1. Scope
2. Personal Information We Collect
3. How We Use Your Information
4. How We Disclose Your Information
5. Third-Party Links
6. Cross-Border Transfers
7. Your Choices
8. How We Secure Your Personal Information
9. Children’s Privacy
10. Information for EU, UK, and Swiss Individuals
11. Information for California Residents
12. Contact Us
13. Changes to this Policy

As used herein, “personal information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular PAC customer or vendor/supplier employee or consumer or his or her household. Your use of our Services and any dispute over privacy is subject to this Policy and our Terms of Use.

The Information we collect about you
We collect information about you directly from you and from third parties, as well as automatically through your use of our Services.

Information We Collect Directly From You Through the Site. 
The information we collect from you depends on how you use our Site. When you contact us through the Site, we may collect identifiers such as your name, email address, company name, country of origin, phone number, and your reasons for contacting us. The information we collect through the Site is controlled by Panasonic Avionics Corporation, which is headquartered in the United States at 26200 Enterprise Way, Lake Forest, CA 92630.

Information We Collect Automatically. 
We and our third-party service providers may use cookies or other tracking mechanisms to automatically collect information about your use of our Site or to authenticate your network sessions when you use your device to our connectivity services. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to understand aggregated activities at our Site.

For example, we use Google Analytics, which uses cookies and other tracking technologies to evaluate usage of our Site. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/. We also may use other analytics service providers that use cookies and other tracking technologies to evaluate our Site. We use these tools to help us improve our Site, performance, and user experiences.

Information collected includes the following identifiers and internet or other electronic network activity information about your use of our Site: your domain name, your browser type and operating system, web pages you view, links you click, your IP address, the length of time you visit our Site, and the referring URL, or the webpage that led you to our Site.

You can configure your browser to disable or block cookies, by navigating to the Help portion of the toolbar. Most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. If you delete your cookies, you may have deleted your opt-out status and may need to opt out again. To prevent your data from being used by Google Analytics, you can download the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout.

Information We Collect About Airline Passengers. 
The information we collect about airline passengers on behalf of our airline customers in association with IFE or other in-flight services. When you purchase WiFi or movies through the IFE, we collect contact information and unique identifiers, such as your name, address, payment information, purchase details, and devices used to access the IFE, including via the use of cookies on your devices. We may combine this information with information provided directly from the airline you are flying with such as your name, frequent flyer number, or flight number. Our airline customers determine the purposes for collecting and processing this information. For details, please contact your airline or review your airline’s privacy policy.

Information We Collect About Corporate Customers’ and Vendors’ Employees. 
In order to manage our customer relationships with our corporate customers, vendors, and suppliers and to provide access to our portals (e.g. myIFE, Hangar Developer Program, NEXT Cloud applications, and 319Insights), we collect identifiers and employment-related information about and from our customers’, vendors’, and suppliers’ employees. To access to our portals, you may provide us with identifiers or employment-related information such as your name, your job title and the name of your employer; your contact information, such as your business email and phone number; and the username and password you would like to use to access the portal. We may collect other employee identifiers to administer our contracts, manage our vendor/supplier due diligence process, and market our products and services to corporate customers. When you subscribe to our “What’s New” blog, we may collect information such as your name, email address, and profession.

As noted above, for information about how we process personal information regarding airline passengers in association with providing services to our airline customers, please contact your airline or review their privacy policy.

In other contexts, we use the information we collect in association with the Services and other operations, including personal information, for the following purposes:

• To provide our services, to provide access to our portals, to communicate with you about your use of our Site or Services, to respond to your inquiries, and for other customer service purposes.
• To tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Site.
• For marketing and promotional purposes. For example, we may use your information, such as your email address, to send you a welcome email, news, and newsletters when you subscribe to our What’s New blog, special offers, and promotions, or to otherwise contact you about products or information we think may interest you.
• To better understand how users access and use our Site, both on an aggregated and individualized basis, in order to improve our Site and respond to user desires and preferences, and for other research and analytical purposes.
• To administer surveys and questionnaires.
• To administer our customer and supplier/vendor contracts and relationships. For example, we will use a customer’s and supplier/vendor’s employee’s contact information to send our invoices or for communications purposes.
• To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal processes; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.
• To protect the safety, rights, property, or security of PAC, our services, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity that PAC, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; to conduct audits, and to enforce this Policy, our Terms of Use, or other agreements.

We may aggregate and/or de-identify personal information we collect and use or disclose it for any purpose. To the extent we de-identify any data originally based on personal information, we will maintain and use such data only in de-identified form and will not attempt to re-identify the data.

We disclose your information, including personal information, as follows:

• Affiliates. We disclose the information we collect on the Site and in association with the Services to our affiliates or subsidiaries for the purposes described in this Policy; however, if we do so, their use and disclosure of your personal information will be subject to this Policy.
• Other Providers. We disclose the information we collect from you to third -party vendors, service providers, contractors or agents who perform functions on our behalf. This includes, but is not limited to, third parties that provide data storage and communications services, research and analytics services, data enrichment, IT security services, and marketing support.
• Business Transfers. If we are or may be acquired by or merged with another company, if any of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer the information we have collected from you to the other company.
• Corporate Customers and Vendors. If you use the Services or interact with us on behalf of one of our customers, vendors, or suppliers, we may disclose your personal information to the relevant organization in order to maintain and administer our contract and relationship with the organization.
• In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal processes, such as in response to a court order, subpoena, or investigation.
• To Protect Us and Others. We also may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service, this Policy, other agreements, or as evidence in litigation in which PAC is involved.

Our Site may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.

PAC generally maintains servers and systems in the United States hosted by service providers. In accordance with this Policy, we also may subcontract the processing of your personal information or otherwise share your data with, other third parties in the United States or countries other than your country of residence outside of the European Economic Area. Whether your personal information is transferred to us in the United States or processed in other jurisdictions that are not subject to an adequacy decision, we ensure that it receives an adequate level of protection, including by entering into data processing agreements that incorporate, as appropriate, the European Commission’s Standard Contractual Clauses or other transfer mechanisms.

Data Privacy Framework. As part of our privacy compliance program, we participate in the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-US Data Privacy Framework (the “DPF”).

Please see the “Personal Information We Collect” section above for a description of the types of personal information that we collect. The “How We Use Your Information” section describes the purposes for which we process personal information. And the “How We Disclose Your Information” section describes our disclosures of personal information.)

PAC complies with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce. PAC has certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of Personal Data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom in reliance on the UK Extension to the EU-U.S. DPF. PAC has certified to the U.S. Department of Commerce that we adhere to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view out certification, please visit https://www.dataprivacyframework.gov/

When we transfer DPF-covered information to a third party acting as our agent, we remain liable if the agent processes such personal information inconsistent with the DPF Principles, unless we can establish that we are not responsible for the event(s) causing damage. We may be required to disclose personal information to the extent required to meet a legal obligation, including national security or law enforcement obligations and applicable law, rule, order, or regulation.

If you would like to exercise your DPF rights to access the personal information we process subject to the DPF, request that we limit our use or disclosure of personal information (such as opting out of certain disclosures of personal information to third parties or opting out of the processing of personal information for purposes materially different from those for which the information was originally collected or subsequently authorized), or exercise any of the other rights you may have (e.g., correction or deletion), please see the “Data subject rights” section below. Effective privacy protection must include robust mechanisms for assuring compliance with the DPF Principles, recourse for individuals who are affected by non-compliance with the DPF Principles, and consequences for the organization when the DPF Principles are not followed. Our Policy provides for (1) readily available independent recourse mechanisms by which your complaints and disputes will be investigated and expeditiously resolved at no cost to you and by reference to the DPF Principles, and damages awarded where the applicable law or private sector initiatives so provide; (2) follow-up procedures for verifying that the attestations and assertions we make about our privacy practices are true and that privacy practices have been implemented as presented and, in particular, with regard to cases of noncompliance; and (3) obligations to remedy problems arising out of our failure to comply with the Principles and compliance with any sanctions assessed against us.

Any questions or concerns regarding the use or disclosure of personal information should be directed to address listed in the Contact section of this Policy, below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information by reference to the principles contained in this Policy. In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, for complaints that cannot be resolved directly between us and you, we have agreed to participate in the following dispute resolution procedures in the investigation and resolution of complaints to resolve disputes pursuant to the DPF Principles: (1) for disputes involving employment-related personal information, including human resource (HR) data, received by us from the UK, EEA, or Switzerland in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship, we have agreed to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC); (2) for disputes involving all other personal information received by us from the EEA, in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, we have agreed to use International Centre for Dispute Resolution, a division of the American Arbitration Association dispute resolution (“ICDR/AAA”). Individuals who submit a question or concern to us and who do not receive acknowledgment of the inquiry or who think their question or concern has not been satisfactorily addressed should then contact the ICDR/AAA on the Internet (https://go.adr.org/dpf_irm.html), by mail, phone or by fax. The services of ICDR/AAA are provided at no cost to you. The website lists the addresses, phone/fax number for your location. Inquiries by mail or fax should identify Panasonic Avionics Corporation as the company to which a concern or question has been submitted, and include a description of the privacy concern, the name of the individual submitting the inquiry, and whether ICDR/AAA may share the details of the inquiry with us. ICDR/AAA will act as a liaison to our company to resolve these disputes. The dispute resolution process shall be conducted in English. Please note that we are also subject to the jurisdiction of the U.S. Federal Trade Commission and other U.S. government agencies. If your complaint is not resolved through the above channels, you may, in certain situations, invoke binding arbitration for some claims. For more information, see: https://www.dataprivacyframework.gov/program-articles/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization’s-Compliance-with-the-DPF-Principles

Promotional emails. We may send periodic promotional emails to you. You may opt-out of such promotional emails by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving promotional emails, we may still send you emails about your account or any services you have requested or received from us.

Data subject rights. Depending upon where you reside, you may have certain rights with respect to your personal information. If you wish to exercise your rights regarding personal information that we process on behalf of our airline customers, please contact the airline. The rights you may have regarding the personal information we process on our own behalf may include, for example, the rights to:

• Access your personal information: You may have the right to request access to the personal information that we hold about you and: (a) the source of your personal information; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal information may be transferred.
• Delete your personal information: You may have the right to request that we delete your information. We are not required to comply with your request to erase personal information if the processing of your personal information is necessary for compliance with a legal obligation or for the establishment, exercise, or deference of legal claims.
• Correct your personal information: You may have the right to request that we correct inaccurate information. If you have created an account to access any of our customer and vendor/supplier portals, you may update, modify, or delete the personal information that you have submitted by logging into your account and updating your information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Services for a period of time.
• Restrict the processing of your personal information: You may have the right to restrict the use of your personal information when (i) you contest the accuracy of the data; (ii) the use is unlawful but you do not want us to erase the data; (iii) we no longer need the personal information for the relevant purposes, but we require it for the establishment, exercise, or defense of legal claims; or (iv) you have objected to our personal information use justified on our legitimate interests verification as to whether we have a compelling interest to continue to use your data. We can continue to use your personal information following a request for restriction, where:
  • we have your consent; or
  • to establish, exercise or defend legal claims; or
  • to protect the rights of another natural or legal person.
• Data portability: To the extent that we process your information (i) based on your consent or under a contract; and (ii) through automated means, you may have the right to receive such personal information in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller.
• Object to the processing of your personal information: You can object to any processing of your personal information which has our legitimate interests as its legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
• Withdraw your consent: Where we process your personal information on the basis of your consent, you may withdraw that consent at any time.
• Non-discrimination: You will not be denied goods or services for exercising your rights, though we may still provide a different level of service as permitted by law; and
• Lodge a complaint: Where you believe we have not adequately addressed your data privacy rights, you may lodge a complaint with your local data protection authority.

If you would like to exercise any of the rights described above with respect to the personal information we process on our own behalf, please send us a request to privacy@panasonic.aero. In your message, please indicate the right you would like to exercise and the information that you would like to access, review, correct, or delete. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. We may not always be able to fully address your request, for example, if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way. Residents of California should consult the “Information for California Residents” section for more information about their rights and how to exercise them.

We have implemented reasonable security measures to protect the information we collect from unauthorized access, exfiltration, theft, loss, misuse, disclosure, alteration, or destruction. Please be aware that despite our best efforts, no data security measures can guarantee security.

You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

Our Site is not directed to children under the age of sixteen (16), nor do we market products or services to such children. We request that children do not provide personal information through our Site. We do not knowingly collect information from children under 16.

When we act as Data Controller: If we process your personal information in our capacity as a data controller, we collect, use, and share your personal information where we are satisfied that we have an appropriate legal basis to do this. This may be because:

• Our use of your personal information is in our legitimate interest as a commercial organization (for example in order to make improvements to our products and services and to provide you with information you request); you have a right to object to the processing as explained in the section below titled Your Legal Rights;
• Our use of your personal information is necessary to comply with a relevant legal or regulatory obligation that we have (for example, where we are required to disclose personal information to a court); or
• Our use of your personal information is in accordance with your consent (for example, when you consent to the receipt of a welcome email, news, newsletters, and marketing communications).

If we process your data as a Data Processor: Where we process your data in our capacity as a data processor on behalf of the Data Controller, you may exercise your data subject access rights by contacting your airline directly.

The below table summarizes our personal information collection, use, and sharing practices in the preceding 12 months since we last updated this Policy. As reflected in this table, we may disclose your personal information with the below entities.

Some of the personal information we collect (i.e., login credentials) may be considered sensitive personal information. We use and disclose such information only for those purposes permitted under California law.

We may disclose any of the personal information we collect:

• as required by law, such as to comply with a subpoena or other legal process, or to comply with government reporting obligations;
• when we believe in good faith that disclosure is necessary (a) to protect our rights, the integrity of the Services, or the safety or rights of you or others, or (b) to detect, prevent, or respond to fraud, intellectual property infringement, violations of our Terms of Use, violations of law, or other misuse of the Services; and
• to affiliates, service providers, advisors, and other third parties to the extent reasonably necessary to proceed with the negotiation or completion of a merger, acquisition, bankruptcy, or sale of all or a portion of our assets.

We do not sell or share personal information or sensitive personal information, including that pertaining to minors under the age of 16, as those terms are defined under California law.

Retention. We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:

• Maintain business records for analysis and/or audit purposes.
• Comply with record retention requirements under the law or other relevant legal or regulatory requirements.
• Defend or bring any existing or potential legal claims.
• Resolve complaints or inquiries.
• Preserve historical records of transactions.

Rights. You have the right to know what personal information we collect, use, disclose or sell about you under the California Consumer Privacy Act (“CCPA”). Additionally, you have the right to access, correct, and delete your personal information. Please note, if you are an airline passenger and would like to exercise your rights under the CCPA, please contact your airline directly.

To exercise these privacy rights and choices, please follow the instructions below:

• How to request access to your personal information: You may request access to your personal information twice in a 12-month period. To do so, please complete the webform in PAC’s Privacy Rights Portal at or call 1-800-716-1805. Note, we may not always be able to fully address your request, for example, if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
• How to request the correction of your personal information: You may request that we correct inaccurate personal information that we maintain about you. To do so, please complete the webform in PAC’s Privacy Rights Portal at or call 1-800-716-1805. Note, we may not always be able to fully address your request, for example, if we are legally entitled to deal with the request in a different way.
• How to request the deletion of your personal information: You may request that PAC delete the personal information it has collected and/or maintained about you. To do so, please complete the webform in PAC’s Privacy Rights Portal or call 1-800-716-1805. Note, we may need to retain certain personal information as permitted by law, detect security incidents, protect against malicious, deceptive, fraudulent or illegal activities, comply with legal obligations or to enable solely internal uses that are reasonably aligned with your expectations or lawful within the context in which you provided the information.

Verification. Please note, we will take steps to verify your identity before fulfilling any of the above requests. Depending on the nature of the information we maintain about you, we may request that you provide a copy of your California identification as well as to verify your e-mail address through an authentication e-mail.

Authorized Agents. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to you. In order to designate an authorized agent to make a request on your behalf, you must provide written proof that you have consented to this designation unless the agent has power of attorney pursuant to California Probate Code sections 4000-4465. You must also verify your identity directly with us by providing a copy of your government issued identification.

Response Timing and Format. We will respond to a verified consumer request for personal information within 45 days of receipt. If we require more time (up to 90 days), we will notify you of the reason and extension period in writing.

Anti-Discrimination Right. You have the right to be free from discrimination in product quality, goods or services if you choose to exercise your privacy rights under the CCPA.

If you have questions, comments, or concerns about the privacy aspects of our Site, please email us at privacy@panasonic.aero or if you have disability and need access to this privacy policy, please call us at 1-800-716-1805.

This Policy is current as of the Last Updated date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Site.