PRIVACY POLICY AND USE OF THE WEBSITE SKYUP AIRLINE LLC

1. TERMS

The Policy contains information about the rules that apply to the use of the Website https://www.skyup.aero/, distributed by SKYUP AIRLINE LIMITED LIABILITY COMPANY (hereinafter - SkyUp), a legal entity registered and operating in accordance with the legislation of Ukraine, USREOU code 41403314, including the rules for processing Personal Data of Users (hereinafter - the Policy).

This Policy is binding on SkyUp and SkyUp Users.

SkyUp reserves the right to make changes to the Policy at any time. The policy, its new version and relevant changes come into force from the moment of their publication on the SkyUp Website.

By accessing the Website, Users agree to abide by the Policy in effect at the time of obtaining such access. If Users refuse to comply with any of the provisions of the Policy, SkyUp asks Users not to use the Website in the future.

The rights to the Website and all Materials posted on it belong to SkyUp.

Access to the use of the Website is possible only for persons over 16 years of age.

2. TERMS AND CONCEPTS

Website - a website that is controlled and used by SkyUp, namely: https://www.skyup.aero/.

User - any natural or legal person who accesses, browses or visits the Website.

Use of the Website - any access, download or use in any other way of the Materials of the Website.

Personal data - information or a set of information about an individual who is identified or can be specifically identified, in particular, about Users.

Policies - the rules of use that regulate the use of the Website by Users.

Materials - all static and dynamic elements that are posted on the Website, including: all information and texts, images, audio and video files, databases, trademarks and logos, technical and graphic solutions of the Website.

Cookies - the rules of use that regulate the use of the Website by Users.

3. LEGISLATION REGULATING THE PROCESSING OF PERSONAL DATA

The processing of personal data of Users takes place in accordance with the requirements of the Law of Ukraine "On Personal Data Protection".
The processing of personal data of Users who are in the territory of the EU or are EU citizens is regulated, in particular, by the General Data Protection Regulation of the EU 2016/679 (hereinafter - "GDPR").

4. RIGHTS AND RESPONSIBILITIES OF WEBSITE USERS

Users have the right to use the Website solely for the purpose of:

• acquaintance with the presented Materials on the services provided by SkyUp;
• ordering services provided by SkyUp;
• participation in SkyUp projects;
• appeals regarding air transportation, additional services, CityBreaks services, etc.;
• contact SkyUp with inquiries, comments, complaints and suggestions that can be sent to the contact email [email protected], as well as further receipt of a response from SkyUp.

Any use of the Website for any other purpose is considered illegal.

Users are required to:

• when using the Website, be guided by the provisions of the Policy and the current provisions of the applicable legislation;
• use the Website exclusively for the above purpose;
• do not in any way use the Materials posted on the Website for commercial or non-commercial purposes, do not decompile the Website, do not resort to reverse engineering, do not analyze or attempt to interfere with the source code of the Website without SkyUp's permission;
• do not use the Website to send any messages of a violent, abusive, derogatory nature or that in any way violate the right to honor, dignity and business reputation of SkyUp or third parties, as well as unsolicited commercial messages ("spam");
• do not use the software to interfere with or attempt to interfere with the operation of the Website.

5. PERSONAL DATA

In order to ensure proper access and use by Users of the Website, ordering services provided by SkyUp, communication of Users on issues related to SkyUp services, SkyUp collects and processes Personal Data of Users.

SkyUp acts as the Controller and Processor of Users' Personal Data, depending on the circumstances under which such data was collected.

In the case of the collection and processing of Personal Data of natural persons under the age of 16, SkyUp confirms that the relevant consent to the collection and processing of such personal data has been obtained from persons authorized to represent the interests of persons under the age of 16, and that the Personal Data of such persons were provided by SkyUp directly by authorized persons.

SkyUp does not collect or process the following categories of Personal Data: data on racial or ethnic origin, political, religious or ideological beliefs, membership in political parties and trade unions, criminal convictions, as well as data on sexual or genetic data of Users.

In the process of providing services, SkyUp may process personal data that can be used to determine the physical or mental health of Users. Such information relates to special or sensitive personal data in accordance with the law. SkyUp collects this personal data only if it is necessary directly for the transportation services or the User has knowingly provided it to SkyUp.

SkyUp has the right to collect information in the following cases:

• for safety - due to a certain state of health of the User and he must be notified and, if necessary, provide us with a medical certificate or undergo a medical examination.
• if the User requests special services or assistance during the flight, this may disclose to us information about his health (for example, if the User requests a mobility aid);
• if the choice of food on board can lead to a conclusion about the health or religion of the User, SkyUp does not use this information in any other way than to provide services to the User.

If the User does not allow SkyUp to process any personal data of special categories, it may mean that SkyUp will not be able to provide the User with special services that he has ordered.

SkyUp undertakes to ensure that all available measures are taken to protect Users' Personal Data, taking into account the provisions of current legislation on personal data protection (including the provisions of the EU Regulation and the EU Council "On protection of individuals with regard to personal data processing and free movement of such data and on the repeal of Directive 95/46 / EC "of 27.04.2016, in cases where this applies) and the specifics of the scope of SkyUp.

6. CATEGORIES OF PERSONAL DATA, PURPOSE AND LEGAL BASIS FOR THEIR PROCESSING

For any questions regarding Personal Data, Users may send a request or complaint to the SkyUp Data Protection Representative at [email protected].

Categories of Personal Data, purpose and legal basis for their collection and processing are divided depending on how Users use the Website. The scope, method, purpose and legal basis for the collection and processing of SkyUp Personal Data may vary.

SkyUp collects and processes the following categories of Personal Data of Users:

• last names, first names, patronymics of Users;
• gender and date of birth of Users;
• e-mail addresses of Users;
• mobile phone numbers of Users;
• city and country of residence of Users;
• passport data (number, expiration date, country of issue, nationality);
• health information (if the User reports it and / or wants to use special services);
• payment address of the User;
• bank details or data of the User's payment card;
• city, country, postal code, company name, registration number of the enterprise (when paying on behalf of a legal entity)
• cookies, technical data for the Website.

SkyUp also collects anonymized data that is not personal data (SkyUp cannot self-identify Users). The collection and processing of anonymized data takes place in a consolidated form and is used for marketing research.

SkyUp collects and processes the Personal Data of Website Users on the following legal grounds:

• consent to the collection and processing of personal data;
• compliance with the law, contract or legal obligation;
• legitimate interest;
• protection of vital interests of the data subject or other natural person;
• performing a task performed in the public interest or for the exercise of official duties assigned to SkyUp;
• for the purposes and legitimate interests pursued by SkyUp or a third party, except where such interests are outweighed by the fundamental rights and freedoms of the data subject, which require the protection of personal data, especially if the data subject is a child.

SkyUp collects and processes the Personal Data of Website Users in accordance with the following purpose:

• tracking Users' preferences in order to provide personalized information about SkyUp services;
• providing answers to users' search and information requests about SkyUp services within the Website;
• ensuring the participation of Users in surveys, promotions, SkyUp loyalty programs, as well as other projects;
• managing the subscription to the SkyUp newsletter;
• providing information exchange from the SkyUp Website via email or social networks;
• conducting marketing research and trend analysis to improve SkyUp services;
• implementation of SkyUp marketing campaign using phone calls, e-mail or social networks;
• sending information and advertising materials about SkyUp services and activities;
• sending commercial (marketing) messages, making commercial (marketing) calls;
• booking / purchase of tourist services;
• booking / purchasing a ticket;
• booking management;
• booking / purchase of insurance policy;
• improving the performance of the SkyUp Website.

In addition to the above, SkyUp may process other personal data if the User voluntarily provides them to SkyUp (for example, contacting our support).
The function of transition to pages of social networks which are carried out by the third parties is available on the Website. By making such a login, Users thereby agree to provide SkyUp with access to Personal Data to the extent due to the settings for access to Personal Data on the relevant social network.

SkyUp processes each of the categories of Personal Data for the period necessary to fulfill each of the above purposes, after which such Personal Data must be deleted. In any case, SkyUp has the right to store Personal Data for the period necessary to fulfill the obligations to Users to provide SkyUp services, as well as to fulfill the obligations under applicable law.

If the storage of users' personal data is not necessary for the provision of services and is not required by law, SkyUp will delete them.

6.1. USERS' RIGHTS TO PERSONAL DATA

• the right to access Personal Data;
• the right to make changes to Personal Data;
• the right to receive information on how to process Personal Data;
• the right to be informed about the violation of the integrity of Personal Data;
• the right to demand the transfer of their Personal Data to third parties in the amount requested by Users;
• the right to revoke consent to the collection and processing of Personal Data;
• the right to suspend the processing of Personal Data;
• the right to request the deletion of Personal Data.

Users may send a request or complaint regarding Personal Data to SkyUp's data protection representatives at [email protected]. Users also have the right to apply to the competent public authorities in the field of personal data protection.

6.2. TRANSFER OF PERSONAL DATA TO THIRD PARTIES.

SkyUp transfers Personal Data to third parties (including cross-border transfers of Personal Data) only to the extent necessary to fulfill the purpose of collecting and processing Personal Data in respect of which such collection and processing were previously carried out directly by SkyUp.

SkyUp carries out such transfer of Personal Data only in case of need, in the minimum necessary for this purpose, for the minimum term.
In order to properly fulfill its contractual obligations, in particular to improve the operation and maintenance of the Website, SkyUp may transfer Personal Data:

• SkyUp affiliates;
• SkyUp partner companies;
• SkyUp contractors;
• third parties, in particular, government agencies (in case of compliance with the law).

By transferring Users' Personal Data to third parties, SkyUp takes all available legal, organizational and technical measures to ensure the protection of Personal Data.

Booking on behalf of another person

If the User makes a reservation or orders SkyUp services on behalf of another person (persons), the User is obliged to obtain the prior consent of such persons to perform the reservation / order of the service, notifying SkyUp of their personal data and disclosing their personal data accordingly. Such Users are responsible for the accuracy of such data. In the process of booking / ordering a service, such a User represents the legitimate interests of such a person, he must inform this person about the conditions of booking / ordering the service and the terms of this Policy.

All operational messages sent to one participant of the reservation will also be sent to other persons specified in one reservation.
To prevent such disclosure, each User has the opportunity to place a separate order for the service, providing their contact information.

Access to personal data:

When submitting an identity document in accordance with the procedures prescribed by law or by electronic means of communication that ensure proper identification of a person, the data subject has the right to get acquainted with his/her Personal data and to receive information from which sources and personal data are collected, the purposes for which they are processed and the recipients to whom they have been submitted during the last year. Upon receipt of the Data subject’s request, SkyUp shall provide the requested data in writing or indicate the reasons for the refusal to comply with this request no later than within 30 calendar days from the date of receipt of the Data subject’s request.

You can request access to your personal data or make corrections by writing to us at the following email address: [email protected]. If the information is not available or changed, we will inform you of the reasons for that. Please note that we may ask you to verify your identity before responding to such requests.

Personal data deletion:

You have the right to require deletion of your personal data by sending us an email to the following email address: [email protected]. We will process your request in accordance with applicable data protection laws. We may need to retain certain information for record-keeping purposes and/or to complete transactions that you began prior to requesting any deletion of personal Data. You also can revoke your consent to personal data processing at any time. In the event that you withdraw your consent to personal data processing and we will have no legal basis to continue processing your data, we will stop processing your personal data. If we have legal grounds for processing your data, we have the right to continue using personal data within the limits provided by law.

7. FEEDBACK

Users can contact SkyUp:

• by sending a message (request or complaint) via email to [email protected];
• by calling the telephone numbers listed on the Website.

Users report SkyUp Personal Data in the following amounts: surname, name, patronymic; email address, phone number.
Detailed information on the collection and processing of Personal Data, as well as the conditions of transfer of such Personal Data to third parties is provided in the relevant section of the Policy.

Users agree not to submit through the Website:

• any messages that are violent, offensive, derogatory or that in any other way violate the right to honor, dignity and business reputation of SkyUp or third parties;
• unsolicited commercial messages ("spam").

In the event that Users send messages of the above nature, SkyUp has the right not to respond to such messages.

8. SKYUP MESSAGES AND NEWSLETTERS

Messages from SKYUP

SkyUp may send Users a message in response to messages (inquiries and complaints, appeals) sent through the SkyUp Website or email.

SkyUp sends messages in the form of emails, as well as by calling back to the phone number provided by the User.

SkyUp also provides newsletters to Website Users, which contain information about SkyUp services, advertising and commercial offers, as well as notifications about SkyUp social projects.

Newsletters

Newsletters are made exclusively on the basis of the Personal Database, which Users have previously provided to SkyUp on the basis of voluntary informed consent.

SkyUp provides newsletters in the form of emails.

Users may at any time opt out of receiving SkyUp newsletters by using a link to the appropriate feature in each message sent.

9. INTELLECTUAL PROPERTY

The intellectual property rights to the Materials of the Website, as well as to the Website as a whole, belong in full to SkyUp (or the right to use such Materials has previously been duly granted by SkyUp to third parties).

SkyUp prohibits Users from commercially or non-commercially using the Materials in whole or in part in any way (including: reproduction, presentation, adaptation, modification, disclosure, transmission, distortion, integration into another Website, etc.). If necessary to use the Materials, Users can contact SkyUp with a request by sending an email to [email protected].

In the event of infringement of intellectual property rights to the Website Materials by Users or any third parties, SkyUp has the right to take all available measures to protect the infringed rights, including to seek protection of rights in court.

10. USING COOKIES FILES

When using the Website, cookies are used, which are installed on the electronic devices of the Users.

SkyUp uses the following categories of cookies:

• to provide Users with stable access to the functionality of the Website;
• to improve and facilitate the use of the Website by Users;
• to provide Users with access to the exchange of information from the Website through social networks;
• to study the indicators related to the audience of the Website (analysis of traffic, usage trends).

SkyUp pre-requests Users' consent to the use of cookies before using the Website by sending an appropriate e-mail (in banner format).

Users have the following options for cookies:

• allow automatic saving and use of cookies;
• warn about the use of cookies;
• always block the use of cookies (possible restrictions on the use of the Website in the form of inability of users to set individual settings).

Use of the Website involves the use of the functionality of other resources, including:

• social networks. The use of cookies is regulated by the relevant policies of such companies;
• Google Analytics to collect general statistics about your use of the Website (such information is used by the Company solely to improve the content and services used by the Website). The operation of Google Analytics is governed by applicable company policies.

The user agrees to the use of cookies and their transfer to Rakuten Advertising

SkyUp warns that blocking the use of cookies may lead to incorrect operation of the Website. Users have the right to block the use of cookies in whole or in part (certain types of cookies) by making changes to the web browser settings of the devices they use to access the Website.

11. RESPONSIBILITY

Non-compliance by Users with any provision of the Policy is a violation and entails liability established by the Policy and the law applicable to its regulation.

SkyUp makes every effort to provide safe, uninterrupted and correct access of Users to the Website. In this case, SkyUp is not responsible for interruptions in the operation of the Website, incompatibility of the Website with all types of devices of Users, as well as the inability of Users to access the Website due to the inability to connect to the Internet. SkyUp reserves the right to fully or partially restrict Users' access to the Website.

SkyUp shall not be liable to Users for any damages arising from the use of the Website. SkyUp is also not liable to third parties for any actions of Users made using the Website.

12. FINAL PROVISIONS

The rules come into force from the moment of their publication on the Website.

Any issues arising between SkyUp and Users regarding the use of the Website shall be settled through negotiations between the parties and users' request to SkyUp with a request, as well as in accordance with the current legislation of Ukraine.

For any questions regarding the use of the Website, Users may contact SkyUp Support at [email protected].

For questions regarding the collection and processing of Personal Data, Users may contact SkyUp's Data Protection Representative at [email protected].

13. REPRESENTATIVE OF THE CONTROLLER (ART. 27 GDPR)

In accordance with the Art. 27 GDPR SkyUp has designated the Representative in the EU. The data subject can send requests both to the Representative and directly to the Controller. Below are the contact details of the Controller's Representative:

GLOBAL TRAVEL SOLUTIONS SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, registered and acting under the laws of Poland, having its Head office at UL. LENARTOWICZA 5/3, 31-138 KRAKÓW, Poland.

Representative`s Email: [email protected]