1. Purpose and scope of this policy
1.1 Purpose of this Flyops company policy.
Hereafter named FLYOPS Online, commercial name of the application of the company FLYOPS.
FLYOPS is committed to security, confidentiality and continuous protection of the personal data (the “Data”) of the users of its services, in accordance with the French and European regulations in force, in particular the French Data Protection Act of 6 January 1978 as amended (LIL) and the General Data Protection Regulation of 27 April 2016 (RGPD).
The purpose of this policy is to inform you of our data protection rules. In particular, it describes how we collect and process your personal data and how you can exercise your rights in relation to this data.
We have a strict policy to ensure the protection of your Data; therefore:
• We do not sell your Data to third parties
• We ensure that your Data is always secure
1.2 Scope of the Policy
This policy covers the use of :
• of our net website and the services accessible from this site
• of our mobile application Flyops Online on iOS as soon as you download them on your tablet
This policy also covers contact via social networks by FLYOPS Clients or prospects, as well as prospects contacted by FLYOPS (or its subcontracting partners), by email and/or telephone.
2. Status of Flyops and its customers
The Client, a legal entity, undertakes to pass on this information to any natural person likely to be concerned by the processing of Data.
FLYOPS undertakes to enforce the provisions applicable to all its partners or
3. The data we collect
3.1 Legal basis for collection
The Data collected are collected on the basis of a legal basis provided by the GDPR, namely your consent to the processing of your Data, when the processing of your Data is necessary for the performance of the contract by FLYOPS or for the performance of pre-contractual measures taken at your request, on the basis of a legal obligation or even a legitimate interest of FLYOPS (in particular for risk management purposes or for improving our offers and services according to the preferences of the Clients).
3.2 Data you provide to us
We collect your Data through forms that you complete on our website or mobile application to subscribe to our services. We also collect your Data when you correspond with us, including with our services, by email or telephone.
In this case, we keep a copy of this exchange.
We may also collect your Data when you interact with us on social networks.
3.2.1 The categories of Data we process are as follows:
• Identification data: surname, first name, place and date of birth, photo, identity card, passport or residence permit numbers, postal address, e-mail address, mobile phone number, gender, age, signature.
• Authentication and identification data when using our website or application: username and password
• Professional data: professional category, sector of activity, occupation, number
• Banking and financial data: income, asset value, bank details, IBAN, ICS (SEPA creditor number)
• Transaction data: date, time of transaction, amount, counterparty, transaction terms, country, MCC (Merchant Category Code),
We are obliged to collect the above-mentioned Data in order to comply with our legal obligations and to enable the conclusion of the services subscribed to. If you do not provide us with such Data, we will not be able to provide the services to you.
We also collect your Data when you log on to our website or mobile application. The Data collected are the following:
• Technical connection information, in particular your IP address, the type and version of your browser, your time zone, the plug-ins installed, the type of terminal you use
The information you use to log in includes your terminal identification number, your operating system, and cookie data.
• Information about your visits: the number of connections, connection times, pages visited, connection times, searches carried out, your response time, the links you clicked on.
4. Use of collected data
We process your Data only for specified, explicit and legitimate purposes. The purposes are as follows:
• For the necessity of the service, in particular to perform the service
• To process your complaints, according to the procedure we implement.
• To improve the service we offer and to provide you with new features.
We also collect and process Data for other purposes:
• To keep you informed about changes in the service we offer, including new features in the Flyops account or new partnerships.
• To facilitate your interactions with our services so that we can provide you with even more service.
• To improve your browsing experience on our website or the use of our application and
ensure that the content we post is relevant to your needs.
• To allow you to give us your opinion on the services we offer in order to improve them continuously.
• To provide you with offers of similar products or services, or those that may be of interest to you, from us or our partners.
• To ensure the security of your Data.
• To improve our service quality, we may also record your telephone calls to our customer support.
5. The recipients of the data collected
The Data collected is intended for us and, where strictly necessary, for our subcontractors and partners involved in the provision of our services.
The categories of recipients of the Data collected are the following:
• Web hosting providers
• Service providers in charge of analysis and marketing (solicitation of prospects by email or telephone, contact with customers, tracers)
• Communication and customer support services
• Banking and financial services providers and payment solutions
• Collaboration and productivity tool
Your Data may also be transmitted to the competent authorities, at their request, in the context of legal proceedings, requests for information from the authorities or simply to comply with legal obligations.
6. Cookies and Internet tags
You may refer to our Cookie Management Policy, available at
7. Security of storage and transmission to third parties
7.1 Data storage
The Data we collect is stored on the servers of our provider Microsoft Azure which guarantees a high level of security. These servers are located within the European Union, in the Netherlands.
7.2 Transmission to third parties
For the purposes of the service, we may transfer some of your Personal Information to our subcontractors, some of whom are located outside the European Union or the European Economic Area. In this case, we ensure that they are located in a country
considered adequate by the European Union in terms of data protection or we require them to contractually commit to implementing equivalent measures to
ensure the protection of your Data (European Commission standard contractual clauses and additional measures where applicable – copies of which are available from the FLYOPS DPO).
The transmission of your Data via the Internet is secured through the HTTPS connection protected by an SSL certificate. Access to your Flyops account is secured by your username and password, which must be strong enough not to be shared.
8. Duration of data retention
We keep your Data only for as long as is necessary for the purposes for which it was collected.
9. User rights
9.1 Your Rights
In accordance with the applicable regulations, you have rights when your Data are
subject to processing :
• Right of access: you have the right to obtain from us confirmation as to whether or not Data relating to you is being processed and to receive a copy of all Data held by us in accordance with Article 15 of the
• Right to portability: where processing is based on your consent or on a
contract and is carried out using automated processes, you may, under the conditions set out in Article 20 of the GDPR, receive from us Data about you in a structured, commonly used and machine-readable format, in particular for the purpose of transmission to a third party. Where technically possible, you also have the right to have your Data transmitted directly to that third party.
• Right of rectification: in accordance with Article 16 of the GDPR, you have the right to request the correction of the Data we hold about you if it is incomplete or incorrect. In this case, we may ask you to verify the new Data
• Right to be forgotten: if one of the grounds set out in Article 17 of the GDPR so permits, you may request us to erase your Data. The applicable regulation provides for exceptions to the exercise of this right, including where processing is necessary to comply with a legal obligation that requires the processing of your Data, such as the fight against money laundering and terrorist financing.
• Right to limitation: in the cases provided for in Article 18 of the GDPR, you may obtain from our
You may also request that we limit the processing of your Data.
• Right to object: in accordance with Article 21 of the GDPR, you may object at any time for reasons relating to your particular situation to the processing of your Data
based on our legitimate interest, including for profiling purposes, except for legitimate reasons and
If your Data is processed for the purpose of prospecting, you have the right to object at any time to such processing, including to the profiling related to such prospecting. Where your Data is processed for the purpose of canvassing, you have the right to object at any time to such processing, including profiling in connection with such canvassing.
• Right to withdraw your consent: where it forms the legal basis for the processing of your Data, you have the right to withdraw your consent to the processing of your Data at any time, which will not render unlawful the previous processing based on that
• Right related to automated decision making and profiling: you have the right not to be subject to a decision based exclusively on automated processing, including profiling, which produces legal effects concerning you or affects you in a way that
significant in a similar way. This right is subject to exceptions as set out in Article
22 of the GDPR, and in particular where automated decision making or profiling is
necessary for the conclusion or performance of a contract. In this case, the data subject retains the right to obtain human intervention by the controller, to express his or her point of view and to contest the decision.
• Right to lodge a complaint: you can lodge a complaint with
the supervisory authority in the Member State in which you are located, in France this is the CNIL (Commission Nationale de l’Informatique et des Libertés).
• Right to make advance directives: you have the right to make advance directives
on the retention, deletion and disclosure of your Data after your request
death. These directives can be general or specific.
9.2 Exercising your rights
You can exercise your rights by sending a request to our Data Protection Officer (DPO) or to our Customer Support at the addresses mentioned below. Any request to exercise a right must be accompanied by a photo of the applicant holding his/her ID. A reply will be sent to you within one month of receiving your request. To this end, we may ask you for additional information or documents.
10. Contact us – Contact details
If you have any questions about the processing of your personal data or if you have any comments, requests or complaints about their confidentiality, you can contact our Data Protection Officer:
• By mail to the following address FLYOPS – Data Protection Officer, 14 All. Des Acacias, 33700 Mérignac
• By e-mail to the following address: firstname.lastname@example.org