International Freight Drone, Inc. (“IFD”) respects individual privacy and values the confidence of its customers, employees, vendors, consumers, business partners and others. IFD strives to collect, store, process and distribute Personal information in a manner consistent with the laws of the countries in which it does business and has a tradition of upholding the highest ethical standards in its business practices. IFD participates in and abides by the EU-U.S. Privacy Shield Framework developed by the U.S. Department of Commerce and the European Commission. This Data Protection and Privacy Policy (the “Policy”) sets forth the privacy principles that IFD follows with respect to Personal information transferred to IFD from anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein, and Norway).

PRIVACY SHIELD

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles to enable U.S. companies to satisfy the requirement under EU law that adequate protection be given to Personal information transferred from the EU to the United States (EU-U.S. Privacy Shield Framework). To learn more about the Privacy Shield program, and to view IFD’s certification, please visit http://www.privacyshield.gov/list.

IFD has a Global Data Protection Officer who assists in ensuring compliance with this Policy and data security issues. IFD educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. IFD’s Global Data Protection Officer, Jesse Lipscher, and its Global Privacy Office are available to any of its valued employees, customers, vendors, business partners or others who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein. IFD is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission with respect to the Privacy Shield Framework.

SCOPE

This Policy applies to all Personal information received by IFD in any format including electronic, paper or verbal. IFD collects, stores and processes Personal information concerning current and former employees, as well as applicants for employment through its Internet websites, its intranet site, electronic mail and manually. IFD will not sell or share this information with third parties in ways different than what is disclosed in this Policy. On a global basis, IFD will establish and maintain business procedures that are consistent with this Policy. Notwithstanding the foregoing, IFD has separate policies governing the processing of applicants and employee personal data and external personal data in those countries that are members of the EU. These policies are consistent with EU data protection law.

IFD collects, stores, and processes Personal information from current and past employees and applicants for employment, such as name, contact information, government identifier, financial account information, and family information. This information is maintained at the Corporate and Regional HQ level by IFD and its authorized agents, depending on the level of the position as well as the local office of the employee or applicant. IFD collects Personal information for employment related purposes and legitimate human resource business reasons such as personnel and job candidate administration and assessment, recruitment and staffing; payroll administration; absence monitoring; training and development; management planning; appraisal and promotion; union negotiation; production and publication of company address books and telephone and e-mail directories; managing email and other communication systems; production of employee Identity cards; monitoring the use of company resources; information to contact close relatives in case of emergency; filling employment positions; administration and operations of its benefit and compensation programs; meeting governmental reporting requirements; security, health and safety management; performance management; company network access; managing and administering the Ethics HelpLine; facilitating workplace communications; workforce analytics, and authentication. IFD does not request or gather information regarding political opinions, religion, philosophy or sexual preference. To the extent IFD maintains information on trade union membership, medical health, race or ethnicity, IFD will protect, secure and process that information in a manner consistent with this Policy and applicable law.

IFD also collects, stores, and processes Personal information from prospective customers, consumers, vendors, professional advisers and consultants, distributors, dealers, suppliers, business partners and others, such as name, contact information, assist in the administration of employee benefit and compensation programs, and financial or other payment information. This information may be maintained at its corporate offices in Woodbury, New York, or at other IFD facilities, and its authorized agents, consistent with local legislation. IFD collects this Personal information for, among other things, legitimate business reasons such as processing and fulfilling orders; customer service; the provision of services or products to IFD, product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; marketing; internal marketing research; safety and performance management; financial and sales data; and contact information. All Personal information collected by IFD will be used for legitimate business purposes consistent with this Policy.

IFD may process and disclose Personal information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which an IFD business is acquired by or merged with another business, or sells, liquidates, or transfers all or a portion of its assets.

IFD also may process or disclose Personal information as is reasonably necessary or legally required on important public interest grounds, to respond to lawful requests by public authorities (including to meet national security or law enforcement requests), to meet governmental reporting or records requirements, or for the establishment, exercise or defense of legal claims by IFD or other companies within its corporate group.

DEFINITIONS

For purposes of this Policy, the following definitions shall apply:

“Agent” means any third party that processes Personal information provided by IFD to perform tasks on behalf of or at the instruction of IFD.

“IFD” means International Freight Drone, Inc., its subsidiaries, divisions and groups, with brands such as Cognitive Container and Carga Cognitiva.

“Personal information” means any information or set of information that identifies or could be used by or on behalf of IFD to identify an individual. Personal information does not include information that is anonymized, or publicly available information that has not been combined with non-public Personal information.

“Sensitive Personal information” means Personal information that reveals race, ethnic origin, trade union membership, political opinions, or religious or philosophical beliefs, that concerns health or sex life, or that contains criminal records. In addition, IFD will treat as Sensitive Personal information any Personal information received from a third party where that third party treats and identifies the Personal information as sensitive

PRIVACY PRINCIPLES

IFD commits to subject the Personal information covered by this policy to the following principles:

• NOTICE: Where IFD collects Personal information directly from individuals, it will inform them about the purposes for which it collects, stores and processes Personal information about them, the types of non-Agent third parties to which IFD discloses that information, and the choices and means, if any, IFD offers individuals for limiting the use and disclosure of their Personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal information to IFD, or as soon as practicable thereafter, and in any event before IFD uses the information for a purpose other than that for which it was originally collected.
• CHOICE: IFD will offer individuals the opportunity to choose (opt-out) whether their Personal information is

1. To be disclosed to a non-Agent third party, or
2. To be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

For Sensitive Personal information, IFD will give individuals the opportunity to consent (opt-in) to the disclosure of the information affirmatively and explicitly to a non-Agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

IFD will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.

• DATA INTEGRITY AND PURPOSE LIMITATION: IFD will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. IFD will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete, and current.

• ACCOUNTABILITY FOR ONWARD TRANSFER: IFD uses third-party Agents to assist us in accomplishing the purposes described in this Policy, for example to support our customers, perform technical operations, and store and transmit data. IFD will confirm that any third party to which it discloses Personal information will appropriately safeguard the privacy of that Personal information. Examples of appropriate privacy safeguards include: a contract obligating the third party to provide at least the same level of protection as is required by the relevant privacy principles, the third party being subject to EU data protection law, Privacy Shield certification by the third party, or the third party being subject to another European Commission adequacy finding (e.g., companies located in Switzerland). Where IFD has knowledge that a third party is using or disclosing Personal information in a manner contrary to this Policy, IFD will take reasonable steps to prevent or stop the use or disclosure. IFD holds third parties to which it discloses Personal information accountable for maintaining the trust our employees and customers place in the company. IFD may remain liable under the Privacy Shield Principles if any Agent processes Personal information in a manner inconsistent with the Privacy Shield Principles, unless IFD first demonstrates that it is not responsible for the event giving rise to the damage.

• ACCESS AND CORRECTION: Upon request, IFD will grant individuals reasonable access to Personal information that it holds about them. In addition, IFD will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. Any employees that desire to review or update their Personal information can do so by contacting their local Human Resources Representative.

• SECURITY: IFD will take reasonable precautions to protect Personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration, and destruction. IFD protects data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of sensitive Personal information. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. IFD limits access to Personal information and data to those persons in IFD organization, or as Agents of IFD, that have a specific business purpose for maintaining and processing such Personal information and data. Individuals who have been granted access to Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so.

Suppliers, vendors and other third parties shall report any data breaches or potential data breaches of Personal information by completing the Data Breach Incident Form.

• RECOURSE, ENFORCEMENT AND LIABILITY: IFD will conduct compliance audits of its relevant privacy practices to verify compliance with this Policy and the relevant privacy principles. Any employee that IFD determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.

DISPUTE RESOLUTION

Any questions or concerns regarding the use or disclosure of Personal information should be directed to the IFD Data Protection and Privacy Office at the address given below. IFD will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between IFD and the complainant, IFD has agreed to participate in the dispute resolution procedures of the panel established by the EU data protection authorities to resolve disputes pursuant to the relevant privacy principles.  In some circumstances, complainants may be able to appeal these decisions by invoking binding arbitration. All of these dispute resolution mechanisms are free of charge to you.

INTERNET PRIVACY AND COOKIES

IFD sees the Internet, intranets and the use of other technologies as valuable tools for communicating and interacting with consumers, employees, vendors, business partners and others. IFD recognizes the importance of maintaining the privacy of Personal information collected through websites that it operates. IFD’ sole purpose for operating its websites is to provide information concerning products and services to the public. In general, visitors can reach IFD on the Web without revealing any Personal information. Visitors on the Web may elect to voluntarily provide Personal information via IFD websites but are not required to do so. IFD collects information from visitors to the websites who voluntarily provide Personal information by filling out and submitting online questionnaires concerning feedback on the website, requesting information on products or services, or seeking employment. The Personal information voluntarily provided by website users is contact information limited to the user’s name, home and/or business address, phone numbers and email address. IFD collects this information so it may answer questions and forward requested information. IFD does not sell this information. (See our California Consumer Privacy Notice for further clarifications on “selling” activities as defined under the California Consumer Privacy Act)

IFD may also collect anonymous information concerning website users through the use of “cookies” in order to provide better customer service. “Cookies” are small files that websites place on users’ computers to identify the user and enhance the website experience. Company personnel periodically audit IFD’ commercial websites to determine what cookies are used on each. The cookies used are typically not intrusive and are not typically connected to visitors’ contact or other identifiable information. Visitors may set their browsers to provide notice before they receive a cookie, giving the opportunity to decide whether to accept the cookie. Visitors can also set their browsers to turn off cookies. Visitors can learn how to control or delete cookies used on IFD’s websites by visiting http://www.aboutcookies.org for detailed guidance. If visitors do suppress the website cookies, however, some areas of IFD websites may not function properly.

The table below describes the cookies used on www.internationalfreightdrone.org.

Session Cookies

We use a session cookie that lasts for the duration of your visit to our site and is used for load balancing.

User data is not linked to any of your contact information.

Persistent Cookies for Site Analytics

Google Analytics – we use this to understand how the site is being used to improve the user experience. User data is not linked to any of your contact information.

You can find out more about Google’s position on privacy as regards its analytics service at https://support.google.com/analytics/answer/6004245?hl=en

Adobe Analytics – we use this to understand how the site is being used to improve the user experience. User data is not linked to any of your contact information.

You can find out more about Adobe’s position on privacy as regards its analytics service at https://docs.adobe.com/content/help/en/analytics/technotes/privacy-overview.html

Few, if any, of IFD’s websites are directed toward children. Nevertheless, IFD is committed to complying with applicable laws and requirements, such as the United States’ Children’s Online Privacy Protection Act (“COPPA”)

IFD websites may contain links to other “non-IFD” websites. IFD assumes no responsibility for the content or the privacy policies and practices on those websites. IFD encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of IFD.

EUROPEAN UNION – GDPR

• As mentioned, this Policy sets forth the privacy principles that IFD follows with respect to Personal information transferred to IFD from anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein and Norway).

If you are working with our affiliates in the EU or are a data subject in the EU protected by GDPR, you can invoke your rights under GDPR towards the relevant EU IFD affiliate that controls your personal data at local, national level for the performance of the day-to-day operations of the relevant affiliate, each acting as a separate controller.  For all cross-border processing of personal data in the EEA at group level, the controller is International Freight Drone, Inc., established at 246 Fairhaven Blvd, Woodbury, NY 11797 USA (“IFD”).  With respect to such cross-border processing of individuals in the EEA, IFD has as main establishment in the EEA: IFD/Ingersoll Rand International, Ltd., Alma Court Building, Lenneke Marelaan 6, 1932 St-Stevens-Woluwe, Belgium, with Belgian company number 0826.378.038 (“IR Ltd. Belgian Branch”).

• For job applicants, employees and former employees of our EU IFD affiliates, separate notices and policies exist in line with EU law, which inform them about our data processing and their rights.

When you are not a job applicant, employee or former employee, we hereunder inform you about your rights under GDPR and how to perform them.  In such case, the processing of personal data by the relevant IFD entities may be based on the necessity to perform a contract with you or in order to take steps at your request prior to entering into a contract, because we have a legal obligation to do so, or because it is in our legitimate interest to do so (for instance if you are working for one of our suppliers or customers who have to receive your data for normal business operations, or because you want to browse through our website), or, alternatively, may be based on your consent (for instance when you have consented to the use of your personal data for direct marketing purposes).

• Under the GPDR individuals have:
  • the right of access to the personal data that the relevant controller processes about the individual concerned, as well as a right of rectification and erasure of their data;
  • the right to obtain from the relevant controller restriction of processing of the individual’s personal data, and the right to object to the processing;
  • the right to obtain from the relevant controller in a structured, commonly used and machine-readable format, the personal data the individual has communicated to the controller in order to transmit this data to another controller (the so-called “right to data portability”),
  • the right to withdraw at all times the individual’s consent with respect to the processing which would possibly be based on the individual’s consent, without affecting the lawfulness of processing based on consent before its withdrawal;
  • the right to lodge a complaint with the competent supervisory authority.

The performance of these rights may be subject to certain conditions and exceptions as provided by the GDPR.  Individuals who want to perform these rights can do so by contacting:

For current IFD Employees: Current EU employees can submit data inquiry requests from the IFD intranet under the menu options MyResources / Policies and Procedures / GDPR Data Subject Requests

For any other Individuals: GDPR Data Subject Request Form

Or:

IFD Privacy Inquiries
Attention: Global Privacy/IFD Legal
246 Fairhaven Blvd
Woodbury, New York
11797
Attention: Global Data Protection and Privacy Officer

The inquiries should include the individual’s name, address, and other relevant contact information (phone number, email address). IFD may require that you provide additional information to verify your identity and will use all reasonable efforts to honor such requests as quickly as possible and within the time limits set forth by applicable law.

• Except as otherwise permitted or required by applicable law or regulatory requirements, the relevant IFD entity that controls your personal data retains personal data only for as long as necessary to fulfill the legitimate business purposes for which the personal data was collected (including, for the purpose of meeting any legal, tax, accounting or other reporting requirements or obligations). If destroying or erasing personal data is not mandatory by law, we may make it anonymous such that it cannot be associated with or tracked back to the individual.  Local IFD entities may have policies that deviate from the above.

• Our EU affiliates may transfer personal data to IFD Company in the US for the purposes specified in this Privacy Policy or for other purposes communicated to you.  As mentioned above, IFD is certified under the EU – U.S. Privacy Shield Framework developed by the U.S. Department of Commerce and the Europe Commission, which provides appropriate safeguards for this transfer.

With respect to other transfers outside the EEA to third party suppliers, IFD ensures adequate personal data protection through the implementation of standard contractual clauses – as recognized by the European Commission- with these third-party suppliers, or it will work with suppliers who are also certified under the EU – U.S. Privacy Shield Framework.

CALIFORNIA CONSUMER PRIVACY ACT (CCPA)

California Residents please review our CCPA Privacy Notice and Consumer Rights Request Process

CHANGES TO THIS POLICY

The practices described in this Policy are current Personal data protection policies as of February 2021. IFD reserves the right to modify or amend this Policy at any time consistent with the requirements of the relevant principles and applicable law. Appropriate notice will be given concerning such amendments.