top of page
AdobeStock_283639886.jpeg

Privacy Policy

Last Updated on October 1st 2024

At Skitter Airlines (“we”, “our”, or “us”), we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and share the information you provide to us when you visit our website, located at https://www.skitterairlines.com, and our web and mobile apps (collectively the “Service”). 

PLEASE READ THIS PRIVACY POLICY CAREFULLY AS IT BECOMES LEGALLY BINDING ON YOU WHEN YOU USE OUR SERVICE. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY YOU SHOULD IMMEDIATELY STOP USING OUR SERVICE. FURTHER, PLEASE REVISIT US REGULARLY TO KEEP TRACK OF ANY PRIVACY POLICY UPDATES.​

This Privacy Policy applies only to Skitter Airlines' activities that are subject to the provisions of Canada's federal and provincial privacy legislation, including, where applicable, the federal Personal Information Protection and Electronic Documents Act (PIPEDA), Quebec's Act respecting the protection of personal information in the private sector, and certain international privacy acts may apply to us from time to time such as the General Data Protection Regulation of the European Economic Area (GDPR).

 


Information About Us

If you have any questions about this Privacy Policy, the data collection and processing practices of this Service please contact us at:

Skitter Airlines Canada Inc.
World Trade Centre Montréal
413 rue St-Jacques
Montréal, Quebec
H2Y 1N9
 

privacy@flyskitter.com

 

​

Collection of Information

We collect personal data from you when you access and use our Service. Personal data is any data that can directly or indirectly identify a person such as a name, email address, phone number, address, or date of birth. 
We collect the following personal information from you:

 

(a) Information directly provided by you

1. Sign-up. When you sign-up for an account we collect the following information from you:
 

  • First Name​

  • Last Name

  • Email

  • Mobile Phone

  • Address (including your city, province, and postal code)

  • Gender

  • Date of Birth

  • Nationality

  • Emergency Contact

  • Your Company/Organization

  • Job Title

  • Preferred Airport for Departures

  • Preferred Destination 

  • Travel Frequency

  • Specific Travel Situation



2. Social Media Interaction. When you contact us through our social media pages (including following us, or mentioning us in your posts) we see your personal information such as your name, user ID, profile photo, job title and any other information you choose to share with us in your communication with us. This information is stored with the appropriate social media platform and is subject to their applicable privacy policy and terms and conditions. 


(b) Information we collect automatically

When you use our Service we automatically collect the following from you (except for Cookies we first ask you for your consent). None of this information is capable of identifying you alone. However, when combined with other information, it may identify you. Please be aware that we do not knowingly attempt to identify you by combining information about you. 

1. Automated Information. To make our Service more useful to you, our servers (hosted by a third-party service provider) collect certain information from you. This includes, without limitation, your browser type, operating system, IP address and date/time stamp for your visit.

2. Log Data. When you visit our Service, view content provided by us, use our Service we automatically collect and store certain information in log files. This includes your IP address, URL, referral URL, exit URL, browser software, operating system, date/time, requests type to our Service and error responses returned by our Service. 

3. Cookies. We use cookies and other similar tracking technologies (collectively “cookies”). These cookies are used by us for limited purposes with your consent (except for those that are strictly necessary for the functioning of our Service).

​
 

Purposes of Data Collection

We use the information you give us to perform the services you request. For example, if you fill out a form requesting updates about your Service, we will use the information you provide us to contact you about the updates about our products and services. We may also use the information you provide us or the information we collect to improve your experience with our Service.

When we collect any personal information, we will do our best to store and process it securely. We will comply with our obligations and safeguard your rights under the applicable laws at all times. We process your data for the following purposes.

1. Provision of our Service. To allow you access and use our services - create user accounts, process transactions, send information about updates, special offers, and promotions, and deliver sample materials or orders.

2. Diagnosis & Troubleshooting. To diagnose problems with our servers, to administer our services. 

3. Security. To prevent, detect and investigate illegal activities, breaches of any agreements entered into between you and us and threats to the security of our Service.

4. Enhance User Experience. To enhance our services and give you a better user experience when you access our Service. 

5. Statistics. To produce aggregate statistical information about users and their activities on our Service that does not identify any person.

6. Legal & Compliance. To investigate any claims or disputes concerning the use of our services. 

7. Research & Development. To improve and enhance the safety and security of our Service, as well as to design and develop new features and products relating to our Service.


Your Consent

By using our Service and specifically by filling out one of our online forms or tools (e.g. to create an account, or to contact us), you consent to our collection and use of your personal information as described in this Privacy Policy. If we change our Privacy Policy, we will post those changes to this website. 

You have the option to withhold or withdraw your consent at any time, although this may impact our ability to provide you with our services or certain features. For example, withdrawing consent might hinder our fulfillment of a legal obligation or limit your access to our services. We will clearly communicate any such implications to ensure you are well-informed before making a decision.

 

Sharing of Your Information

When providing our services, we may share your personal information with third parties to facilitate our operations. We take measures to ensure your data is handled securely, akin to our own standards.

Partner Airlines: We may share certain personal information with partnering airlines when you book a seat as required by law. This information may include your full name, gender, date of birth, nationality and emergency contacts. 

Third Parties: We engage third-party service providers, such as web hosting, web analytics services, a payment processor and CRM services which may access your data solely to assist in delivering our website and services. These providers are bound by our instructions not to use your personal information for any purposes other than those explicitly directed by us.

Business Transfers: Should we undergo a business transaction like a merger, acquisition, or asset sale, your personal information may be transferred. The new owners would continue to handle your data in accordance with this Privacy Policy.

Law Enforcement: Under certain circumstances, we might be required to disclose your information to comply with legal processes or governmental requests.

Staff: Some personal information may be shared with our employees or contractors, who are instructed to handle your data in line with this Privacy Policy and applicable laws.

We will not sell, rent, exchange, or share your personal information with any third parties without permission or except as described in this Privacy Policy.



Retention of personal information


We retain the personal information we collect for a reasonable period of time to enable us to fulfill the purposes identified at the time of collection or in this Policy unless we are required by law to retain it for a longer period. The retention period varies depending on several factors, including the type of information collected. At the end of the applicable retention period, the personal information is destroyed or anonymized, in order to be used for legitimate purposes.
 

Notwithstanding anything to the contrary in this Policy, we retain and use the information for as long as we believe it is necessary to comply with our legal, accounting and tax obligations, to resolve disputes with any party, to provide you with our services, including the maintenance of your account, and to allow us to carry out our business.

 

Your Privacy Rights

Under applicable data protection law, you have the following rights regarding the personal data we hold about you:

Right to information. You have the right to know the purposes for which your personal information is collected at or before the time the information is collected. This Privacy Policy sets out what personal information we collect, and how and why we collect it.

Right of access. You have the right to obtain access to your personal information we retain about you.

Right to rectification. You have the right to obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete.

Right to erasure. The right to obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed. The erasure of personal information also includes the anonymization of personal data. 

Right to withdraw consent. You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Once consent is withdrawn, you will have the right to have your personal information erased and no longer used for processing.

Right to challenge compliance. You have the right to challenge our compliance with this Privacy Policy and applicable privacy laws. You can contact our Data Privacy Officer to address any challenges via the contact details set out in this privacy policy.

Right to portability. You have the right to obtain your personal data in a structured and commonly used technological format.

 

Data Privacy Officer (DPO)

In order to be compliant with applicable data protection law we have appointed a Data Privacy Officer (DPO) who shall monitor our compliance with applicable privacy laws and assist in exercising your privacy rights. Below are the details to contact our DPO:
 

privacy@flyskitter.com

 

If you have concerns about how we handle your personal information, you are encouraged to submit a complaint to our DPO. Upon receiving your complaint and verifying your identity, our DPO will conduct a thorough investigation and provide you with a detailed report of the findings.

Should the complaint be deemed valid, the DPO will take appropriate measures to rectify the issue, which may include modifying our privacy practices or updating our policies. If the complaint is found to be unfounded, you will be informed in writing. If you are not satisfied with the resolution provided by the DPO, you have the option to escalate your complaint to the Office of the Privacy Commissioner. 

 

How to Exercise Your Rights

To exercise your rights regarding your personal information, please reach out to our DPO. We strive to respond within one month from the date of receiving a well-defined request. If your request is complex or involves multiple queries, the process may take longer, but we will keep you informed throughout.

In cases where we cannot fulfill your request, either fully or partially, we will provide you with a written explanation, detailing the reasons for our decision and the options available for you to challenge it.  

 

Links to Third-Party Sites

Our Service may contain links to other websites that may be subject to less stringent privacy standards. Skitter Airlines cannot assume any responsibility for the privacy practices, policies or actions of the third parties that operate those websites. Skitter Airlines is not responsible for how such third parties collect, use or disclose your personal information. You should review the privacy policies of those websites before providing them with personal information.

 

Cookies

We use cookies — small text files stored on your device —  to recognize you and/or your devices on, off, and across our different websites, improve site navigation, track site usage, and enhance your experience.

You control the use of cookies through your browser settings, where you can disable or delete them. Be aware that rejecting or removing cookies might limit your access to our services and reduce functionality.



Lawful Bases for Data Processing

We will only collect and process personal data about you where we have lawful bases. Our lawful bases for processing your information could include where you give us consent (for example: when you sign up for our mailing lists), contract (for example: when you have signed up for an account with us by agreeing to our terms and conditions), and other legitimate interests. These other legitimate interests include but are not limited to complying with laws that apply to Skitter Airlines and enabling us to administer our business (for example, quality control, consolidated reporting, or customer service).

 

International Transfers of Data

Regardless of your country of residence or the origin of the information you provide, you consent to our use of your personal information in Canada and any other country where we conduct business. Your personal information may be gathered, transferred, and stored by us in Canada, as well as by our affiliates and third-party partners located in various countries.

As a result, your personal information might be processed outside of your home country or jurisdiction, including in locations that lack an adequacy decision by the European Commission or your local legislative body or regulator, and that may not offer the same level of data protection. We ensure that any recipient of your personal information provides a suitable level of protection and security. This is achieved, for example, by implementing the necessary back-to-back agreements and, where required, standard contractual clauses or another transfer mechanism approved by the European Commission (Art. 46 GDPR) or relevant regulators or legislators. Where mandated by applicable law, we will only share, transfer, or store your personal data outside of your jurisdiction with your prior consent.

For inquiries or concerns regarding our Privacy Policy or related practices, please contact us at privacy@flyskitter.com. If you are an EEA resident and believe that we are processing your personal data unlawfully, you have the right to lodge a complaint with your local data protection supervisory authority. Their contact information can be found here: European Data Protection Authorities.

 

Security Measures

We use Secure Sockets Layer (SSL) to encrypt the information you enter on our website in order to protect its security during transmission to and from the Service. When storing personal information, we protect its security by encryption and pseudonymization of data.

We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information. We also apply access restrictions to your personal data by our employees. Furthermore, we ensure to educate and train our employees about the importance of privacy and data protection on a continuous basis.

In addition to these measures, we may use Two-Factor Authentication (2FA) when we do not recognize the device you are using. In such cases, we will prompt a 2FA code to be sent via email or text message to ensure secure access to your account.

Despite the fact that we take all these measures to maintain the safety and security of your personal information, you should be aware that no transmission over the Internet can ever be guaranteed to be secure. Therefore, we cannot fully guarantee the security of any personal information that you transfer over the Internet to us.

 

Data Breaches

A data breach refers to the unauthorized access, collection, use, disclosure, or disposal of personal information. We will notify you if it determines that the breach puts you at risk of serious harm. Upon discovering a data breach that has, or may have, resulted in unauthorized access, use, or disclosure of personal information, we will conduct a swift investigation. Furthermore, we will inform the relevant supervisory authority within 72 hours of becoming aware of the breach, except when it is deemed unlikely to pose a risk to individuals' rights and freedoms.

 

Correcting and Updating Your Data

We retain the information you share with us for as long as we need to provide you with the services you request. We also retain other data generated by you (i.e., data generated when you browse our Service) in a depersonalized or aggregated form to improve users’ experience on our Service. We may also retain your information for a reasonable period of time for Skitter Airlines to conduct audits, comply with our legal obligations, resolve disputes, or other legitimate business interests. If you believe any personal data we maintain about you is incorrect or incomplete, you may ask us to correct it. You may also ask for a copy of it, or you may ask us to delete it. If you have a request about your data or any concerns about the information you provide, please contact us at privacy@flyskitter.com. You may also contact the Data Protection Authority in your country.
 

10 Fair Information Principles

This Privacy Policy is crafted to align with the 10 fair information principles established by the Personal Information Protection and Electronic Documents Act of Canada (“PIPEDA”). In this policy, we detail our adherence to these principles. Below is a summary of the measures we take to ensure compliance. 

Principle 1 - Accountability. We are committed to safeguarding your information. A designated Data Privacy Officer oversees our compliance efforts. You can contact our DPO using the details provided in the designated section of our Privacy Policy.

Principle 2 - Identifying purposes. We have identified the purposes of processing in the relevant section of this Privacy Policy.

Principle 3 - Consent. We strive to obtain consent before collecting personal information. Individuals can contact our Data Privacy Officer (DPO) using the details in this Privacy Policy to request information deletion. 

Principle 4 - Limiting Collection. Personal data collected is limited to that which is necessary for the purposes identified in this Privacy Policy.

Principle 5 - Limiting Use, Disclosure, and Retention. We use your personal information only for the purposes for which it was collected. Details on the use, disclosure, and retention of your personal information are provided in the corresponding sections of this Privacy Policy.
 
Principle 6 - Accuracy. We keep any information accurate, complete and up-to-date. Where there are changes in the information we retain about you, you are encouraged to submit a request to make changes. 

Principle 7 - Safeguards. We protect your personal information with appropriate safeguards as set out in the relevant section of this Privacy Policy and ensure our service providers provide appropriate technical and organizational measures to protect your information from security breaches. 

Principle 8 - Openness. We are open regarding our data collection and processing practices. You can find information about how we collect, use, process and disclose personal information in this Privacy Policy. 

Principle 9 - Individual Access. You can submit a request to access your information we hold about you. You can use the contact details of our DPO to get in touch with us. 

Principle 10 - Challenging Compliance. You are welcome to direct any questions or inquiries concerning our compliance with this Privacy Policy to our DPO. 

 

Changes to Privacy Policy

This privacy policy may be amended by us from time to time. This may be done out of necessity (e.g., in order to reflect changes in the applicable laws), or if we change our business in a way that affects personal data protection.

Any changes will immediately be posted on our Service and you will be deemed to have accepted the terms of the updated Privacy Policy on your first use of our Service following the amendments. Therefore, we strongly recommend you revisit this page and check our Privacy Policy regularly in order to keep up-to-date. 

 

Supplementary Notice to EU/UK Residents

The General Data Protection Regulation of the EU and the UK (collectively the “GDPR”) gives the residents of the EU/UK certain rights when their personal data is being collected and processed. At Skitter Airlines, we are committed to complying with the GDPR, as far as it applies to us, and we have embedded data protection by design and default into our Service.

This Privacy Policy, in its entirety, conforms with the information disclosure obligations set out under the GDPR. Therefore, EU/UK residents should read the entire privacy policy to find out how we handle their personal information. 

(a) Data Subjects Rights

As an EU/UK resident, you have the rights accorded to you under Chapter 3 of the GDPR, and we always work to uphold these rights. These rights correspond to your rights accorded to you under the relevant section of this privacy policy. In order to obtain more information about your rights and how to exercise your rights, please contact us at privacy@flyskitter.com

(b) International Transfer of Data

If you are a resident of the EU/UK, you should be aware that when you access and use our Service your personal information will be transferred to countries located outside the EU/UK. We rely on several legal bases to lawfully transfer your personal data outside of your jurisdiction, including:

  1. Adequacy decision of the EU Commission, and, as applicable, the UK Government.
     

  2. Standard Contractual Clauses (SCC) approved by the European Commission, or international data transfer agreements (IDTA) or international data transfer addendum adopted by the UK Government. 
     

(c) Exercising Your Data Protection Rights

You may exercise your rights of access, rectification, cancellation, erasure, and opposition by contacting us. Please note that we may ask you to verify your identity before responding to such requests, such as by asking you questions about your use of the Service. If you make a request, we will try our best to respond to you as soon as possible.

 

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA), as updated by the California Privacy Rights Act (CPRA), mandates that specific businesses must disclose their practices regarding the sale or sharing of personal data. As of now, Skitter Airlines is exempt from these requirements based on its revenue and the limited number of California residents or devices from which it gathers data. Skitter Airlines does not engage in the “sale” of personal information as outlined by the CCPA.


California “Shine The Light” Law

California residents are afforded certain rights concerning their Personal Data under California Civil Code Section 1798.83, known as the “Shine the Light” law. This law allows you, as a California resident, to request and receive, once annually and at no cost, details about the categories of Personal Data we have shared with third parties for direct marketing purposes, along with the names and addresses of those third parties for the previous calendar year. To submit such a request, please contact us at privacy@flyskitter.com.

bottom of page