Privacy Policy

<h1>Privacy Policy</h1>
<h4>Summary of Data Processing for Dutysheet App</h4>
- Access credentials for your airline portal are stored locally and securely in the Apple Password Vault.<br>
- The connection to your airline portal for retrieving the schedule is encrypted and direct, identical to accessing it via a regular browser.<br>
- The loaded schedule is sent to the Dutysheet server for parsing. This connection is secure, and no credentials are sent. The schedule is processed on the server and sent back without being stored permanently.<br>
- If participating in the Masterplan, your schedule data and personal details (e.g., name, employee ID, phone number) are stored on the server exclusively for exchange within the Masterplan. Only colleagues from the same airline who also share their data can view it.<br>

<h4>Summary of Data Processing - EASA vs Airline FTL App</h4>
<p>
- User access and data are processed exclusively on your device. No personal data is stored on the server.<br>
- The app generates and analyzes only anonymous usage statistics to improve functionality and reach. For this purpose, only the user's airline is transmitted.<br>
- Your personal data remains confidential at all times and is not permanently stored or shared with third parties.<br>
</p>

<h4>Please read the full declaration</h4>
This privacy policy outlines the processing of personal data ("data") for the apps "Dutysheet Wx," "Dutysheet Buddy," "EASA vs Airline FTLs," "Airports Plus," "Flitekit," and associated websites and content ("online offering"). Terms like "personal data" and "controller" follow the definitions in Article 4 of the General Data Protection Regulation (GDPR).

<h4>Controller</h4>
<p><img src="Adresse_Alex.png" alt="Address of Alexander Flohr"><br>
Email address: See Legal Notice / Support Section of the app<br>
<a href="http://www.easa-vs-airline.eu">Legal Notice</a></p>

<h4>Types of Data Processed</h4>
- Basic data (name, address)<br>
- Contact data (phone number, email address)<br>
- Content data (e.g., text inputs, photos, videos)<br>
- Usage data (visited web pages, access times)<br>
- Metadata/communication data (IP address, browser information)<br>
- Schedule data, names, and personnel numbers of the user and their colleagues

<h4>Purpose of Processing</h4>
- Provision of online and app services and content<br>
- Communication and contact handling<br>
- Security measures<br>
- Audience measurement and marketing

<h4>Legal Basis</h4>
In accordance with Art. 13 GDPR, we inform you about the legal basis for our data processing activities:
- Consent is based on Art. 6(1)(a) and Art. 7 GDPR.
- Processing to fulfill contractual services and respond to inquiries is based on Art. 6(1)(b) GDPR.
- Processing to fulfill our legal obligations is based on Art. 6(1)(c) GDPR.
- Processing to protect our legitimate interests is based on Art. 6(1)(f) GDPR.

<h4>Your Rights as Data Subject</h4>
You have the right to request access to your data, correction, deletion, or restriction of processing. You also have the right to data portability and to lodge a complaint with a supervisory authority. If you have given consent, you can withdraw it at any time, effective for the future.

<h4>Right to Withdraw Consent</h4>
According to Art. 7(3) GDPR, you have the right to revoke any consent given to us, effective for the future.

<h4>Right to Object</h4>
In accordance with Art. 21 GDPR, you may object at any time to the future processing of your personal data, particularly in the case of processing for direct marketing purposes.

<h4>Deletion of Data</h4>
Your personal data will be deleted or restricted in processing in accordance with Articles 17 and 18 GDPR. Unless explicitly stated in this privacy policy, data stored with us will be deleted as soon as it is no longer required for its intended purpose and no statutory retention obligations exist.

<h4>Contact</h4>
When you contact us (e.g., via contact form, email, phone, or social media), your information will be used to process the contact request and handle it in accordance with Art. 6(1)(b) GDPR.

<h4>Hosting</h4>
We use hosting services to provide this online offering, including infrastructure and platform services, computing capacity, storage space, and database services. In this context, we or our hosting provider process basic data, contact data, content data, contract data, usage data, metadata, and communication data of customers, prospects, and visitors.

<h4>Access Data and Log Files</h4>
Based on our legitimate interests, we or our hosting provider collect data on every access to the server (so-called server log files). Access data includes the name of the retrieved website, file, date and time of access, data volume transferred, and other technical information.

<h4>Cookies</h4>
We use cookies to improve the user experience. You can disable cookies in your browser settings, which may affect the functionality of our website.