We, Flightaides Inc. was incorporated under the laws of the province of Ontario, Canada.
We are committed to adhere to and comply with the best data protection practices. We respect privacy of the clients and to all others who either navigate our website or download and use our mobile application that leave behind their data prints and treat it under strict confidentiality. The data prints contain both ‘non-personal’ and ‘personal’ information.
The definition of the terms used herein have been taken from the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada and the European General Data Protection Regulation (GDPR).
We receive, access, use, compile, process and analyze clients’ personal information strictly for the intended purpose of providing our services following the principle of lawful, fair and transparent usage of personal data provided by those who browse our website and mobile application, create login ID and use our services. We do not share, lend or sell personal information of the clients.
As a services-driven e-commerce company, the data is collected only for the intended limited purpose through accessing or browsing our proprietary Information Technology (IT) tool like, website or mobile application, and creating a login ID. We take creation of login ID as a permission to internalize client personal information into our database for availing our services. We follow data minimization principle while processing and analyzing the collected data only for the intended purpose of providing our services. We follow data storage limitation principle and delete data after processing it for the intended purpose unless grounds for the legitimate purpose for retaining a part of the data exists.
With the explicit permission, we retain the requisite part of the personal data for reserving or enhancing the quality of our services; else, in case the permission to retain the requisite part of the received data is denied, we delete the personal data. To meet the statutory compliance, we do maintain the record of our clients from the collected data. The residue data is deleted after the completion of the process. We have a dedicated regular data review process to phase out the redundant data from our database.
In the processing of the received data, we may be required to share our data with third-party service providers, like data storage cloud and data analytic tools. The third-party service provider may be in a different legal jurisdiction with the different statutory compliance. Before sharing our data, with proper due diligence we enter into confidentiality, non-disclosure and security agreements with the third parties. The third parties bear their obligations to keep the received Personal Data confidential through contractual arrangements and the statutory compliance to their local jurisdiction.
With the obligations towards data privacy we may claim proprietary rights over both the database of the data retained with permission and the data under process. The proprietary rights over the data provides it independent assets status the rights wherein vest with us.
We treat the data received with diligence and process it under encryption security. In this data driven e-commerce age, however, no security is guaranteed. For the breach of data security, we have adopted the statutory compliance procedure.
The clients have full right to access, alter, update, delete and forgotten the information they provided for securing our services. The clients can change their permission status for data processing and retention at our end without any retrospective liability.