Data Privacy Policy
Effective Date: June 15, 2020
Universal Weather and Aviation, Inc. and its worldwide subsidiaries (“Universal”, also referred to as “we”, “us”, “our”) are providing this privacy policy to inform you (“you” refers to any entity or person who is not a Universal employee) regarding our collection, use, disclosure, and storage of data about you that we collect via our websites, telephone, facsimile, or otherwise. Our primary goals in collecting data are to provide superior products and services to our clients, to contact companies and individuals who have indicated an interest in Universal, and to enable effective use of an informative Universal website.
DATA WE COLLECT
We collect personal data from you directly and from third parties. We collect personal data directly from you when you fill out any online or hard-copy forms including for account applications, credit applications, our online flight planning and data link tool, our crew member identification card program, training and educational programs, airport data licensing, surveys and promotion entries, event registrations, and other registrations and web forms, or otherwise when you communicate with us via blog posts or online comments, or by telephone, email, postal mail, or facsimile. Your submission of personal data is voluntary, but we may be unable to provide you requested information, products, and services if you choose not to provide the necessary personal data.
In some cases, we may also collect certain personal data from third parties such as credit reporting agencies, airlines and travel agencies, and our other business customers.
We also collect non-personal data when you visit or use our websites and products or services. This non-personal data may include information about your device and usage such as your operating system, browser, geographical location, IP address, and page views and clicks.
USE OF YOUR DATA
We use your data:
- for the purposes for which you provided it to us (g., to process your credit application, create your user account, process requests in our flight planning tool, register you for programs and events, promotions, or newsletters, or provide you products and services that you have ordered, as applicable);
- to respond to your inquiries and communications to us;
- to improve, maintain, and operate our websites and our products and services;
- to fulfill our obligations under our customer contracts (g., to provide flight planning services, trip support services, in-flight catering services, or other logistics services pursuant to our customer contracts);
- to inform you about products and services in which you may be interested, if you have consented to such communications;
- to screen you against lists of people, organizations and vessels with which certain countries are prohibited from doing business; and
- to comply with statutory and regulatory requirements, including responding to lawful requests for information by governmental authorities.
You can opt out of receiving promotional or marketing emails at any time by clicking the unsubscribe link at the bottom of any such emails. You may also revoke your consent to the use of your data for certain other purposes by contacting us as set forth at the end of this privacy policy.
BLOGS
If you participate in a Universal blog(s), you should be aware that such blogs are public and that any data you submit there, including personal data, can be read, collected, or used by third parties, and that those third parties could send you unsolicited messages. We are not responsible for the data, including personal data, you choose to submit in these blogs. To request removal of your data from our blog(s), please contact us as set forth at the end of this privacy policy. In some cases, we may not be able to remove your data, in which case we will let you know if we are unable to do so and why.
COOKIES
Universal uses “cookies” to obtain certain types of data when your web browser accesses our website. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser to enable our system to recognize your browser, to provide various types of functionality, to better understand how you interact with our website, to monitor aggregate usage, and to optimize web traffic routing on our website. The “help” portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Certain areas or features of the website may not be available or fully-functional if you choose to disable cookies.
DISCLOSURE OF YOUR DATA
We do not sell your personal data to any third parties. We may share your personal data as needed to fulfill the purposes described in the “USE OF YOUR DATA” section above, including:
- with our suppliers and vendors to provide goods and services you have requested;
- with global trip support providers to provide additional services to you;
- with our service providers, such as credit agencies and technical or customer support providers, who use the data on our behalf; and
- as necessary in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We require such third parties to take reasonable security measures to protect your personal data, and we prohibit such third parties from using your personal data for their own purposes, or any purposes other than pursuant to our instructions. We remain liable for protection of your personal data in case of any onward transfer to third parties.
DATA CONTROLLER
We are typically the data controller, as that term is used in applicable privacy laws, for any personal data that we collect from you. However, when we collect data from or on behalf of our customers (e.g., charter aircraft operators, corporate aviation departments), those customers may be the data controller for such data and we may be the data processor. If we are acting as the data processor, we will only process the relevant data in accordance with the applicable customer contract.
DATA RETENTION, ACCESS, AND CORRECTION
Universal may retain your data so long as we can reasonably foresee the data may be required in connection with our business relationship with you. In some cases, we will retain the data for a longer period as necessary to comply with our legal obligations, follow records retention policies, resolve disputes, and enforce our agreements.
You may access and correct your personal data that we process, except where the burden of providing you such access would be disproportionate to the risks to your privacy, or where the rights of other persons would be violated. You may also request erasure of your personal data in certain circumstances. To request access to, correction of, or erasure of your personal data, please contact us as set forth at the end of this privacy policy. In cases where we are not the data controller (such as when the personal data was collected from or on behalf of a charter aircraft operator, corporate aviation department or other customer), we may need to refer you or your request to the applicable data controller.
EUROPEAN AND SWISS RESIDENTS
Universal Weather and Aviation, Inc., Air Culinaire Worldwide, LLC, Universal Private Transport, LLC, Air2Ground Concierge, LLC, Universal Drivania Ground Transportation, LLC, Universal Airways, Inc. and Universal Mission Support Company, LLC (collectively, the “Universal Privacy Shield Covered Entities”) are based in the United States, and personal data collected by the Universal Privacy Shield Covered Entities worldwide (including within the EU and Switzerland) may be transferred to the United States for processing. By using the Universal Privacy Shield Covered Entities’ services or submitting personal data to the Universal Privacy Shield Covered Entities, you consent to the transmission of your information outside your own country.
The Universal Privacy Shield Covered Entities comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information transferred from the European Union and Switzerland to the United States. The Universal Privacy Shield Covered Entities have certified to the Department of Commerce that they adhere to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
The Universal Privacy Shield Covered Entities are subject to the investigatory and enforcement powers of the U.S. Department of Commerce and/or the U.S. Department of Transportation for purposes of the Privacy Shield program.
In compliance with the Privacy Shield Principles, the Universal Privacy Shield Covered Entities commit to resolve complaints about our collection or use of your personal data. European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Universal at:
Email: dataprivacy@univ-wea.com
Mail: Attn: Legal Department and Data Protection Officer
1150 Gemini Street
Houston, Texas 77058 USA
The Universal Privacy Shield Covered Entities have further committed to refer unresolved Privacy Shield complaints to JAMS EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks, an independent alternative dispute resolution provider located in the United States. If a complaint is not resolved by other resource and enforcement mechanisms, then individuals may request binding arbitration. If you do not receive timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit the JAMS web site at: https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
The Privacy Shield Frameworks apply to transfers of personal data from within the EU or Switzerland to the United States. If you are an EU or Swiss resident and have a question or complaint about the processing of your personal data within the EU or Switzerland, you have rights separate from those arising under the Privacy Shield Frameworks. If you have any questions or complaints about data processing activities within Europe, please contact us at the email or mail address listed above. You also have the right to raise your inquiry or complaint to the applicable data protection authority (“DPA”) in your member country. The Universal Privacy Shield Covered Entities have committed to cooperate with the applicable EU data DPA and the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) and comply with the advice given by such authorities with regard to personal data transferred from the EU and Switzerland in the context of the employment relationship.
CALIFORNIA PRIVACY RIGHTS
We do not sell your personal information to third parties. California law entitles California residents to certain additional protections regarding personal information. For purposes of this section alone, “personal information” means any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. California residents have the right to request:
- information regarding your personal information we have collected in the past 12 months (including the categories of personal information we have collected, the categories of sources of such information, and the purposes for which we have collected such information);
- notice of whether we have disclosed your personal information to third parties in the past 12 months (and if so, what categories of information we have disclosed, and what categories of third parties we have disclosed it to);
- a copy of your personal information collected by us in the past 12 months; and
- that your personal information be deleted.
We will not discriminate against you if you choose to exercise any of these rights. To make any of the above requests, please contact us as set forth at the end of this policy. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request.
SECURITY
Universal is very concerned with safeguarding your personal data. The integrity and availability of your personal data are critical to the provision of superior products and services to you. We employ administrative, physical, procedural, and technological measures designed to protect your data from unauthorized access or alteration and loss or misuse. We have implemented a multi-layered approach to protect electronic information through a comprehensive Information Technology (IT) Security program. Our IT Security program is designed to safeguard electronic information by proactively providing leadership and support for areas related to network security, system security, risk assessment, remediation tracking, and adherence to security compliance mandates. Universal employees work as a team to ensure that information is protected against unintentional disclosure and are guided by compliance objectives, standard operating procedures, and acceptable usage policies.
TRANSFER OF BUSINESS
In the event of a merger, consolidation, sale, or transfer of all or substantially all of the assets or business of Universal, one of the assets which would generally be transferred is the data we have collected. We will advise a successor or successors in interest of the terms of this privacy policy and our expectation that the successor(s) in interest will adopt and maintain this policy until there is a notification of an amendment of this policy.
CHILDREN
Universal’s website is not directed toward children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal data without their consent, please contact us as set forth at the end of this privacy policy and we will take reasonable steps to remove such data from our systems.
PRIVACY POLICY CHANGES
Universal and its successor(s) in interest reserve the right to and may revise this privacy policy from time to time. If we make a material change to this policy, we will post the updated privacy policy (with the date of change(s) noted in the policy) on the Universal homepage and other places we may deem appropriate, so that you are aware of what data we collect, how we use it, and under what circumstances, if any, we disclose it.
CONTACT
Universal Weather and Aviation, Inc.
Attn: Legal Department and Data Protection Officer
1150 Gemini Street
Houston, Texas 77058
United States
Phone (North America): +1 (800) 793-1295
Phone (Other): +1 (713) 378-2778
Email: dataprivacy@univ-wea.com
Biometric Data Privacy Policy
Air Culinaire Worldwide, LLC (the “Company”) has adopted the following biometric data privacy policy for its Illinois employees.
Biometric Data Defined
As used in this policy, biometric data includes information collected by timeclocks and software that use finger and/or hand scan technology, which potentially may include “biometric identifiers” and “biometric information” as defined in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1, et seq.
“Biometric identifiers” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. “Biometric information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual.
Purpose for Collection of Biometric Data
The Company and/or its vendors collect, store, and use biometric data solely for employee identification, time-keeping, fraud prevention, and pre-employment hiring purposes.
Disclosure and Authorization
To the extent that the Company and/or its vendors collect, capture, or otherwise obtain biometric data relating to an employee, the Company will:
- Inform the employee in writing that the Company and/or its vendors are collecting, capturing, or otherwise obtaining the employee’s biometric data, and that the Company may provide such biometric data to its vendors;
- Inform the employee in writing of the specific purpose and length of time for which the employee’s biometric data is being collected, stored, and used; and
- Receive a written release signed by the employee authorizing the Company and/or its vendors to collect, store, and use the employee’s biometric data for the specific purposes disclosed by the Company, and for the Company to provide such biometric data to its vendors.
The Company and its vendors will not sell, lease, trade, or otherwise profit from employees’ biometric data; provided however, that the Company’s vendors may be paid for products or services that they provide to the Company that use biometric data.
Disclosure
The Company will not disclose or disseminate any biometric data to anyone other than its vendors providing products and services using biometric without/unless:
- First obtaining written employee (or the employee’s legal representative) consent to such disclosure or dissemination;
- The disclosed data completes a financial transaction requested or authorized by the employee (or the employee’s legal representative);
- Federal, state, or local law requires the disclosure; or
- Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Retention Schedule
Employee biometric data will be retained until the first of the following occurs:
- The initial purpose for collecting or obtaining such biometric data has been satisfied, such as the termination of the employee’s employment with the Company, or the employee moves to a role within the Company for which biometric data is not used; or
- Within 1 year of the employee’s last interaction with the Company.
When the first of these events occurs, the Company will cause the employee biometric data to be permanently destroyed.
Data Storage
The Company shall use a reasonable standard of care to store, transmit, and protect from disclosure any paper or electronic biometric data stored. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which the Company stores, transmits, and protects from disclosure other confidential and sensitive information, including personal information that can be used to uniquely identify an individual or an individual’s account or property, such as genetic markers, genetic testing information, account numbers, PINs, driver’s license numbers, and social security numbers.
Terms and Conditions
No portion of this service may be reproduced in any form, or by any means, without prior written permission from Air Culinaire Worldwide.
- Rules and RegulationsThe following rules and regulations apply to all visitors to or users if this Web Site. By accessing this Web Site, user acknowledges acceptance of these terms and conditions. Air Culinaire Worldwide reserves the right to change these rules and regulations from time to time at its sole discretion. In the case of any violation of these rules and regulations, Air Culinaire Worldwide reserves the right to seek all remedies available by law and in equity for such violations. These rules and regulations apply to all visits to the Air Culinaire Worldwide web site, both now and in the future.
- Limited License.Air Culinaire Worldwide authorizes you to copy materials published by Air Culinaire Worldwide on this Web Site solely for non-commercial use within your organization (or if you are a Air Culinaire Worldwide partner or strategic alliance) in support of Air Culinaire Worldwide products. No other use of the information is authorized on consideration of this authorization. In consideration of this authorization, you agree that any copy of these materials, which you make, shall retain all copyright and other proprietary notices in the same form and manner as on the original.ALL CONTENTS ON THIS SITE ARE PROTECTED BY COPYRIGHT. EXCEPT AS SPECIFICALLY PERMITTED HEREIN, NO PORTION OF THE INFORMATION ON THIS WEB SITE MAY BE REPRODUCED IN ANY FORM, OR BY ANY MEANS, WITHOUT PRIOR WRITTEN PERMISSION FROM Air Culinaire Worldwide VISITORS OR USERS ARE NOT PERMITTED TO MODIFY, DISTRIBUTE, PUBLISH, TRANSMIT OR CREATE DERIVATIVE WORKS OF ANY MATERIAL FOUND ON THIS SITE FOR ANY PUBLIC OR COMMERCIAL PURPOSES.
- Trademarks.The trademarks and logos displayed on this Web Site are the property of Air Culinaire Worldwide Users are not permitted to use these Marks without the prior written consent of Air Culinaire Worldwide.
- General Disclaimer.Although Air Culinaire Worldwide has attempted to provide accurate information on the Web Site, Air Culinaire Worldwide assumes no responsibility for the accuracy of the information.ALL INFORMATION PROVIDED ON THIS WEB SITE IS PROVIDED “AS IS” WITH ALL FAULTS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED.
- Disclosure; Forward-Looking Statements.Some of the information on this Web Site may contain projections or other forward-looking statements regarding future events of the future financial performance of the Company. We wish to caution you that these statements are only predictions and that actual events or results may differ materially. We refer you to the documents the Company files from time to time with the Securities and Exchange Commission, specifically, the Company’s most recent From 10-K and Form 10-Q. These documents contain and identify important factors that could cause the actual results to differ materially from those contained in our projections or forward-looking statements, including, among others, potential fluctuations in quarterly results, dependence on new product development, rapid technological and market change, acquisition strategy, risks associated with Internet infrastructure, volatility of stock price, and future growth subject to risks.
- Transmission of Personal Data/User Communications.Except as required by law, Air Culinaire Worldwide will maintain the confidentiality of all personal information transmitted to Air Culinaire Worldwide by the user. Any feedback you provide at this Web Site shall be deemed to be non-confidential.
- Cookies.A cookie is a small data file that certain Web sites write to your hard drive when you visit them. A cookie file can contain information such as a user ID that the site uses to track the pages you’ve visited, but the only personal information a cookie can contain is information you supply yourself. A cookie can’t read data off your hard disk or read cookie files created by other sites. Some parts of Air Culinaire Worldwide use cookies to track user traffic patterns. We do this in order to determine the usefulness of Air Culinaire Worldwide information to our users and to see how effective our navigational structure is in helping users reach that information. Air Culinaire Worldwide does not correlate this information with data about individual users, nor does it share this information or sell it to any third party.If you prefer not to receive cookies on Air Culinaire Worldwide, you can set your browser to warn you before accepting cookies and refuse the cookie when your browser alerts you to its presence. You can also refuse all cookies by turning them off in your browser. You do not need to have cookies turned on to use any area of Air Culinaire Worldwide.
- Links to Third Party Sites.This Web Site may contain links to third party sites. Access to any other Internet site linked to this Web Site is at the user’s own risk and Air Culinaire Worldwide is not responsible for the accuracy or reliability of any information, data, opinions, advice or statements made on these sites. Air Culinaire Worldwide provides these links merely as a convenience and the inclusion of such links does not imply an endorsement.