1. Introduction
Welcome to the Privacy Policy of CorePilot. This policy outlines how we collect, use, disclose, retain, and protect personal information provided by individuals who interact with our organization.
2. Scope
This Privacy Policy applies to all personal information collected, processed, and stored by CorePilot in the
course of our operations and interactions with individuals, whether online or offline.
3. Purpose
The purpose of this Privacy Policy is to inform individuals about the types of personal information we collect, how we use and disclose it, how we safeguard it, and the rights individuals have regarding their personal
information.
4. Use of Website
CorePilot’s website collects certain information such as internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system, and other usage information about the use of CorePilot’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. CorePilot has a legitimate interest in understanding how members, customers and potential customers use its website. This assists CorePilot with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.
4.1 Cookies and tracking technologies
CorePilot uses cookies and similar tracking technologies to improve your browsing experience on our website. Cookies are small pieces of text sent by your web browser. This cookie file is then stored in your web browser and allows CorePilot to recognize this small piece of text and make your next visit easier. Specifically, CorePilot uses these cookies to analyze website traffic through Google Analytics. By accepting this Privacy you understand and accept the use of these technologies in accordance with this notice. If you'd like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.
5. Types of Personal Information Collected
We may collect various types of personal information, which may include but are not limited to:
• Contact Information (first name, last name, phone number, email)
• Financial Information (billing address, payment information)
• Online Identifiers (e.g., IP address, cookies, device information)
6. Purposes of Data Collection and Use
We collect and use personal information for the following purposes:
• To provide and deliver our software as a service
• To process and fulfill requests
• To communicate with individuals
• To personalize user experiences
• To conduct research and analytics
• To comply with legal obligations
• To protect the rights and safety of individuals and our organization
7. Third Parties
CorePilot may engage third-party organizations for cloud hosting (AWS) and marketing/data analysis (Google Analytics). These third parties only have access to your personal data to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
8. Consent and Consent Withdrawal
By using our services, you consent to the collection and use of your personal data as outlined in this Privacy Policy. You have the right to withdraw your consent at any time. To do this, please contact us at support@corepilotcloud.com. Please note that withdrawing consent may affect the functionality of our services.
9. Disclosure of Personal Information
We may disclose personal information to third parties in the following circumstances:
• With consent from the individual
• With service providers or business partners involved in providing our products/services
• When required by law or to comply with legal obligations
• In connection with a merger, acquisition, or business transaction
10. Data Retention and Destruction
We retain personal information only for as long as necessary to fulfill the purposes stated in this Privacy Policy unless a longer retention period is required or permitted by law, to resolve disputes, and enforce legal agreements. When personal information is no longer needed, we securely destroy or anonymize it.
11. Data Security Measures
We implement appropriate technical and organizational measures to safeguard personal information against unauthorized access, loss, or alteration. These measures include but are not limited to data encryption, access controls, and regular security assessments.
12. Data Transfers
Your information, including personal data, may be transferred to — and maintained on — cloud servers located outside of your province/state, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.
13. Individuals' Rights
Individuals have certain rights regarding their personal information, which may include the right to access, rectify, restrict processing, object to processing, erase their personal information, and request the portability of your personal information (subject to legal requirements). To exercise these rights, please contact us at support@corepilotcloud.com. We will respond to your request within a reasonable timeframe.
13.1. Breach Reporting
In the event of a data breach that affects your personal data, CorePilot will notify you and the appropriate regulatory authorities within the time frame required by applicable law and the CorePilot Incident Response Policy. We will also take necessary steps to mitigate the breach and prevent similar incidents in the future.
Details of the breach notification to individuals impacted will include:
• Description of the breach
• When the breach occurred
• Description of the PI that has been compromised
• Description of steps taken to reduce risk of harm to individuals
• Description of what individuals can do to reduce risk of harm
• Contact information of the organization and how the individual can obtain further information
Details of the breach notification to applicable legal authorities will include:
• Name/location/contact information of CorePilot
• Number of individuals affected by breach, or approximate number
• When the breach occurred
• Description of organizations involved in breach
• How and why the breach occurred
• When the breach was discovered
• Where the breach occurred
• List of those who have had access to Personal Information
• List of relevant safeguards in place during time of breach
• Description of Personal Information compromised
• Information regarding the notification of those individuals impacted
14. Complaints and Inquiries
Individuals may contact us with any inquiries, concerns, or complaints regarding the handling of their personal information at support@corepilotcloud.com. We will address and respond to such communications promptly and in accordance with applicable privacy laws.
14.1. Privacy Officer
The Data Protection Officer (DPO) shall have the responsibilities set forth in this Policy The DPO is tasked with
daily and ongoing oversight and management of CorePilot Compliance Program, which includes the following
responsibilities:
• Monitoring CorePilot's internal compliance with privacy legislation
• Providing guidance at the earliest stage possible on all aspects of data protection
• Keeping CorePilot stakeholders appraised of changes to applicable privacy legislation and other relevant laws and regulations
• Assisting the controller or processor in monitoring internal compliance with the Regulation, including:
• Collecting information to identify processing activities
• Analyzing and checking the compliance of processing activities
• Informing, advising and issuing recommendations to the controller or the processor
• Acting in an independent manner, and ensuring there is no conflict of interest in other roles or interests that the DPO may hold
• Maintaining inventories of all personal data stored on behalf of the data controller or processor
• Responding to security, privacy, and data access requests and complaints from data subjects
• Managing data security and critical business continuity issues that could impact personal data
• Providing guidance on responding to accidental or malicious activity that could impact personal data
• Cooperate with the supervisory authority as needed
• To act as the contact point for the supervisory authority on issues relating to processing, and to
consult, where appropriate, with regard to any other matter
15. Policy Updates and Communication
CorePilot may update this Privacy Policy from time to time to reflect changes in the practices or legal obligations. CorePilot will communicate any material changes through appropriate channels and obtain any necessary consents when required.
We accelerate the aviation supply chain by simplifying and automating the workflows of the aviation aftermarket.
