UAV354 Privacy Policy, updated September 2022

Our full privacy policy is explained below, but the main points to note are:

  • We will only ever ask you for what we really need to know.
  • We will collect and use the personal data that you share with us transparently, honestly and fairly.
  • We will always respect your choices around the data that you share with us and the communication channels that you ask us to use.
  • We will put appropriate security measures in place to protect the personal data that you share.
  • We will never sell your data.

1. Who are we?

We are UAV365, a division of 365 Resourcing Limited who are registered with the Information Commissioners Office with Registration Number 00015781070.

We understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, https://uav365.co.uk. All our contact details are in Section 16 below.

Our site will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

We are committed to safeguarding your privacy. This Privacy Policy (“Policy”) sets out our data collection and processing practices and your options regarding how your personal information is used.

We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy, our Terms and Conditions and our Acceptable Use Policy.

The provision of your personal data to us is voluntary. However, without providing us with your personal data, you may be unable to take an action, such as send us a message or receive information from us. 

We may use your information to: 

  • tell you about our work or to answer a query that you have sent to us;
  • to carry out our obligations arising from any contracts entered into by you and us;
  • seek your views or comments on our work;
  • notify you of changes to our organisation;
  • send you communications which you have requested and that may be of interest to you.
  • process a job application or an expression of interest from you in working with or for us.

2. What information do we collect?

The type and amount of information we collect depends on why you are providing it.

On the contact form on our website, we will usually ask you for your name and contact details, including company name, telephone number and e-mail address and any message that you wish to send us.

However, we may request other information where it is appropriate and relevant. This additional information might include:

(1) details of why you have decided to contact us or details of topics/areas of interest to you, 

(2) information about your computer and about your visits to and use of this website including your IP address, geographical location, browser type, referral source, length of visit and number of page views;

(3) information about the services you use, services and products of interest to you or any marketing and/or communication preferences you give; and/or

(4) If you are a job applicant the information you are asked to provide is as set out in the application or on our Careers page, and is necessary for the purposes of considering the application.

(5) any other information shared with us in relation to the different purposes set out at clause 1.

What is the definition of Personal Data?

Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

Do we process sensitive personal information? 

Applicable law recognises certain categories of personal information as sensitive and therefore requiring more protection, including health information, ethnicity and political opinions. In limited cases, we may collect sensitive personal data about you. We would only collect sensitive personal data if there is a clear reason for doing so; and will only do so with your explicit consent.

3. Communications and Marketing

Should you have provide us with your physical address, we may contact you by post; and where you have provided appropriate consent by opt-ing in on our contact form or elsewhere, also by telephone and e-mail, with targeted communications to let you know about our activities, that we consider may be of particular interest, about the work of UAV365.

4. Third-Party Service Providers

We may pass your information to our third-party service providers, agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf.

An example of this, subject to you opt-ing in to receive them, would be for us to send you mailings via Mailchimp, part of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308 USA and owned by Intuit Inc. Section 7 below goes into further details about the International Transfer of your Data.

These third parties have access to your Personal Information only to perform these specific tasks on our behalf and are obligated not to disclose or use it for any other purpose. 

5. Children's Data

We do not knowingly process data of any person under the age of 16. If we come to discover, or have reason to believe, that you are 15 and under and we are holding your personal information, we will delete that information within a reasonable period and withhold our services accordingly.

Where possible and appropriate UAV365 will seek consent from a parent or guardian before collecting any information about children. 

6. Other Disclosures

We will disclose your Personal Information where required to do so by law or in accordance with an order of a court of competent jurisdiction, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.

If we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Policy.

We may share your personal data with other companies in our group. This includes any subsidiaries and our holding company and its subsidiaries.

If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.

7. International Transfer

Your information, including Personal Information, may be transferred to, and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. This is because we work with trusted suppliers, for example our email marketing provider, Mailchimp (see Section 4 above), our email provider who are Google LLC and we use their Gmail service for email, and Google Analytics to monitor information about the usage of our website.

Google LLC comply with the EU-US and Swiss-US Privacy Shield frameworks as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from European Union member countries (including EEA member countries) and the UK as well as Switzerland, respectively. Google, including Google LLC and its wholly-owned US subsidiaries (unless explicitly excluded), has certified that it adheres to the Privacy Shield principles.

We also may store information on Dropbox, an encrypted, secure cloud based storage system. They use secure storage servers in data centres across the United States. Additionally, storage servers are available in Australia, the European Union, Japan, and the United Kingdom. Dropbox complies with the EU-US and Swiss–US Privacy Shield Frameworks as set forth by the US Department of Commerce regarding the collection, use and retention of personal data transferred from the European Union, the European Economic Area, the United Kingdom and Switzerland to the United States, although Dropbox does not rely on the EU-US Privacy Shield or Swiss-US Privacy Shield Frameworks as a legal basis for transfers of personal data. Dropbox has certified to the Department of Commerce that it, and its subsidiary JN Projects Inc. d/b/a HelloSign, adheres to the Privacy Shield Principles with respect to such data.

If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the information, including Personal Information, to the United Kingdom and process it there.

Your consent to this Privacy Policy, followed by your submission of such information represents your agreement to that transfer.

In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of England and Wales shall have exclusive jurisdiction over the matter. 

8. Security and Access to your personal data

We endeavour to ensure that there are appropriate and proportionate technical and organisational measures to prevent the loss, destruction, misuse, alteration, unauthorised disclosure or of access to your personal information.

Your information is only accessible by appropriately trained staff and our contractors. 

The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant UK and EU legislation.

Otherwise than as set out in this Privacy Policy, we will only ever share your data with your informed consent.

9. Your rights and how consent works

You have a choice about whether or not you wish to receive information from us. 

Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for direct marketing purposes or to be unsubscribed from our email list at any time.

You also have the following rights:

  1. Right to be informed – you have the right to be told how your personal information will be used. This Policy and other policies and statements used on our website and in our communications are intended to provide you with a clear and transparent description of how your personal information may be used.
  2. Right of access – you can write to us to ask for confirmation of what information we hold on you and to request a copy of that information. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we have 30 days to comply.
  3. Right of erasure – you can ask us for your personal information to be deleted from our records. In many cases we would propose to suppress further communications with you, rather than delete it.
  4. Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated.
  5. Right to restrict processing – you have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.
  6. Right to data portability – to the extent required by the General Data Protection Regulations (“GDPR”) where we are processing your personal information (i) under your consent, (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contact or (iii) by automated means, you may ask us to provide it to you – or another service provider – in a machine-readable format.

To exercise these rights, please send a description of the personal information in question using the contact details in section 16 below. 

Where we consider that the information with which you have provided us does not enable us to identify the personal information in question, we may ask you for (i) personal identification and/or (ii) further information.

Please note that some of these rights only apply in limited circumstances. For more information, we suggest that you consult ICO guidance – https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

You are further entitled to make a complaint about us or the way we have processed your data to the Information Commissioner’s Office (“ICO”). For further information on how to exercise this right, please see the guidance at https://ico.org.uk/for-the-public/personal-information. The contact details of the ICO can be found here: https://ico.org.uk/global/contact-us.

However, we would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the email address, hello@uav365.co.uk

10. Lawful Processing

We are required to have one or more lawful grounds to process your personal information. Only 4 of these are relevant to us: 

  1. Consent: We will ask for your consent to use your information to send you electronic communications such as newsletters and marketing emails, for targeted advertising, and if you ever share sensitive personal information with us.
  2. Contractual relationships: Most of our interactions with subscribers and website users are voluntary and not contractual. However, sometimes it will be necessary to process personal information so that we can enter contractual relationships with people. For example, if you apply for employment with us, or if you purchase something via our online shop if we have one.
  3. Legal obligations: Sometimes we will be obliged to process your personal information due to legal obligations which are binding on us. We will only ever do so when strictly necessary.
  4. Legitimate interests: Applicable law allows personal information to be collected and used if it is reasonably necessary for our legitimate activities (as long as its use is fair, balanced and does not unduly impact individuals’ rights).

We will rely on this ground to process your personal data when it is not practical or appropriate to ask for consent.

When we use your personal information, we will consider if it is fair and balanced to do so and if it is within your reasonable expectations. We will balance your rights and our legitimate interests to ensure that we use your personal information in ways that are not unduly intrusive or unfair in other ways.

11. Data Retention

In general, unless still required in connection with the purpose(s) for which it was collected and/or is processed, we remove your personal information from our records five years after the date it was collected. However, if before that date (i) your personal information is no longer required in connection with such purpose(s), (ii) we are no longer lawfully entitled to process it or (iii) you ask us to delete it we will remove it from our records at the relevant time.

In the event that you ask us to stop sending you direct marketing/other electronic communications, we will keep your name on our internal suppression list to ensure that you are not contacted again.

We review our retention periods for personal information on a regular basis (see item 12 of this Privacy Statement). You can request to remove your personal information at any time by emailing us using the details in Section 16 below.

12. Policy Amendments

We keep this Privacy Policy under regular review and reserve the right to update from time-to-time by posting an updated version on our website, not least because of changes in applicable law. We recommend that you check this Privacy Policy occasionally to ensure you remain happy with it. We may also notify you of changes to our privacy policy by email.

13. Third Party Websites

We may link our website directly to other sites. This Privacy Policy does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via links on our website.

14. Updating Information 

You can check the personal data we hold about you, and ask us to update it where necessary. Please contact us via the details in Section 16 of this Policy.

15. Cookies

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We also use cookies to provide insights regarding conversion rates, device information, visitor IP addresses and referral sites.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

16. Contact

Our Site is operated by UAV365, and a division of 365 Resourcing Limited. We are a limited company registered in England and Wales under company number 13363069.

365 Resourcing Limited are registered with the Information Commissioners Office with Registration Number 00015781070.

Our registered address is B.D. Business Centre, Blackpole Road, Worcester, Worcestershire, WR3 8SQ.

UAV365’s head office for any written communications is at, 21 Lansdowne Crescent, Edinburgh, EH12 5E7. Our telephone number is 0131 460 1160.

We are not required by law to have a ‘Data Protection Officer’, however our Managing Director also acts as our designated Data Protection Manager. 

Please let us know if you have any queries or concerns whatsoever about the way in which your data is being processed, by emailing the Data Protection Manager at hello@uav365.co.uk.