Privacy policy
airShopRQ is committed to transparent data practices that prioritize security, regulatory compliance, and user control. Our policies align with global privacy standards, including GDPR, CCPA, and industry-specific requirements for ecommerce platforms.
We maintain rigorous privacy protocols aligned with our role as aviation technology consultants to global enterprises. This enhanced policy reflects our advisory capacity across 150+ jurisdictions while meeting ISO 27701:2019 standards for privacy in consulting services.
Information Collection & Use
We collect data essential for service delivery, fraud prevention, and personalized experiences:
Order details: Client names, business addresses, payment information (encrypted via PCI-compliant processors)
Automated data: IP addresses, device identifiers, and browsing behavior via cookies
Third-party integrations: Analytics from tools like Google Analytics and advertising platforms
Data is never sold to external parties. Limited sharing occurs with business partners and fraud detection services under strict contractual obligations.
Data Retention Framework
Our retention periods balance legal requirements with operational needs:
Transaction records | Retention period of 7 years | Disposal method: cryptographic erasure
Marketing analytics | Retention period of 3 years | Disposal method: automated system purges
Customer service chats | Retention period of 2 years | Disposal method: secure database deletion
Inactive user accounts | Retention period of 18 months | Disposal method: full account anonymization
AI-driven datasets used for personalization undergo quarterly reviews to remove obsolete information.
User Rights & Controls
You may:
Request access to or correction of personal data
Request deletion of non-essential profile information by contacting our client support
Opt-out of marketing communications (one-click unsubscribe in all emails)
Appeal data decisions by contacting us within 30 days
Authorized agents must submit notarized authorization forms for requests involving sensitive data.
Security & Compliance
AES-256 encryption for stored data
Biannual penetration testing
Employee training aligned with ISO 27001 standards
Report concerns via the More Info section of our website. Policy updates take effect 30 days after website notification.
This policy last updated: April 2, 2025.