Legal

Privacy Policy

Last updated: March 2026 · GDPR / RGPD compliant

ℹ️ We collect only what we need to deliver your report and process your payment. We do not sell your data to third parties.

1. Personal Data We Collect

Category	Data	Purpose	Legal Basis
Transaction data	Email address, payment reference, report ID	Deliver report, send PDF, handle support	Contract performance (Art. 6(1)(b) GDPR)
Aircraft input data	Aircraft type, year, hours, cycles, region	Generate valuation report	Contract performance (Art. 6(1)(b) GDPR)
Technical data	IP address, browser type, device, session data	Security, fraud prevention, platform operation	Legitimate interest (Art. 6(1)(f) GDPR)
Analytics data	Page views, clicks, navigation path	Improve platform performance	Consent (Art. 6(1)(a) GDPR)

2. How We Use Your Data

To generate and deliver the requested valuation report in PDF format
To process payment through our payment provider (Stripe)
To send you the report by email and manage your download
To handle customer support requests
To maintain platform security and prevent fraud
To improve the platform (analytics, with consent only)

3. Data Sharing

We share your data only with third parties necessary to deliver the service:

Recipient	Purpose	Location
Stripe Inc.	Payment processing	USA (SCCs in place)
Hostinger	Web hosting and server infrastructure	EU / Lithuania
Google LLC (with consent)	Analytics (GA4)	USA (SCCs in place)

We do not sell, rent or otherwise disclose your personal data to third parties for their own marketing purposes.

4. Data Retention

Data type	Retention period
Transaction records (email, payment ref, report)	5 years (Spanish tax law requirements)
Aircraft input data	Deleted within 30 days of report generation
Technical/log data	90 days
Analytics data (with consent)	14 months (GA4 default)
Cookie consent records	3 years

5. Your Rights (GDPR)

Under the GDPR, you have the following rights:

Access — request a copy of your personal data
Rectification — correct inaccurate data
Erasure — request deletion of your data ("right to be forgotten")
Restriction — limit how we process your data
Portability — receive your data in a machine-readable format
Objection — object to processing based on legitimate interest
Withdrawal of consent — withdraw consent for analytics at any time via cookie settings

To exercise any of these rights, contact us at: info@avialinker.com

You also have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD): www.aepd.es

6. International Transfers

Some of our service providers (Stripe, Google Analytics) process data in the United States. These transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission pursuant to Article 46 GDPR.

7. Security

We implement appropriate technical and organisational measures to protect your personal data, including SSL/TLS encryption, access controls, and regular security reviews of our hosting infrastructure.

8. Cookies

We use cookies as described in our Cookie Policy. You can manage your preferences at any time via the cookie settings link in the footer.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the platform. The date of the last update is shown at the top of this page.

10. Contact

For any privacy-related enquiries: info@avialinker.com

11. Data Controller

This platform is operated by Be In Time Consulting S.L. (CIF: ESB98377716), Guillem de Castro 9, 5ª planta, 46007 Valencia, Spain. Contact: info@avialinker.com