our Services to you, create an account, and provide you with our Services. We only share this data as required by law or litigation. We process this personal data with your consent.
• Technical information about your device, such as its hardware model, operating system details, and unique identifiers. We process this data to provide you with our Services, as part of our legitimate interests.

• Information about your AXIS Aviation usage, including when you use a particular feature, so we can show you usage analytics and improve our Services. We process this data for our legitimate interests.

• We collect sensitive information about you with your consent or when it's required by law. Sensitive information can include personal information about your ethnicity, genetic information, or health status, and may vary depending on applicable laws. We may need to collect sensitive information about your health records or ethnicity to process your visa application or to help you gain access to certain governmental facilities. By providing us with this information, you consent to our collection, storage, use, and transfer of it for the stated purposes and in accordance with applicable laws. Please note that you should not send us any sensitive information unless we require it to provide the services for which you have contracted with us. If you are providing us with sensitive information about someone else, you must ensure that you have obtained all necessary consents and authorizations required to share such information with us.

• We may receive information about you if you use any of the other websites we operate or the other services we provide. We also work closely with third parties (including, for example, business partners, sub-contractors, payment and delivery services, advertising networks, analytics providers, search information providers, marketing lead generation companies, corporate contact information providers, and credit reference agencies) and may receive information about you from them.

• To carry out our agreements with you and to manage our ongoing business relationship, we may need to use your contact information and billing details. In order to provide you with the products and services you have requested, we may also require additional personal information such as your date of birth, passport details, visa or immigration information, sensitive information, payment details, health information, and location. We will only use this information to fulfill our contractual obligations and to ensure that we can provide you with the requested services.

AXIS Aviation feature

Our services involve providing aircraft owners with an asset management platform that includes a range of features such as financial analysis, aircraft monitoring, charter services, flight management, and aircraft analysis. We recognize that the information we collect and process on behalf of our clients is highly sensitive and confidential.

To ensure that our clients' data is protected, we employ strict security measures to safeguard all data transmitted to and stored on our platform. Our platform uses encryption technology to secure data transmissions and is hosted on secure servers with restricted access. We also limit access to data to authorized personnel only, and all data is stored and processed in accordance with applicable data protection laws and regulations.

We do not share or sell our clients' data to third parties unless required by law or with our clients' explicit consent. Our clients maintain ownership of their data and can request access to their data, request that their data be deleted, or correct any inaccuracies at any time.

We take your privacy and data security very seriously at AXIS Aviation, and as a Swiss-based company, we are committed to complying with all applicable data protection laws, such as GDPR. Our team will take appropriate measures to ensure that your data is protected and that we are in compliance with all applicable laws and regulations.

Cookies

We use cookies on our website. These are small text files stored on your computer. We use both permanent cookies and session cookies so that we can offer you the best service possible. The data saved in the cookies make the use of our services as comfortable as possible for you, not only for your current use of the respective service but also beyond it. If you don’t want to allow permanent cookies, you can select the option to deactivate permanent cookies in your browser. The data stored in session cookies are only valid for the current visit to our online offers and serve to provide you with an unrestricted use of our services and to make the use of our offers and services as comfortable as possible for your current visit. If you deactivate session cookies, we cannot guarantee that you will be able to use all of our services without limitations.

Cookies and third-party providers of tracking

We use the services of other companies to optimize our websites and our services.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies, text files stored on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services relating to website activity and internet usage to the website operator. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Your IP address, which has been transmitted by Google Analytics, will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use all functions of this website. Furthermore, you can prohibit Google from collecting and analyzing the cookie generated data about your use of the website (including your IP address) by downloading and installing the browser plugin available here.

Google remarketing

Our websites use Google’s remarketing technology. This technology enables users who have already visited our online services and shown interest in our services to see targeted advertising on the websites of the Google partner network. Likewise, users that are similar to the visitors of our websites can be addressed. The advertising will be displayed using cookies. These are small text files saved on the user’s computer. The information generated by the cookie about the website use will be transmitted to and stored on servers in the United States by Google. In the event that the IP address is transferred, it will be reduced by the last 3 digits. Using cookies, the user behavior on a website can be analyzed and subsequently utilized to provide targeted product recommendations and advertising based on the user’s interests.

If you would prefer to not receive any targeted advertising, you can deactivate the use of cookies for these purposes through Google by visiting the website: https://www.google.com/settings/ads/. Alternatively, users can deactivate the use of cookies by third party providers by visiting the Network Advertising Initiative’s deactivation website (http://www.networkadvertising.org/choices/). Please note that Google has its own data protection policy which is independent of our own. We assume no responsibility or liability for their policies and procedures. Please read Google’s privacy policy before using our websites (https://www.google.com/intl/en/policies/privacy/).

Facebook Conversion Tracking Pixel

With your permission, our website utilizes the Conversion Tracking Pixel service of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”). This tool allows us to follow the actions of users after they are redirected to a provider’s website by clicking on a Facebook advertisement. We are thus able to record the efficacy of Facebook advertisements for statistical and market research purposes. The collected data remain anonymous. This means that we cannot see the personal data of any individual user. However, the collected data are saved and processed by Facebook. We are informing you on this matter according to our information at this time. Facebook is able to connect the data with your Facebook account and use the data for their own advertising purposes, in accordance with Facebook’s Data Use Policy found under: https://www.facebook.com/about/privacy/. Facebook Conversion Tracking also allows Facebook and its partners to show you advertisements on and outside Facebook. In addition, a cookie will be saved onto your computer for these purposes.

Only users over 13 years of age may give their permission. If you are younger than this age, please consult your legal guardians. Please click here if you would like to revoke your permission: https://www.facebook.com/ads/website_custom_audiences/.

Third Party Websites and Services

Our website and service provides links to other websites and services, we do not review these sites and services, and therefore this Privacy Policy does not apply to third party websites and services. Please read their Privacy Policy before submitting any private information.

Data Processing

As your trusted Asset Management Platform, AXIS Aviation prioritizes the security and privacy of your data. We understand that as a Swiss company, our users expect the highest standards of data protection in accordance with the Swiss Federal Data Protection Act (FADP) and the EU General Data Protection Regulation (GDPR).

We want to assure you that we take our responsibility to protect your personal data seriously and have implemented a range of technical and organizational measures to safeguard your information. We ensure that our authorized employees who have access to personal data have executed confidentiality agreements, and that we only allow access to your account when it is necessary for security purposes or to comply with applicable laws.

In addition, we have a list of authorized subcontractors who may access and process personal data, and we make this list available to our users. Before enabling any third party other than authorized subcontractors to access or participate in the processing of personal data, we will add them to the list and notify our users at least ten (10) days in advance.

We retain your personal data only for as long as it is necessary to provide our services or as required by applicable laws, and we maintain appropriate technical and organizational measures to ensure the security of your personal data. If you have any questions or concerns about our data practices or GDPR compliance, please feel free to contact our data protection officer at legal@axis-aviation.com.

As a Swiss company, we are also committed to complying with the FADP and GDPR. We have a Data Processing Agreement (DPA) available for our partners and customers who require further documentation of compliance, and you can request a copy of our DPA by emailing us at info@axis-aviation.com.

We hope this information reassures you of our commitment to protecting your personal data and complying with applicable laws and regulations.

Protecting your information

We take the security of your personal information very seriously and have implemented policies and procedures, including technical measures, that are designed to help safeguard it. While we strive to use best practices to protect your personal information, the Internet and computer technology are not 100% secure and we cannot absolutely ensure the security of any personal information that you provide to us. In line with this philosophy, we try to get as little information from you as possible.

AXIS Aviation "Vulnerability disclosure"

If you have come across a potential security vulnerability within our scope, please report it by sending an email to security@axis-aviation.com. Include the following information in your email:

• The website or service where the vulnerability was discovered.
• A brief description of the vulnerability class (such as "XSS vulnerability"). Please refrain from sharing any details that would allow the issue to be reproduced at this point.

To expedite the triage process, we request that reporters provide a benign proof of exploitation whenever possible, avoiding destructive actions that could result in duplicate or malicious reports for some types of vulnerabilities (such as sub-domain takeovers). If you have any doubts or questions, please don't hesitate to email security@axis-aviation.com for advice.

After receiving your initial email, our Security Team will send you an acknowledgement reply email, usually within 24 hours. This email will contain a ticket reference number that you can use in any further communications with our Security Team.

Our Security Team will triage the reported vulnerability and respond to you as soon as possible to confirm if further information is required. At this point, the necessary remediation work will be assigned to the appropriate Axis Aviation teams and/or suppliers, with priority given based on the severity of impact and complexity of exploitation.

Please note that vulnerability reports may take some time to triage and remediate. Our Security Team will notify you when the reported vulnerability is resolved and will ask you to confirm that the solution adequately addresses the vulnerability. Please refrain from sending your proof of exploit in the initial plaintext email if the vulnerability is still exploitable.

Changes to this Data Protection Policy

AXIS Aviation reserves the right to adapt its security and data protection measures, provided this is necessary as a result of technical or legal developments. In these cases, we will also update our data protection information accordingly. Please make sure, therefore, that you always use the latest version of our data protection declaration.

Privacy Questions and Contact

If you do not want us to keep you up to date with our news, you are free to contact us at any time and have your e-mail address removed from our mailing list. We do not target any information towards children. If you have any comments or concerns about our Privacy Policy, please contact us privacy@axis-aviation.com.

We reserve the right to change this policy, which we’ll do through online posting.

 

Last updated: 14 April, 2023