Find the Privacy Policy for CrossConsense’s Aircraft Fleet View (AFV) App further down on this page.
Data Privacy Policy
In the following paragraphs we will inform you about the collection of the personal data while visiting our website. Personal data is defined as any information which refers to you personally, e.g. name, address, email-address, user behavior. We have taken comprehensive technical and operational safety precautions to protect your data against accidental or intentional manipulation, loss, or destruction or against access by unauthorized persons. Our security and protection methods are verified at regular intervals and adjusted to the technological progress.
1 Controller of the processing of personal data
Controller according to Art. 4 paragraph 7 EU-General Data Protection Regulation (GDPR) is the CrossConsense GmbH & Co. KG, contact[at]crossconsense.de (compare our imprint).
2 How to contact our data processing controller
You can contact our responsible data protection controller via email at data-security[at]crossconsense.com or via our postal address with the addition “Data Processing Controller”.
3 Your rights
You have the following rights with regards to the processing of your personal data:
3.1 General rights
You have the right to obtain information about your data we have saved as well as a right to correction, deletion of this data, limitation of the processing, objecting to the processing and to data portability. To the extent that the use of your personal data is based on your consent you can revoke such consent with effect for the future.
3.2 Your rights with regards to your legitimate interests
According to Art. 21 paragraph 1 GDPR you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 paragraph 1e GDPR (processing is necessary for the performance of a task carried out in the public interest) or point Art. 6 paragraph 1f GDPR (processing is necessary for the purposes of the legitimate interests) including profiling based on those provisions. In case of your objection we will not process your personal data unless we can provide compelling and legitimate reasons for processing which outweigh your interests, rights and freedoms or if the processing of personal data is necessary for us for the establishment, exercise or defence of legal claims.
3.3 Your rights with regards to direct marketing
If we process your personal data for direct marketing purposes, you have the right to object at any time to processing of personal data concerning such marketing, which includes profiling to the extent that it is related to such direct marketing, according to Art. 21 paragraph 2 GDPR.
In the event of your opposition to processing for the purpose of direct mail, we will no longer process your personal data for these purposes.
3.4 Your rights to an appeal to a supervisory authority
You also have the right to object directly to the responsible data protection authorities against our processing of your personal data.
4 Collection of personal data while visiting our website
If you only visit our website for information purposes, i.e. if you do not register or send us any data via our website we only process those data that your browser sends to our server. If you visit our website, we collect the following data that are technically necessary for us to display our website and to ensure stability and security. Legal basis for this is Art. 6 paragraph 1 f GDPR:
IP address, date and time of your inquiry, requested file (which individual pages you visited), access-method/ HTTP-statuscodes, volume of data transmitted, origin-website for the request, browser, operating system and language and version of the browser-software.
5 Contacting us via email or contact form
If you contact us via email or one of our contact forms we store the data you provide us (your email-address, your name and if necessary your company and telephone number) to be able to answer your inquiry. As far a we collect data through our forms that are not necessary for us to contact you, we mark them as optional. Such information shall serve to supplement requirements and help us to better perform the service you have requested. Notifications of this information is entirely given on a voluntary basis and with your consent, Art. 6 paragraph 1 a GDPR. As far as the provided information includes means of communication (such as email-address, phone-number) you also agree that we get in contact with you via the provided communication-channel to answer your enquiry. Of course, you can revoke your consent at any time with effect for the future.
We will delete all data relating to that enquiry if a storage is no longer necessary or we limit the processing if there are statutory retention obligations.
6 Newsletter
6.1 General information
With your consent in the terms of Art. 6 paragraph 1 a GDPR you can subscribe to our newsletter. The newsletter provides you periodically with information about our services and our offers. For registering to our newsletter, we are using the so-called double-opt-in process. That means that we send you an email to the provided email-address in which we ask you to confirm the subscription to our newsletter. If you do not confirm the subscription by clicking the link provided in the email within 24 hours, the given information is blocked and automatically deleted after one month.
When subscribing to our newsletter, we will store your IP address as well as the date and time you subscribed. The purpose of this proceeding is to verify your subscription and to investigate a possible unauthorized use of your personal data. After confirming your subscription, we store your personal data for purposes of sending you our newsletter. Legal basis is Art. 6 paragraph 1a GDPR.
You may cancel your subscription to the newsletter at any time. You can revoke your subscription by following the link in the footer of the newsletter or by contacting our data processing controller named above.
6.2 Newsletter with CleverReach
This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service which organizes and analyzes the distribution of newsletters. The data you provide (e.g. your email address) to subscribe to our newsletter will be stored on CleverReach servers in Germany and/or Ireland.
Sending our newsletters with CleverReach enables us to analyze the behavior of newsletter recipients. Among other things, we can find out how many recipients have opened the email containing the newsletter and how often various links contained therein are clicked. With the help of so-called conversion tracking, we can also analyze whether a predefined action (such as the purchase of a product on our website) takes place after clicking on the link in the newsletter. For more information on how data is analyzed by CleverReach, please visit: https://www.cleverreach.com/en-de/newsletter-tool/newsletter-reporting/.
We process your data provided you have given us your consent (Article 6 (1) a) GDPR). You may revoke your consent any time by unsubscribing from the newsletter. Your revocation does not affect the legality of the data processing that has already been carried out.
If you do not want CleverReach to analyze your usage of the newsletter, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription. Then your data will be deleted from our servers and those of CleverReach. Data stored by us for other purposes (e.g. e-mail addresses for our Members section) remain unaffected thereof.
For further information, please refer to the data privacy statement of CleverReach at: https://www.cleverreach.com/en-de/data-security/.
6.3 Newsletter Subscription & Google reCaptcha
We use the Google reCaptcha service to determine whether a specific entry in our newsletter form is made by a person or a computer. Google uses the following data to check whether you are a person or a computer: IP address of the device used, the website you are visiting and on which the reCaptcha is embedded, the date and duration of the visit, the identification data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha interfaces, as well as tasks where you have to identify images. The legal basis for the data processing described is Article 6 (1) (f) General Data Protection Regulation. There is a legitimate interest on our part in this data processing to ensure the security of our website and to protect us from automated input (attacks).
7 Job applications
You can apply for a job in our company via email. We electronically collect and process your application data for the purpose of completing the application process and we will not give your data to a Third Party. Please be aware that non-encrypted emails cannot be transferred in a secure way.
If you applied for a specific job and this is already occupied or when we think that you may suit better for another job within our company, we will forward your application internally. Please tell us in advance if you do not want us to forward your application in our company.
Your personal data is deleted after the completion of the application process (after 6 months as a maximum) if you have not given your explicit consent that the data might be kept longer or if your application results in the conclusion of an employment contract. Legal basis is Art. 6 paragraph 1 a, b and f GDPR as well as § 26 BDSG (Bundesdatenschutzgesetz).
8 User Reviews and Comments in the Forum
Customers of CrossConsense have the opportunity to register for our forum and create a user account. For the registration we collect and store the following data:
– First name
– Surname
– User name
– Email
– temporary password (will be changed by you in the registration process)
In order to be registered for the forum it is mandatory to provide the aforementioned data.
We use the so-called double-opt-in procedure for registration. Your registration is not complete until you have confirmed your registration by clicking on the link contained in the confirmation email sent to you for this purpose (the subject of the email is: CrossConsense Password Reset and by clicking on the link you will be linked to a page where you can reset your password for the forum). If your confirmation is not received within 7 days, your registration will be automatically deleted from our database.
After registration by setting a new password, you will receive a personal, password-protected access and can view and manage the data you have stored. Registration is voluntary but may be required to use our services.
If you use our portal, we store the data you provide for the time of your use of the portal, unless you delete them before. All information can be managed and changed in the protected user area. The legal basis is Article 6 Para. (1) (a), (b) and (f) GDPR. Our legitimate interest lies in any legal defense we may have to mount.
In addition, we will also process your IP address and email address. The IP address is processed because we might have a legitimate interest in taking or supporting further action if your post infringes the rights of third parties and/or is otherwise unlawful.
8.1 Topics / Threads / Replies in the Aircraft Fleet View User Forum
Customers of the Aircraft Fleet View App by CrossConsense have the opportunity to register for our Aircraft Fleet View forum and create a user account. For the registration we collect and store the following data:
– User name
– Email
– temporary password (will be changed by you in the registration process)
In order to be registered for the forum it is mandatory to provide the aforementioned data.
We use the so-called double-opt-in procedure for registration. Your registration is not complete until you have confirmed your registration by clicking on the link contained in the confirmation email sent to you for this purpose (the subject of the email is: [Aircraft Fleet View Forum] Password Reset and by clicking on the link you will be linked to a page where you can reset your password for the forum). If your confirmation is not received within 7 days, your registration will be automatically deleted from our database.
After registration by setting a new password, you will receive a personal, password-protected access and can view and manage the data you have stored. Registration is voluntary but may be required to use our services.
If you use our portal, we store the data you provide for the time of your use of the portal, unless you delete them before. All information can be managed and changed in the protected user area. The legal basis is Article 6 Para. (1) (a), (b) and (f) GDPR. Our legitimate interest lies in any legal defense we may have to mount.
In addition, we will also process your IP address and email address. The IP address is processed because we might have a legitimate interest in taking or supporting further action if your post infringes the rights of third parties and/or is otherwise unlawful.
If you delete your account or your account is deleted by us (because you are no longer a user of the Aircraft Fleet View App) your posts to the forum remain visible to all readers, but your account is no longer accessible and is marked with “unknown user” or “anonymous” in the forum. All other data will be deleted. If you would like your contributions to be deleted as well, please contact the controller using the contact details above.
8.2 Subscription of topics /threads
If you publish articles on our website, we also offer you to subscribe to any subsequent contributions from third parties. In order to be able to inform you about these follow-up contributions by email, we process your email address.
The legal basis for this is Art. 6 Para. 1 lit. a) GDPR. You can revoke your consent to this subscription at any time with future effect in accordance with Art. 7 Para. 3 GDPR. All you have to do is inform us of your revocation or choose the appropriate setting in the forum.
9 Use of Cookies:
Our website makes use of so-called cookies in order to recognize repeat use of our website by the same user/internet connection subscriber. Cookies are small text files that your internet browser downloads and stores on your computer. Cookies can not execute programs and cannot send a virus to your computer. They are used to improve our website and services.
To an extent, however, these cookies also pass along information used to automatically recognize you. Recognition occurs through an IP address saved to the cookies. The information thereby obtained is used to improve our services and to expedite your access to the website.
Our website is using the following cookies. In the following, the functionality and extent of these cookies is described.
9.1 Transient Cookies
A transient cookie, sometimes called a session cookie (or session ID), is a small file that contains information about a user that disappears when the user’s browser is closed. A transient cookie is not stored on your hard drive but is only stored in temporary memory that is erased when the browser is closed.
9.2 Persistent Cookies
Persistent cookie, also called a permanent cookie, or a stored cookie, is a cookie that is stored on a user’s hard drive until it expires (persistent cookies are set with expiration dates) or until you delete the cookie in the security settings of your browser.
9.3 Flash Cookies
Flash cookies used are not detected by your browser but by your Flash plug-in. Furthermore, we use HTML5 storage objects, which are stored on your device. These objects store the required data regardless of your browser and do not have an automatic expiration date. If you do not want the processing of Flash Cookies, you will need to install a script-blocker of an anti-tracking tool or Adobe-Flash-Killer-Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using the private mode in your browser. In addition, we recommend that you regularly delete your cookies and delete the browser history manually.
9.4 Prevention of Cookies
You can configure your browser according to your needs and e.g. refuse Third-Party-Cookies or all cookies. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.
9.5 Legal basis and duration of storage
The legal basis and the possible processing of personal data and their duration of storage vary and are explained in the following sections.
Detailed information about the cookies our website is using can be found in our Cookie Policy.
9.6 Cookie Banner
We use “Complianz“ to display cookie banners. “Complianz“ is a product of Complianz B.V., Atoomweg 6B 9743 AK (NL).
“Complianz” informs you about the use of cookies on the website and allows you to make a decision about their use.
You can see which cookies we store and for how long at https://www.crossconsense.com/cookie-policy/. If you have only selected “Functional cookies” on our cookie banner and save it accordingly, functional cookies will be set. Functional cookies are those that are absolutely necessary to ensure essential functions of the website. Without this, the website cannot be used as intended. These cookies collect anonymized information (therefore no connection can be made to your person) and cannot track your movements on other websites. They are only saved for the duration of the session and are therefore part of the session cookies. Your consent to the use of these cookies is not required.
You can prevent cookies from being installed and/or delete this cookie by adjusting the settings on your internet browser.
Go to this link to read the Complianz privacy policy:
https://complianz.io/privacy-statement/
10 Website analysis
For purposes of analyzing and optimizing our websites, we use various services, which are listed below.
So, we can e.g. analyze how many people visit our site, what information is most in demand, and how people get access to our website. Among other things, we collect data from which website a person comes to visit our website (so-called referrers), which subpages of our website were visited or how often and for which length of stay a subpage was viewed.
This helps us to design and improve our offers in a user-friendly way. The data collected is not intended to personally identify individual users. Anonymous or at most pseudonymous data are collected. The legal basis for this is Art. 6 paragraph 1 f of the GDPR.
11 Use of Google Maps
Our contact site is using Google Maps for creating interactive maps or route descriptions but only if you agree to use it.
Google Maps is a map service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. By using Google Maps, information about using this website including your IP-address might be sent to Google in the United States. If you visit a page of our website and you agree to user Google Maps, your browser is building up a direct connection to Google’s servers. We do not have any influence on the extent of the data Google is collecting.
According to our information status at least those data are collected by Google:
Date and time of the visit of the website that includes Google Maps, URL of the visited, IP-address and, in case you are using the website as a route planning tool, also the entered starting position.
If you do not agree with this processing of your data, you may choose to deactivate the “Google Maps” service and thereby prevent the transfer of data to Google. To do this, you must deactivate the Java Script function in your browser. However, we would like to point out that in this case you will not be able to use “Google Maps” or at least only to a limited extent.
The use of “Google Maps” and the information obtained through “Google Maps” is according to Google’s Terms of Use as well as your rights and options to protect your personal privacy which you can find on Google’s website: https://policies.google.com/?hl=en
12 Social media links via graphics
We also integrate the following social media sites into our website. The integration takes place via a linked graphic of the respective site. The use of these graphics stored on our own servers prevents the automatic connection to the servers of these networks for their display. Only by clicking on the corresponding graphic will you be forwarded to the service of the respective social network.
Once you click, that network may record information about you and your visit to our site. It cannot be ruled out that such data will be processed in the United States.
Initially, this data includes such things as your IP address, the date and time of your visit, and the page visited. If you are logged into your user account on that network, however, the network operator might assign the information collected about your visit to our site to your personal account. If you interact by clicking Like, Share, etc., this information can be stored your personal user account and possibly posted on the respective network. To prevent this, you need to log out of your social media account before clicking on the graphic. The various social media networks also offer settings that you can configure accordingly.
The following social networks are integrated into our site by linked graphics:
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Irland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA.
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
13 Data transfer
A transfer of your data to third parties does not take place, unless we are legally obliged to do so, or the transfer of data is necessary for the implementation of the contractual relationship or you have previously expressly consented to the transfer of your data.External service providers and partner companies will only receive your data if this is necessary to fulfill the contract. In these cases, however, the scope of the personal data transmitted is limited to the necessary minimum. As far as our service providers come into contact with your personal data that we provide within the scope of the order processing acc. 28 GDPR, we ensure that they comply with the provisions of data protection laws in the same way. Please also see the respective data protection information of the provider.
The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with legal requirements within the scope of reasonableness.It is important for us to process your personal data within the EU / EEA. However, it may happen that we use service providers who process personal data outside the EU / EEA. In these cases, we ensure that an appropriate level of data protection is established for the recipient before your personal data is transmitted. This means that through EU standard contracts or an adequacy decision, a level of data protection is achieved that is comparable to the standards within the EU.
14 Data security
We have taken comprehensive technical and operational safety precautions to protect your personal data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.
October 2020
This CrossConsense data privacy policy has been created with support of Model Data Protection Statement for Anwaltskanzlei Weiß & Partner
Data Privacy Policy for CrossConsense’s Aircraft Fleet View (AFV) App
1 Responsible entity
You use the “Aircraft Fleet View (AFV)” App (hereinafter referred to as the “App”) as part of your employment relationship with your employer. The responsible party for the processing of your data is therefore the employer. CrossConsense provides you with the tool on behalf of your employer.
CrossConsense is available to answer any questions you may have about the data processing of the application. However, we are legally and contractually obligated to forward your concern to your employer so that they can fulfill their legal obligations as a data controller. We will also be happy to provide you with the contact details of your employer and your employer’s data protection officer(s) if you wish, so that you can raise your concern directly with them. To do so, contact our data protection officer (see below for contact).
2. Personal data
The term personal data is defined in the General Data Protection Regulation (hereinafter “GDPR”). Accordingly, personal data is any information relating to an identified or identifiable natural person. This therefore includes, for example, the first and last name, an address, telephone numbers or certain information about how you use the Aircraft Fleet View App.
For the authentication of the user, we collect and store the following data:
– Login
– Name
– E-mail address
– Rights / roles that are required for the use of the App
When using our App, we generally process the following personal data:
– Time of the server request
– Operating system of the end device
– IP address
– Password (encrypted) / authentication token
When using the Pilot and CAMO modules, the following personal data may be collected:
– Aircraft Acceptance
– Aircraft Release/ Reject/ Recall
– Flight Closure with associated form data
Some details are optional and depend on which features are enabled or used in the App.
3. Purpose and legal basis of processing
The App is used by your employer primarily to increase flight operational safety. The legal basis is the legitimate interest, Art. 6 (1) lit. f DSGVO. Data processing within the scope of the CAMO Release Feature serves the fulfillment of legal obligations of the employer. This also results in the employer’s legitimate interest in processing employees’ personal data.
Data which is processed in connection with the technical use of the App (e.g. the IP address) is also collected on the basis of Art. 6 (1) f DSGVO. The legitimate interest is to enable you to use our App in a stable and secure manner and to ensure a user-friendly operation.
If you contact CrossConsense, we also process your data on the basis of a legitimate interest pursuant to Art. 6 (f) DSGVO to answer your request.
4. Cookies use
Cookies contain data which is stored on your computer by a website or an App you visit and allow your browser to be reassigned. Cookies transmit information to the entity that sets the cookie. Cookies can store various information, such as your language preference, the duration of your visit to our App etc. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the internet offer as a whole more user-friendly and effective.
4.1 Transient cookies
These cookies are automatically deleted when you close the browser. These include in particular session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
4.2 Persistent cookies
These cookies are automatically deleted after a specified duration, which may differ depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
5. Google Firebase Crashlytics
We use the Google Firebase Crashlytics tool from Goolge (Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) in our App. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
The application enables the documentation and correction of stability problems in the App. Our legitimate interest according to Art. 6 (1) lit. f GDPR is to ensure the quality of Aircraft Fleet View and to guarantee an error-free use.
Should a crash or corresponding errors occur in the App, anonymized data is transmitted to Google in the USA. This information does not contain any personal data.
For more information, please see Google’s privacy policy:
https://policies.google.com/privacy
https://firebase.google.com/support/privacy?hl=en
https://support.google.com/chromecast/answer/6076570?hl=en
6. Data transmission
A transfer of your data to third parties will not take place except in the cases mentioned, unless we are legally obliged to do so, or the data transfer is necessary for the implementation of the contractual relationship or you have previously expressly consented to the transfer of your data.
External service providers and partner companies, such as online payment providers, receive your data only to the extent necessary for the provision and use of the App. In these cases, however, the scope of the transmitted data is limited to the necessary minimum. Insofar as our service providers come into contact with your personal data, we ensure within the scope of commissioned processing pursuant to Art. 28 GDPR that they comply with the provisions of data protection laws in the same manner. Please also note the respective data protection notices of the providers. The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with the legal requirements within the scope of reasonableness.
We make a point of processing your data within the EU / EEA. However, we may use service providers that process data outside the EU / EEA. In these cases, we ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient before transferring your personal data.
7. Storage duration
We store your data for as long as is necessary for the technical operation of the App and for its use or to respond to your request.
8. Your rights
We will gladly provide you with information as to whether personal data relating to you is being processed; if this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 GDPR. In addition, you have the right to rectification (Art. 16 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to erasure (Art. 17 GDPR) and the right to data portability (Art. 20 GDPR) under the respective legal conditions.
You have the right to object to the processing under the legal conditions (Art. 21 GDPR).
Without prejudice to these rights and the possibility of seeking any other administrative or judicial remedy, you may at any time exercise your right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of work or of the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection law (Article 77 of the GDPR).
9. Contact
Our data protection officer will be happy to answer your questions about the processing of personal data within the App. Data subject inquiries are also accepted by him.
The data protection officer
CrossConsense GmbH & Co. KG
Hanauer Landstrasse 312
60314 Frankfurt am Main
E-mail: datenschutz@crossconsense.de