Privacy Policy
The purpose of this document is to inform the natural person (hereinafter “Data Subject”) about the
processing of his/her personal data (hereinafter “Personal Data”) collected by the data controller,
ITALDRONI S.R.L., with registered office in Via Camillo Benso Conte di Cavour 13,
10019 Strambino (TO), Italy, Tax Code/VAT No. IT13399080012, e-mail address
privacy@italdroni.it (hereinafter “Data Controller”), via
the Pilots Weather mobile application for iOS and Android (hereinafter “App”) and
the website pilotsweather.com (hereinafter “Website”).
Changes and updates will be effective as soon as they are published on this page. In case of
non-acceptance of the changes made to this Privacy Policy, the Data Subject shall stop using the App
and the Website and may ask the Data Controller to delete his/her Personal Data.
A. Data processed by the App
The App requires no account and no registration. It does not collect the Data
Subject's name, e-mail address, phone number or any other contact information. It contains
no advertising, no analytics and no tracking technologies, and it does not use
cookies. The App processes only the following data:
-
Location (optional). The App requests access to the device's location
only when the Data Subject taps a control that needs it (for example “Use my location” in
the Nearby screen, or the locate button on the map). The coordinates are transmitted over an
encrypted connection (HTTPS) to the Data Controller's server (api.pilotsweather.com) solely to
return the list of nearby airports and their weather; they are processed transiently and are
not stored. Location permission is optional: the App is fully usable without it
(airports can be searched by name or ICAO code), and the permission can be revoked at any time in
the device settings.
-
Anonymous device identifier. On first launch the App receives a randomly
generated token that identifies the installation towards the Data Controller's server. It is used
exclusively to authenticate API requests and to prevent abuse (rate limiting). It contains no
personal details and is not linked to the Data Subject's identity.
-
Weather alerts (optional). If the Data Subject enables weather alerts in the
App's settings, the device's push-notification token and the list of favorite airports are stored
on the Data Controller's server in order to deliver flight-category-change notifications through
the Apple Push Notification service. Disabling alerts deletes this subscription (push
token and airport list) from the server.
-
Map tiles. To display maps, the App loads map imagery from third-party providers
acting as independent data controllers: MapTiler (station map) and Apple Maps (iOS) or
Google Maps (Android) for the
small route/airport previews. Like any content delivery service, these providers technically
receive the device's IP address and the map area being viewed.
B. Data processed by the Website
The Website processes the following types of Personal Data:
-
Contact Data voluntarily provided by the Data Subject (for example the e-mail
address and any information included when writing to the Data Controller).
-
Usage Data collected automatically (such as pages visited, number of clicks,
actions taken, duration of sessions), collected through Google Analytics on the basis of the Data
Subject's consent. The Website uses cookies and similar technologies for this purpose; the full
Cookie Policy can be viewed at
pilotsweather.com/cookie-policy.html.
These technologies concern the Website only, not the App.
Legal basis and purpose of data processing
The processing of Personal Data is necessary:
-
for the performance of the service requested by the Data Subject, and especially:
processing the location transmitted by the Data Subject to return nearby airports and weather;
storing the push token and favorite airports of Data Subjects who have enabled weather alerts, in
order to deliver those alerts; answering the Data Subject's requests (support and contact);
-
for legal obligations: the fulfilment of any obligation provided for by the
applicable norms, laws and regulations;
-
for the legitimate interest of the Data Controller: management, optimization and
monitoring of the technical infrastructure, including the prevention of abuse of the service
(anonymous device tokens, rate limiting) and the identification and resolution of technical
issues; statistical analysis on aggregated and anonymous data;
-
on the basis of consent: Website analytics cookies (see the Cookie Policy).
Consent may be withdrawn at any time.
The Data Subject's Personal Data may also be used by the Data Controller to protect itself in
judicial proceedings before the competent courts.
Data processing methods and receivers of Personal Data
The processing of Personal Data is performed via computer tools with methods of organization and
logics strictly related to the specified purposes and through the adoption of appropriate security
measures; all transmissions between the App, the Website and the Data Controller's servers are
encrypted (HTTPS).
Personal Data are processed exclusively by:
-
persons authorized by the Data Controller to process Personal Data who have committed themselves
to confidentiality or have an appropriate legal obligation of confidentiality;
-
subjects designated as data processors by the Data Controller in order to carry out the processing
activities necessary to pursue the purposes set out in this policy (in particular the hosting
provider Amazon Web Services, region Frankfurt, Germany), or subjects that operate independently
as separate data controllers (Apple, for the delivery of push notifications; the map providers
listed in section A);
-
subjects or bodies to whom it is mandatory to communicate Personal Data by law or by order of the
authorities.
Personal Data will not be sold, will not be used for advertising and will not be indiscriminately
shared in any way.
Place
Personal Data stored by the Data Controller is kept on servers located within the territory of the
European Economic Area (EEA) and will not be transferred outside the EEA by the Data Controller. The
independent providers indicated above (Apple for push-notification delivery, map tile providers) may
process technical data in other jurisdictions under their own privacy policies and the safeguards
provided for by the applicable law.
Personal Data storage period
Personal Data will be stored only for the time required to fulfill the purposes for which it was collected. In particular:
- the location transmitted for nearby-airport queries is processed transiently and is not stored;
-
the anonymous device token is kept for as long as the App installation uses the service, and can
be regenerated at any time by reinstalling the App;
-
the weather-alert subscription (push token and favorite airports) is kept until the Data Subject
disables alerts in the App — which deletes it — or until a deletion request;
-
Website data provided on the basis of consent is stored until the consent is revoked; data
processed under legal obligations is stored according to the timeframes provided for by such
obligations;
- in the event of legal disputes, for the entire duration of such disputes, until the time limit for appeals has expired.
At the end of the conservation period, all Personal Data will be deleted or stored in a form that
does not allow the identification of the Data Subject.
Rights of the Data Subject
Data Subjects may exercise specific rights regarding the Personal Data processed by the Data
Controller. In particular, the Data Subject has the right to:
- be informed about the processing of their Personal Data
- withdraw consent at any time
- restrict the processing of their Personal Data
- object to the processing of their Personal Data
- access their Personal Data
- verify and request the rectification of their Personal Data
- obtain the erasure of their Personal Data
- transfer their Personal Data to another data controller
- file a complaint with the Personal Data protection supervisory authority and/or take legal action.
In order to use their rights, Data Subjects may send a request to the following e-mail address:
privacy@italdroni.it. Requests will be immediately treated
by the Data Controller and processed as soon as possible, in any case within 30 days.
Last update: 04/07/2026