news Navigraph is GDPR compliant 2018-05-25

GDPR is in effect. As a result, we have updated our Terms of Service and Privacy Policy.

From 2 to 260,000 in 15 Years

In 15 years Navigraph has grown from just a few pilots to well over 260,000 users from all around the world. Navigraph has become an organization in the flight simulation community pilots trust and rely on for navigational data. We, the Navigraph Development Team, recognize many names (and usernames). In forum posts and support emails over the years we have established a quite friendly rapport with many of you.

Information is Everywhere

We know that the foundation of Navigraph is the good relationship with our users. We listen to you via our support forum, support emails, and customer surveys. We plan our development according to what you pilots prefer and request. Moreover, you send us information about your computers and ask us to scan your computers to help you put databases in the right location. Recently we also introduced moving maps, which means that many of you are sending aircraft position reports to us so that we can relay this information to your tablet or web browser. In short, in this great relationship between you and Navigraph, there is quite some information flowing back and forth.

New Terms of Service

Enter GDPR. Navigraph is based in Sweden*. Some 44% of our users are located in a country in the European Union. Our services are hosted on servers all around the world. For this reason we have to consider the new European data protection law, GDPR, which takes effect today, the 25th of May. Therefore we have to update our Terms of Service and Privacy Policy. Since the terms affect all users, also the remaining 56%, we have to notify all of you.

Good news. We have taken this opportunity to simplify the Terms of Service quite a bit. The language less lawyer-like and more English and could actually be used like a FAQ, we hope. We also removed parts that seemed redundant, like what to do in the case of earthquakes. The new terms also contain a part which clearly explains how our services may be used. We hope it will make things easier for you.

And then there is the GDPR stuff...

GDPR

The General Data Protection Regulation (GDPR) (EU) 2016/679 governs the way we process the data which you have given to us, or which we have collected from you. Some prominent parts of the new law is that we, Navigraph, must review the data we store and make sure we know which data in our databases that is considered personal information. The new law also ensures that you have the right to edit and delete this personal information. You may have read about “the right to be forgotten” in media. Additionally, we, Navigraph, may only keep data which was collected for a particular purpose to which you have given your consent, and we may not reuse data to do things you haven’t agreed to. We must also keep your data in a secure place.

Done and Done

In most aspects we were conforming to GDPR already before starting our review. Our newly developed system design, encrypted storage, secure communication, account removal link, and honest newsletter sending policy were already in line with GDPR. The review process was quite interesting though and there are probably a few more places where we can still improve our data processing routines. If you have any questions about our GDPR compliance with regards to your account, please write us at account@navigraph.com.

All for now,

The Navigraph Development Team

*) No, not Switzerland. Two words: Ice hockey.

Anticipated Frequently Asked Questions

Q1: Do you store payment information, such as credit card information?
A1: No. You enter your payment information, both for PayPal and for your credit card, into a window which is managed by PayPal or our credit card payment provider. When the payment is done, Navigraph receives an ID number, called a payment token, which we use to run your subscription next time. Like this, no payment information is stored in our systems.

Q2: Can I be completely forgotten by your systems?
A2: Almost. Here are some extreme cases. If you have made a purchase, we need to store your name, username, user ID, country, and purchase history for 7.5 years due to Swedish tax laws. We will also keep any forum posts you have made as they are considered an archive.