# Privacy Policy – Aeroguard *Last updated: Novembre 2, 2025* This Privacy Policy explains how **NonOpn** ("we," "our," or "us"), publisher of the **Aeroguard** application (the "Application"), collects and processes your personal data. --- ## 1) Who is responsible for processing? - **Data Controller:** NonOpn - **Address:** Currently Bordeaux/Toulouse - **Contact:** kevin.leperf@nonopn.com - **Data Protection Officer (DPO):** kevin.leperf@nonopn.com --- ## 2) Scope of this policy This policy applies to users of the Aeroguard Application. It does not cover third‑party websites or services that the Application may connect to in order to retrieve weather data. --- ## 3) Data we process We are committed to **not** collecting **user location data** further than the app's requires it to. It's used to gather lightning activity surrounding you, as the user and only that. We only process the following categories of data: ### 3.1 Minimal technical data - Technical identifiers required for functionality (e.g. account ID, session tokens, limited security logs). ### 3.2 Position data - **Positions of storm weather probes** and their **metadata** (e.g. probe ID, timestamp, required measurements). These data relate to equipment and **not user location**. > The Application queries weather services to retrieve information **associated with lightning activity** and displays it in the Application. ### 3.3 Advertisement - Advertisement is only activited when the consent has been granted --- ## 4) Purposes and legal bases (GDPR) | Purpose | Legal basis | |---|---| | Account creation and management | Contract performance (Art. 6.1.b GDPR) | | Securing access (authentication, fraud prevention) | Legitimate interest (Art. 6.1.f) | | Displaying and managing user position | Contract performance (Art. 6.1.b) | | Application improvement and maintenance (technical logs) | Legitimate interest (Art. 6.1.f) | | Communication with users (support) | Legitimate interest or contract performance | No automated decision‑making producing legal effects is carried out. --- ## 5) Recipients and processors - **Hosting / infrastructure:** OVH/AWS/Ikoula, for storing account data and providing the service. These providers act as **processors** under the GDPR, bound by appropriate contractual agreements. --- ## 6) Transfers outside the European Economic Area (EEA) If data is transferred outside the EEA, we implement appropriate safeguards (European Commission Standard Contractual Clauses, additional measures if necessary). **[Specify if transfers occur and to which countries]**. --- ## 7) Data retention - **Technical logs:** retained for 30 days for security and maintenance. - **User position:** retained for operational purposes **during the request access**. --- ## 8) Security We apply reasonable technical and organizational measures to protect data (account are not yet enabled but those would be set with encryption in transit, **hashed and salted** password storage, access controls, security logging). However, no system can be guaranteed 100% secure. --- ## 9) Your rights (GDPR) Under GDPR, you have the rights of access, rectification, erasure, restriction, objection, and data portability. You may also set instructions regarding the handling of your data after death (France). To exercise your rights, contact us at **[Contact email]** and provide proof of identity if needed. You have the right to lodge a complaint with a supervisory authority – in France, the **CNIL** (cnil.fr). --- ## 10) Cookies and trackers Aeroguard does not use advertising cookies within the Application. Strictly necessary cookies or technical identifiers may be used for login and security. --- ## 11) Third‑party services The Application may query third‑party weather services to retrieve probe‑related information. These services only receive the necessary requests. --- ## 12) Children’s accounts The service is not intended for minors under **15 years old** in France (or the applicable digital consent age in your country). If you believe data from a minor has been collected, please contact us. --- ## 13) Changes to this policy We may update this Privacy Policy for legal, regulatory, or technical reasons. Significant changes will be communicated appropriately. The date of the last update is indicated at the top of this document. --- ## 14) Contact For any data protection inquiries: - **Email:** [Contact email] kevin.leperf@nonopn.com - **Address:** [Postal address] 3 rue du golf, 33000 Merignac