Last revised: May 7th, 2024
Skycode Oy (“SkyPlanner,” “we,” “us,” or “our”) operates the website located at https://skyplanner.ai (the “Site”), along with all associated websites, software available for download, mobile applications, and other services we provide. These services, together with any direct communications through written or oral methods, such as emails, telephone messages, or calls, are collectively referred to herein as our “Service”.
This Privacy Policy (“Policy”) outlines our practices regarding the handling of your personal data when you engage with our Service, whether by visiting our Site, contacting us, or utilizing our services. The terms “you” and “your” hereunder refer to any individual who interacts with us, particularly in the capacity of a customer or site visitor.
This Policy forms an integral part of, and is subject to, the SkyPlanner Terms and Conditions. Any capitalized terms not defined under this policy shall have the meanings ascribed to them in the SkyPlanner Terms and Conditions.
The contents of this Policy are subject to periodic review and may be updated to reflect changes in our data handling practices. You are responsible for reviewing this document regularly to stay updated on any changes.
Data Controller Details
Skycode Oy
Rantakatu 2 G (11th floor)
Vaasa, 65100
Finland
[email protected]
+358 40 700 0002
Definitions:
- Authorization – the spectrum of permissions and entitlements granted to a User on the Website, as conferred by a Client.
- Client – refers to a legal entity that avails itself of the SkyPlanner Service.
- Client Data – pertains to personal data, including but not limited to reports, addresses, and documents in electronic formats that are stored within the Service by a User.
- Controller – signifies the person or entity, whether natural or legal, agency, public authority, or other body, which, alone or jointly with others, determines the purposes and means of processing personal data.
- Personal Data – encompasses any data related to a person who can be identified directly or indirectly.
- Public Area – designates parts of the Site accessible to both Users and Visitors without the requirement to log in.
- Restricted Area – indicates sections of the Service available solely to Customers, contingent upon logging in.
- Processing of Personal Data – involves involves any processing activities or series of activities conducted on personal data or sets of personal data, whether automated or not, including collection, recording, organization, structuring, storage, modification, retrieval, consultation, use, disclosure by transmission, distribution, or otherwise making available, alignment, combination, restriction, deletion, or destruction.
- Processor – represents any natural or legal person, agency, public authority, or other body that processesor works with personal data on behalf of the controller.
- Third-party – means any natural or legal person, agency, public authority, or body apart from the data subject, controller, processor, and persons authorized under the direct authority of the controller or processor to process personal data.
- User – denotes an employee or agent of a Customer, mainly engaging with the Restricted Area to access the Service.
- Visitor – describes any individual who interacts with the Public Area but does not access the Restricted Area.
Information Collection Methods Utilized by the Service
SkyPlanner acquires various types of information through the Service. The primary legal grounds for the processing of personal data by SkyPlanner are that such processing is essential for the delivery of the Service as stipulated in SkyPlanner’s Terms of Service, and that the processing is executed in accordance with SkyPlanner’s legitimate interests, which are detailed in the “Purpose of Processing” section of this Policy. Additionally, we may process data based on your consent, which we will request as necessary.
Information Provided by Users: As a User or Visitor of the Service, you may supply, and we may gather, Personal Data. Examples of such data include your name, email address, postal address, mobile number, and payment details such as credit card or other billing information. Personal Data also encompasses additional details, such as geographic location or preferences, particularly when such information is associated with data that identifies an individual. This Personal Data may be provided through various activities on the Service, such as registering for an account, utilizing the Service, uploading Client Data, interacting with other users via communication features, or submitting inquiries related to customer service.
Information Accumulated by Clients: A Client or User may upload or store Client Data within the Service. SkyPlanner does not maintain a direct relationship with the individuals whose Personal Data is included as part of the Client Data. It is the responsibility of each Client to inform its customers and third parties about the purposes for which Personal Data is collected and the manner in which it is processed within the Service as part of Client Data.
Information Collected Automatically: When the Service is utilized by a User or Visitor, we may automatically document certain information from your device by employing various types of technology, such as cookies, clear GIFs, or web beacons. This automatically gathered information may comprise IP addresses or other device identifiers, types of web browsers and/or devices used, as well as details of web pages visited immediately before or after the Service, the content viewed or interacted with on the Service, and the dates and times of such visits, accesses, or uses. Additionally, these technologies may be used to collect data regarding a Visitor or User’s interaction with email communications, such as whether an email is opened, clicked on, or forwarded. This information is collected universally across all Users and Visitors.
Integrated Services: You may have the option to access or register for the Service using credentials from third-party services (referred to as “Integrated Services”), such as Google or Microsoft accounts. By allowing us to connect with an Integrated Service, you authorize us to access and store information like your name, email addresses, date of birth, current city, gender, profile picture URL, and other data made available by the Integrated Service, and to handle and disclose this information in alignment with this Policy. You should adjust your privacy settings on each Integrated Service to manage the information accessible to us and review the terms of use and privacy policies of each Integrated Service prior to engagement.
Information from External Sources: We may receive information, including Personal Data, from external entities such as our partners, advertisers, and other Integrated Services. If we merge information from other sources with Personal Data collected through the Service, we will treat the aggregated information as Personal Data under this Policy.
Purpose of Processing
We employ the information we gather in various ways to facilitate the delivery of the Service and manage our operations, as detailed below:
Operational Use: We utilize personal data—excluding Client Data—to efficiently administer, maintain, and enhance all aspects of our Service. This includes responding to your requests, addressing comments, and providing support to our users. We process Client Data strictly according to the directives provided by the relevant Client or User, ensuring compliance with our contractual obligations and privacy standards.
Marketing Initiatives with Resellers: We engage with selected resellers who are authorized to market and promote our products and services. These collaborations are designed to extend the reach of our offerings and provide you with options that are tailored to your preferences and needs. All marketing activities by our resellers are conducted under strict data protection agreements. These agreements ensure that all marketing practices adhere to our high standards of privacy protection and are executed solely in alignment with your interests. This approach guarantees that your personal data is handled respectfully and in compliance with relevant privacy laws.
Service Enhancements: We regularly analyze usage trends and user preferences to improve the Service and develop new products, features, and functionalities. Such analyses exclude Client Data unless explicitly required, in which case it is only processed in an anonymized or aggregated form to ensure privacy and compliance with applicable laws.
Communications and Customer Relations: We engage with our Visitors and Users using their provided contact information—excluding Client Data—for various administrative purposes. These include responding to customer service inquiries, addressing potential violations of intellectual property rights, privacy rights, or issues of defamation that might arise from data posted on the Service. Furthermore, we send periodic updates about promotions, events, and new offerings related to our products and services, as well as those from our third-party partners. Should you prefer not to receive such promotional communications, you can opt out as described in the “Your Choices Regarding Data Management” section of this policy.
Cookies and Tracking Technologies: We use cookies and similar tracking technologies to:
- Personalize the Service, for example by saving a User’s or Visitor’s session information to eliminate the need for repeated entry during subsequent visits;
- Deliver tailored advertisements, content, and information;
- Assess the efficacy of our Service and third-party marketing efforts;
- Gather aggregate metrics such as the total number of visitors and page views;
- Track entries, submissions, and the progress of participants in promotions or other activities hosted on the Service.
Analytics: We employ Google Analytics to assess and monitor traffic in the Public Area of the Site, compiling navigation reports for our administrators. Google operates independently with its own privacy policy, which we strongly recommend you review. Google may utilize the data gathered through Google Analytics to analyze the activity of Users and Visitors on our Site.
We are committed to safeguarding the technical information collected via Google Analytics. Such data is accessed only when necessary to address technical issues or manage the Site and is always processed in a non-identifiable form. We do not use any of this data to identify Visitors or Users.
Disclosure of Information
Unless otherwise specified in this Policy, we commit not to intentionally disclose Personal Data or Client Data collected or stored on the Service to third parties without the explicit consent of the relevant Visitor, User, or Client. However, we may share information with third parties if you provide your consent, as well as under the following conditions:
Service Providers: We engage third-party service providers to assist with website and application development, hosting, maintenance, and other operational services. These entities may have access to, or process, Personal Data or Client Data as part of their service delivery. We provide only the information necessary for them to perform their specific services and contractual agreements mandate them to keep this information confidential.
Non-Personally Identifiable Information: We may share non-personally identifiable information that is automatically collected, aggregated, or otherwise devoid of personal identification, with third parties for purposes including, but not limited to:
- Adhering to various reporting requirements;
- Business or marketing initiatives;
- Assisting these parties in understanding the preferences, habits, and usage patterns of our Clients, Visitors, and Users regarding certain programs, content, services, and functionalities offered through the Service.
Law Enforcement, Legal Proceedings, and Compliance: We may disclose Personal Data or other information if legally required, or in the good-faith belief that such action is necessary to conform to applicable laws, respond to a valid court order, judicial or governmental subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
Furthermore, we reserve the right to disclose Personal Data or other information when we believe it is necessary to:
- Implement safeguards to mitigate liability risks;
- Shield ourselves and others from fraudulent, abusive, or illegal actions;
- Address and counter any third-party claims or accusations;
- Ensure the security and integrity of the Service and the facilities or equipment used to manage it;
- defend our property or legal rights, uphold our agreements, or protect the rights, property, or safety of others.
Change of Ownership: Information pertaining to Users and Visitors, including Personal Data, may be disclosed or transferred to an acquirer, successor, or assignee as part of a merger, acquisition, debt financing, asset sale, or similar transaction, as well as in circumstances such as insolvency, bankruptcy, or receivership in which such information is transferred to third parties as a valuable business asset. Such transfers will only take place provided that the recipient of the User or Visitor Data agrees to adhere to a Privacy Policy that substantially aligns with the stipulations of this Privacy Policy.
Client Data may be transferred, either physically or electronically, to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or comparable transaction, as well as in circumstances of insolvency, bankruptcy, or receivership. Such transfers will be executed solely to facilitate the continuous operation of the Service. This transfer of information will only occur if the recipient of the Client Data commits to uphold a Privacy Policy whose terms are substantially in alignment with those set forth in this Privacy Policy.
Your Choices Regarding Data Management
We uphold your privacy rights by offering reasonable access to the Personal Data you may have provided through your use of the Services. Should you wish to access, amend, or request the deletion of any Personal Data that we have obtained from an Integrated Service, please contact us as specified in the “How to Contact Us” section. Upon your request, we will remove or anonymize your information in our database.
You may modify, correct, or delete your account details and preferences at any time via request at [email protected]. It is important to note that changes will be reflected promptly or within a reasonable timeframe in our active user databases, although we may retain all information you submit for backups, archiving, fraud prevention, compliance with legal obligations, or where we believe we have a legitimate reason to do so.
You may also choose not to share certain Personal Data with us, which may limit our ability to provide you with some features and functionalities of the Service.
At any time, you may object to the processing of your Personal Data on legitimate grounds, unless otherwise permitted by applicable law.
This does not apply to Personal Data included in Client Data, where management is governed by the Client’s Privacy Policy. Any requests for access, correction, or deletion of Client Data should be directed to the responsible Client who uploaded and stored the data into the Service.
Navigation Information
You may opt out from the collection of navigation information during your visits to the Site by utilizing the Google Analytics Opt-out feature.
Opting Out from Commercial Communications
Should you decide to cease receiving commercial communications from us, you have the option to unsubscribe at any time. To facilitate this process, you may follow the detailed unsubscribe instructions included within each email. Alternatively, for assistance or to manage your communication preferences more directly, please contact us using the designated contact details found in the “How to Contact Us” section. We are committed to ensuring that your preferences are respected in a timely and efficient manner.
Please note that upon opting out of receiving commercial emails from us, or should you adjust the nature or frequency of promotional communications, the processing of your request may take up to ten (10) business days. Additionally, it is important to understand that, even after you opt out of receiving commercial messages, you will continue to receive essential administrative communications from us pertaining to the Service.
SkyPlanner does not have a direct relationship with the Clients’ customers or third parties whose Personal Data it processes on behalf of a Client. Individuals seeking to access, correct, amend, or delete inaccurate data, or withdraw consent for further contact, should direct their inquiries to the Client or User with whom they interact. If a Client requests SkyPlanner to remove data, we will respond within thirty (30) days. We will delete, amend, or block access to any Personal Data we store only upon written request from the Client responsible for such Personal Data, unless we have a legal right to retain it. We reserve the right to retain a copy for archiving purposes or to defend our rights in litigation. Such requests should be addressed as outlined in the “How to Contact Us” section and include sufficient information to allow SkyPlanner to identify the Client or its customer or third party, and the information to delete or amend.
Third-Party Services
The Service may incorporate functionalities or links to websites and services operated by third parties. Any information you submit to these third-party sites or services is provided directly to their operators and governed by their respective privacy and security policies, notwithstanding your access via our Service. We do not assume liability for the content, privacy, or security practices and policies of third-party sites or services that are linked to or accessed through our Service. We advise you to acquaint yourself with the privacy and security policies of these third parties prior to disclosing any information to them.
Interest-Based Advertising
Interest-based advertising entails the aggregation of data from multiple sources and platforms to infer the preferences or interests of individuals, thereby facilitating the delivery of advertisements that are customized to these inferred interests. In this context, we engage in collaborations with a variety of third parties, including advertising networks, attribution partners, and business partners. Our objective with these collaborations is to discern the profiles of individuals who are most likely to have an interest in the products or services offered by SkyPlanner.
In collaboration with various third parties, we gather information regarding our customers, prospects, and others, analyzing data over time and across multiple platforms. This data collection aims to gain insights into purchasing behaviors, assess the efficacy of our advertising campaigns, and understand interactions with our websites, emails, and third-party platforms. Both we and the third parties we partner with utilize this aggregated information for several objectives. These include recognizing previous visitors, customizing content, delivering more pertinent advertisements, and identifying visitors across various devices and sales channels.
Interest-based advertisements may be displayed to you within emails or on third-party platforms. Additionally, we may dispatch commercial communications directly or via these third parties.
Visitors are afforded the discretion to opt out of participating in interest-based advertising conducted by multiple advertising networks both on our platform and externally. To exercise this option, visitors may refer to specific websites designed to facilitate such opt-outs.
http://www.aboutads.info/consumers and http://www.networkadvertising.org.
It is crucial to understand that this action enables individuals to withdraw from a segment of the targeted advertising activities, albeit not all. As experienced practitioners in the field, we encourage visitors to familiarize themselves with the mechanisms of opting out and to carefully consider the implications of such decisions on their online experience. Engaging with these opt-out processes can significantly alter the nature of advertisements received, making them less tailored to personal preferences and interests.
Opting out via these links will exclude a visitor from numerous, but not all, interest-based advertising practices that we or third parties may conduct.
Third-Party Cookies and Tracking Technologies
We permit third parties, with whom we have established agreements, to employ cookies and similar tracking technologies to gather information about your use of the Site. These third parties include:
- Business Partners – These entities collect data when you engage with their advertisements on our Site.
- Advertising Networks – These organizations gather information about your preferences and interests based on your interaction with their advertisements.
The data collected by these third parties is utilized to infer your interests or preferences, enabling them to present tailored advertisements or promotional materials on this Site and across other websites on the Internet that seem to align with your interests.
While these business partners and advertising networks do serve interest-based advertisements on our Services, they are granted only limited access to essential information about your profile and device to deliver advertisements that appear to align with your interests. There is a possibility that they might reuse this minimal amount of information on other platforms or services.
We ensure that no information which easily identifies you (such as your email address) is shared with these third parties; however, they may have access to information that could potentially identify your device, like IP or MAC addresses. We do not possess control over, nor do we have access to the tracking technologies these third parties might use to collect data about your interests, and the privacy practices of these third parties are not included in this Privacy Notice. Beyond the details shared in this document, we exert no oversight over these third-party entities.
Types of Cookies Employed on the Site:
- Strictly Necessary/Essential Cookies: These are crucial for navigating the website and utilizing its features, such as accessing secure areas. Without these cookies, services you request cannot be provided. These cookies do not collect information capable of identifying a visitor.
- Performance Cookies: These cookies gather data about how visitors use the website, identifying pages visited frequently and any errors encountered. The information collected by these cookies is aggregated and anonymous, serving solely to enhance website functionality.
- Functionality Cookies: These cookies enable the website to recall your selections, such as your username, language, and region, offering a more personalized experience. They facilitate specific services you request, like video playback or commenting on a blog. The information gathered through these cookies is typically anonymized, ensuring it does not track your browsing activities on other websites.
- Targeted Advertising Cookies: We use these cookies to show you ads that match your interests. They help ensure that you don’t see the same ad too many times and allow us to measure how effective our ads are. These cookies record your visit to our site and share this information with advertisers or companies that help us place ads.
Please review these practices carefully and consider your privacy preferences when engaging with our Site and its features.
Data Security
We diligently adhere to universally recognized industry standards to secure the information entrusted to us, both during transmission and upon receipt. In our custody, we implement robust administrative, technical, and physical measures designed to protect Personal Data against accidental or unlawful destruction, loss, unauthorized alterations, unauthorized disclosure or access, misuse, and any other unlawful processing of the Personal Data in our possession. Specifically, our security protocols include the deployment of firewalls, password protection, and comprehensive access and authentication controls. These measures are continually reviewed and updated to adapt to evolving security challenges and maintain the integrity and confidentiality of your data. We utilize SSL technology to encrypt data during its transmission over public networks.
Nevertheless, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of the information you transmit to us or store on the Service, and you do so at your own risk. We also cannot ensure that such information will not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you suspect that your Personal Data has been compromised, please contact us as specified in the “How to Contact Us” section.
In the event of a security system breach, we will inform you and any applicable regulators of the breach in compliance with applicable law.
Data Retention
We retain Personal Data collected from Users solely for the duration that the User’s account remains active or for a limited period as necessary to achieve the purposes for which the data was initially collected, unless longer retention is mandated by law. Additionally, we may retain and utilize such information as required to fulfill our legal obligations, resolve disputes, and enforce our agreements. This practice ensures that we adhere to applicable legal standards and safeguard the rights and interests of all parties involved, maintaining the data only as long as is essential for these purposes.
- Content associated with closed accounts will be permanently deleted within three months following the date on which the account is closed.
- Backups are maintained for three months.
- Billing information is preserved for seven years in compliance with Finnish accounting and taxation laws.
- Information on legal transactions between the Client and SkyPlanner is retained for ten years in accordance with the general limitation period for civil claims outlined in the Finnish General Part of the Civil Code Act.
Settings
While we provide options to modify privacy settings and restrict access to certain Personal Data, it is important to acknowledge that no security system is completely impervious to breaches. As such, we cannot be held liable for any circumvention of the privacy settings or security measures in place on the Service. Furthermore, we do not have control over the actions of other users with whom you may choose to share your information. It is also pertinent to note that removed information may still persist in cached and archived forms.
Additionally, other users or third parties may have already copied or stored information made available on the Service. Consequently, we cannot assure that information you post or transmit to the Service will remain inaccessible to unauthorized parties.
Foreign Visitors
The Services are hosted within the European Union and the United States. Should you elect to access the Services from jurisdictions possessing data collection and usage legislation that differs from that of the European Union or United States, be advised that you are effectuating a transfer of your Client Data and Personal Data from your region to the European Union or United States for purposes of storage and processing. Additionally, we reserve the right to relocate your data between the European Union and the United States, as well as to other countries or regions, as necessitated by the storage and processing of data, the fulfilment of your requests, and the operational management of the Services. Your provision of any information, including Client Data and Personal Data, via the Services constitutes your express consent to such transfers, storage, and processing.
Data Transfer
We may transfer, process, and store Personal Data collected through the Services in centralized databases within the EU. The EU may have a different data protection framework than the country from which you are using the Services. When transferring Personal Data to the EU, we will protect it as outlined in this Privacy Policy.
Data Controller and Data Processor
SkyPlanner neither owns nor exercises control over the use of any Client Data that is stored or processed by a Client or User through the Service. Clients and Users have the exclusive right to access, retrieve, and determine the usage of their respective Client Data. Generally, SkyPlanner is not privy to the specific Client Data stored or made accessible by a Client or User on the Service and does not access such Client Data directly, except when expressly authorized by the Client, or as required to deliver services to the Client and its Users.
SkyPlanner does not collect or determine the usage of any Personal Data within the Client Data, nor does it dictate the purposes for which such Personal Data is collected, the methods of its collection, or its subsequent use. Consequently, under the European Union’s General Data Protection Regulation (GDPR, Regulation EU 2016/679), SkyPlanner does not act as a data controller and is therefore not subject to the associated responsibilities typical of that role. Instead, SkyPlanner should be regarded purely as a data processor, acting on behalf of its Clients and Users concerning any Client Data that includes Personal Data and falls under the purview of the GDPR.
Furthermore, except as explicitly stated in this Privacy Policy, SkyPlanner does not independently initiate the transfer or disclosure of Client Data containing Personal Data to third parties. Any such transfers or disclosures are conducted by third-party subcontractors who may process this data solely in the context of providing Services, and only as authorized or directed by the relevant Client or User.
Under the General Data Protection Regulation (GDPR, Regulation EU 2016/679), the Client or User holds the position of data controller for any Client Data that includes Personal Data. As the data controller, the Client or User is responsible for deciding how such Personal Data is collected and utilized, as well as for determining the purposes and methods of processing this Personal Data.
SkyPlanner bears no responsibility for the content of the Personal Data included in the Client Data or any other information housed on its servers (or those of its subcontractors), which is stored at the discretion of the Client or User. Furthermore, SkyPlanner is not accountable for the methods employed by the Client or User in collecting, managing, disclosing, distributing, or otherwise processing such information.
Modifications to This Policy
We encourage you to review this document regularly to remain informed of any updates that may be made to this Policy. We will post any changes to the Policy on the Service and update the “Last revised” date accordingly. We commit to adhering to applicable legal requirements when making these changes.
Your ongoing use of the Service following the implementation of these updates signifies your acceptance of the revised Policy. This implies that you have read, comprehended, and consented to adhere to the current version of the Policy.
We will always publish the latest version of our policy on our website.
How to contact us
Should you have any inquiries or comments regarding this Policy, the handling of your Personal Data, our disclosure and usage practices, or your choices concerning consent, please reach out to us via email at [email protected]