Last updated on 10/22/2020
The Uraster GmbH (hereinafter the "Provider"), registered in Switzerland, enables pilots and other interested persons (hereinafter jointly the "Users") to use capzlog.aero in the form of apps and online services as well as other offers, in particular to keep a flight log or flight books in digital form (hereinafter "capzlog.aero").
1.2 The Provider provides information about the range of functions and services offered in a suitable form. The use of capzlog.aero is generally subject to a fee and is granted through subscriptions with certain periods of validity. The Provider informs about fees and terms in a suitable form. The Provider may adjust the scope of functions and services at any time or discontinue the operation of capzlog.aero. The Provider may stipulate that current or otherwise defined versions of apps, operating systems, browsers and other software must be used for access to capzlog.aero. The updating of such software lies in the responsibility of the Users.
1.3 The Provider may provide for different categories of Users, in particular depending on the functions and services used or on any financial or other contributions provided by public authorities and companies (hereinafter the "Contributions"). The Provider may exchange the necessary user data with such authorities and companies in order to verify the entitlement to usage of individual functions and services and to Contributions or to enable billing.
1.4 For payments by means of third party services such as credit card providers, PayPal or TWINT the respective General Terms and Conditions (GTC) and other provisions of the respective third party services apply.
1.5 The Provider grants a right of withdrawal for at least 14 days for functions and services subject to a charge. Users who wish to exercise their right of withdrawal must notify the Provider and provide a reason for the withdrawal. The right of withdrawal can only be claimed once per User for each function or service.
1.6 Fees are due immediately and in advance, unless a payment deadline is granted. Users are automatically and without reminder in payment delay if payment is not made on time. Fees already paid will not be refunded and fees already owed remain due in any case. In case of payment delay, the Provider may deny access to capzlog.aero. The offsetting of claims against the Provider by Users is not allowed.
1.7 The Provider may inform and contact Users by letter post, email, instant messaging, SMS and other communication channels with notifications and messages in connection with capzlog.aero. Users may dissent from the receipt of such notifications and messages at any time ("opt-out"). This does not apply to notifications and messages that are necessary for the use of capzlog.aero.
1.8 The Provider may have capzlog.aero operated in whole or in part by or together with third parties as well as by or together with affiliated companies, in particular the parent company, sister companies and subsidiaries. The Provider may transfer rights and obligations in connection with capzlog.aero to such third parties and companies. Such third parties and companies may be located outside of Switzerland.
2.1 The Provider grants Users a non-exclusive, non-transferable, non-assignable, limited licence for the use of capzlog.aero in the form of executable apps (installed software) or online services (Software as a Service, SaaS). The licence is limited to the purpose or purposes according to the scope of functions and services. The licence is limited to the country or countries where capzlog.aero is offered. All rights to capzlog.aero remain property of the Provider.
3.1 The Provider generally provides for a mandatory registration for the use of capzlog.aero or for the use of individual functions and services. The Provider may use registration services of third parties exclusively or in addition. The Provider may refuse the registration at any time - also subsequently - and without giving reasons.
3.2 Registered Users are responsible for all activities in connection with capzlog.aero that take place under their User account. This responsibility also extends to other Users and their User accounts that an individual User creates or manages for other Users, for example User accounts for employees of a company or for members of an organization.
3.3 The Provider shall inform Users in a suitable form about the data required for the use of capzlog.aero. Registration with false, fictitious or misleading data is prohibited. The Provider may verify data provided by Users - also retrospectively - or have it verified by third parties.
3.4 Registered Users are obliged to keep their access data for capzlog.aero confidential and to use it exclusively for their own purposes. Automated access to capzlog.aero, especially with bots, scripts or similar means, is prohibited. The Provider may provide interfaces for accessing capzlog.aero, for example an Application Programming Interface (API).
4.1 Data of Users remains within the legal sphere of the Users, even if it is processed by the Provider within capzlog.aero. Users expressly agree that the Provider may process their data for the purpose or purposes according to the scope of functions and services in connection with capzlog.aero. The Users are responsible for data backup, even if the Provider endeavours to back up Users' data on a regular basis.
4.2 The Provider may process the data of Users in aggregated, anonymized or pseudonymized form for its own security related, statistical and technical purposes, as long as such processing is necessary for such purposes. The Provider may use such aggregated, anonymized or pseudonymized data for statistics that are published and made available to Users and third parties.
4.3 The data of active Users is stored permanently. Users are no longer considered active if they have their User account deleted. Users can have their data deleted at any time in accordance with the applicable data protection law.
4.4 The Provider may, upon request of the Swiss Transportation Safety Investigation Board (STSB) or a comparable foreign authority, request individual Users to release the flight log data to the attention of the investigating authority in the event of an air accident or incident investigation. In the case of Users who cannot be requested to release the flight log data due to death or permanent incapacity to act, the Provider may release the flight log data directly upon request of the investigating authority.
4.5 Users who process the personal data of other Users and other affected persons within the framework of capzlog.aero guarantee by themselves that such processing is only carried out in compliance with the law. This includes in particular the data of the persons concerned and the obtaining of any necessary consent for the processing of personal data.
5.1 The Provider operates capzlog.aero professionally and carefully. Nevertheless, capzlog.aero may be temporarily unavailable in part or in whole, especially for technical reasons or due to maintenance work. The Provider informs in advance about planned maintenance windows in a suitable way. The Provider strives for the highest possible availability. However, the Provider does not assume any warranty for functions and services, for the availability of capzlog.aero as well as for provided data of third parties such as airports, aircraft, pilot licences and applicable law. Users are at all times and to the fullest extent responsible for whether, and if so, under what conditions and to what extent they are allowed to engage in flying or other activities.
5.2 The Provider is only liable for direct damages caused by her own grossly negligent or intentional actions. Liability is limited to the amount of fees paid by a User for the use of capzlog.aero in the twelve months prior to a damaging event. Any further liability of the Provider for direct damages, in particular in case of slight and medium negligence, for any errors in apps, online services and other offers as well as for entries made by Users, is explicitly and completely excluded. Any liability of the Provider for indirect damages and consequential damages caused by defects, for claims of any third parties as well as for loss of profit is expressly and completely excluded. Any liability for auxiliary persons is excluded.
This data protection declaration provides information about how, where and why we process what personal data in connection with capzlog.aero. In addition to this, the data protection declaration provides information about the rights of individuals whose data we process.
Special, supplementary or further data protection declarations and other legal documents such as General Terms and Conditions of Business (GTCB), terms of usage or conditions of participation may apply for individual or additional offerings and services.
Our offering is subject to Swiss data protection law and to any applicable foreign data protection law such as, in particular, the laws of the European Union (EU) including the General Data Protection Regulation (GDPR). The European Commission recognises that Swiss data protection law ensures an adequate level of data protection.
Responsible for processing of personal data:
To the contact form
Should, in individual cases, other entities be responsible for processing of personal data, then we will draw attention to this.
As per Art. 27 GDPR we have the following data protection representation in the European Economic Area (EEA), comprising the European Union (EU) and the Principality of Liechtenstein, Iceland and Norway, as an additional point of contact for supervisory authorities and data subjects making enquiries relating to the General Data Protection Regulation (GDPR):
VGS Datenschutzpartner UG
Am Kaiserkai 69
Personal data means all information relating to an identified or identifiable natural person. A data subject is a natural person whose personal data is processed. Processing means any handling of personal data, independent of the means and procedures which are used and, in particular, the storage, disclosure, acquisition, collection, erasure, saving, alteration, destruction and use of personal data.
The European Economic Area (EEA) comprises the European Union (EU) and the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) defines the processing of personal data as the processing of personal data relating to a specific natural person.
We process personal data in compliance with Swiss data protection law such as, in particular, the Federal Act on Data Protection (DSG) and the Ordinance to the Federal Act on Data Protection (VDSG). We generally store personal data only in Switzerland.
If and insofar as the General Data Protection Regulation (GDPR) is applicable, we process personal data according to at least one of the following legal bases:
We process personal data which is necessary to provide our offering in the long term and in a manner which is user-friendly, secure and reliable. Such personal data can fall into the following categories: master and contact data, browser and device data, pilot logbook data, medical data, content data, licence data, meta- respectively peripheral data and usage data, location data or sales, contractual and payment data.
We process personal data for the period which is required for the relevant purpose or purposes or which is required by law. Personal data which must no longer be processed is anonymised or erased. Data subjects whose data we process in general have a right to erasure.
As a matter of principle we only process personal data after obtaining the data subject’s consent unless processing is permissible for other legal reasons, such as to perform a contract with the data subject and to take steps prior to entering into a contract; in response to justified requests from competent authorities such as in particular the Federal Office of Civil Aviation (FOCA) and the Swiss Transportation Safety Investigation Board (STSB); to safeguard our overriding legitimate interests; because processing is evident from the circumstances; or based on prior information.
Within this framework we process in particular the information which the data subject transmits to us voluntarily and themselves when establishing contact with us – for example by letter, email, contact form, social media or telephone – or when registering for a user account. We may, for example, store such information in an address book, a customer relationship management system (CRM system) or using comparable aids. Insofar as the data subject transmits personal data to us via third parties, they are obliged to ensure data protection vis-à-vis such third parties and to ensure the correctness of such personal data.
In addition to this, we process personal data which we receive from third parties; acquire from publicly accessible sources; or collect when providing our offering, if and insofar as such processing is legally permissible.
Personal data originating from job applications is only processed insofar as it is required to assess suitability for an employment relationship or for subsequent performance of an employment contract. The personal data which is required to carry out an application process arises from the information which is requested and/or provided, for example within the scope of a job description. Candidates have the option of transmitting further voluntary information for their corresponding job application.
We can have personal data processed by contracted third parties or process it together with third parties or with the help of third parties as well as transmit this data to third parties. Such third parties are, in particular, providers whose services we use. Should we use such third parties, then we will ensure an adequate level of data protection.
Such third parties are, as a matter of principle, located in Switzerland and the European Economic Area (EEA). Such third parties may, however, also be located in other states and territories around the world or elsewhere in the universe insofar as their data protection law is, according to the adequacy decision of the Swiss Federal Data Protection and Information Commissioner (EDÖB) and – if and insofar as the General Data Protection Regulation (GDPR) is applicable – according to the adequacy decision of the European Commission, applicable and ensures adequate data protection or if, for other reasons, such as a corresponding contractual agreement, in particular based on standard contractual clauses, or corresponding certification, adequate data protection is ensured. In exceptional cases, such a third party may be located in a country without adequate data protection insofar as the data protection law-related prerequisites, such as the data subject’s explicit consent, are fulfilled.
Swiss data protection law grants data subjects whose personal data we process specific rights. These include the right to information and the right to rectification, erasure or blocking of the processed personal data.
Data subjects whose personal data we process may – if and insofar as the General Data Protection Regulation (GDPR) is applicable – demand a confirmation whether we are processing their personal data and, if the answer is yes, information about processing of their personal data; have processing of their personal data restricted; exercise their right to data portability; and exercise their right to have their personal data rectified, erased (“right to be forgotten”), blocked or completed.
Data subjects whose personal data we process may – if and insofar as the GDPR is applicable – withdraw any consent with effect for the future and object to processing of their personal data at any time.
Data subjects whose personal data we process have a right to lodge a complaint with a responsible supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (EDÖB).
We take adequate and appropriate technical and organisational measures to ensure data protection and, in particular, data security. Despite these measures there will, however, always be security gaps when personal data is processed on the Internet. We cannot thus guarantee absolute data security.
Access to our online offering is via transport encryption (SSL / TLS, in particular using hypertext transfer protocol secure, or HTTPS for short). Most browsers identify transport encryption with a padlock in the address bar.
Access to our online offering is – as is, as a matter of principle, all Internet use – subject to groundless, non-suspicion-related mass surveillance and other surveillance by security agencies in Switzerland, the European Union (EU), the United States of America (USA) and other states. We have no direct influence on the corresponding processing of personal data by secret services, police authorities and other security agencies.
When you visit our website cookies can be temporarily stored in your browser as “session cookies” or for a predefined period of time as so-called permanent cookies. “Session cookies” are automatically erased when you close your browser. Permanent cookies are stored for a certain duration. Permanent cookies make it possible in particular to recognise your browser when you next visit our website and thus, for example, measure the website’s reach. Permanent cookies can, however, also be used for purposes such as online marketing.
Where cookies are used to measure success and range or for advertising it is possible to make a general objection (“opt-out”) via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA) for numerous web services.
Each time you visit our website we are able to log the following information insofar as your browser transmits them to our server infrastructure or our web server is able to identify them: date and time including time zone; Internet protocol (IP) address; access status (HTTP status code); operating system including user interface and version; browser including language and version; the sub-pages of our website which were retrieved including the transmitted data volume; and the prior website retrieved in the same browser window (referrer).
We store such information, which can also be personal data, in server log files. The information is necessary to provide our online offering in the long term and in a user-friendly, reliable form as well as to ensure data security and thus in particular the protection of personal data – also by third parties or with the help of third parties.
We may use tracking pixels on our website. Tracking pixels are also known as web beacons. They are small, generally invisible images which are automatically retrieved when you visit our website and also used by third parties whose services we employ. Tracking pixels can gather the same information as server log files.
We send notifications and announcements such as newsletters by email and via other communication channels such as instant messaging.
Notifications and announcements can contain web links or tracking pixels which record whether the specific notification was opened and which corresponding web links were clicked. Such web links and tracking pixels can also record the use of notifications and announcements by specific data subjects. We require this statistical recording of use within the scope of measuring success and reach, which is in turn intended to ensure that notifications and announcements are based on recipients’ needs and reading habits and thus effective and user-friendly, as well as to be able to offer notifications and announcements in the long term and in a secure, reliable manner.
You must as a matter of principle expressly consent to the use of your email address and your other contact addresses unless this use is permitted for other legal reasons. Wherever possible we use the “double opt-in” procedure when obtaining any consent to the receipt of emails. In other words, you receive an email with a web link which you must click as confirmation and to ensure that no unauthorised third parties can abuse your personal data. Such consents, including the Internet protocol (IP) address and the date and time, may be logged as evidence and for security reasons.
You may as a matter of principle unsubscribe from notifications and announcements such as newsletters at any time. Notifications and announcements which are absolutely essential for our offering may be excluded from this. When you unsubscribe you can, in particular, object to the statistical recording of use to facilitate the measurement of success and reach.
We use the services or help of third parties to transmit notifications and announcements. When doing so, cookies may be used. We ensure adequate data protection when using such services.
We have a presence on social media platforms and other online platforms so that we can communicate with potential members and provide information about our offering. Personal data generated in this context may also be processed outside of Switzerland and the European Economic Area (EEA).
With regard to our social media presence on Facebook we are, if and insofar as the GDPR is applicable, jointly responsible together with Facebook for the so-called Page Insights.
Page Insights provide information about how visitors interact with our Facebook presence. We use Page Insights to make our Facebook social media presence effective and user-friendly. Facebook has published information on Page Insights data plus a supplement regarding responsibility for Page Insights.
We use Google Analytics to analyse how our website is used, whereby we can, for example, also measure its reach and the success of third-party links to our website. This is a service of Google LLC in the USA. Google Ireland Limited, located in Eire, is responsible for users in the European Economic Area (EEA) and Switzerland.
Google attempts to also record individual visitors to our website who use a variety of browsers or devices (cross-device tracking). When doing so cookies are also used. Google Analytics requires your Internet Protocol (IP) address, however this information is kept separate from other Google data.
In all cases we have your Internet Protocol (IP) address anonymised before it is analysed by Google. This means that your full IP address is, as a matter of principle, not transmitted to Google in the USA.
We use third-party services so that we can provide our offering in the long term and in a manner which is secure and reliable. Such services also allow us to embed content in our website. These services – for example, hosting and storage services, video services and payment services – require your Internet Protocol (IP) address since they would not otherwise be able to transmit corresponding content. Such services may be located outside of Switzerland and the European Economic Area (EEA) insofar as adequate data protection is ensured.
Third parties whose services we use may also process data related to our offering and from other sources – including cookies, log files and tracking pixels – in an aggregated, anonymised or pseudonymised manner for their own security-relevant, statistical and technical purposes.
We use the services of third parties in order to be able to use the digital infrastructure required for our services. These include in particular hosting and storage services from specialised providers. Such providers process - usually exclusively on our behalf - the data required to operate this infrastructure. This includes in particular your Internet Protocol (IP) address. We also guarantee appropriate data protection with such providers.
We use payment service providers to process our customers’ payments securely and reliably. We only use payment service providers who ensure an adequate level of data protection. Processing is subject to the relevant payment service provider’s terms, such as their general terms and conditions of business (GTCB) or data protection declarations.
9.2.1 We use in particular PayPal to process payments. PayPal is a service of PayPal (Europe) S.à.r.l. et Cie, S.C.A in Luxembourg as well as of PayPal Pte. Ltd. in Singapore. For information about the type, extent and purpose of data processing, see the data protection declaration.
9.2.2 We use in particular SIX Payment Services (including Saferpay) to process payments. It is a service of the Swiss SIX Payment Services AG together with SIX Payment Services (Europe) S.A. in Luxembourg as well as a branch in Austria and the german SIX Payment Services (Germany) GmbH. For information about the type, extent and purpose of data processing, see the data protection declaration and the "Customer information on data protection" of SIX Payment Services.
We may adjust and add to this data protection declaration at any time. We will provide notification of such adjustments and additions in an appropriate form, in particular by means of publishing the corresponding current data protection declaration on our website.