top of page

Privacy Policy

Important Information and Who We Are

WINGMAN AVTECH PRIVATE LIMITED ("Wingman", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, transfer, and store your data when you access any of our products, services, or applications. Currently, these include:

 

  • Wingman Pilot Logbook

  • AirRoster

  • Wingman Canvas

 

This policy applies to all current products and will be updated to cover any future products under the Wingman Avtech Pvt Ltd portfolio.

 

By accessing our applications, websites, or services, you agree to the practices described in this Privacy Policy.

 

Purpose of This Privacy Policy

This Privacy Policy aims to provide you with clear and comprehensive information on:

 

  • The data we collect about you;

  • How we store, process, and secure that data;

  • Your rights regarding your personal data;

  • Our responsibilities in managing your data;

  • How we comply with GDPR and other applicable international data protection laws.

 

By accessing our applications or services, you agree to the practices described in this Privacy Policy.

Types of Data Collected


We may collect, use, store, and transfer various categories of personal data:

 

  1. Identity Data

    1. Full name, username, and login credentials.

  2. Contact Data

    1. ​Email address, billing address, and phone number.

  3. Technical Data

    1. IP address, device details, app version, browser type, time zone settings, and platform information.

  4. Usage Data

    1. Information about how you use our products and services.

  5. Transaction Data

    1. Records of purchases, payment card details (processed securely through third-party payment processors).

  6. Profile Data

    1. Preferences, feedback, and survey responses.
       

Data Automatically Collected

We collect technical data automatically through cookies, server logs, and similar technologies. Consent for non-essential cookies will be obtained in compliance with GDPR.


Special Note on Third-Party System Access

We may require access to third-party systems, such as airline roster systems or eGCA

 

  • You may be required to input credentials (username, user ID, password) for such systems.

  • Credentials are stored only in encrypted format and are used strictly to automate access to retrieve relevant data (e.g., flights, trips, schedules).

  • By using these features, you confirm that you have the right to access such systems and acknowledge that Wingman is not responsible for any breaches of employment or IT usage policies.

 

How We Use Your Data

We process your personal data for the following purposes:

 

  1. Service Delivery: To provide the core functionalities of our products.

  2. User Support: To address inquiries, troubleshoot issues, and respond to feedback.

  3. Enhancement of Services: To improve product performance, security, and user experience.

  4. Legal Compliance: To comply with regulatory obligations, including GDPR.

  5. Marketing and Cookies: Consent-based communication and personalized service offerings.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

 

  • Performance of Contract: When processing is necessary to deliver our services.

  • Legitimate Interests: For improving services, analyzing usage data, and maintaining security.

  • Legal Obligation: To comply with applicable laws and regulations.

  • Consent: Where required for specific types of data processing, including marketing and cookies.

 

How We Store and Secure Your Data

  1. Data Storage

 

  • Most data is stored on your device to prioritize privacy and reduce unnecessary backend processing in compliance with industry best practices.

  • Only essential data is securely transmitted to our backend servers. These servers employ state-of-the-art database systems, equipped with failover mechanisms, redundancy protocols, and data integrity checks.

 

  1. Data Encryption

 

  • Sensitive information, including but not limited to credentials, authentication tokens, and passwords, is encrypted utilizing AES-256 for data at rest and TLS 1.2 or higher for data in transit. These measures meet GDPR requirements and internationally recognized security standards.

 

  1. Data Backups

 

  • Backups are stored within India using automated disaster-recovery protocols. While no data is currently transferred outside India, any global backup adoption will adhere to Standard Contractual Clauses (SCCs) and GDPR transfer mechanisms to ensure legal compliance.

 

  1. Incident Response

 

  • While our systems are designed to eliminate security risks, we acknowledge that unforeseen breaches, though improbable, may occur. In compliance with GDPR:

    • Affected regulatory authorities will be notified within 72 hours of breach detection.

    • Impacted users will be promptly informed with actionable details and mitigation measures.

 

  1. Transmission Security

 

  • All transmitted data uses Secure Socket Layer (SSL) encryption to safeguard its integrity and confidentiality.


 

International Data Transfers

If we transfer your personal data outside the EU/EEA, we ensure compliance with GDPR through:

 

  • Adequacy Decisions: Transfers only to countries deemed to provide an adequate level of data protection.

  • Standard Contractual Clauses (SCCs): Ensuring legally enforceable safeguards for international transfers.


 

Data Retention

We retain your personal data only as long as necessary to:

 

  • Fulfill the purposes outlined in this Privacy Policy;

  • Comply with legal obligations;

  • Resolve disputes and enforce our agreements.

 

Upon request, all personally identifiable data will be deleted within 15 days, unless retention is required by legal obligations.

 

Your Rights

Under GDPR, you have the following rights:

 

  1. Right to Access: Request details of the data we hold about you.

  2. Right to Rectification: Correct incomplete or inaccurate data.

  3. Right to Erasure: Request data deletion where no longer required.

  4. Right to Restrict Processing: Suspend processing under specific circumstances.

  5. Right to Object: Object to processing for legitimate interests or marketing.

  6. Right to Data Portability: Request transfer of your data in machine-readable format.

  7. Right to Withdraw Consent: Withdraw consent at any time for consent-based processing.

 

To exercise any of these rights, contact us at support@wingman.zohodesk.com.


 

Cookies

We use cookies for essential and optional purposes, including performance analysis and marketing. For non-essential cookies, consent will be obtained as required under GDPR. 

 

Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updates will be published on our official website, and significant changes will be communicated to users.

 

Last Updated: 12 DEC 2024

Contact Us

If you have questions regarding this Privacy Policy or your data, contact us:

 

WINGMAN AVTECH PRIVATE LIMITED
Legal Entity: Wingman Avtech Pvt Ltd
Legal Representative: Leonard Selvaraja
Email: support@wingman.zohodesk.com

bottom of page