HeliHazard, a Wyoming corporation ("HeliHazard," "we," "us," "our") operates the HeliHazard mobile application (the "App"). This Privacy Policy, together with the Notice at Collection (Section 2) and the Notice of Financial Incentive (Section 11), explains what personal information we collect, why, how we use, share, and sell it, and the rights and choices you have. By downloading, accessing, or using the App you acknowledge this Policy. Where the law requires consent, we obtain it through the in-App disclosure and controls described below.
1. Who this Policy covers
This Policy applies to all users of the App worldwide. Additional rights for residents of California, other U.S. states, and the EEA/UK are described in Sections 9–10.
2. Notice at Collection
At or before the point of collection, we collect the categories below. We collect this information to operate the App and, as a core part of our business, to analyze, license, and sell it. We do sell and share personal information, including precise geolocation, which is treated as Sensitive Personal Information. You can opt out at any time (Sections 8–9). We retain each category as described in Section 7.
| Category | Examples we collect | Sold / shared? |
|---|---|---|
| Identifiers | Email (account); random per-install device ID; session ID | Device/session ID: Yes |
| Precise geolocation (Sensitive PI) | GPS position, flight track, altitude, speed, heading | Yes |
| Network / usage activity | Feature and alert usage, in-App events | Yes |
| Commercial / aviation data | Nearby aircraft (ADS-B), hazard encounters, helipad visits, route anomalies | Yes |
| Device information | Model, OS version, App version, language, region, time zone | Yes |
| Account credentials | Password (stored only as a salted hash by our auth provider) | No |
Sources: directly from you and automatically from your device and the App. We do not knowingly collect your name, contacts, photos, health data, or government identifiers. Flight, device, and usage data are keyed to a random per-install identifier, not to your name.
3. How we use information
- Operate the App and deliver hazard alerts and flight features;
- Create, secure, and support your account;
- Analyze aviation-safety patterns and build, improve, and develop products, datasets, models, and services;
- Commercialize data — create products from, license, share, and sell the data as described in Section 4;
- Detect and prevent fraud, abuse, and security incidents; comply with law.
4. How we share, sell, and transfer information
We disclose, license, and sell information — in identifiable, de-identified, or aggregated form — to the following categories of recipients:
- Service providers / processors that host and process data for us (e.g., cloud database and infrastructure providers), under contract and only for our purposes;
- Buyers and licensees of data — analytics firms, aviation operators, insurers, researchers, and other commercial purchasers;
- Business transfers — as part of, or in preparation for, any merger, acquisition, financing, reorganization, bankruptcy, or sale of some or all of our assets, information may be transferred to the counterparty, who may use it consistent with this Policy;
- Legal and safety — where required by law, legal process, or to protect rights, property, or safety.
In the preceding 12 months we have sold/shared the categories marked "Yes" in Section 2. We do not sell or share the personal information of consumers we know to be under 16 without affirmative authorization (Section 6).
5. De-identified and aggregated data
We may create de-identified or aggregated data and use, retain, and disclose it without further obligation. We commit to maintaining such data in de-identified form and not attempting to re-identify it except to test our de-identification.
6. Children and minors
The App is not directed to children under 13, and we do not knowingly collect their personal information; if we learn we have, we delete it. For consumers aged 13–15, we do not sell or share personal information without the consumer's affirmative opt-in.
7. Data retention
We retain each category of personal information for as long as necessary for the purposes in this Policy: account data for the life of your account plus up to 24 months; flight, location, device, and usage data for up to 36 months in identifiable form. De-identified and aggregated data may be retained indefinitely. We may retain information longer where required by law or to resolve disputes.
8. Your choices
- Turn off data collection. In Settings › Data in the App you can disable flight-data collection at any time. When you opt out, we stop collecting new data and rotate your random identifier so future activity is not linked to past data. This also serves as your opt-out of sale/sharing.
- Preference signals. We honor the Global Privacy Control (GPC) and similar opt-out signals as a valid request to opt out of sale/sharing where legally required.
- Account access/deletion. Email us to access, correct, or delete account data.
9. U.S. state privacy rights
Depending on your state (including California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others), you may have the right to: confirm and access the personal information we process; correct it; delete it; obtain a portable copy; opt out of the sale or sharing of personal information and of targeted advertising; and limit the use of Sensitive Personal Information.
- How to exercise: use Settings › Data in the App, or email privacy@helihazard.com with the subject "Do Not Sell or Share My Personal Information" or your requested right.
- Sensitive data. Precise geolocation is Sensitive Personal Information. Where your state requires opt-in consent before we process or sell Sensitive Personal Information, we will obtain it before doing so; otherwise you may opt out as above.
- Verification & agents. We will verify your request using information associated with your account or device; you may use an authorized agent.
- Appeals. If we deny your request, you may appeal by replying to our decision; where applicable you may contact your state Attorney General.
- Non-discrimination. We will not discriminate against you for exercising these rights, except that some App features depend on the data and may be unavailable if you opt out.
- Response time: generally within 45 days.
10. EEA/UK (GDPR / UK GDPR)
- Controller: HeliHazard, a Wyoming corporation, 30 N Gould St, Ste 100, Sheridan, WY 82801, USA.
- Legal bases: your consent (which you may withdraw at any time in Settings) for collection and sale of location and other data; performance of a contract for account features; and our legitimate interests in operating, securing, and improving our products.
- Your rights: access, rectification, erasure, restriction, portability, objection, and to withdraw consent; you may lodge a complaint with your supervisory authority.
- International transfers: we transfer data to the United States and rely on Standard Contractual Clauses or other lawful transfer mechanisms.
- Retention: as in Section 7.
11. Notice of Financial Incentive (California Civ. Code § 1798.125)
Because the App is free in exchange for the collection and sale of your data, we offer a financial incentive.
- What it is: free access to the App and its features in exchange for your agreement to our collection, use, and sale of the data described above.
- Categories involved: those marked "Yes" in Section 2, including precise geolocation.
- How to opt in / opt out: collection is enabled by default and disclosed at first launch; you may opt out at any time in Settings › Data, which withdraws you from the incentive (the App remains free).
- Good-faith value & method: we estimate the value of a user's data to be approximately $10 per user per year, calculated as our projected annual data-related revenue divided by the projected number of users contributing data. As a pre-revenue company we will revise this estimate as actual figures develop. This estimate reflects the value of the data to our business, not a market price paid to any individual.
12. Security
We use industry-standard safeguards including encryption in transit. Client access to our backend is write-only; stored data is readable only by authorized server-side systems. No method of transmission or storage is completely secure.
13. Changes
We may update this Policy. Material changes will be reflected by the "Last updated" date and, where required, by in-App notice or renewed consent.
14. Contact
HeliHazard, a Wyoming corporation
Privacy: privacy@helihazard.com
30 N Gould St, Ste 100, Sheridan, WY 82801, USA
EU/UK representative: not applicable