BLADE FRANCE / BLADE MONACO

Privacy Policy

European Economic Area (EEA)/Monaco

Last updated: January 2023

This privacy policy (the “Privacy Policy”) is designed to provide users who are in the EEA and Monaco (“you”) of the services made available on www.blade.com (the “Site”) and the Blade application (the “App”, together with the Site “our Services”) with clear information relating to how Blade France (for EEA users) or Blade Monaco (for Monaco users) (“Blade”, “we”, “us” or “our”), as independent controllers, process your personal data.

Blade is concerned about the protection of your personal data and is committed to comply with all relevant data protection laws and regulations applicable, in particular, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”) and Monaco applicable laws on data protection (“Monaco Data Protection Law”).

Please note that our Services may contain links to third-party websites, apps, tools or services. Those third parties have separate and independent privacy policies that you are invited to read carefully. This Privacy Policy does not apply to your use of such third-party websites, apps, tools or services. We do not own or control those third parties, and we assume no responsibility or liability for their content and activities.

In this Privacy Policy, you will find the following information:

1. Who are we?
2. What type of personal data do we process from you?
3. Why and how do we use your personal data?
4. Who do we share your personal data with?
5. Is your personal data transferred internationally?
6. How long do we retain your personal data?
7. What are your rights?
8. Do we use cookies?
9. How can we modify this Privacy Policy?
10. How can you contact us?

1. 1.  Who are we?

Blade France is a French SASU (“société par actions simplifiée”), with a capital of 2,594,000.00 euros, having its registered office at quartier le Perrat, Hélistation de Grimaud, 83310 Grimaud, France, registered with the Paris Trade and Companies Registry under number 914 262 985 RCS Frejus.

Blade France has succeeded to the French companies Héli Sécurité and Azur which have transferred to Blade France their distribution and commercial activities. With respect to existing users of services provided by Héli Sécurité and Azur, their personal data have been transferred to Blade France. If you are in this situation but do not want Blade France to continue processing your personal data as described in this Privacy Policy, please send a request using the contact details specified at the end of this Privacy Policy.

Blade Monaco is a Monegasque SARL (“société à responsabilité limitée”), with a capital of 15,000.00 euros, having its registered office at Héliport de Monaco, avenue des Ligures, 98000 Monaco, registered with the Monaco Trade and Companies Registry under number 22S09221.

Blade Monaco has succeeded to the Monaco company Monacair which has transferred to Blade Monaco its distribution and commercial activities. With respect to existing users of services provided by Monacair, their personal data have been transferred to Blade Monaco. If you are in this situation but do not want Blade Monaco to continue processing your personal data as described in this Privacy Policy, please send a request using the contact details specified at the end of this Privacy Policy.

2.  What type of personal data do we process from you?

Existing users

We process the following categories of personal data that you provided to Héli Sécurité and Azur or Monacair, as relevant, when you used their services:

• Profile/account information – such as your last name, first name, email, phone number, login name and password, address, profile picture (optional);

• Travel booking and itinerary information – such as the times and dates of upcoming flights, pickup and drop off precise or approximative locations, details of your previous travel, and emergency contact information; and

• Transaction information – such as payment and invoice information (including related payment verification), type of services requested or provided, booking details, dates and time the services were provided, amount charged, payment method, and, if applicable, promotion code.

New users

We collect and process the following categories of personal data that you provided to us during your account creation or when you use our Services:

• Profile/account information – such as your last name, first name, email, phone number, login name and password, address, profile picture (optional);

• Travel booking and itinerary information – such as the times and dates of upcoming flight, pick up and drop off precise or approximative location, details of your previous travel, emergency contact information, and, as required by helicopter transportation related regulations and only for that purpose, your passport or ID references, as well as your weight. If you add other passengers to your booking file or book a flight for other people, we will also process their personal data. In this case, you will need to ensure, where appropriate, that they understand that we process their personal data and direct them to this Privacy Policy for further information, including on their rights;

• Information related to your content and communication – such as the information submitted by you when you provide ratings, contact our customer support or otherwise communicate with us or with the air carriers. This information may include rates, feedback, texts, photographs, date and time of the communication and other metadata relating to the content or communication; and

• Transaction information – such as payment and invoice information (including related payment verification), type of services requested or provided, booking details, date and time the service was provided, amount charged, payment method, and, if applicable, promotion code.

In some cases, we will also collect personal data about you indirectly from other sources:

• any person you may have asked to book or to make an inquiry on your behalf using our Services; and

• government and law enforcement authorities providing us with personal identification and background information when they are involved in official inquiries.

We will inform you whenever the provision of your personal data to us is not mandatory, at the time of collection of such data. Otherwise, the collection of your personal data will be necessary in order to allow us to achieve the purposes listed below.

3.  Why and how do we use your personal data?

We only use the personal data collected through our Services when we have a legal basis to do so and for the purposes outlined below.

Processing necessary for the performance of the contract

We process your personal data for the management of our relationship on the basis of the contract entered into between Blade and you in order to:

• provide you with our Services;
• send you communications related to the services requested or booked;
• manage our relationship and carry out any related administration, including customer support;
• enable communications between you and the air carriers;
• send passenger name and weight information to air carriers for weight, balance, and manifest records;
• operate and administer promotions you participate in through our Services; and
• process payments you make via our Services.

Processing relying on legitimate interests

We rely on our legitimate interests in order to:

• maintain and enhance our Services’ security, as well as your safety when you use our Services;
• prevent fraudulent transactions within our Services;
• improve our Services and your booking experience;
• send you marketing communications regarding products/services similar to our Services, when consent is not required under applicable law for that purpose; and
• comply with non-EEA/Monaco laws, as relevant, and respond to requests from, and other communications with, competent public, governmental, judicial or other regulatory authorities, respond to valid legal process, investigate or participate in civil discovery, litigation, or other legal proceedings, or protect or defend your rights, property or security or ours, including by investigating potential violations of or enforcing our Terms of Service.

If you wish to obtain further details regarding our legitimate interests, please contact us by sending a request using the contact details specified at the end of this Privacy Policy.

Processing relying on your consent

We rely on your prior consent in order to:

• send you marketing communications to promote our Services or those of our partners as specified on the relevant consent form, and invite you to events, unless the consent is not required under applicable laws; and
• store cookies on your device as described in our Cookies Policy.

In this regard, please note that you have the right to withdraw your consent at any time (without affecting the processing previously carried out) by sending a request using the contact details specified at the end of this Privacy Policy.

We only collect and process personal data relating to minors under the age of 18 with the prior consent of their parents or guardians. If personal data concerning minors under the age of 18 is collected without this consent via our Services, parents or guardians have the possibility to object to the corresponding processing or to request the deletion of said data.

Processing relying on legal obligation

We process your personal data to comply with applicable law and legal obligations to which we are subject, namely laws and regulations related to tax, accounting, security, immigration, and trade and economic sanctions.

4.  Who do we share your personal data with?

For the purposes referred to under this Privacy Policy, we may need to share certain personal data with certain recipients. Such recipients will either act as another independent controller or as a processor acting on our behalf and upon our instructions.

We share your personal data with processors which provide us with the services necessary for the achievement of the purposes described above, i.e., the air carriers in charge of providing you with the air transportation services, Blade Urban Air Mobility, Inc., located in the U.S., in charge of providing various IT services to us, including maintenance and hosting of the website and the application, as well as our third party providers who provide services such as payment processing, user analytics, and email marketing and delivery. These third parties are only permitted to use your personal data to the extent necessary to enable them to provide their services to us. They are required to follow our express instructions and to comply with appropriate security measures to protect your personal data.

We may also communicate your personal data to the following independent controllers:

• the air carriers, for regulatory purposes, in order to comply with the regulatory requirements applicable to them when providing air transportation services to you;
• any person or authority when disclosure is required by law, regulation or a judicial decision;
• any person or authority if such disclosure is necessary to protect or defend your rights, property or security or ours; and
• any other person, subject to your prior consent.

In any event, we do not and will not sell your personal data to any third party.

5.  Is your personal data transferred internationally?

When we share personal data to the entities mentioned above, it may imply transfers of your personal data outside of the EEA or Monaco, in the locations of the air carriers in charge of providing you the transportation services, such as in the United States and the United Kingdom.

Certain countries outside the EEA have been approved by the European Commission as providing an adequate protection and therefore no additional safeguards are required to export personal data to these countries. Regarding Monaco, certain countries outside Monaco have been recognized as providing an adequate protection as well and no additional safeguards are required to export personal data to these countries. In countries which have not been recognized as providing an adequate protection, these international transfers are carried out in the framework of:

• the Standard Contractual Clauses adopted by the European Commission (except if the transfer is necessary for the establishment, exercise or defence of legal claims as set out by the GDPR) for data transfers subject to the GDPR;  
• appropriate security guarantees and subject to the prior authorization from the Monaco Data Protection Authority (“Commission de Contrôle des Informations Nominatives” or “CCIN”) for data transfers subject to the Monaco Data Protection Law.

If you wish to obtain further details regarding such safeguards, please contact us by sending a request using the contact details specified at the end of this Privacy Policy.

6.  How long do we retain your personal data?

We will retain your personal data for no longer than is necessary for the purposes identified under this Privacy Policy. Please note that the data retention period actually applied by Blade may vary, depending on the relevant purpose.

With respect to the Services provided to you, we will keep your personal data during the period of our contractual relationship, extended by the applicable statute limitation period. With regard to marketing communications with prospects, we will keep your personal data for three (3) years after the last contact with you.

With respect to the processing carried out in order to protect or defend your rights, property or security or ours, we will keep your personal data for the time of the relevant dispute or statute limitation period. As to the processing carried out in order to comply with a legal obligation, we will keep your personal data for the duration of such obligation.

Upon expiry of the applicable data retention period, we will erase or anonymize the relevant personal data.

7.  What are your rights?

You have various rights in relation to the processing of your personal data, depending on the relevant situation.

1. Right to Access

You have the right to request confirmation that we process your personal data and, in this case, to receive a copy of it.

2. Right to rectification

You have the right to request the rectification of your personal data if you find that it is inaccurate.

3. Right to erasure

You have the right to request the erasure of your personal data. This right can only be exercised in certain cases where one of the grounds set out in Article 17 of the GDPR or under Monaco Data Protection Law applies. This may include, for example, personal data that is no longer necessary for the purposes for which we collected it or that has been unlawfully processed.

4. Right to data portability

You have the right to receive a copy of your personal data provided to us, in an interoperable format. Where appropriate and technically feasible, you may also request the transfer of such data directly to another data controller.

5. Right to restriction of processing

You have the right to obtain the restriction of processing of your personal data. This right can be exercised for the grounds provided for in Article 18 of the GDPR or under Monaco Data Protection Law, in particular when you dispute the accuracy of your personal data. This right does not give rise to data erasure.

6. Right to object

You have the right to object to the processing of your personal data. This means that you can ask us to stop processing your personal data. This right only applies when processing is based on our legitimate interest. For example, you can object at any time and free of charge to the processing of your personal data for direct marketing communications.

If you wish to exercise any of these rights, please contact us using the contact details specified at the end of this Privacy Policy. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the above rights you would like to enforce. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to provide you with information on action taken further to your request without undue delay and, in any event, within one (1) month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.

In any case, you also have the right to lodge a complaint with the competent data protection authority in the country of your habitual residence, place of work or place of an alleged infringement if you consider that the processing of your Personal Information carried out by us infringes the GDPR or Monaco Data Protection Law.

8.  Do we use cookies?

Cookies are small text files that are placed on your device when you browse our Site or App. For more information on cookies we use (i.e., the types of cookies we use, how we use them and how to manage your cookie settings), please visit our Cookies Policy.

9.  How can we modify this Privacy Policy?

We reserve the right to change this Privacy Policy at any time. In case there is a substantial change, we will notify you in this respect. If such change to the Privacy Policy requires your consent with respect to any processing contemplated in the updated version of the Privacy Policy, you will have the choice to consent as to whether or not we may use your personal data in a different manner.

10.  How can you contact us?

If you have any questions, you can contact us at the following address: privacy@blade.com. You can also contact our Data Protection Officer via email at dpo@blade.com.