GDPR Compliance

Last Updated: April 20, 2025

At Sky Expedition Systems LLC, we are committed to ensuring the privacy and protection of your personal data in compliance with the General Data Protection Regulation (GDPR). This page outlines how we adhere to GDPR principles and details your rights under this regulation.

Our Commitment to GDPR

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy that applies to all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside these areas.

We have implemented the following measures to ensure compliance with GDPR:

  • Appointed a Data Protection Officer to oversee data protection strategy and implementation
  • Conducted data protection impact assessments for high-risk processing activities
  • Implemented technical and organizational measures to ensure data security
  • Established procedures for handling data subject requests
  • Updated our Privacy Policy and Terms of Service to reflect GDPR requirements
  • Provided training to our staff on data protection and GDPR compliance

Right to Access

You have the right to request a copy of your personal data that we hold. Upon request, we will provide you with:

  • Confirmation that we are processing your personal data
  • A copy of your personal data in a commonly used electronic format
  • Additional information about the processing of your data, such as the purposes of processing, categories of data, recipients of data, and retention periods

We will respond to your request within one month, although we may extend this period by up to two additional months if necessary, taking into account the complexity and number of requests.

Right to Erasure (Right to be Forgotten)

You have the right to request the deletion of your personal data in certain circumstances, including:

  • When the personal data is no longer necessary for the purposes for which it was collected
  • When you withdraw consent on which the processing is based
  • When you object to the processing and there are no overriding legitimate grounds for the processing
  • When the personal data has been unlawfully processed

There are certain exceptions to this right, such as when processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, or for the establishment, exercise, or defense of legal claims.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance, where:

  • The processing is based on consent or on a contract
  • The processing is carried out by automated means

Where technically feasible, we will directly transfer your data to another controller at your request.

Right to Object and Automated Decision-Making

You have the right to object to the processing of your personal data in certain circumstances, including:

  • When processing is based on legitimate interests or the performance of a task in the public interest
  • When processing is for direct marketing purposes
  • When processing is for scientific or historical research purposes or statistical purposes

You also have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except in certain limited circumstances.

Right to Rectification and Restriction

You have the right to request the rectification of inaccurate personal data and to have incomplete personal data completed.

You also have the right to request the restriction of processing of your personal data in certain circumstances, including:

  • When you contest the accuracy of your personal data
  • When the processing is unlawful, and you oppose the erasure of the data
  • When we no longer need the data for the purposes of processing, but you require it for legal claims
  • When you have objected to processing pending the verification of whether our legitimate grounds override yours

International Data Transfers

We may transfer your personal data to countries outside the European Economic Area (EEA). When we do so, we ensure that appropriate safeguards are in place to protect your data, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules
  • Adequacy decisions by the European Commission
  • Explicit consent from you for the transfer

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

How to Exercise Your Rights

To exercise any of your rights under GDPR, please contact our Data Protection Officer using the contact information provided below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

Contact Us

If you have any questions about our GDPR compliance or wish to exercise your rights, please contact our Data Protection Officer at:

Email: dpo@skyexpeditionsystems.com

Address: Sky Expedition Systems LLC, [Company Address]

Return to Home