For use only where legally permitted. You are responsible for compliance with local RF and aviation regulations.Read disclaimer
OpenFCC

Privacy Policy

This page is currently available in English only.

Effective date: [DATE]

Template notice. This document is a template provided for informational purposes only. It is not legal advice and must be reviewed, completed, and adapted by qualified legal counsel before publication. Placeholders shown in [BRACKETS] must be replaced.

This Privacy Policy explains how [Company Name] (“OpenFCC,” “we,” “us,” or “our”) collects, uses, and protects personal data when you purchase or use the OpenFCC software and related services. We are committed to data minimization: we collect only what is necessary to deliver your purchase and operate the license.

1. Data Controller

The data controller responsible for your personal data is [Company Name], [registered address], reachable at [contact email]. If we have appointed a data protection representative or officer, their contact details are: [DPO / representative contact].

2. Data We Collect

  • Email address. Used to deliver your download link and license key and to provide order-related support.
  • Order and payment metadata. Such as order identifier, product purchased, amount, currency, and transaction status. Payments are processed by third-party payment providers (for example, Stripe, PayPal, or a cryptocurrency payment provider). We do not collect or store full payment card numbers; card data is handled directly by the payment processor.
  • Hashed drone serial number.For license activation, the application transmits a SHA-256 hash of your drone’s serial number. The plaintext serial number is never transmitted to or stored by us; only the irreversible hash is used to bind and verify the license.

No telemetry in the app. The OpenFCC Android application itself contains no analytics, tracking, or telemetry. It does not collect usage data, location, or device identifiers beyond the hashed serial used for activation described above.

3. Purposes and Legal Bases (GDPR)

  • Delivering your purchase and license (contract performance, Art. 6(1)(b)). Processing your email, order metadata, and hashed serial to fulfil the sale, deliver the download and license key, and activate and verify your license.
  • Fraud prevention, security, and abuse mitigation (legitimate interest, Art. 6(1)(f)). Using order and license data to prevent unauthorized redistribution, duplicate activation, and fraudulent transactions.
  • Legal compliance (Art. 6(1)(c)). Retaining transaction records where required by tax or accounting law.

4. Processors and Third Parties

We share personal data only with service providers acting on our behalf, including:

  • Payment providers (for example, Stripe, PayPal, or a cryptocurrency payment provider) to process your payment;
  • Email provider to deliver download links, license keys, and support correspondence;
  • Hosting and infrastructure provider to operate the website and license service.

These providers are bound by contractual obligations to protect your data and process it only as instructed. We do not sell your personal data.

5. Data Retention

We retain personal data only as long as necessary for the purposes described above. Order and transaction records are retained for the period required by applicable tax and accounting law [retention period, e.g., [X] years]. License records, including the hashed serial, are retained for the lifetime of the license to support activation and transfers, and are deleted or anonymized thereafter. You may request earlier erasure as described below, subject to legal retention obligations.

6. Your Rights

Subject to applicable law and, for individuals in the European Economic Area, the GDPR, you have the right to:

  • Access the personal data we hold about you;
  • Request rectification of inaccurate data;
  • Request erasure of your data (“right to be forgotten”);
  • Request restriction of, or object to, certain processing;
  • Receive your data in a portable, machine-readable format (data portability);
  • Lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, contact us at [contact email]. We will respond within the timeframes required by law.

7. International Transfers

Some of our processors may store or process data outside your country, including outside the European Economic Area. Where personal data is transferred internationally, we rely on appropriate safeguards such as European Commission adequacy decisions or Standard Contractual Clauses to ensure your data remains protected.

8. Cookies

Our website uses only essential cookies necessary for the site to function and to complete your purchase. We do not use advertising or non-essential tracking cookies. [Adjust this section to reflect the actual cookies in use.]

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will revise the “Effective date” above and, where required, provide additional notice of material changes.

10. Contact

For privacy questions or to exercise your rights, contact [Company Name] at [contact email] or via our Support page.