Privacy Policy of Flynex GmbH.

The German version of this document will govern our relationship – this translated version is provided for convenience only and will not be interpreted to modify the German version. For the German version, please see the FlyNex Privacy Policy page.

The website and the service portfolio of FlyNex GmbH operate on the basis of:

FlyNex GmbH, c/o SpinLab, Halle 14
Spinnereistraße 7, 04179 Leipzig (Germany)
Phone: + 49 (0) 341 331 760
Fax: + 49 (0) 341 331 76099
Email: info@flynex.de
Web: https://www.flynex.io

Representatives: Andreas Dunsch, Michael Petrosjan
Register entry: Eintragung im Handelsregister, HRB 33972
Registry court: Amtsgericht Leipzig

(hereinafter referred to as “We”).

We operate as the operator of the website and our services and are responsible for the collection, use, processing, and disclosure (hereinafter: “processing” or “process”) of personal data of users (hereinafter: “You”) within the meaning of the General Data Protection Regulation (“GDPR”). Our services include our websites with all subdomains, as well as our products, e.g., Enterprise Suite (hereinafter “Products”).

We take the protection of your personal data very seriously and safeguard your privacy and private data. We process your personal data in accordance with the content of these data protection provisions and strictly adhere to the rules of the data protection laws of the Federal Republic of Germany, the Telemedia Act (“TMG”), and the data protection regulations of the European Union (hereinafter: “data protection regulations”). We will ensure that our employees and cooperation partners are obliged to comply with the data protection regulations.

These data protection provisions govern how we process your personal data in what manner. Therefore, we kindly ask you to read the following explanations carefully.

For all data protection questions and notifications, please contact the data protection officer of FlyNex GmbH at the email address info@flynex.de by post at the above address, or by fax or telephone using the above contact numbers.

1.1            Personal Data

Personal data within the meaning of these data protection provisions are all information about you as an identified or identifiable person, such as data about your personal or factual circumstances.

To provide our services, establish a data protection and compliance management, and for communication purposes, we process the following personal data that you enter during registration and completion of your profile:

• Full name,
• Email address,
• Company name,
• Address including street, house number, postal code, and city,
• Telephone number and mobile number, and
• Profile picture.

Additionally, we process data associated with your account, such as drones, accessories, or project content, in order to provide our services.

Personal data also includes information about your use of our products and websites. This is usually done through the use of log files and cookies. Further information about log files and cookies can be found below under 3. Information about your device, cookies, and targeting. In this context, we refer to our terms and conditions and do not assume any guarantee or liability for the information contained on third-party sites.

In this context, we collect personal data in the form of information about your visits to our products or websites as follows:

• Scope of data transfer,
• Location from which you access data from our website, and
• Connection data and sources that you access.

1.2            Storage and Deletion

We store your personal data for as long as you use our services. We delete your personal data that you provide us with during the registration for our newsletter (see section 2.1) as soon as you unsubscribe from the newsletter. Personal data that you provide us with during the registration and use of our services (see sections 2.2 and 2.3) will be deleted within 90 days after you cancel the service or delete your account. Extended storage of your personal data beyond this period is required by legal regulations, such as the statutory retention obligations for invoices addressed to you. If you interact with other individuals through one of our products, personal data may not be deleted as part of the interaction. For example, if you are added as a partner to a project and you accept this invitation, your personal data stored in the project will only be deleted when the project is completely deleted, due to the obligation to provide evidence for all project participants.

In addition to the legal obligation to retain data, there may also be a legitimate interest (in this case, the interest in preserving evidence) of the data controller in longer-term data storage, especially to defend against legal claims in the event of potential legal disputes (Article 17(3)(e) of the GDPR).

In the following, the intended use of your personal data mentioned under no. 1.1 is explained.

2.1            Processing of Your Data or Personal Data after Signing Up for Our Newsletter

When signing up for our newsletter, it is necessary to provide your email address. We process this information to send you newsletters, information, and announcements. These announcements may also include advertising information about our own products or products of our cooperation partners.

2.2            Products (including Enterprise Suite)

When using our products, it may be necessary to process your personal data. This may include:

• First name and last name,
• Email address,
• Telephone number and/or mobile number,
• Postal address, or
• Company name.

We use this data to validate your registration and account, for display purposes in your personal user profile (“Profile”) and on your individual homepage, as well as for transmission to the payment service provider Stripe (see section Stripe) for the purpose of creating and delivering an invoice. Overall, this data may also be necessary for providing the service of our products and will also be used in the context of all technically necessary communication with you, such as:

• Support requests,
• General questions about your account, or
• Password reset requests.

Furthermore, we process the aforementioned personal data to send you information or announcements by postal mail or in electronic form via email or telephone (SMS, messenger services). These announcements may also include advertising information about our own products or products of our cooperation partners.

Additionally, you can upload your own profile picture to your profile. Regardless of whether you upload a profile picture that allows conclusions about you as a person, we process this information solely for display in your profile.

2.3            Contact and Support Requests

On our websites, we use various forms or feedback options to be accessible to you. This includes both forms for general inquiries (contact forms) and for specific support requests (support forms). We process the personal data you provide to us during these interactions (e.g., name, first name, email address, telephone number, and/or mobile number) exclusively to communicate with you in the context of processing your request, unless you simultaneously wish to sign up for our newsletter. Without newsletter signup, we delete this data within 3 months, unless there are legal retention obligations.

2.4         Consequences of Non-Provision of Personal Data

As outlined above, we require your personal data for the purpose of providing various FlyNex products and services. If you do not provide the aforementioned personal data, you may not be able to use FlyNex products or services (e.g., support) or may not be able to use them to their full extent.

At a minimum, your email address is always required for:

• Validating your account,
• Technical communication for support requests and account-related questions, or
• Password resets.

In the case of booking paid services, at least your first name, last name, postal address, and payment details are necessary to receive payments from you and to create a proper invoice.

2.5            Processing of Your Data and Personal Data When Visiting Our Websites or Their Subdomains

Accessing and using our websites are subject to the following conditions. If you do not agree with these conditions, we kindly ask you not to use our websites. By using this website, you agree to the following conditions.

When visiting our websites https://www.flynex.io, https://www.flynex.de, or their subdomains, or being redirected to our website or its subdomains, we use your personal data for the following purposes:

• To provide the services you requested within the scope of FlyNex GmbH’s service offering and the services you selected (see section 2 Purpose of Use),
• To ensure that our websites are presented to you as effectively and interestingly as possible,
• To fulfill our obligations arising from contracts concluded between you and us,
• To communicate with you, verify your data, send newsletters, information, or announcements, and
• To inform you about changes to our services.

3.1 Processing

Upon each access to our products or websites, we lawfully process the following information about your device based on Article 6(1)(f) of the GDPR:

• IP address of your device,
• Browser request,
• Time of this request,
• Request status, and
• Amount of data transmitted within the request.

Furthermore, we process the following information:

• Information about the operating system of your device,
• Product and version information of the browser you used for access, and
• Website from which the access occurred.

The IP address of your device is only stored for the duration of your use and immediately deleted or anonymized by abbreviation thereafter. The other data is stored for a limited period of time. We use this data for the operation of our products and websites, particularly to detect and rectify errors, determine usage, and make adjustments and improvements.

3.2 Browser Cookies

We also process information about your usage through the use of so-called browser cookies. These are small text files stored on your hard drive that store certain settings and data for exchange with our system via your browser. A cookie typically contains the domain name from which the cookie data was sent, as well as information about the age of the cookie and an alphanumeric identifier. Cookies allow our systems to recognize the user’s device and make any presettings immediately available. Once you access our products, a cookie is transmitted to the memory of your respective device. Cookies help us improve our products and websites and offer you a better and more personalized service. They enable us to recognize your device when you return to our products or website and thereby:

• Store information about your preferred activities and tailor our products and websites to your individual interests. This includes, for example, announcements that correspond to your personal interests.
• Speed up the processing of your requests.

3.3 Explanation Cookie

The cookies we use store only the data about your usage of our products and websites as described above. This is generally not done by directly associating it with you personally but by assigning an identification number to the cookie (“cookie ID”). Generally, the cookie ID is not merged with your name, IP address, or similar data that would allow the cookie to be attributed to you. An exception to this is Mixpanel. You can learn how to prevent the use of browser cookies in section 3.6.

3.4 Tracking Technologies

Our products and websites use so-called tracking technologies. We use these technologies to make the product offering more interesting for you. These technologies allow us to address users who have already shown interest in our products or websites with advertisements on our partners’ websites. The display of these advertisements on our partners’ pages is based on cookie technology and an analysis of previous usage behavior. This analysis is conducted pseudonymously, and usage profiles are not merged with your personal data. You can activate these technologies by accepting cookies in a pop-up window displayed during your first visit to our products or websites.

3.5 Business Partners and Affiliate Services

We collaborate with business partners who help us make the internet offering and the website more interesting for you; any advertising links will be labeled as such on the website. Therefore, if you activate cookies during your first visit to our products or websites, cookies from these partner companies will also be stored on your hard drive. These are cookies that are automatically deleted after the specified time. The cookies of our partner companies also collect only data under a cookie ID, enabling our advertising partners to address you with advertisements that may genuinely interest you. You can learn about these cookies and how to prevent their use in section 3.6.

3.6 Browser Settings and Types of Cookies

If you do not wish to use browser cookies, you can set your browser to not accept cookies (you can find corresponding instructions in your browser’s help section or on the website of your browser manufacturer). Please note that in this case, you may only be able to use our products or websites to a limited extent or not at all. If you want to accept only our own cookies but not the cookies of our service providers and partners, you can select the setting in your browser to “block third-party cookies.” The table below lists cookies classified as essential, which are technical minimum requirements for using our products or websites. Additionally, a cookie consent tool is used on our products and websites. This tool will ask for your consent during your first visit or visits after clearing your browser cache regarding which cookies we may use. This consent is given separately for each browser used and each device used. You can also find further information about the cookies used there.

Here are the different types of cookies for the websites:

Here are the different types of cookies for the products and services:

 

3.7 Provider

The provider of the respective pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and browser version,
• Operating system used,
• Referrer URL,
• Hostname of the accessing computer, and
• Time of the server request.

This data cannot be attributed to specific individuals. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.

All information that you directly transmit to us is stored on servers within Germany or the European Economic Area. Regarding hyperlinks to and from third-party websites, we refer to section 6. Unfortunately, the transmission of information over the Internet is not completely secure, which is why we cannot guarantee the security of data transmitted to our website via the Internet. However, we secure our website and other systems through technical and organizational measures against loss, destruction, access, alteration, or distribution of your data by unauthorized persons. In particular, your personal data is transmitted to us encrypted. We use the SSL (Secure Socket Layer) or TLS (Transport Layer Security) encryption system for this purpose.

We do not disclose your personal data to third parties unless you have consented to the data disclosure or we are authorized or obliged to disclose data due to legal provisions and/or official or court orders. This may include providing information for purposes of law enforcement, threat prevention, or the enforcement of intellectual property rights. In this regard, we also refer to section 6.

Our products or websites may contain hyperlinks to and from third-party websites both within and outside Germany. If you follow a hyperlink to one of these websites, please note that we cannot assume any responsibility or guarantee for third-party content or privacy policies. Please make sure to review the applicable privacy policies before transmitting any personal data to these websites. Additionally, we use the following services to optimize our processes. You can disable these services as described in section 3.6. The use constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.

6.1            Google Analytics

This website uses features of the web analytics service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. We only use Google Analytics with IP anonymization enabled. This means that the IP address of the user is truncated within Member States of the European Union or other parties to the Agreement on the European Economic Area. The IP address transmitted by the user’s browser is not merged with other Google data. We use Google Analytics and all subsequent Google services (including YouTube) based on the EU Standard Contractual Clauses.

6.1.1        Browser Plugin

You can prevent the storage of cookies by adjusting your browser software accordingly; however, please note that if you do this, you may not be able to use all functions of this website to their full extent. Furthermore, you can prevent Google from collecting and processing the data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de

6.1.2        Objection to Data Collection

You can prevent Google Analytics from collecting your data by refusing consent in the cookie consent tool that appears when you first visit or after clearing your browser cache when using our products or websites. This will prevent the collection of your data on future visits. The deactivation applies only to the currently used device and browser and must be repeated on each device/browser. For more information on how Google Analytics handles user data, see Google’s privacy policy:  https://support.google.com/analytics/answer/6004245?hl=de

6.1.3        Demographic Features in Google Analytics

Our products and websites use the “demographic features” of Google Analytics. This allows reports to be generated that contain statements about the age, gender, and interests of site visitors. These data come from interest-based advertising by Google and visitor data from third-party providers. This data cannot be attributed to any specific individual. You can disable this feature at any time through the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the “Objection to Data Collection” section.

6.2            Google Ads

We use the online advertising program “Google Ads” and within Google Ads, conversion tracking. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The conversion tracking cookie is set when a user clicks on an ad served by Google. Cookies are small text files that are stored on your computer system. If the user visits certain pages of this website and the cookie has not expired, Google and we can recognize that the user clicked on the ad and was redirected to us. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across the websites of AdWords customers. The information obtained with the help of the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that personally identifies users. If you do not want to participate in tracking, you can opt out of this usage by disabling the Google conversion tracking cookie in your internet browser under user settings. You will then not be included in the conversion tracking statistics. For more information about Google’s privacy policy, please visit: http://www.google.de/policies/privacy/

6.3            Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites, especially when registering for our products. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). reCAPTCHA is used to check whether the data entered on our websites (e.g., in a contact form) is being entered by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, duration of the website visit, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google. The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place. Data processing is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offerings against abusive automated spying and against spam. For more information about Google reCAPTCHA and Google’s privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy/

6.4            Google Tag Manager

Our products and websites use Google Tag Manager. This service allows tags to be managed via an interface. The Google Tag Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tag Manager triggers other tags that may collect data. However, the Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it will remain in effect for all tracking tags implemented with the Google Tag Manager. You can deactivate the tags and cookies implemented in Google Manager as described in section 3.6. You can find the data protection information here: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

6.5.          Login with Google

You can use your Google account to log in to websites and apps from third-party providers. This means you do not have to remember individual usernames and passwords for each account. For more information, please visit  https://support.google.com/accounts/answer/112802?hl=de&ref_topic=7188760

6.6.          Facebook Plugins (Like-Button and Facebook Pixel)

We use plugins from the social network Facebook on our products and websites. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our products or websites. An overview of the Facebook plugins can be found here:  https://developers.facebook.com/docs/plugins/.

When you visit our products or websites, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives information that you have visited our site with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate the visit to our pages with your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Facebook. We use Facebook plugins and all Facebook services listed below (including Instagram) based on the EU standard contractual clauses. For further information, please refer to Facebook’s privacy policy at  https://de-de.facebook.com/policy.php

If you do not want Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

Additionally, we utilize the Facebook Conversion Pixel or Visitor Action Pixel. By calling up this pixel from your browser, Facebook can subsequently recognize whether a Facebook advertisement was successful, for example, leading to an online purchase. We receive only statistical data from Facebook regarding this, with no reference to a specific person. This allows us to measure the effectiveness of Facebook advertisements for statistical and market research purposes. Particularly if you are logged into Facebook, we refer you to their privacy information at  https://www.facebook.com/about/privacy/

For preventing the collection of your data by Facebook Pixel, please see section 3.6.

6.7            Login with Microsoft

You can use your Microsoft account to log in to websites and apps from third-party providers. This means you do not have to remember individual usernames and passwords for each account. We use Microsoft services based on the EU standard contractual clauses and a data processing agreement. For more details, please refer to https://privacy.microsoft.com/de-DE/privacystatement

6.8            X formerly known asTwitter

Functions of the Twitter service are integrated into our products and websites. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the web pages you visit will be linked to your Twitter account and shared with other users. Data is also transferred to Twitter. We use Twitter based on the EU standard contractual clauses. Furthermore, we have entered into a data processing agreement with Twitter. This is a contract in which Twitter commits to protecting the data of our users and processing it in accordance with its privacy policy on our behalf.

For more information, please refer to Twitter’s privacy policy at https://twitter.com/privacy

You can change your privacy settings on Twitter in the account settings at https://twitter.com/account/settings

6.9            LinkedIn

Functions of the LinkedIn service are integrated into our products and websites. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn features is accessed, a connection to LinkedIn servers is established. LinkedIn is notified that you have visited our website with your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We use LinkedIn based on the EU standard contractual clauses. Furthermore, we have entered into a data processing agreement with LinkedIn. This is a contract in which LinkedIn commits to protecting the data of our users and processing it in accordance with its privacy policy on our behalf. For more information, please refer to LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy

6.10         YouTube

Functions of the YouTube service are integrated into our products and websites. The operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is in the interest of presenting our online offers in an appealing manner. For more information about how user data is handled, please refer to YouTube’s privacy policy at https://www.google.de/intl/de/policies/privacy

6.11         Instagram

Functions of the Instagram service are integrated into our products and websites. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. This integration can include content such as images, videos, or texts, as well as buttons that allow users to share content from this online offer within Instagram. If users are members of the Instagram platform, Instagram can assign the call-up of the aforementioned content and functions to the users’ profiles there. Instagram is part of the Facebook group of companies and shares infrastructure, systems, and technology with Facebook and other Facebook companies. For more information on how user data is handled, please refer to Instagram’s privacy policy: http://instagram.com/about/legal/privacy/

6.12         Stripe

Payment processing is carried out by the technical service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we transmit the information provided by you during the order process, along with information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency, and transaction number) in accordance with Art. 6 para. 1 lit. b GDPR. Your data will only be passed on to Stripe Payments Europe Ltd. for the purpose of payment processing and only to the extent necessary for this purpose. You can find data protection information about Stripe Payments Europe Ltd. here:  https://stripe.com/de/privacy.

6.13         MapBox

Our products use Mapbox Tiles for displaying interactive maps. The Mapbox Tiles API is a mapping service provided by Mapbox Inc., 1509 16th St NW, Second Floor, Washington, DC 20036 (Mapbox). By using the Mapbox Tiles API, information about the use of this website, including your IP address, may be transmitted to Mapbox. When you access a page containing Mapbox Tiles maps, your browser establishes a direct connection to Mapbox servers. The map content is transmitted directly from Mapbox to your browser and integrated into the website. Therefore, we have no influence on the scope of data collected by Mapbox in this way. If you do not want Mapbox to collect, process, or use data about you through our website, you can disable JavaScript in your browser settings. In this case, however, you will not be able to use the map display. For more information about the purpose and scope of data collection and further processing and use of data by Mapbox, your rights in this regard, and privacy settings, please refer to Mapbox’s privacy policy at https://www.mapbox.com/privacy/. Among other things, it states that the visitor’s IP address, the address of the visited page, date and time, and the pages accessed are stored. Mapbox states that it uses this information exclusively to improve the service provided for diagnostic and analytical purposes. Mapbox does not disclose personal data to third parties. The use of MapBox is in the interest of the functionality and attractive presentation of our online offers and easy location of the places indicated on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

We use MapBox based on the EU Standard Contractual Clauses. Furthermore, we have concluded a “Data Processing Agreement” with MapBox. This is a contract in which MapBox undertakes to protect the data of our users and to process it in accordance with its data protection provisions on our behalf.

6.14         Vimeo

Our products and websites use plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. This informs the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. If you are logged in to your Vimeo account, you enable Vimeo to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account. We use Vimeo based on the EU Standard Contractual Clauses. For more information about how user data is handled, please refer to Vimeo’s privacy policy at: https://vimeo.com/privacy

6.15         Brevo

We also use Brevo for sending our newsletter. The provider is Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin. Brevo is a service that allows us to analyze the behavior of newsletter recipients. The data you enter for the purpose of subscribing to the newsletter (e.g., email address) is stored on Brevo’s servers.

If you do not want analysis by Brevo, you must unsubscribe from the newsletter (see clause 7 of this privacy policy). You can also revoke your consent at any time with effect for the future by emailing the address given in our imprint. The data you provide us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers and Brevo’s servers after unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. Data stored by us for other purposes (e.g., email address for the members area) remains unaffected by this. For more information, please see Brevo’s privacy policy at: https://www.brevo.com/de/legal/privacypolicy/

6.16         PayPal

To the extent necessary for the processing and payment of your contract, we will disclose the data collected and stored, especially payment data, in accordance with contractual arrangements to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg as part of the payment processing. Details on the handling of personal data by PayPal are described in PayPal’s privacy policy. You can find it here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE

6.17         Mixpanel

Mixpanel, provided by Mixpanel UK Ltd, London, 1-2 Berners Street, Third Floor, London W1T 3LA, automatically collects certain information: IP address, location, and browser information. When FlyNex uses the Mixpanel application, some information is automatically collected. This may include information such as the operating system (“OS”) running on your device, the Internet Protocol (“IP”) address (which may be used to retrieve your location), access times, browser type, and language settings of the operating system, and the website you visited before visiting the Mixpanel website. Information is also collected on how you use Mixpanel’s site, applications, and services, including the elements you interacted with, metadata, and other details about these elements, clicks, status changes, and other user actions. In addition, pixel tags are used, also known as clear gifs, web beacons, or web bugs. Pixel tags are tiny graphic images with a unique identifier, similar to cookies. These are used to track the online movements of web users. We use Mixpanel for marketing and optimization purposes, especially to analyze the use of our website and to continuously improve individual features and offers as well as the user experience. By analyzing user behavior statistically, we can improve our offering and make it more interesting for you as a user. This also represents our legitimate interest in processing the above data by the third-party provider. We use Mixpanel based on the EU Standard Contractual Clauses. Mixpanel commits to comply with EU data protection requirements. Furthermore, we have concluded a “Data Processing Agreement” with Mixpanel. This is a contract in which Mixpanel undertakes to protect the data of our users. For more information on data protection and how to opt out of Mixpanel’s data collection, please visit https://mixpanel.com/legal/privacy-policy/ .

6.18         DENKweit

With the AI-supported image analysis from DENKweit, images can be analyzed directly via drone by FlyNex. FlyNex combines project management with drone data capture and subsequent automated AI analysis of objects, with DENKweit GmbH, located at Blücherstraße 26, 06120 Halle (Saale), cooperating with FlyNex on AI analysis. In this context, the protection of personal data is taken very seriously, and personal data is treated confidentially and in accordance with legal data protection regulations as well as DENKweit’s privacy policy. We have concluded an agreement with Denkweit for order processing.

6.19         Zapier

FlyNex uses “Zapier” to connect different web apps. This allows actions to be automated between different web apps. Zapier is a service provided by Zapier Inc., 548 Market St #6241, San Francisco, CA 94104, USA. When using Zapier, it is not excluded that data may be transferred to servers of Zapier in the USA. We have concluded an agreement with Zapier for order processing.

Zapier enables FlyNex to link and synchronize various functionalities, databases, and tools with our website. This allows, for example, content published on our website to be automatically distributed on our social media channels or to export content from marketing and analytics tools. Depending on the functionality, Zapier may also collect various personal data. The use of Zapier is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most effective integration of the tools used. If consent has been requested, processing is based exclusively on Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

In addition, data processing is secured by the EU Standard Contractual Clauses. FlyNex uses Zapier both to automate actions between different apps and to improve and customize the website to be more user-specific, which also represents a legitimate interest under Art. 6 para. 1 lit. f) GDPR. For more information about data protection at Zapier, please visit: https://zapier.com/privacy/.

6.20         Amazon Web Services (AWS)

FlyNex uses Amazon Web Services to run applications faster and more securely. Amazon Web Services is a fully managed database cloud service that FlyNex uses for even greater performance to process your data anonymously, e.g. into orthophotos.

There is a Data Processing Agreement between FlyNex and AWS. This is a contract in which AWS undertakes to protect the data of our users and to process it on our behalf in accordance with its data protection regulations. AWS uses so-called standard contractual clauses, which are intended to ensure that your data also complies with European data protection standards if, for example, it is transferred to and stored in third countries. Through the EU-US Data Privacy Framework and the standard contractual clauses, AWS undertakes to comply with the European level of data protection when processing relevant data. In the adequacy decision, the Commission carefully examined the requirements arising from the EU-US Data Privacy Framework and the restrictions and safeguards that apply when personal data transferred to the US is accessed by US authorities, in particular for law enforcement and national security purposes. Further information on the EU-US Data Privacy Framework can be found here: https://ec.europa.eu/commission/presscorner/detail/en/qanda_23_3752.

6.21         Calendly

You have the option to sign up for an appointment with us via a link. We use the online calendar “Calendly” for requesting and selecting appointments. “Calendly” is a service provided by Calendly, LLC, 3423 Piedmont Road NE, Atlanta, GA 30305-1754, United States.

When you click on the online appointment scheduling link, you are automatically connected to our appointment scheduling page at Calendly. After choosing your appointment, confirmation, and entering your contact details and concerns, you will receive an email confirmation of your appointment from Calendly. For more information about Calendly and data protection at Calendly, please visit: https://calendly.com/pages/privacy.  

Your information from the Calendly form, including the data you provided there, will be stored by us and by Calendly for processing the request and for follow-up questions. This data will remain with us and Calendly until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after the appointment has taken place). Mandatory legal provisions, especially retention periods, remain unaffected. We use Calendly based on the EU Standard Contractual Clauses.

6.22         Drone Harmony

Drone Harmony AG, based at Sonnentalstrasse 8, 8600 Dübendorf, Switzerland, together with FlyNex, covers the complete mission and operation planning of drone operations.

In the context of the integration of Drone Harmony at FlyNex, Drone Harmony can use various technologies to collect and store information when the website, app, or web platform is used, including email address, flight routes, drone type and model, and first and last names.

For Switzerland, there is an adequacy decision as a third country under Art. 45 para. 1, para. 3 GDPR. If the other provisions of the GDPR, such as Art. 6 ff., Art. 12ff. and 28 ff. GDPR, are complied with, the transfer of personal data to Switzerland is permissible. Companies from Europe and Germany must comply with all requirements of the GDPR when planning to transfer data to Switzerland, which apply anyway to any processing of personal data of EU citizens. Please refer to Drone Harmony’s privacy policy: https://droneharmony.com/drone-harmony-privacy-policy/

6.23         Microsoft Teams

FlyNex uses the tool “Microsoft Teams” to conduct telephone conferences, online meetings, video conferences, and/or webinars (hereinafter referred to as “online meetings”). “Microsoft Teams” is a service provided by Microsoft Corporation.

The controller for data processing directly related to the conduct of “online meetings” is FlyNex GmbH.

Note: When you access the “Microsoft Teams” website, the provider of “Microsoft Teams” is responsible for data processing. However, accessing the website is only necessary to download the software for using “Microsoft Teams.” If you do not want or cannot use the “Microsoft Teams” app, you can also use “Microsoft Teams” via your browser. The service is then provided via the “Microsoft Teams” website as well.

When using “Microsoft Teams,” various types of data are processed. The scope of the data depends on the information you provide before or during participation in an “online meeting.”

The following personal data is subject to processing:

• User information: e.g., Display name, optionally email address, profile picture (optional), preferred language
• Meeting metadata: e.g., Date, time, meeting ID, phone numbers, location
• Text, audio, and video data: You may have the option to use the chat function in an “Online-Meeting”. In this regard, the text inputs you make will be processed to display them in the “Online-Meeting”. To enable video display and audio playback, data from your device’s microphone and, if available, video camera will be processed during the meeting. You can deactivate or mute the camera or microphone yourself using the “Microsoft Teams” applications at any time.

If personal data of employees of FlyNex GmbH is processed, § 26 BDSG is the legal basis for data processing. If personal data in connection with the use of “Microsoft Teams” is not required for the establishment, implementation, or termination of the employment relationship but is nevertheless an essential part of the use of “Microsoft Teams,” Art. 6 para. 1 lit. f) GDPR is the legal basis for data processing. In these cases, we have a legitimate interest in the effective conduct of “online meetings.” Otherwise, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) GDPR, insofar as meetings are conducted within the framework of contractual relationships. If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here too, we have a legitimate interest in the effective conduct of “online meetings.”

Personal data processed in connection with participation in “online meetings” is generally not disclosed to third parties unless it is intended for disclosure. Please note that content from “online meetings,” as with personal meetings, often serves to communicate information with customers, prospects, or third parties and is therefore intended for disclosure. Further recipients: The provider of “Microsoft Teams” necessarily becomes aware of the aforementioned data to the extent provided for in our contract data processing agreement with “Microsoft Teams.”

Data processing outside the European Union (EU) generally does not take place, as we have restricted our storage location to data centers in the European Union. However, we cannot rule out that data routing may occur via internet servers located outside the EU. This may particularly be the case if participants are in a third country during an “online meeting.” However, the data is encrypted during transport over the internet and thus protected against unauthorized access by third parties.

6.24         Microsoft Clarity

We use Microsoft Clarity. “Microsoft Clarity” refers to a procedure by Microsoft whereby user analysis is possible based on a pseudonymous user ID and thus based on pseudonymous data, such as the evaluation of data on mouse movements or performance data on specific internet presentations.

In doing so, we process, in particular, usage data (e.g., visited internet presentations, interest in content, access times), meta/communication data (e.g., device information, IP addresses), location data (information on the geographical position of a device or person), and movement data (mouse movements, scroll movements) in pseudonymized form. We have made the corresponding settings so that data collection by and through Microsoft alone is already pseudonymized, particularly in the form of IP masking (pseudonymization of the IP address).

All users of our website who have agreed to the corresponding use via our cookie consent service are affected by this data processing. Data processing is therefore based solely on your consent in accordance with Art. 6 para. 1 a) GDPR. 

The purpose of processing is tracking (e.g., interest/behavior-related profiling, use of cookies), remarketing, conversion measurement (measurement of the effectiveness of marketing measures), interest-based and behavior-related marketing, profiling (creation of user profiles), reach measurement (e.g., access statistics, recognition of recurring users), cross-device tracking (cross-device processing of user data for marketing purposes).

You will be informed about your right to object in accordance with this data protection declaration. You can also set an opt-out with the respective provider. 

• Europe: https://www.youronlinechoices.eu.
• Canada: https://www.youradchoices.ca/choices.
• USA: https://www.aboutads.info/choices.
• Cross-border: https://optout.aboutads.info.

Microsoft Clarity: Online marketing and web analysis; offered by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; Internet presentation: https://clarity.microsoft.com; Privacy policy: https://privacy.microsoft.com/en-us/privacystatement; Opt-out: https://choice.microsoft.com/en-US/opt-out.

Please note that we have concluded an AV contract including the necessary EU Standard Contractual Clauses with Microsoft to enable this activity. 

6.25         Hubspot

For our online marketing activities, we use the product HubSpot. The provider is HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. This is an integrated software solution that covers various aspects of our online marketing. This includes, among others, email marketing (newsletters as well as automated mailings, e.g., for providing downloads), social media publishing & reporting, reporting (e.g., traffic sources or accesses), contact management (e.g., user segmentation & CRM), landing pages, and contact forms. Our registration service enables visitors to our products and websites to learn more about our company, download content, and provide their contact information, especially their name, first name, email address, postal address, telephone number and/or mobile number, as well as other demographic information. This information, as well as the content of our website, is stored on servers of our software partner HubSpot. It can be used by us to get in touch with visitors to our website and to determine which services of our company are of interest to them. All information collected by us is subject to this privacy policy. We use all collected information exclusively to optimize our marketing measures.

Furthermore, to improve the user experience on our website, we use the live chat service “Messages” from HubSpot for sending and receiving messages on some subpages (round chat icon at the bottom right of the screen). If you agree and use this function, the following data will be transmitted to the servers of HubSpot:

• Content of all sent and received chat messages
• Contextual information (e.g., page where the chat was used)
• Optional: Email address of the user (if provided by the user via chat function)

HubSpot is a software company from the USA with a branch in Ireland. We use HubSpot based on the EU standard contractual clauses. Furthermore, we have concluded a data processing agreement with HubSpot. This is a contract in which HubSpot undertakes to protect the data of our users and to process it in accordance with its data protection provisions on our behalf.

For more information on HubSpot’s privacy policy, please visit https://legal.hubspot.com/de/privacy-policy. If you do not want HubSpot to collect data in general, you can prevent the storage of cookies at any time, as described in Section 3.6.

If you would like to subscribe to the newsletter offered on the website, we need your email address and information that allows us to verify that you are the owner of the specified email address and that you agree to receive the newsletter. No further data is collected. We use this data exclusively to send the requested information. You can revoke your consent to the processing of your data, especially your email address and its use for sending the newsletter, at any time, for example via the unsubscribe link in the newsletter.

We reserve the right to change this privacy policy at any time with effect for the future. The current version is available on our products and websites, e.g., at www.flynex.de/datenschutz. Please check the privacy policy regularly and inform yourself about the applicable privacy policy.