GDPR
The UAV Leasing Company, Ltd., dba Fly C₂LEAN (FC), understands that during the course of its relationship with Customer, FC (including FC’s officers, employees, contractors and agents) and actual carriers may have communication of “Personal Data” (Personal Data shall have the meaning assigned to it in article 4 of the Regulation (EU) 2016/679 of the European Parliament and of the Council) (“GDPR”) about Customer and/or passengers. FC commits and Customer accepts that Customer’s and passengers’ Personal Data will be held and processed by FC in compliance with GDPR and the FC privacy policy published on its website.
Data Privacy Policy; Personal Data
Without prejudice to what is stated in the FC privacy policy, FC and/or the third party operator are explicitly entitled to transmit Personal Data obtained from official identification documents and other Personal Data processed or used in connection with the performance of the agreement to public authorities and border control agencies, provided that the authority’s or agency’s request for disclosure is based on a mandatory legal regulations et is necessary for performance of the contract of carriage. Moreover, FC and/or the third party operator is also explicitly authorized by the Customer to collect and process the Personal Data of the Customer and the passengers within the scope of the agreement and in compliance with the GDPR Regulation for the purpose of performance of the flight services and the contractual obligations of FC and/or the third party operator under the Agreement; specifically, FC and/or the third party operator is further explicitly authorized to transmit the said Personal Data to its employees and authorized representatives and to all person involved with the provision of the flight services on its behalf including air crew (flight and cabin crew).
Consent to Cross-Border Transmission of Personal Data
In order for FC to perform its obligations under this Agreement, it may be necessary for FC to transmit Customer’s Personal Data to the United States.
With the understanding that United States law may not offer the same level of protection for Customer’s Personal Data as is offered by applicable European law, Customer consents to the US Processing. Customer may withdraw this consent at any time by written notice to FC, but any such withdrawal may render FC unable to provide some or all of the services contemplated by this Agreement.
Customer’s Personal Data may also transfer to, be stored at, and processed by employees operating in countries outside the European Economic Area (the “EEA processing”) who work for FC‘s affiliates or for one of its suppliers. By submitting his/her Personal Data, Customer agrees to this transfer, storing or processing. FC shall take steps reasonably necessary to ensure that Customer’s Personal Data is rated securely and in accordance with the GDPR Regulation. Customer may withdraw this consent at any time by written notice to FC, but any such withdrawal may render FC unable to provide some or all of the services contemplated by this Agreement.