Introduction
Skydio, Inc. (“Skydio” or “We”) sells autonomous drones and the software, cloud services, and training services to unlock their full potential (our “Services”). We understand the value of your personal information. This policy describes the ways we collect, use, and share that information from visitors to skydio.com (our “Website”), our booths at trade shows or demonstrations, or other live events where we interact with prospective customers (collectively, “Visitors”), and from customers who use our Services (“Customers”). This Privacy Policy does not apply to our Customers’ usage of any drones, software, or other services that are sold as offline versions, including our X2D platform.
Personal Information
We use the California Consumer Privacy Act’s (“CCPA”) definition of “personal information,” which includes any information that identifies, relates to, describes, reference, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person, household, or device. Personal information does not include deidentified or aggregated consumer information.
Personal Information Collected by Skydio
Skydio collects the following categories of personal information, which are referenced throughout this Privacy Policy:
- Identifiers. Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name.
- California Consumer Records. Name, signature, address, telephone number, education, employment, employment history, bank account number, credit card number, other financial information, and any other categories enumerated in Cal. Civ. Code § 1798.80(e).
- Commercial Information. Records of personal property, products or services purchased, products or services obtained, products or services considered, other purchasing or consuming histories or tendencies.
- Internet Activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
- Geolocation Data. Physical location, movements. We collect derived geolocation data from Visitors and direct geolocation data from Customers.
- Professional or Employment-related Information. Current or past job history or performance evaluations. We collect this information from Visitors who are interested in working for Skydio.
- Inferences Drawn from Other Personal Information. Profiles reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
- Vehicle Information. Diagnostic information that relates to a specific vehicle, such as logs that contain device orientation, speed, location, system faults, obstacle detection, control feature usage information, or phone IMU measurements
How Skydio Uses Personal Information
We use personal information to perform our contractual obligations in relation to the products and services we offer, to fulfill a legal obligation, fulfill a specific purpose described to you at the point of collection, or to pursue our legitimate business interests. Specifically, we use personal information to:
- Provide our Services. We use our Customers’ identifiers, financial information, and internet activity to provide, support, and maintain our Services. We use geolocation data to provide, support, and maintain our Services with Customers who either subscribe to a Service that requires geolocation data, or submit logs for customer support services.
- Improve and operate our website. We collect information from Visitors to fulfill requests and orders, determine the popularity of different Website content, and conduct marketing campaigns (if allowed by a Visitor’s cookie preferences). We also provide region-appropriate content from a Visitor’s derived geolocation data. We use automatically collected personal information to estimate our audience size and usage patterns; store information about our Visitors' preferences to customize our Website according to their individual interests; speed up searches; and recognize returning Visitors.
- Answer your employment inquiries. When Visitors provide us with personal, professional, and employment-related Information in connection with an employment inquiry, we use that information solely to facilitate the evaluation and hiring process for open employment opportunities at Skydio.
- Enable sales and marketing operations. We collect some information, either directly or from third parties such as Bloomberg Government, ZoomInfo, GovWin, and LinkedIn (“Third Party Sources”), to enable sales and marketing operations. This information includes commercial information, California consumer records, and inferences drawn from other personal information. We may also tag you on social media sites with your permission.
- Keep you safe. We use Customers’ personal information to send technical notices, updates, security alerts, and support and administrative messages, to prevent, detect, and investigate fraudulent transactions and other illegal activities, and to protect the rights and property of Skydio and others.
- Keep you informed. We may use personal information to communicate with you about products, services, offers, promotions, rewards, and events offered by Skydio and others, and provide news and information we think will be of interest to you, in accordance with the limitations in this Privacy Policy and your preferences.
- Optimize and personalize user experiences. Your personal information allows us to personalize and improve the Services and provide advertisements, content, or features that match user profiles or interests. We may link or combine your personal information with information we get from others to help understand your needs and provide you with better service. On a larger scale, we use personal information to monitor and analyze trends, usage, and activities in connection with our Services.
We may also rely on consent as a lawful basis where we specifically ask for and receive it for the purposes disclosed at that time. Any consent we collect may be revoked at any time.
When Skydio Shares Personal Information
Skydio does not sell personal information.
Skydio may share your personal information with:
- Service Providers and Restricted Third Parties. We disclose some personal information to our Service Providers and to Restricted Third Parties to enable operations such as human resources, sales, and marketing. Under the CCPA, “Service Providers” are for-profit entities that receive information for a business purpose, process personal information on our behalf, and are contractually prohibited from retaining, using, or disclosing personal information for any purpose, commercial or otherwise, except as we or the CCPA specify. “Restricted Third Parties” receive personal information directly from us, for business purposes, and are contractually prohibited from selling your information and from retaining, using, or disclosing your personal information to anyone besides us, for any purpose other than performing the services we specify.
- Data Analytics Providers or Advertisers. Depending on individual Visitor’s cookie preferences, we may share your internet activity, network activity, or inferences drawn from other personal information and activity with our advertisers or data analytic providers. These parties are either Service Providers or Restricted Third Parties.
- Our Affiliates. We may disclose personal information that we collect or you provide between and among our current and future parents, subsidiaries, affiliates, and all other companies under common control and ownership for our or their own commercial purposes.
- Broadcast Remote ID. Starting September 16, 2022, Skydio drones with Remote ID built in will broadcast the information required under the FAA’s Remote ID Rule when operated within the United States or Japan. This includes the drone’s serial number, position, emergency status, and speed, the controller’s position, and a timestamp. You can find more information about Skydio and Remote ID here.
- Others. We may share any of your personal information: (1) to comply with any court order, law, or legal process, including to respond to any government or regulatory request to which Skydio legally may or must respond; (2) to enforce or apply terms and conditions applicable to your use of the Website or Services, including for billing and collection purposes; (3) to protect the rights, property, or safety of Skydio, our customers, or others, if we believe such disclosure is reasonably necessary in order to do so, or if we believe your actions are inconsistent with our user agreements or policies; (4) in connection with, or during negotiations of, any merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Skydio about our Website users is among the assets transferred; or (5) with your consent or at your direction.
Personal Information of Children Under the Age of 16
We do not knowingly collect personal information from children under 16 years of age. Our Website and Services are not intended for children under 16 years of age, and we ask that any children under 16 do not use our Website or Services. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we promptly delete that information. If you believe we might have any information from or about a child under 16, please contact us as provided below.
Automatic Data Collection on our Website
As noted above, we use automatically collected personal information to estimate our audience size and usage patterns; store information about your preferences to customize our Website according to your individual interests; speed up your searches; and recognize when you return to our Website. The technologies we use for automatic data collection may include:
- Cookies. A cookie, or browser cookie, is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, doing so may prevent you from accessing certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website in accordance with the preferences you set in our cookie banner. You can see a full list of our cookies at https://www.skydio.com/cookie-list.
- Web Beacons. Some pages within our Website or e-mail communications may contain small electronic files known as web beacons. These permit Skydio to verify when and from where those pages or websites are opened. These web beacons do not access or share any data stored on your device.
Where we automatically collect personal information from Users, we use it to provide the Services. Please note that throughout this Privacy Policy, “provide the Services” includes the functions listed in § 999.314(c) of the CCPA’s implementing regulations.
Choices About How We Use and Disclose Your Personal Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with control over your information:
- Device Information. When you first launch any of our mobile applications that collect information from your mobile device (e.g. location), you will be asked to consent to the application’s collection of this information. You can change these preferences at any time within your mobile device or application settings. You may also stop our collection of all such information by following the standard uninstall process to remove all of our mobile applications from your device. Your Skydio product uses GPS to collect location information during its normal operation. Because this information is required for safe flight, you cannot disable location collection on your Skydio product, but this information is never uploaded to Skydio unless you decide to do so.
- Tracking Technologies and Advertising. You can set your browser or use our cookie manager to determine the way that you interact with cookies on our Website.
- Promotional Offers from Skydio. If you do not wish to have your email address or other contact information used by Skydio to promote our own or third parties’ products or services, or wish to revoke your prior consent for Skydio to do so, you can opt-out at any time using the Email Marketing Preference Settings link at the bottom of any promotional email you have received from us. Please note that this opt out does not affect information provided to Skydio as a result of a product purchase, warranty registration, product service experience or other transactions.
- Targeted Advertising. If you do not want us to use automatically collected information to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by adjusting your preferences in our cookie manager. You can also opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website. For more information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please visit www.aboutads.info/choices. Your device may also include a feature (“Limit Ad Tracking” on iOS or “Opt Out of Interest-Based Ads” on Android) that allows you to opt out of having certain information collected through apps used for behavioral advertising purposes.
Submitting Requests to Exercise Data Subject Rights
Skydio Customers can review and change their account information by logging into their account within the Services. You may also send us an email at privacy+accessrequest@skydio.com, use our Access Request Portal at https://www.skydio.com/dataprivacy, or use toll-free number below to submit an “Access Request” and:
- Request access to, correction of, or deletion of any personal information that you have provided to us. We will provide this in a structured, commonly used and machine-readable format.
- Request the categories of personal information we collected about you.
- Request the categories of sources for the personal information we collected about you.
- Request our business or commercial purpose for collecting that personal information.
- Request the categories of third parties with whom we share that personal information.
- Request a list of our disclosures, for business purposes, of your personal information, which identifies the personal information categories that each category of recipient obtained.
- Request that we restrict processing concerning your personal information, where applicable.
- Object to our processing for direct marketing or other purposes, including any underlying profiling, where applicable depending on your particular situation.
Only you, your parent, or someone legally authorized to act on your behalf can submit an Access Request related to your personal information. To submit an Access Request as an authorized agent, please visit our Access Request Portal at the address noted above. You may only submit an Access Request twice within a 12-month period, unless the applicable law in your jurisdiction requires otherwise. Your Access Request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Please note that we cannot respond to your Access Request or provide you with personal information if we cannot verify your identity or authority to make the Access Request and confirm that the personal information relates to you. You do not need to create an account with us to submit an Access Request, but we may consider requests made through your password-protected account to be sufficiently verified when the Access Request relates to personal information associated with that specific account.
We will accommodate all Access Requests as required by applicable law, but please note that we may not be able to accommodate all requests. Specifically, we may deny your request to delete personal information if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
In some cases, we may be unable to accommodate your request without also deleting your user account. We will not accommodate any request to delete or change information if we believe the deletion or change would violate any law or legal requirement or cause the information to become incorrect.
If you are of the opinion that our processing of your personal information violates applicable data protection provisions, you may also have a right to lodge a complaint with a supervisory authority in your home state, the state where you work, or the state where an alleged infringement took place.
Access Request Response Timing and Format
We will confirm receipt of your request within 7 business days. If you do not receive confirmation within the 7-day timeframe, please send an email to privacy+policyquestions@skydio.com. We endeavor to substantively respond to a verifiable consumer request within thirty (30) days of its receipt. If we require more time, up to sixty (60) additional days, we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive or manifestly unfounded (e.g. because of its repetitive character). If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Non-Discrimination
Unless permitted by applicable law, we will not deny you goods or services, charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, provide you a different level or quality of goods or services, suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services, or otherwise discriminate against you for submitting Access Requests or exercising any of your other data privacy rights under applicable law.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information's value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. We do not currently offer any such incentives.
Data Security
We have implemented measures designed to secure the personal information we collect from unauthorized access, alteration, or deletion. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a user name, password, or other credentials for access to certain parts of our Website or Services (your “Credentials”), you are responsible for keeping those Credentials confidential. Do not share your Credentials with anyone.
International Data Transfers
Skydio is based in the United States, and our collection, use, and sharing of information is governed by United States law. We, and our service providers, will process the personal information we collect about you in the United States and certain other locations around the world in order to fulfill the purposes stated in this Privacy Policy. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Privacy Policy.
Data Retention
We will only retain your personal information for as long as necessary to fulfill the purposes of collection or to process it for or for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data; the potential risk of harm from unauthorized use or disclosure of your personal data; the purposes for which we process your personal data and whether we can achieve those purposes through other means; and the applicable legal requirements.
In some circumstances we may anonymize your personal information so that it can no longer be associated with you and is impossible to be restored, in which case such information will no longer be considered personal information under this Privacy Policy. We may use such information without further notice to you. We will retain and securely destroy former employee and contractor personal information in accordance with our data retention policy and applicable laws and regulations.
Changes to Our Privacy Policy
The date the privacy policy was last revised is identified at the top of this page. We will post a notice that the privacy policy has been updated on the Website home page and within the Services one week before any changes are implemented. If we make material changes to how we treat our Visitors’ or Customers’ personal information, we will also notify any Visitors or Customers for whom we have a current email address. If you would like to receive notice of these changes, you must maintain an up-to-date, active, and deliverable email address within your account or periodically visit our Website and this privacy policy to check for any changes.
Contact Information
To ask questions or comment about this privacy policy and our privacy practices, contact us at:
Skydio, Inc.
3000 Clearview Way
Building E
San Mateo, CA 94402
privacy+policyquestions@skydio.com, or via our toll-free number: 1-855-463-5902.