PRIVACY POLICY - AVIATION RELATIONS

Last Updated: August 20, 2025

1. INFORMATION WE COLLECT

Information You Provide to Us

We collect information you provide directly to us, such as when you:

• Schedule consultations or contact us for services

• Sign up for our email list or Academy waitlist

• Fill out forms on our website or through our Kajabi platform

• Please communicate with us via email or other channels

Types of Information Collected:

• Contact Information: Name, email address, phone number, company name

• Professional Information: Role in aviation, organization type, compliance challenges

• Consultation Details: Questions, challenges, and preparation information for consultations

• Payment Information: Credit card information (processed securely through third-party providers)

Information We Collect Automatically

When you visit our websites, we automatically collect certain information:

• Device Information: IP address, browser type, operating system

• Usage Information: Pages visited, time spent on site, referring websites

• Cookies and Similar Technologies: To enhance your browsing experience

HOW WE USE YOUR INFORMATION

Primary Uses

We use the information we collect to:

• Provide Services: Schedule and conduct consultations, deliver Academy content

• Communication: Send confirmation emails, consultation preparation materials, and follow-up information

• Improve Services: Understand how our services are used and make improvements

• Marketing: Send newsletters, Academy updates, and information about relevant services (with your consent)

• Legal Compliance: Meet legal obligations and protect our legal rights

Consultation Services

For consultation services, we use your information to:

• Schedule appointments, send confirmations, and reminders

• Prepare for consultations by understanding your specific challenges

• Provide follow-up material, including consultation summaries and recommendations

• Process payments securely through third-party payment processors

Academy and Educational Services

For the Academy waitlist and educational services, we use information to:

• Provide Academy updates and development progress information

• Send educational content and aviation compliance resources

• Notify about enrollment opportunities and founding member benefits

• Customize content based on professional interests and needs

3. INFORMATION SHARING AND DISCLOSURE

We Do Not Sell Your Information

We do not sell, trade, or rent your personal information to third parties for marketing purposes.

Service Providers

We may share your information with trusted third-party service providers who help us operate our business:

• Kajabi: Platform hosting, email delivery, and course content management

• Payment Processors: Secure payment processing (Stripe, PayPal)

• Email Services: Newsletter and communication delivery

• Analytics Services: Website usage analysis and improvement

Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Court orders or legal process

• Government requests or investigations

• Protection of rights and safety of our business, customers, or others

Business Transfers

In the event of a merger, acquisition, or sale of our business, customer information may be transferred as part of that transaction.

4. PROFESSIONAL CONFIDENTIALITY

Consultation Confidentiality

All consultation discussions and related information are treated as confidential business communications:

• Discussion Content: All consultation topics and advice remain confidential

• Client Information: Company names and specific situations are not shared without permission

• Professional Standards: We maintain professional consulting confidentiality standards

Case Studies and Examples

We may use anonymous case studies for educational purposes, with:

• All identifying information has been completely removed

• Generic descriptions that cannot be traced to specific clients

• Focus on general compliance principles rather than particular situations

5. DATA SECURITY

Security Measures

We implement reasonable security measures to protect your information:

• Secure Transmission: SSL encryption for data transmission

• Access Controls: Limited access to personal information on a need-to-know basis

• Third-Party Security: Use reputable service providers with strong security practices

• Regular Updates: Keep security measures current with industry standards

Payment Security

Payment information is processed through secure, PCI-compliant payment processors:

• No Storage: We do not store credit card information on our servers

• Encrypted Processing: All payment data is encrypted during transmission

• Industry Standards: Payment processors meet or exceed industry security requirements

6. COOKIES AND TRACKING TECHNOLOGIES

What We Use

Our websites use cookies and similar technologies to:

• Remember Preferences: Keep you logged in and remember your settings

• Analytics: Understand how our website is used and make improvements

• Marketing: Provide relevant content and measure campaign effectiveness

Your Choices

You can control cookies through your browser settings:

• Accept or Decline: Most browsers allow you to accept or decline cookies

• Delete Cookies: You can delete existing cookies through browser settings

• Third-Party Cookies: You can opt out of third-party advertising cookies

7. YOUR RIGHTS AND CHOICES

Access and Updates

You have the right to:

• Access the personal information we have about you

• Correct inaccurate or incomplete information

• Update your preferences for communications

• Request deletion of your personal information (subject to legal and business requirements)

Communication Preferences

You can control communications from us:

• Email Unsubscribe: Use unsubscribe links in emails or contact us directly

• Academy Updates: Opt out of Academy waitlist communications at any time

• Marketing Communications: Choose which types of communications you receive

Consultation Records

For consultation services:

• Access Records: You can request copies of consultation summaries and materials

• Correction: You can request corrections to consultation records

• Retention: We retain consultation records for professional and business purposes

8. CHILDREN'S PRIVACY

Age Restrictions

Our services are intended for professional use by adults in the aviation industry:

• No Collection: We do not knowingly collect information from children under 13

• Professional Services: Our consultation and educational services are designed for aviation professionals

• Parental Rights: Parents can contact us to request the deletion of any child's information

9. INTERNATIONAL DATA TRANSFERS

Data Location

Your information may be stored and processed in the United States:

• Service Providers: Our service providers may store data in various locations

• Protection: We ensure appropriate safeguards are in place for international transfers

• Legal Compliance: We comply with applicable international data protection laws

10. DATA RETENTION

Retention Periods

We retain your information for different periods based on the purpose:

• Consultation Records: Maintained for professional and business record-keeping purposes

• Marketing Communications: Until you unsubscribe or request deletion

• Academy Information: Until the Academy launch or you opt out of the waitlist

• Legal Requirements: As required by applicable laws and regulations

Deletion Requests

You can request deletion of your personal information:

• Process: Contact us using the information provided below

• Verification: We may need to verify your identity before processing deletion requests

• Limitations: Some information may be retained for legal or business purposes

11. THIRD-PARTY LINKS

External Websites

Our websites may contain links to third-party websites:

• No Responsibility: We are not responsible for the privacy practices of other websites

• Separate Policies: Third-party sites have their own privacy policies

• Review Recommended: We encourage you to review the privacy policies of sites you visit

12. UPDATES TO THIS POLICY

Policy Changes

We may update this Privacy Policy from time to time:

• Notification: We will notify you of significant changes via email or website notice

• Effective Date: Changes become effective 30 days after notification

• Review: We encourage you to review this policy periodically

Contact for Questions

If you have questions about policy changes or our privacy practices, please get in touch with us using the information below.

13. STATE-SPECIFIC RIGHTS

California Residents (CCPA)

California residents have additional rights:

• Right to Know: What personal information we collect and how it's used

• Right to Delete: Request deletion of personal information (with exceptions)

• Right to Opt-Out: Opt out of the sale of personal information (we do not sell information)

• Non-Discrimination: We will not discriminate for exercising privacy rights

Other State Laws

Residents of other states may have similar rights under applicable state laws regarding privacy. Contact us to understand your rights and how to exercise them.

14. BUSINESS CONTACT INFORMATION

Professional Services Context

Our collection and use of information occurs in the context of:

• B2B Services: Professional aviation compliance consulting and education

• Industry Focus: Aviation compliance and regulatory guidance

• Professional Communications: Business-to-business relationships and services

16. EUROPEAN UNION GENERAL DATA PROTECTION REGULATION (GDPR)

GDPR Compliance for EU Residents

If you are a resident of the European Union, you have specific rights under the General Data Protection Regulation (GDPR). This section explains how we comply with GDPR requirements.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent (e.g., newsletter signup, Academy waitlist)

• Contract Performance: To provide consultation services, you have purchased

• Legitimate Interest: To improve our services and communicate about relevant professional services

• Legal Obligation: To comply with applicable laws and regulations

Your GDPR Rights

As an EU resident, you have the following rights regarding your personal data:

Right of Access (Article 15)

• Request confirmation of whether we process your personal data

• Obtain a copy of your personal data in a structured, commonly used format

• Information about processing purposes, categories, recipients, and retention periods

Right to Rectification (Article 16)

• Correctthe inaccurate personal data we hold about you

• Complete incomplete personal data, including by providing a supplementary statement

Right to Erasure/Right to be Forgotten (Article 17)

• Request deletion of your personal data in certain circumstances:

  • Personal data no longer necessary for original purposes

  • You withdraw consent, and no other legal ground exists

  • Personal data unlawfully processed

  • Deletion required for compliance with legal obligations

Right to Restrict Processing (Article 18)

• Limit how we use your personal data in certain situations:

  • While we verifythe accuracy of the disputed data

  • When processing is unlawful, but you prefer restriction over deletion

  • When we no longer need the dat,a but you need it for legal claims

Right to Data Portability (Article 20)

• Receive your data ia n structured, commonly used, machine-readable format

• Transfer your data to another service provider where technically feasible

• Direct transfer between controllers when technically feasible

Right to Object (Article 21)

• Object to processing based on legitimate interests or direct marketing

• Stop direct marketing communications (including profiling for marketing)

• Object to automated decision-making, including profiling

How to Exercise Your Rights

To exercise your GDPR rights, contact us using the information provided in Section 15:

Required Information for Requests:

• Full name and email address associated with our services

• Specific right you wish to exercise

• Additional information to help us locate your data (if applicable)

Response Timeline:

• Initial response: Within 1 month of receiving your request

• Complex requests: May be extended bytwo2 additional months with notification

• Verification: We may request additional information to verify your identity

Data Processing Activities

Consultation Services Processing

• Data Collected: Contact information, professional details, consultation topics

• Purpose: Provide professional aviation compliance consultation services

• Legal Basis: Contract performance and legitimate business interests

• Retention: Professional records are maintained for business and legal requirements

• Recipients: Limited to service providers necessary for consultation delivery

Marketing and Communication Processing

• Data Collected: Email address, name, professional interests

• Purpose: Send newsletters, Academy updates, and relevant service information

• Legal Basis: Consent (with explicit opt-in) and legitimate interests

• Retention: Until you unsubscribe or request deletion

• Recipients: Email service providers (Kajabi) and analytics services

Academy Waitlist Processing

• Data Collected: Contact information, professional role, learning interests

• Purpose: Academy development updates and founding member opportunities

• Legal Basis: Consent and legitimate interests in Academy development

• Retention: Until Academy launch or you opt out of the waitlist

• Recipients: Educational platform providers and email services

Data Transfers Outside the EU

When we transfer your personal data outside the European Union:

Adequacy Decisions

• United States: Some transfers may be based on adequacy decisions or appropriate safeguards

• Service Providers: We ensure third-party processors provide adequate protection

Appropriate Safeguards

• Standard Contractual Clauses: EU-approved model clauses with service providers

• Binding Corporate Rules: Where applicable for international service providers

• Certification: Service providers with appropriate privacy certifications

Specific Transfers

• Kajabi (Platform Provider): Standard contractual clauses and privacy shield principles

• Payment Processors: PCI DSS compliance and appropriate data protection measures

• Email Services: Standard contractual clauses for EU data protection

Data Protection Officer

For GDPR-related inquiries and requests:

• While we are not required to appoint a formal Data Protection Officer due to our size and scope

• Privacy Contact: All GDPR requests should be directed to privacy@aviationrelations.com

• Response Commitment: We will respond to all GDPR requests within the required timeframes

Supervisory Authority

You have the right to complain with a supervisory authority:

• Your local authority: Contact your national data protection authority

• Cross-border processing: You may contact any EU supervisory authority

• Direct resolution: We encourage contacting us first to resolve concerns directly

Automated Decision-Making and Profiling

We do not engage in:

• Fully automated decision-making with legal or significant effects

• Extensive profiling for marketing or service delivery purposes

• Automated consultation assessments (all consultations involve human professional judgment)

Data Minimization and Purpose Limitation

Our GDPR compliance includes:

• Minimal data collection: Only collect data necessary for specified purposes

• Purpose limitation: Use data only for stated purposes or compatible purposes

• Regular review: Periodic assessment of data processing activities

• Data accuracy: Procedures to ensure personal data accuracy and currency

Privacy by Design and Default

We implement privacy protection through:

• Technical measures: Encryption, access controls, and secure transmission

• Organizational measures: Privacy policies, staff training, and data governance

• Default settings: Privacy-friendly default settings for data collection and processing

• Impact assessments: Regular review of privacy risks and protection measures

Breach Notification

In the event of a personal data breach:

• Authority notification: Report to the relevant supervisory authority within 72 hours when required

• Individual notification: Notify affected individuals when there is a high risk to their rights and freedoms

• Documentation: Maintain records of all data breaches and response measures

• Prevention: Implement measures to prevent future breaches

Children's Data

Special protections for children's data:

• Age verification: Services designed for professional adults (16+ or parental consent required)

• Parental rights: Parents can exercise rights on behalf of children under 16

• Limited collection: No intentional collection of children's personal data

• Educational context: Academy services designed for professional education

Updates to GDPR Processing

Changes to how we process EU personal data:

• Notification: Advance notice of significant changes to processing activities

• New consent: Request new consent when required for changed processing purposes

• Rights maintenance: All GDPR rights continue to apply to updated processing activities

• Documentation: Updated privacy notices and processing records

17. CONTACT INFORMATION

Privacy Questions and Requests

For questions about this Privacy Policy or to exercise your privacy rights:

Email: privacy@aviationrelations.com
Website: aviationrelations.com
Mailing Address: 6608 N Western Ave #1085, Oklahoma City, OK, 73116, United States
Response Time: We will respond to privacy requests within 30 days

General Business Contact

Website: aviationrelations.com
Email: teddy@aviationrelations.com

This Privacy Policy describes how Aviation Relations collects, uses, and protects your personal information. By using our services, you agree to the collection and use of information in accordance with this policy.

For questions about this policy or our privacy practices, please get in touch with us using the information provided above.