Effective Date: February 28, 2018
DATA WE COLLECT
We collect personal data from you directly and from third parties. We collect personal data directly from you when you fill out any online or hard-copy forms including for account applications, credit applications, our online flight planning and data link tool, our crew member identification card program, training and educational programs, airport data licensing, surveys and promotion entries, event registrations, and other registrations and web forms, or otherwise when you communicate with us via blog posts or online comments, or by telephone, email, postal mail, or facsimile. Your submission of personal data is voluntary, but we may be unable to provide you requested information, products, and services if you choose not to provide the necessary personal data.
In some cases, we may also collect certain personal data from third parties such as credit reporting agencies, airlines and travel agencies, and our other business customers.
We also collect non-personal data when you visit or use our websites and products or services. This non-personal data may include information about your device and usage such as your operating system, browser, geographical location, IP address, and page views and clicks.
USE OF YOUR DATA
We use your data:
- for the purposes for which you provided it to us (e.g., to process your credit application, create your user account, process requests in our flight planning tool, register you for programs and events, promotions, or newsletters, or provide you products and services that you have ordered, as applicable);
- to respond to your inquiries and communications to us;
- to improve, maintain, and operate our websites and our products and services;
- to fulfill our obligations under our customer contracts (e.g., to provide flight planning services, trip support services, in-flight catering services, or other logistics services pursuant to our customer contracts);
- to inform you about products and services in which you may be interested, if you have consented to such communications;
- to screen you against lists of people, organizations and vessels with which certain countries are prohibited from doing business; and
- to comply with statutory and regulatory requirements, including responding to lawful requests for information by governmental authorities.
Universal uses “cookies” to obtain certain types of data when your web browser accesses our website. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser to enable our system to recognize your browser, to provide various types of functionality, to better understand how you interact with our website, to monitor aggregate usage, and to optimize web traffic routing on our website. The “help” portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Certain areas or features of the website may not be available or fully-functional if you choose to disable cookies.
DISCLOSURE OF YOUR DATA
We do not sell your personal data to any third parties. We may share your personal data as needed to fulfill the purposes described in the “USE OF YOUR DATA” section above, including:
- with our suppliers and vendors to provide goods and services you have requested;
- with global trip support providers to provide additional services to you;
- with our service providers, such as credit agencies and technical or customer support providers, who use the data on our behalf; and
- as necessary in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We require such third parties to take reasonable security measures to protect your personal data, and we prohibit such third parties from using your personal data for their own purposes, or any purposes other than pursuant to our instructions. We remain liable for protection of your personal date in case of any onward transfer to third parties.
We are typically the data controller, as that term is used in applicable privacy laws, for any personal data that we collect from you. However, when we collect data from or on behalf of our customers (e.g., charter aircraft operators, corporate aviation departments), those customers may be the data collector for such data and we may be the data processor. If we are acting as the data processor, we will only process the relevant data in accordance with the applicable customer contract.
DATA RETENTION, ACCESS, AND CORRECTION
Universal may retain your data so long as we can reasonably foresee the data may be required in connection with our business relationship with you. In some cases, we will retain the data for a longer period as necessary to comply with our legal obligations, follow records retention policies, resolve disputes, and enforce our agreements.
EUROPEAN AND SWISS RESIDENTS
Universal is based in the United States, and personal data collected by Universal worldwide (including within the EU and Switzerland) may be transferred to the United States for processing. By using Universal’s services or submitting personal data to Universal, you consent to the transmission of your information outside your own country.
Universal is subject to the investigatory and enforcement powers of the U.S. Department of Commerce and/or the U.S. Department of Transportation for purposes of the Privacy Shield program.
In compliance with the Privacy Shield Principles, Universal commits to resolve complaints about our collection or use of your personal data. European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Universal at:
Attn: Legal Department and Data Protection Officer
1150 Gemini Street
Houston, Texas 77058 USA
Universal has further committed to refer unresolved Privacy Shield complaints to JAMS EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks, an independent alternative dispute resolution provider located in the United States. If a complaint is not resolved by other resource and enforcement mechanisms, then individuals may request binding arbitration. If you do not receive timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit the JAMS web site at: https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
The Privacy Shield Frameworks apply to transfers of personal data from within the EU or Switzerland to the United States. If you are an EU or Swiss resident and have a question or complaint about the processing of your personal data within the EU or Switzerland, you have rights separate from those arising under the Privacy Shield Frameworks. If you have any questions or complaints about data processing activities within Europe, please contact us at the email or mail address listed above. You also have the right to raise your inquiry or complaint to the applicable data protection authority (“DPA”) in your member country. Universal has committed to cooperate with the applicable EU data DPA and the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) and comply with the advice given by such authorities with regard to personal data transferred from the EU and Switzerland in the context of the employment relationship.
Universal is very concerned with safeguarding your personal data. The integrity and availability of your personal data are critical to the provision of superior products and services to you. We employ administrative, physical, procedural, and technological measures designed to protect your data from unauthorized access or alteration and loss or misuse. We have implemented a multi-layered approach to protect electronic information through a comprehensive Information Technology (IT) Security program. Our IT Security program is designed to safeguard electronic information by proactively providing leadership and support for areas related to network security, system security, risk assessment, remediation tracking, and adherence to security compliance mandates. Universal employees work as a team to ensure that information is protected against unintentional disclosure and are guided by compliance objectives, standard operating procedures, and acceptable usage policies.
TRANSFER OF BUSINESS
Universal Weather and Aviation, Inc.
Attn: Legal Department and Data Protection Officer
1150 Gemini Street
Houston, Texas 77058
Phone (North America): +1 (800) 793-1295
Phone (Other): +1 (713) 378-2778