1. GENERAL
We attach particular importance to the protection of your privacy. This also applies to your visit to the TrackViewer website. We therefore act in accordance with the applicable laws on personal data and data security. The following sections will give you more information as to which personal data we may collect and how we may store them.
2. LEGAL BASIS
We base the processing and protection of personal data on our websites on Article 6(1)(b) of the General Data Protection Regulation (GDPR). Data will be collected and processed for the following purposes:
- Display of the current air situation
- Detection of potential conflict situations
- Support of traffic management
- Ensuring compliance with the terms of use
- Invoicing of the use
The data are stored in log files in order to ensure that the website functions properly. The data also help us optimise the website contents and ensure the security of our IT systems. We will not use the data for marketing purposes in any way.
3. GENERAL DATA
When you access the TrackViewer websites, general information will be automatically stored in a log file. This can be information concerning, for example, the type of web browser, the operating system used or the domain name of your internet service provider. None of these data allows any conclusions to be drawn about your person. Furthermore, such data are also generated once you access any other website on the internet. Thus, this is not a special function of TrackViewer. We exclusively collect anonymised data, which are then used for the purpose of statistical evaluations and error analysis.
4. PERSONAL DATA
Some TrackViewer functions require the creation of personal access. For this purpose, the following data are collected:
- Name, first name, e-mail, company/association/affiliation, address, operational area, ID, IMSI and version of user’s hook-on device
- Coordinates and time stamps of drone flights
- Information about the website use, such as the type and version of the browser used, IP address, date and time of use
If you want to align the map view to your current location and call the corresponding function in TrackViewer, the geolocation API of your internet browser will be used with your consent. If you are using a device with GPS support, the GPS module can be used to determine your current location more precisely. The collection and use of your location data by means of the geolocation API of your internet browser only takes place when you explicitly request a localization. This data is used to align the map display and mark your location on it.
We will not pass on these data to third parties. In addition to the data you provide, we also consider the way you use our services in order to provide you with information of interest to you as quickly as possible and to continuously optimise our services.
5. RECIPIENTS OF DATA
The data are transferred to the Systems House of DFS Deutsche Flugsicherung GmbH. In connection with the use of TrackViewer, we will transfer the data required for service provision to service providers. These include, in particular, the map and chart services of the German Federal Agency for Cartography and Geodesy (BKG) and of Google Maps.
6. INTEGRATION OF BKG MAPS
As an option, TrackViewer uses the services offered by the BKG to provide background maps. By using TrackViewer, the BKG be informed that you have accessed the relevant website. In addition, to ensure the technical functions, the coordinates of the current map section and, therefore, the location of the user will be transferred.
Further information on the purpose and scope of data collection and processing by the BKG can be obtained in the privacy policy of the provider: https://www.bkg.bund.de/EN/Service/Privacy/privacy_content.html.
7. INTEGRATION OF GOOGLE MAPS
TrackViewer offers the option to use Google Maps for the provision of background maps. By using TrackViewer, Google will be informed that you have accessed the relevant website. In addition, to ensure the technical functions, the coordinates of the current map section and, therefore, the location of the user will be transferred. This is done independently of whether you are logged onto a Google user account or not. When you are logged onto Google, your data will be allocated directly to your account. If you do not wish for these data to be allocated to your Google profile, you need to log off before clicking on the button. Google will save your data as user profiles and will use them for advertising, market research and/or user-specific design of its website. Such an evaluation is conducted, in particular (even if you are not logged on) to display advertisements to meet your requirements and to inform other users of the social network about your activities on our website. You are entitled to object to the creation of such user profiles. If you wish to do so, please contact Google.
Further information about the purpose and scope of data collection and processing by Google can be obtained in their privacy policy, where you will also find further information about your rights and setting options to protect your privacy: https://policies.google.com/privacy?hl=en&gl=en.
8. INTEGRATION OF HERE MAPS
TrackViewer offers the option to use Here Maps for the provision of background maps. By using TrackViewer, Here will be informed that you have accessed the relevant website. In addition, to ensure the technical functions, the coordinates of the current map section and, therefore, the location of the user will be transferred. This is done independently of whether you are logged onto a Here user account or not.
Further information about the purpose and scope of data collection and processing by Here can be obtained in their privacy policy, where you will also find further information about your rights and setting options to protect your privacy: https://legal.here.com/en-gb/privacy.
9. SCOPE OF PERSONAL DATA PROCESSING
We collect and use our users' personal data only to provide a functional website and as required for our contents and services.
10. LEGAL BASIS FOR DATA PROCESSING
Article 32 of the GDPR is the legal basis for the temporary retention of your data and log files. The temporary retention of the IP address by the system is necessary to facilitate delivery of the website to the user's computer. To do this, the user's IP address must be retained for the duration of the session.
11. RETENTION PERIOD
Personal data will be processed and retained as long as this is required for fulfilling our contractual and legal obligations and the purpose of the processing exists. When the data are no longer required to fulfil contractual or legal obligations or the purpose of data retention no longer applies, your data will be deleted in line with regulatory requirements, unless their temporary further processing is required for the following purposes:
- Fulfilment of commercial and tax-related retention requirements as may be laid down in the German Commercial Code and Tax Code. The periods of retention or documentation specified therein are usually two to ten years.
- Retention of evidence within the framework of the legal limitation periods. According to sections 195 et seq of the German Civil Code (BGB), the limitation period is three years.
12. COOKIES
Our website uses encrypted and signed cookies. Cookies are text files stored in the user’s internet browser. When a user visits a website, cookies may be stored on the user's operating system. This cookie contains a character string that allows the site to uniquely identify the browser when the user visits the site again. We use cookies to make TrackViewer user-friendly. The following data are stored in cookies:
- Characteristic string
- Selected language settings
- Last used access token
13. PERSONAL DATA SECURITY
DFS Deutsche Flugsicherung GmbH takes technical and organisational measures to protect your personal data from access and misuse. Any transmitted personal data will be protected by encryption with the TLS/SSL protocol (transport layer security/secure sockets layer). We continuously revise these security measures to take account of technological advances and applicable legal provisions.
14. CHANGES TO OUR PRIVACY POLICY
We reserve the right to continuously update the privacy policy for TrackViewer in order to take into account changes in legislation or jurisdiction. We therefore recommend that you visit the relevant websites on a regular basis in order to keep informed about the protection and processing of your data.
15. RIGHTS
As a data subject, you have the rights listed below:
RIGHT OF ACCESS
You have the right to obtain confirmation from us, the controller for these websites, as to whether or not personal data concerning you are being processed.
If that is the case, you may request access to the following information from the controller:
- The purposes for which the personal data are being processed;
- The categories of personal data that are being processed;
- The recipients or categories of recipients to whom the personal data have been or will be disclosed;
- The envisaged retention period for which your personal data will be stored or, if no concrete information is available on this, the criteria used to determine the retention period;
- The existence of the right to request from the controller rectification or erasure of the personal data or restriction of processing the personal data or to object to the data processing;
- The right to lodge a complaint with a supervisory authority;
- All available information about the source of the data if the personal data were not collected from the data subject;
- The existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and – at least in those cases – meaningful information about the logic involved as well as the significance and the envisaged consequences of this processing for the data subject;
- Whether your personal data are transferred to a third country or to an international organisation - in this connection, you have the right to be informed of the appropriate safeguards pursuant to Article 46 of the GDPR relating to the transfer.
RIGHT TO RECTIFICATION
You have the right to have your personal data rectified and/or completed by the controller, provided that the processed personal data are inaccurate or incomplete. The controller must make the corrections without undue delay.
RIGHT TO RESTRICTION OF DATA PROCESSING
You have the right to restrict the processing of your personal data under the following conditions:
- If you contest the accuracy of your personal data for a period of time that enables the controller to verify the accuracy of the personal data;
- The processing is unlawful and you oppose the erasure of your personal data and instead request the restriction of their use;
- The controller no longer needs the personal data for the specified purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
- If you have objected to processing pursuant to Article 21(1) of the GDPR pending the verification of whether the legitimate grounds of the controller override your grounds.
If processing of your personal data has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
If restriction of processing has been accepted pursuant to the above conditions, you will be informed by the controller before the restriction of processing is lifted.
RIGHT TO ERASURE
You have the right to erasure of your personal data under the following conditions:
- Obligation to erase personal data
You can request that the controller erase your personal data. Regardless of such a request, your data will be erased when the legal requirements for such an erasure are met.
- Information to third parties
Where the controller has made the personal data public and is obliged pursuant to Article 17(1) of the GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers who are processing the personal data that the data subject has requested the erasure by such controllers of all links to, or copy or replication of, those personal data.
- Exceptions
The right to erasure shall not apply to the extent that processing is necessary to exercise the right of freedom of expression and information; for compliance with a legal obligation which requires processing by European Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3) of the GDPR; for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR in so far as the right referred to in point (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or for the establishment, exercise or defence of legal claims.
RIGHT TO NOTIFICATION
If you have notified the controller of your right to rectification, erasure or restriction of processing, the controller shall be obliged to communicate the rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
You have the right for the controller to inform you about those recipients.
RIGHT TO DATA PORTABILITY
You have the right to receive your personal data that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transmit these data to another controller without hindrance from the controller to which the personal data have been provided, where: the processing is based on consent pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR or on a contract pursuant to Article 6(1)(b) of the GDPR and the processing is carried out by automated means.
In exercising this right to data portability, you shall also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This right shall not adversely affect the rights and freedoms of others. The right to data portability shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
RIGHT TO OBJECT
You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Article 6(1)(e) and (f) of the GDPR.
The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with the supervisory authority for data protection at DFS Deutsche Flugsicherung GmbH if you think that the processing of personal data relating to you is in violation of the GDPR. The competent supervisory authority for DFS is the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
16. LINKS TO OTHER WEBSITES
The websites of Trackviewer contain links to other websites that are neither operated by nor the responsibility of DFS Deutsche Flugsicherung GmbH. DFS Deutsche Flugsicherung GmbH is not responsible for the content of and compliance with data protection rules on these other websites.
17. CONTACT INFORMATION AND DATA PROTECTION OFFICERS
The controller within the meaning of the GDPR and other national data protection laws of the Member States as well as other data protection regulations is:
DFS Deutsche Flugsicherung GmbH
Headquarters
Am DFS-Campus 10
63225 Langen
Germany
Managing Director: Arndt Schoenemann
Phone: +49 (0)6103-707-0
Fax: +49 (0)6103-707-1396
Internet: https://www.dfs.de
E-Mail: info@dfs.de
Contact information of the data protection officer:
DFS Deutsche Flugsicherung GmbH
Group Data Protection and Quality Management
Am DFS-Campus 10
63225 Langen
Germany
Group Data Protection Officer: Dr. Frank Schury
Deputy of the Group Data Protection Officer: Riko Pieper
Phone: +49 (0)6103-707-4220 (Dr. Frank Schury)
Phone: +49 (0)6103-707-4223 (Riko Pieper)
Internet: https://www.dfs.de
E-Mail: datenschutzbeauftragter@dfs.de