What information does MyOnlineJet collect?

MyOnlineJet may collect personal details such as name, email address, and usage data to improve services.

How does MyOnlineJet use collected data?

Collected data is used to provide services, improve user experience, and ensure platform security.

Is user data shared with third parties?

MyOnlineJet does not sell personal data but may share it with trusted partners when required by law or service delivery.

Privacy Policy | MyOnlineJet - Advanced Air Mobility Infrastructure

Notice: This Privacy Policy constitutes a legally binding notice pursuant to the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023.

1. PREAMBLE AND SCOPE OF AGREEMENT

1.1 Introduction. This Privacy Policy (“Policy”) constitutes a legally binding notice. MyOnlineJet (operated by iAlpha Technologies Private Limited) (“Company,” “we,” “us,” or “our”) recognizes data privacy as a non-negotiable element of operational integrity, particularly within the high-trust domain of mobility and aviation infrastructure.

1.2 Acceptance. By accessing any platform, application, service, API, or physical touchpoint operated by MyOnlineJet (collectively, the “Services”), you, the Data Principal (“you,” “your,” or “User”), expressly acknowledge that you have read, understood, and agreed to be bound by the terms of this Policy. If you do not agree, you must immediately discontinue use of the Services.

1.3 Applicability. This Policy applies to all natural persons who are: (a) Visitors and registered users of our digital platforms; (b) Beneficiaries of our mobility or infrastructure services; (c) Representatives of business partners, vendors, and stakeholders; (d) Any individual whose personal data is collected in connection with our operations.

2. DEFINITIONS AND INTERPRETATION

Capitalized terms not defined herein shall have the meaning ascribed to them under applicable data protection laws. For the purpose of this Policy:

“Data Fiduciary” means MyOnlineJet (iAlpha Technologies Private Limited), which determines the purpose and means of processing personal data.
“Data Principal” means the natural person to whom the personal data relates.
“Processing” means any operation performed on personal data, including collection, storage, adaptation, retrieval, use, disclosure, restriction, erasure, or destruction.
“Sensitive Personal Data” includes, but is not limited to, passwords, financial information, health data, official identifiers (e.g., Aadhaar, PAN), and biometric data.
“Vertiport” means any physical infrastructure used for takeoff, landing, and maintenance of vertical takeoff and landing (VTOL) aircraft.

3. TYPES OF DATA COLLECTED AND PURPOSES OF PROCESSING

Category	Specific Data Elements	Lawful Basis & Purpose
Identity & Contact Data	Full legal name, date of birth, email address, phone number, postal address	Contractual necessity (service delivery); Identity verification; Communication
Government & Verification Data	Government-issued ID numbers (PAN, Aadhaar, Passport), KYC status, biometric verification tokens	Legal obligation (anti-fraud, aviation security); Legitimate interest (safety)
Technical & Usage Data	IP address, MAC address, device fingerprints, browser type, operating system, session logs, clickstream data	Legitimate interest (security, fraud prevention, platform optimization)
Geolocation Data	Real-time precise location (GPS), altitude data, movement history, vertiport access timestamps	Consent (explicit opt-in); Contractual necessity (mobility service optimization)
Transactional & Financial Data	Payment instrument details (tokenized), billing address, transaction amount, invoice history, UPI reference IDs	Contractual necessity (payment processing); Legal obligation (tax reporting)
Operational Aviation Data	Booking manifests, flight preferences, weight and balance information, vertiport entry/exit logs	Legitimate interest (aviation safety, infrastructure planning)

4. SENSITIVE PERSONAL DATA

MyOnlineJet collects Sensitive Personal Data (e.g., biometric data from KYC, precise geolocation, financial data) only upon: (a) Explicit, affirmative consent obtained through a separate consent mechanism; or (b) Compliance with a legal obligation under aviation or anti-money laundering laws. Such data is processed with enhanced security controls, including encryption at rest and in transit, and is retained only for the duration strictly necessary for the declared purpose.

5. LEGAL BASES FOR PROCESSING

We process your personal data only if one of the following lawful grounds applies:

Consent: You have provided free, specific, informed, unconditional, and unambiguous consent.
Contractual Performance: Processing is required to fulfill our obligations under the Terms of Service.
Legal Obligation: Processing is mandated by any Indian law or regulation (e.g., DGCA directives, tax laws).
Legitimate Interest: Processing serves our legitimate interests (e.g., fraud detection, network security) provided such interests do not override your fundamental rights.

6. DATA SHARING, DISCLOSURE, AND THIRD-PARTY TRANSFERS

6.1 No Sale of Data. We do not, and will not, sell, rent, or trade your personal data to any third party for consideration or otherwise.

6.2 Categories of Recipients. We may disclose personal data to: Regulatory & Law Enforcement (DGCA, Ministry of Civil Aviation), Ecosystem Partners (eVTOL operators, vertiport landlords), Service Providers (cloud hosting, payment gateways), and Professional Advisors (auditors, legal counsel).

6.3 Government Access. We will disclose data to government agencies only upon receipt of a valid legal order. We reserve the right to challenge overbroad or unlawful requests.

7. CROSS-BORDER DATA TRANSFER

Personal data collected from Indian Data Principals may be transferred to servers or processors located outside India only in accordance with Chapter III of the Digital Personal Data Protection Act, 2023. For any international transfer, we ensure adequate safeguards through Standard Contractual Clauses (SCCs) or binding corporate rules.

8. DATA RETENTION AND DISPOSAL

We retain personal data only for as long as is necessary to fulfill the purposes outlined in Section 3, plus any statutory retention period required by Indian law (e.g., financial records for 8 years under the Income Tax Act; aviation passenger data for 5 years under DGCA regulations). Upon expiry, we permanently delete or irreversibly anonymize the data.

9. DATA SECURITY

We implement industry-standard security controls including AES-256 encryption for data at rest, TLS 1.3 for data in transit, Role-Based Access Control (RBAC) with mandatory MFA, and continuous auditing. In the event of a personal data breach, we shall notify the relevant authority and affected individuals within 72 hours.

10. YOUR RIGHTS AS A DATA PRINCIPAL

Right	Description	Limitations
Right to Access	Obtain confirmation and copy of your data	Cannot disclose trade secrets or data of other individuals
Right to Correction	Rectify inaccurate or incomplete data	Must be accompanied by verifiable proof
Right to Erasure	Request deletion of your data	Subject to legal retention obligations
Right to Withdraw Consent	Withdraw previously given consent	Withdrawal does not affect past processing
Right to Grieve	File a complaint with the Company and Data Protection Board	Exhaustion of internal redressal not mandatory

To exercise any right, submit a request to: contact@myonlinejet.com using the subject line “Data Principal Request – [Your Full Name]”. We will respond within 30 calendar days.

11. COOKIES AND TRACKING TECHNOLOGIES

Our websites use Strictly Necessary Cookies (cannot be disabled), Functional Cookies, Analytics Cookies, and Targeting Cookies (only with explicit consent). You may manage cookie preferences via our Cookie Consent Manager.

12. CHILDREN’S PRIVACY

Our Services are not directed to individuals under the age of 18. We do not knowingly collect data from Minors. If discovered, we shall delete it within 72 hours.

13. THIRD-PARTY LINKS AND SERVICES

The MyOnlineJet platform may contain hyperlinks to third-party websites. These third parties operate as independent Data Fiduciaries. This Policy does not apply to their practices.

14. AMENDMENTS AND MODIFICATIONS

We reserve the right to amend this Policy at any time. Material changes shall be communicated via a prominent banner on our website for at least 30 days prior to the effective date and via direct email to registered users. The “Last Updated” date at the top will be revised accordingly.

15. GRIEVANCE REDRESSAL MECHANISM

Grievance Officer: Data Protection Officer (DPO)
Email: contact@myonlinejet.com (for formal complaints & general inquiries)
Physical Address: iAlpha Technologies Private Limited, Jaipur, Rajasthan, India - 302017
Response Timeline: Acknowledgment within 24 hours; resolution within 15 business days.

16. GOVERNING LAW AND JURISDICTION

This Policy shall be governed by the laws of the Republic of India. Any dispute shall be subject to the exclusive jurisdiction of the courts located in Jaipur, Rajasthan, India.

17. FINAL COMMITMENT AND CONTACT

MyOnlineJet operates at the convergence of mobility and technology. We treat your personal data with the same rigor, discipline, and safety standards we apply to aviation operations. For any matter not explicitly addressed herein, please contact our legal department at contact@myonlinejet.com.

ACKNOWLEDGEMENT

BY CONTINUING TO USE MYONLINEJET'S SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE RECEIVED, READ, AND UNDERSTOOD THIS PRIVACY POLICY, AND YOU AGREE TO ITS TERMS. YOU PROVIDE YOUR FREE, SPECIFIC, INFORMED, AND UNCONDITIONAL CONSENT TO THE COLLECTION, PROCESSING, STORAGE, AND DISCLOSURE OF YOUR PERSONAL DATA AS DESCRIBED HEREIN.

Privacy Request Contact Us