1. Purposes and Uses of Data Transfer

1.1 The Owner, via the Website, collects some personal data from its Users (“Personal Data”).

1.2 Data transfer outside the User’s Home Jurisdiction. Data transfer abroad is based on consent, in that we shall only transfer your data outside your home jurisdiction for the purpose of providing access to this Website and any products or services offered to you through this Website. Such data transfer will be to third parties who maintain confidentiality requirements and data protection capabilities sufficient to protect and secure your data, if this is at all required. By registering an account with us, you hereby agree to allow your data to be transferred outside the EU or your home jurisdiction for the reasons described in this paragraph, and subject to the terms described herein.

1.3 If you want to specifically know how and to whom your data may be transferred to, please get in touch with us at contact@twoguysonaplane.com.

2. Personal Data: various types of Data

2.1. General

We request various types of Personal Data from you, and can only receive such data if you provide it willingly and consent to its provision to us, when opening an account on this Website or procuring any product, service or content through this Website. Any use or transmittal of your data will only be completed once you are made completely aware of its use and transmittal, and then only with your consent. If you wish to know of any specific use of your data that may be undertaken by the Owner, please email us at contact@twoguysonaplane.com.

2.2. Personal Data

Personal Data collected is defined by any applicable law which governs your use and access of this Website, and any such data which can be used to personally identify you, or which contains personally identifiable data about you. This can include your name, browsing habits, credit card details, address, passport or other identity information, and any other information specified by applicable law.

2.3 Information you provide to us: We collect all information which Users voluntarily provide to us through the Website or while interacting with us. This includes information provided:

• • during registration;
  • during correspondence, enquiries, support services, the making of payments, phone calls, or customer surveys;
  • in the course of availing any products or services;
  • via upload onto the Website in any way;
  • via any chat text or other correspondence carried out via the Website or its accompanying applications, services or functions;
  • if you register to receive our newsletter

2.4 The Personal Data we may collect includes without limitation:

• • basic information such as your first and last name;
  • contact information including email address and phone number;
  • information required to all you to make payments on the Website (such as credit card details or payment information, if required);
  • demographic information such as postal code, age, and gender;
  • other relevant information (education, profession, work experience and preferences);
  • your contact and other information and links to your social media profiles (if required);
  • geographic location;
  • login credentials for third-party websites (if required or requested);
  • insurance information (if required);
  • other information obtained by your use of the Website and its accompanying applications, services or functions; and
  • any other information that enables Users to be personally identified.

2.5 Information we automatically collect: We may also automatically collect certain technical data that is sent to us from the computer, mobile device and/or browser through which you access the Website using cookies or similar technologies (“Automatic Data”). Automatic Data, includes without limitation, a unique identifier associated with your access device and/or browser (including, for example, your Internet Protocol (IP) address), characteristics about your access device and/or browser, statistics on your activities on the Website, details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries, or information about how you came to the Website. We attempt to anonymize such information, however, to the extent that IP addresses or similar identifiers are considered Personal Data by applicable law, we also treat these identifiers as Personal Data. We collect Automatic Data based on your consent which was granted to us by you when you accessed this Website, or when you registered as a User or purchased a Product, and thereby accepted this Privacy Policy. If you do not want us to collect this information, do not use the Website or delete your account on the Website (if applicable). Please note: If you restrict, disable or block any or all cookies from your web browser or mobile or other device, our services may not operate properly, and you may not have access to certain services or parts of the Website. We shall not be liable for any interruption in, or inability to use, our services or degraded functioning thereof, where such are caused by your settings and choices regarding cookies.

2.6 Information we obtain from others: We may also collect or receive Personal Data from third-party sources, social media or other third-party integrations.

2.7 Non-Personal Data: When you interact with the Website, we may collect Non-Personal Data. The limitations and requirements of this Privacy Policy on our collection, use, disclosure, transfer and storage/retention of Personal Data do not apply to Non-Personal Data. When you register for the Website or otherwise submit Personal Data to us, we may associate other Non-Personal Data (including Non-Personal Data we collect from third parties) with your Personal Data. At such instance, we will treat any such combined data as your Personal Data until such time as it can no longer be associated with you or used to identify you.

2.8 Why we Collect Personal Data: We may collect, hold, use and disclose your Personal Data for the following purposes:

1. 1. to enable you to access and use our Website, and allow you to interact with all services available therein, as well as those available on any accompanying/associated applications or functionalities;
   2. to operate, protect, improve and optimise our Website, services, products, business and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing;
   3. to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
   4. to carry out our obligations and enforce our rights arising from any applicable agreement entered into between you and us, including billing and collection;
   5. to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of our business partners that we think you may find interesting; and
   6. to comply with our legal obligations, resolve any disputes that we may have with any of our users, enforce our agreements with third parties and for anti-fraud purposes.
   7. From time to time, we may use your Personal Data to send important notices, such as communications about purchases made, and changes made to our terms, conditions and policies. As this information is important to your interaction with us, you may not opt-out of receiving these communications.
   8. The information we collect is not distributed, sold or leased to third parties for commercial purposes, except to provide services you have requested on the Website and its accompanying applications, or for other purposes when we have your permission or when we are obliged to do so.
   9. We may disclose your Personal Data if we believe disclosure of your Personal Data is necessary or appropriate to protect the rights, property, or safety of the Owner, our customers or others. This includes exchanging information with other companies and organizations for the purposes of fraud prevention and credit risk reduction. We limit our uses of data for anti-fraud purposes to those which are strictly necessary and within our assessed legitimate interests to protect our customers and our services.
   10. You are not obligated to provide the Personal Data that we have requested, but, if you chose not to do so, in many cases we may not be able to provide you with our products or services or respond to any queries you may have.

3. CCPA: Collection of Personal Data about consumers aged 13 to 16, or older

We may collect Personal Data of consumers between the age of 13 and 16, as well as older Users, and will not sell your data unless you, as a User between the age of 13-16 or older, has given us express consent to do so.

4. CCPA: Collection of Personal Data about consumers below the age of 13

If we collect Personal Data of consumers below the age of 13 and won’t sell their data unless their parents or guardians have provided us with express consent on behalf of those minors.

5. CCPA: Collection of Personal Data about minors

We do not knowingly collect Personal Data of consumers who are below the age of 18.

6. Pseudonymous use

When registering for this Website, Users may have the option to indicate a nickname or pseudonym. In this case, the Users’ Personal Data shall not be published or made publicly available. Any activity performed by Users on this Website shall appear in connection with the indicated nickname or pseudonym. However, Users acknowledge and accept that their activity on this Website, including content, information or any other material possibly uploaded or shared on a voluntary and intentional basis may directly or indirectly reveal their identity.

7. Push notifications

This Website may send push notifications to the User to achieve the purposes outlined in this Privacy Policy.

Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for this Website, or some or all of the applications on the particular device.Users must be aware that disabling push notifications may negatively affect the utility of this Website.

8. Push notifications based on the User’s geographic location

This Website may use the User’s geographic location to send push notifications for the purposes outlined in this Privacy Policy.

Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for some or all of the apps on the particular device.

Users must be aware that disabling push notifications may negatively affect the utility of this Website.

9. Push notifications for direct marketing

This Website may send push notifications to the User for the purpose of direct marketing (to propose services and products provided by third parties or unrelated to the product or service provided by this Website).

Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for this Website or all of the applications on the particular device.

Users must be aware that disabling push notifications may negatively affect the utility of this Website.

Besides applicable device settings, the User may also make use of the rights described under User rights in the relevant section of this Privacy Policy.

10. Selling goods and services online

The Personal Data collected and referred to in this section is used to provide the User with services or to sell goods or services, including payment and possible delivery. The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Personal Data collected by this Website depends on the payment system used.

11. Unique device identification

This Website may track Users by storing a unique identifier of their device, for analytics purposes or for storing Users’ preferences. In the same regard, the Website may track the User’s location and behavior on this site. If you do not wish to have this information transmitted to the Website, please contact us at the address specified in this Privacy Policy.

12. User identification via a universally unique identifier (UUID)

This Website may track Users by storing a so-called universally unique identifier (or short UUID) for analytics purposes or for storing Users’ preferences. This identifier (if applicable), could be generated upon installation of an application associated with the Website, and it would persist between application launches and updates. It would be lost when the User deletes the application. A reinstall would generate a new UUID.

13. Contact information

Owner and Data Controller
Two Guys on a Plane LLC
Owner contact email: contact@twoguysonaplane.com

14. No Discrimination for Opting Out

The Owner shall not discriminate when providing services, software, products or content through this Website, if any User refuses to provide their consent for the processing their Personal Data and provides this refusal to the Owner in writing at the address specified in this policy, and services, content, access, or software use shall only be discontinued for such Users to the extent any such Personal Data is required and needed to continue providing access to such services, content, access, software or to this Website in general.

15. Periodic Updates to the Privacy Policy

This Privacy Policy may be updated periodically by us from time to time. If we update our Privacy Policy in any substantive way, we will update the “Last Updated” date at the end of this document and any changes to this Privacy Policy are only effective when posted to this page.

16. Deletion of Personal Data

We will confidentially store and maintain your Personal Data for up to two years after your account or use of any services on this Website is discontinued, for record keeping purposes. After this two-year period, we may permanently delete your data from our databases, at our sole discretion. If you have any questions or queries about our storage and deletion of your data, you can contact us at the email address specified in this Privacy Policy under Section 13. During the time we store your Personal Data, after you have ceased using your account with us or any services through this Website, we will not transmit your Personal Data to any third parties.

17. Data that we do not Process

We do not process your Personal Data as it relates to revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and we do not engage in the processing of your genetic data or biometric data for the purpose of uniquely identifying you as a natural person, or process data concerning your health or sex life or sexual orientation.

18. Data Breaches and Breach Notification Procedures

You will be notified of any breach of Personal Data stored on this Website or provided to us by you within 72 hours of the occurrence of such a breach. At the time we notify you of the breach, we shall also inform you as to all rectification steps we have taken to rectify and mitigate the breach. For information related to our data security and the security of any Personal Data you provide us via this Website, please get in touch with us at the contact address specified under section 13 of this Privacy Policy.

19. User’s Rights under the Digital Millennium Copyright Act

It is our policy to respond to any infringement notices and to take the appropriate actions as provided under the Digital Millennium Copyright Act (“DMCA”). Should the User believe that material available on the Website infringes on User’s copyright(s) or that of a third party, please notify us by submitting a written notice to our email address listed in this Privacy Policy and include the following information:

(i) User’s full name, mailing address, telephone number, and email address;

(ii) a description of the copyrighted work that is claimed to be infringed;

(iii) a description of where the allegedly infringing material is located on the Website;

(iv) a statement by User that User has a good-faith belief that the alleged infringing use is not authorized by the copyright owner, its agent, or the law; and

(v) a signed (either physical or electronic) statement by User, made under penalty of perjury, that the above information in User’s notice is accurate and that User is the copyright owner or authorized to act on the copyright owner’s behalf.

Upon receipt of such notice, we shall investigate and/or remove the infringing material. User will be held liable for damages, including costs and attorneys’ fees, should User materially misrepresent that material or activity on the Website infringes on User’s or a third party’s copyright.

20. User’s Rights under the California Consumer Privacy Act

To the extent that the California Consumer Privacy Act (“CCPA”) is applicable to either the Owner or the User: both parties agree to comply with all of their obligations under the CCPA; and in relation to any communication of ‘Personal Data’ as defined by the CCPA, the parties agree that no monetary or other valuable consideration is being provided for such Personal Data and therefore neither party is ‘selling’ (as defined by the CCPA) Personal Data to the other party, unless specifically agreed for and consented to by the parties.

The principal rights the User has under the CCPA include but are not limited to:

(i) the right to know the Personal Data we collect form the User;

(ii) the right to request the deletion of User’s Personal Data;

(iii) the right not to be discriminated against for having exercised User’s rights under the CCPA;

(iv) the right to opt out from the collection/sale of User’s Personal Data; and

(v) the right to access User’s Personal Data.

Both parties agree to notify the other immediately if they receive any complaint, notice, or communication that directly or indirectly relates to either party’s compliance with the CCPA. Specifically, we shall notify User within ten (10) working days if we receive a verifiable consumer request under the CCPA.

21. Rights of EU Users

21.1 Residents of the European Economic Area (“EEA”) and the EU may be entitled to rights under the GDPR. If you qualify, these rights are summarized below.

21.2 If you request to exercise your rights under the GDPR, we may require verification of your identity before we respond to any such request. If you are entitled to these rights, you may exercise the following rights with respect to your Personal Data that we collect and store:

• • the right to withdraw consent to data processing at any time;
  • the right of access to your Personal Data;
  • the right to request a copy of your Personal Data;
  • the right to correct any inaccuracies in your Personal Data;
  • the right to erase your Personal Data;
  • the right to data portability, meaning to request a transfer of your Personal Data from us to any other person or entity as chosen by you;
  • the right to request restriction of the processing of your Personal Data; and
  • the right to object to processing of your Personal Data.

You may exercise these rights free of charge. These rights will be exercisable subject to limitations as provided for by the GDPR. Any requests to exercise the above-listed rights may be made to: 120 S. 21^st Street #106 Philadelphia, PA, 19103.

22. Rights under other Privacy Laws

To the extent that you have rights under any current or future privacy laws, you may contact us at 120 S. 21^st Street #106 Philadelphia, PA, 19103 to exercise any applicable rights you may have under such laws. To the extent that such laws apply to you and to us, we will respect your rights in accordance with such laws.

23. Minors

While the Website is not intended for anyone under the age of 18, if you are under age 18 and you are unable to remove publicly available content that you have submitted to us, you may request removal by contacting us at: 120 S. 21^st Street #106 Philadelphia, PA, 19103. When requesting removal, you must specify the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you and was posted lawfully by a third party who has rights to post such content; (3) is anonymized so that you cannot be identified; (4) you do not follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information, and the party who has posted the content has the legal right to post such content. Removal of your information from the Website does not ensure complete or comprehensive removal of that information from our systems or the systems of our service providers. We may not be required to delete information posted by you; our obligations under applicable law may be satisfied so long as we anonymize the information or render it invisible to other users and the public.

24. Confidentiality and Non-Disclosure

Any use or transmittal of your data will only be completed once you are made completely aware of its use and transmittal, and then only with your consent, for the sole purpose of delivering services or products via this Website. If we disclose any of your Personal Data to third parties, it will be done so only with confidentiality and protective measures equivalent to those provided by us through this Privacy Policy. We will not make any of your Personal Data public, or disclose the same to third parties, unless you authorize us specifically.

25. Data Security

25.1 We may hold your Personal Information in either electronic or hard copy form. We take commercially reasonable steps to protect your Personal Data from misuse, interference and loss, as well as unauthorized access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your Personal Data. However, we cannot guarantee the security of your Personal Data.

25.2 The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password or PIN for access to certain parts of our Website and its accompanying applications, services or functionalities, you are responsible for keeping such a password and PIN confidential and for not sharing it with anyone. We are not responsible for circumvention of any privacy settings or security measures we provide.

26. Access to Personal Data

You can access the Personal Data we hold about you by contacting us using the contact details listed in Section 13 above. Sometimes, we may not be able to provide you with access to all of your Personal Data and, where this is the case, we will tell you why. We may also need to verify your identity when you request your Personal Data.

If you think that any Personal Data we hold about you is inaccurate, please contact us using the contact details provided in Section 13 and we will take reasonable steps to ensure that it is corrected.

We will consider and respond to all requests in accordance with all applicable laws.

27. Jurisdiction for Disputes

This Privacy Policy constitutes an integral component of our terms of service, and all of its accompanying terms, provided at twoguysonaplane.com/privacy-policy/. Therefore, to the extent permitted under applicable privacy laws, and where no other privacy law applies, all disputes arising out of this Privacy Statement shall be resolved as described explicitly in our terms of service.