Loading dashboard...

Privacy Policy

Last Updated: 10/7/2025

At Pilotflows, a service provided by Tegi S.à r.l.-S. ("we", "our", or "us"), we are committed to protecting your privacy and personal data. This policy explains how we collect, use, and safeguard your data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable laws.

1. Company Information

Tegi S.à r.l.-S.
15, rue de la Syre
L-5377 Übersyren
Luxembourg
Email: [email protected]

2. Information We Collect

We collect and process the following types of personal information:

  • Account Information: name, email address, password (encrypted)
  • Profile Information: profile picture, date of birth, gender, contact information
  • Professional Information: certifications, pilot status, organization affiliations
  • Contact Details: address, phone number, emergency contact information
  • Technical Data: IP address, browser type, device information, cookies
  • Usage Data: login times, feature usage, preferences
  • Payment Information: payment method details (processed securely through Stripe)
  • Organization Data: company details, VAT ID, organization size
  • Documents: certificates and other uploaded files

3. How We Use Your Information

We use your personal data for the following purposes:

  • Providing and managing your account and our services
  • Processing and managing subscriptions and payments
  • Storing and managing your certificates and documents
  • Enabling two-factor authentication for account security
  • Sending service-related communications and updates
  • Managing organization memberships and permissions
  • Analyzing platform usage to improve our services
  • Ensuring platform security and preventing fraud
  • Complying with legal obligations

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary for the services we provide
  • Legal Obligations: Compliance with applicable laws and regulations
  • Legitimate Interests: Improving our services and ensuring security
  • Consent: When you explicitly agree to specific data processing

5. Data Storage and Security

We implement robust security measures to protect your data:

  • Encryption of data in transit and at rest
  • Secure file storage using Amazon S3
  • Regular security audits and monitoring
  • Two-factor authentication support
  • Access controls and authentication mechanisms
  • Regular backup procedures

6. Third-Party Service Providers

We use trusted third-party services for specific functions:

  • Stripe: Payment processing
  • Amazon Web Services (AWS): File storage and hosting
  • Email service providers: Communication delivery
  • Analytics providers: Service improvement and monitoring

These providers are contractually bound to protect your data and use it only for specified purposes.

7. Your Rights

Under GDPR and CCPA, you have the following rights:

  • Access your personal data
  • Correct inaccurate data
  • Request data deletion
  • Restrict or object to processing
  • Data portability
  • Withdraw consent
  • Lodge complaints with supervisory authorities

8. Data Retention

We retain your data for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

After account deletion, we may retain certain data for legal compliance and legitimate business purposes.

9. International Data Transfers

We may transfer your data to countries outside the EU/EEA, ensuring appropriate safeguards through Standard Contractual Clauses or other legal mechanisms.

10. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes through our platform or via email.

11. Contact Us

For privacy-related inquiries or to exercise your rights, contact us at: [email protected]

Data Protection Officer
Tegi S.à r.l.-S.
15, rue de la Syre
L-5377 Übersyren
Luxembourg