FlytBase, Inc. (“FlytBase,” “Company,” “we,” “us,” or “our”) respects privacy and is committed to protecting personal data. This Privacy Policy explains how we collect, use, disclose, and protect personal data when individuals visit our websites, communicate with us, attend events, use our products and services, or interact with FlytBase-controlled online properties (collectively, the “Services”).
This Privacy Policy applies to personal data that FlytBase processes as a controller/business. Where FlytBase processes personal data on behalf of a customer through the Services, FlytBase generally acts as a processor/service provider and processes that data according to the customer’s instructions, the applicable agreement, and any data processing agreement. In those cases, the customer’s privacy policy may apply to individuals whose data is captured or processed through a customer deployment.
1. Who We Are
FlytBase, Inc.
1900 Camden Ave
San Jose, CA 95124
United States
Privacy contact: privacy@flytbase.com
Legal contact: legal@flytbase.com
Website: https://flytbase.com
EU GDPR Representative:
Rickert Rechtsanwaltsgesellschaft mbH
- FlytBase Inc -
Colmantstraße 15
53115 Bonn
Germany
art-27-rep-flytbase@rickert.law
UK GDPR Representative:
Rickert Services Ltd UK
- FlytBase Inc -
PO Box 1487
Peterborough
PE1 9XX
United Kingdom
art-27-rep-flytbase@rickert-services.uk
2. Personal Data We Collect
We may collect the following categories of personal data.
2.1 Information You Provide
- (a) account information: name, email address, phone number, company, role, username, password or authentication information;
- (b) business contact information: employer, title, address, region, communication preferences;
- (c) billing and transaction information: billing contact, purchase details, tax details, payment status; payment-card or banking data is processed by payment providers and not stored by FlytBase unless expressly stated;
- (d) communications: emails, support tickets, chat messages, call notes, meeting notes, feedback, survey responses;
- (e) event and training information: registration details, attendance, certifications, course progress;
- (f) recruitment information: resumes, employment history, portfolio materials, interview notes, references, and other application information;
- (g) uploaded content: files, images, video, telemetry, logs, prompts, annotations, configurations, and other content submitted to the Services.
2.2 Information Collected Automatically
- (a) device and browser data: IP address, device identifiers, browser type, operating system, language, time zone;
- (b) usage data: pages viewed, links clicked, features used, session times, app interactions, errors, diagnostics, logs;
- (c) cookies and similar technologies: cookies, pixels, local storage, analytics identifiers, and attribution tools;
- (d) approximate location: inferred from IP address or account settings;
- (e) security data: authentication logs, access logs, audit logs, fraud and abuse signals.
2.3 Drone, Sensor, and Operational Data
Depending on customer configuration and use of the Services, we may process:
- (a) drone imagery, video, audio if enabled, thermal imagery, LiDAR or other sensor captures;
- (b) telemetry, route data, flight logs, mission plans, dock data, payload data, battery data, system health, aircraft identifiers;
- (c) geolocation, GPS/GNSS data, timestamps, altitude, speed, heading, and operational status;
- (d) alerts, detections, classifications, annotations, AI inferences, reports, incident records, and operator actions;
- (e) site maps, asset data, camera streams, VMS integrations, alarm integrations, counter-drone or sensor integrations;
- (f) managed-service operational records, including support notes and operational communications.
Some drone, camera, VMS, or sensor data may contain personal data if individuals, vehicles, license plates, voices, locations, behavior, or other identifiable information is captured. Customers are responsible for providing notices and obtaining consents required for their deployments.
2.4 Information from Third Parties
We may receive information from customers, partners, resellers, integrators, event providers, analytics providers, lead providers, public sources, business databases, identity providers, cloud providers, mapping providers, hardware providers, VMS providers, and other integrations connected by Customer.
3. How We Use Personal Data
We use personal data to:
- (a) provide, operate, maintain, secure, and support the Services;
- (b) create and manage accounts;
- (c) process transactions, billing, renewals, and collections;
- (d) respond to inquiries, support requests, demo requests, and customer communications;
- (e) configure deployments, integrations, workflows, dashboards, managed services, and AI Features;
- (f) analyze performance, reliability, usage, and service quality;
- (g) improve and develop products, services, AI Features, safety features, reliability, and user experience;
- (h) detect, prevent, and investigate security incidents, abuse, fraud, and unlawful activity;
- (i) send product updates, administrative notices, security alerts, training materials, event invitations, and marketing communications;
- (j) comply with legal obligations and enforce agreements;
- (k) protect rights, property, safety, personnel, customers, users, aircraft, infrastructure, and the public;
- (l) conduct recruitment and employment-related processing.
4. Legal Bases for Processing
For individuals in the EEA, UK, or similar jurisdictions, our legal bases may include:
- (a) contract necessity — to provide Services, accounts, support, billing, and requested communications;
- (b) legitimate interests — to operate, secure, improve, market, and develop our Services, prevent fraud, and protect our business, provided those interests are not overridden by individual rights;
- (c) consent — for optional marketing, non-essential cookies, certain AI or analytics features where required, and other consent-based processing;
- (d) legal obligation — to comply with law, tax, accounting, sanctions, export-control, regulatory, and legal-process obligations;
- (e) vital interests or public interest — where applicable in emergency or safety contexts.
5. AI, Automated Processing, and Product Improvement
FlytBase may use AI and automated analytics in the Services, including Verkos AI and related AI Features, to analyze drone imagery, video, telemetry, sensor data, operational logs, alerts, prompts, support records, and other data.
AI Features may generate detections, classifications, summaries, reports, recommendations, alerts, or other outputs. These outputs may be inaccurate or incomplete and should be reviewed by qualified personnel before use in safety, security, aviation, legal, emergency, or similarly significant decisions.
FlytBase may use personal data and Customer Data to provide, secure, support, troubleshoot, and improve the Services. FlytBase does not use identifiable Customer Content, Customer Personal Data, Sensitive Deployment Data, or raw customer video/imagery to train shared or general AI models unless the customer has opted in, the contract permits it, or the data has been aggregated, de-identified, anonymized, or transformed so it no longer identifies the customer, individuals, sites, assets, missions, or confidential operations.
6. Cookies and Similar Technologies
We use cookies and similar technologies to operate websites, remember preferences, analyze traffic, attribute forms and campaigns, secure sessions, and improve user experience. Where required, we seek consent for non-essential cookies. Users can control cookies through browser settings and cookie banners where available.
If we use advertising, analytics, enrichment, or attribution vendors that associate website activity with business contact information, we will provide applicable opt-outs and notices where required by law. For more information about the cookies and similar technologies we use, please see our Cookie Policy.
7. How We Disclose Personal Data
We may disclose personal data to:
- (a) affiliates and corporate group entities;
- (b) service providers and subprocessors, including cloud hosting, storage, security, analytics, payment, CRM, support, communications, AI, mapping, infrastructure, and professional-service providers (where FlytBase acts as a processor or service provider for a customer, information about subprocessors may be made available through FlytBase’s Subprocessor List or security review process.);
- (c) customers and account administrators, where data relates to a customer account or deployment;
- (d) partners, resellers, integrators, and hardware providers where necessary to provide or support Services;
- (e) third-party integrations authorized by Customer or users;
- (f) legal, regulatory, law-enforcement, export-control, aviation, or governmental authorities where required or appropriate;
- (g) parties in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction;
- (h) professional advisors, auditors, insurers, and legal counsel;
- (i) others with consent or as instructed by the customer.
We do not sell personal data in the ordinary meaning of the word “sell.” If applicable privacy laws define “sale,” “sharing,” or “targeted advertising” broadly, our cookie or marketing practices may be considered a sale/share. Users may exercise applicable opt-out rights as described below.
8. International Transfers
FlytBase operates globally and may process personal data in the United States, India, the European Union, the United Kingdom, and other jurisdictions where FlytBase, customers, affiliates, service providers, or subprocessors operate. Where required, we use appropriate safeguards such as Standard Contractual Clauses, data processing agreements, adequacy decisions, transfer impact assessments, and other lawful transfer mechanisms.
9. Data Retention
We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide Services, comply with law, resolve disputes, enforce agreements, maintain security, support business operations, and improve Services.
Indicative retention periods, subject to customer agreements and legal requirements:
- (a) account information: for the life of the account and a reasonable period afterward;
- (b) billing and tax records: typically 7 years or as required by law;
- (c) support records: typically up to 2 years after ticket closure unless needed longer;
- (d) website analytics and logs: typically 12–24 months;
- (e) security logs and audit logs: typically 12–36 months depending on security needs;
- (f) telemetry and operational logs: as specified in the customer agreement or admin settings;
- (g) drone imagery, video, sensor captures, and AI inferences: as specified in the customer agreement, admin settings, or deployment configuration;
- (h) backups: retained for a limited backup cycle before deletion or overwrite;
- (i) aggregated or de-identified data: may be retained longer because it no longer identifies individuals.
10. Security
We use administrative, technical, and organizational safeguards designed to protect personal data, including access controls, encryption in transit, encryption at rest where appropriate, audit logging, vulnerability management, incident response, employee confidentiality obligations, and vendor security review. No system is perfectly secure, and we cannot guarantee absolute security.
11. Privacy Rights and Choices
Depending on your location, you may have rights to:
- (a) access personal data;
- (b) correct inaccurate personal data;
- (c) delete personal data;
- (d) restrict or object to processing;
- (e) receive a portable copy of personal data;
- (f) withdraw consent;
- (g) opt out of marketing;
- (h) opt out of sale, sharing, targeted advertising, or certain profiling where applicable;
- (i) appeal a privacy-rights decision where required by law.
To exercise rights, contact privacy@flytbase.com. We may verify your identity before responding. If your data is processed by FlytBase on behalf of a customer, we may direct your request to that customer.
12. California and U.S. State Privacy Notices
For residents of California and other U.S. states with privacy laws, FlytBase may collect the categories of personal information described in Section 2. We use and disclose them for the purposes described in Sections 3 and 7. We do not knowingly sell personal information in the ordinary meaning of “sell.” If our use of cookies or marketing tools is considered “sale,” “sharing,” or “targeted advertising,” you may opt out through available cookie controls or by contacting privacy@flytbase.com.
We do not knowingly use or disclose sensitive personal information for purposes requiring a right to limit under California law unless we provide the required notice and choice.
13. Marketing Communications
You may opt out of marketing emails by using the unsubscribe link or contacting us. We may still send transactional, administrative, security, legal, or service-related communications.
14. Children’s Privacy
The Services are not directed to children under 13, and we do not knowingly collect personal data from children under 13. Customers must not use the Services to collect children’s personal data unless permitted by the Agreement and applicable law, with all required notices, consents, and safeguards.
15. Customer-Controlled Deployments
Many FlytBase deployments are controlled by customers, including deployments at industrial sites, ports, energy facilities, public-safety agencies, campuses, schools, utilities, mines, data centers, corrections facilities, railroads, and other locations. In those cases, the customer determines why and how personal data is collected through drones, docks, sensors, VMS systems, and AI Features. Individuals should contact the relevant customer first for questions about notices, access, deletion, or other privacy rights related to a customer deployment.
16. Third-Party Services
The Services may integrate with third-party drones, docks, cameras, VMS systems, cloud storage, mapping tools, AI providers, payment processors, analytics tools, CRM systems, and other services. Third-party services are governed by their own terms and privacy policies.
17. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The “Last Updated” date reflects the latest revision. If changes are material, we will provide notice as required by law, such as through the Services, by email, or on our website.
18. Contact
Enterprise and business customers may request FlytBase’s Data Processing Addendum by contacting legal@flytbase.com or their FlytBase representative.
For privacy questions or rights requests:
For legal notices:
FlytBase, Inc.
1900 Camden Ave
San Jose, CA 95124
United States