Privacy Policy

DroneEye ("we", "us", or "our") operates a drone pilot marketplace at droneeye.com (the "Platform"). This Privacy Policy explains what personal data we collect, how we use it, and your rights regarding that data.

By creating an account or using the Platform, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Platform.

We collect the following categories of personal data:

• Account data: name, email address, username, password (hashed), and role (Client or Pilot).
• Profile data: phone number, address, city, country, company name, tax information, and profile picture.
• Pilot-specific data: drone fleet details, qualifications (documents, certificates, licenses), skill categories, gallery images, and showreel links.
• Mission data: mission briefs, applications, status history, and chat messages.
• Review data: star ratings and written comments submitted after mission completion.
• Usage data: IP address, browser type, pages visited, and session duration, collected via server logs.

• To provide, operate, and maintain the Platform and its features.
• To process pilot profiles and uploaded qualification documents.
• To match clients with suitable pilots based on location, skill, and equipment.
• To send transactional notifications about mission activity, chat messages, and account actions.
• To resolve disputes and enforce our Terms of Service.
• To improve the Platform through aggregate, anonymised analytics.
• To comply with legal obligations.

We do not sell your personal data to third parties. We do not use your data to train machine learning models.

Where GDPR applies, we rely on the following legal bases:

• Contract performance — to fulfil your account and mission-related requests.
• Legitimate interests — to prevent fraud, ensure security, and improve the Platform.
• Legal obligation — where required by applicable law.
• Consent — for optional communications (e.g. product newsletters), which you can withdraw at any time.

We retain your account data for as long as your account is active. If you request account deletion, we will delete or anonymise your personal data within 30 days, except where retention is required by law (e.g. tax records, which we retain for 7 years).

Mission data and reviews are retained indefinitely to maintain the integrity and accuracy of the platform's reputation system.

We share personal data only in the following circumstances:

• Between platform users: clients can view pilot public profiles; pilots can view mission details posted by clients. Direct contact information is never shared automatically.
• Service providers: hosting infrastructure, file storage, and email delivery providers, under data processing agreements.
• Legal requirements: if required by court order, law enforcement, or other legal process.
• Business transfers: in the event of a merger or acquisition, users will be notified before data is transferred.

We use strictly necessary cookies for authentication (HttpOnly refresh token) and session management. We do not use advertising cookies, third-party tracking pixels, or analytics cookies without your consent.

Depending on your location, you may have the following rights:

• Right of access — request a copy of the data we hold about you.
• Right to rectification — request correction of inaccurate data.
• Right to erasure — request deletion of your personal data.
• Right to data portability — receive your data in a structured, machine-readable format.
• Right to object — object to processing based on legitimate interests.
• Right to withdraw consent — for any consent-based processing.

To exercise any of these rights, contact us using the details in Section 10.

We implement appropriate technical and organisational measures to protect your data, including TLS encryption in transit, bcrypt password hashing, HttpOnly session cookies, and role-based access control. See our Security page for more detail. Security page for more detail.

For privacy enquiries or to exercise your rights, contact us at:

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or an in-platform notification at least 14 days before changes take effect. Continued use of the Platform after the effective date constitutes acceptance of the updated policy.