GDPR Compliant

Privacy Policy

We are committed to protecting your privacy. This policy explains how DroneConnect collects, uses, stores and protects your personal data in compliance with GDPR.

Effective: 1 January 2026 Last Updated: 1 May 2026 Data Controller: DroneConnect Ltd

Table of Contents

Who We Are
Data We Collect
How We Use Your Data
Legal Basis for Processing
Data Sharing & Third Parties
International Transfers
Data Retention
Your Rights (GDPR)
Cookies & Tracking
Children's Privacy
Security
Contact & Complaints

DroneConnect Ltd is the Data Controller for personal data processed through this Platform. We are committed to full compliance with the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and the Irish Data Protection Acts 1988–2018.

Section 1 · Identity

Who We Are

DroneConnect Ltd ("DroneConnect", "we", "us", "our") is a drone services marketplace registered in Ireland, operating the platform at droneconnect.co.

Registered address: 77 Sir John Rogerson's Quay, Block C, Grand Canal Docklands, Dublin, Ireland.

Email: contact@droneconnect.ie

For all data protection enquiries, please contact us at the above address or email, marked for the attention of the Data Protection Officer.

Section 2 · Collection

Data We Collect

We collect personal data in the following categories:

Account & Identity Data

Full name
Email address
Phone number
Company name (where applicable)
Profile photograph (optional)
Username and encrypted password

Pilot Verification Data

IAA / CAA / EASA certificate numbers and copies
Public liability insurance documents
Professional portfolio and work history
Proof of identity (passport or driving licence)
Banking details for payment disbursement

Project & Transaction Data

Project descriptions, locations and timelines
Proposals submitted and accepted
Payment records and transaction history
Communications between Clients and Pilots on Platform
Ratings, reviews and feedback

Technical & Usage Data

IP address and device information
Browser type and version
Pages visited and time spent
Cookie data and session information
Log files and error reports

Section 3 · Purpose

How We Use Your Data

We use your personal data for the following purposes:

Account management: Creating, maintaining and securing your account
Service delivery: Matching Clients with appropriate Pilots and facilitating projects
Pilot verification: Checking certifications, insurance and identity
Payment processing: Managing escrow, disbursements and invoicing
Communications: Sending project notifications, updates and support responses
Safety & compliance: Ensuring regulatory compliance across IE, UK and EU
Platform improvement: Analysing usage to improve features and user experience
Marketing: Sending promotional communications where you have opted in
Legal obligations: Complying with applicable laws and regulatory requirements
Dispute resolution: Investigating complaints and resolving disputes between users

Section 4 · Legal Basis

Legal Basis for Processing

Under GDPR, we rely on the following legal bases:

Contract performance (Art. 6(1)(b)): Processing necessary to provide the Platform services you have requested
Legal obligation (Art. 6(1)(c)): Processing required to comply with aviation regulations, tax law and financial regulations
Legitimate interests (Art. 6(1)(f)): Platform security, fraud prevention, and improving our services
Consent (Art. 6(1)(a)): Marketing communications and non-essential cookies — you may withdraw consent at any time
Vital interests (Art. 6(1)(d)): In exceptional safety-critical circumstances

You have the right to withdraw consent for any processing based on consent at any time by emailing contact@droneconnect.ie. Withdrawal does not affect lawfulness of processing prior to withdrawal.

Section 5 · Sharing

Data Sharing & Third Parties

We share your data only where necessary and with appropriate safeguards:

Between Clients and Pilots: Profile information, project details and communications are shared as necessary to facilitate services
Payment processors: Stripe and/or other PCI-DSS compliant payment providers for transaction processing
Cloud infrastructure: AWS / Google Cloud for secure Platform hosting and data storage
Analytics: Google Analytics (anonymised) for Platform usage analysis
Email service providers: For transactional and marketing communications
Regulatory authorities: IAA, CAA, EASA or law enforcement where legally required
Legal and professional advisors: Where necessary to protect our legal rights

We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.

Section 6 · Transfers

International Data Transfers

DroneConnect primarily stores and processes data within the European Economic Area (EEA). Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Transfer to countries with an EU adequacy decision
UK International Data Transfer Agreements (IDTAs) where applicable

US-based service providers we use participate in frameworks that provide equivalent protection for personal data transferred from the EU/UK.

Section 7 · Retention

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected:

Active accounts: For the duration of your account plus 2 years
Transaction records: 7 years (Irish tax and financial reporting obligations)
Pilot certification records: Duration of account plus 3 years
Communications & project data: 3 years from project completion
Marketing consent records: Until consent is withdrawn plus 1 year
Technical logs: Maximum 12 months

When data is no longer required, it is securely deleted or anonymised. You may request early deletion of your data subject to legal retention obligations.

Section 8 · Your Rights

Your Rights Under GDPR

Under the GDPR and applicable national law, you have the following rights:

Right of access (Art. 15): Request a copy of all personal data we hold about you
Right to rectification (Art. 16): Request correction of inaccurate or incomplete data
Right to erasure (Art. 17): Request deletion of your data ('right to be forgotten') where no overriding legal basis exists
Right to restrict processing (Art. 18): Request that we limit how we use your data
Right to data portability (Art. 20): Receive your data in a structured, machine-readable format
Right to object (Art. 21): Object to processing based on legitimate interests or for direct marketing
Rights related to automated decision-making (Art. 22): Not to be subject to solely automated decisions with significant effects

To exercise any of these rights, email contact@droneconnect.ie with the subject line 'Data Subject Request'. We will respond within 30 days. There is no charge for exercising your rights.

You also have the right to lodge a complaint with the Data Protection Commission (Ireland) at dataprotection.ie, or the Information Commissioner's Office (UK) at ico.org.uk.

Section 9 · Cookies

Cookies & Tracking Technologies

We use cookies and similar technologies on our Platform. By category:

Strictly necessary cookies: Required for Platform functionality — session management, security, login. Cannot be disabled.
Performance cookies: Google Analytics and similar — help us understand how users interact with the Platform. Anonymised where possible.
Functional cookies: Remember your preferences (e.g. dark/light mode, language settings).
Marketing cookies: Used only where you have explicitly opted in. Can be withdrawn at any time.

You can manage cookie preferences at any time through our Cookie Settings panel or your browser settings. Disabling certain cookies may affect Platform functionality.

Section 10 · Children

Children's Privacy

The DroneConnect Platform is intended for users aged 18 and over. We do not knowingly collect personal data from children under the age of 18.

If you believe a child under 18 has provided us with personal data, please contact us immediately at contact@droneconnect.ie and we will take prompt steps to delete that data.

Section 11 · Security

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration, including:

TLS/SSL encryption for all data transmitted to and from the Platform
AES-256 encryption for sensitive data at rest
Password hashing using industry-standard bcrypt algorithms
Regular security audits and penetration testing
Staff data protection training and access controls
ISO 27001-aligned information security practices
Automatic session timeout and multi-factor authentication options

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Data Protection Commission within 72 hours and will notify affected users without undue delay.

Section 12 · Contact

Contact & Complaints

For all privacy-related queries, data subject requests or complaints, please contact us:

Email: contact@droneconnect.ie (subject: Privacy / Data Request)
Post: Data Protection Officer, DroneConnect Ltd, 77 Sir John Rogerson's Quay, Block C, Grand Canal Docklands, Dublin, Ireland

If you are not satisfied with our response, you have the right to complain to the relevant supervisory authority:

Ireland / EU: Data Protection Commission — dataprotection.ie
United Kingdom: Information Commissioner's Office — ico.org.uk

Your Privacy Matters to Us

Questions about how we handle your data? Our team is happy to help and will respond within 30 days to all data subject requests.

contact@droneconnect.ie →

This Privacy Policy was last reviewed and updated in May 2026. DroneConnect Ltd is registered as a Data Controller with the Data Protection Commission of Ireland.