Privacy Policy

Techsaero.com
Operated by Aurelius Capital Limited
Last Updated: 25 February 2026

1. Introduction

This Privacy Policy explains how Aurelius Capital Limited, a company incorporated in England and Wales under company number 17036964, with registered office at 20 Wenlock Road, London, England, N1 7GU (“Company”, “we”, “us”, “our”), collects, uses, stores, transfers and protects personal data when operating www.techsaero.com (“Website”).

This Policy applies to individuals located within the United Kingdom, the European Union and the European Economic Area.

We are committed to protecting personal data in accordance with:

  • The UK General Data Protection Regulation (UK GDPR)
  • The EU General Data Protection Regulation (EU GDPR)
  • The Data Protection Act 2018
  • Applicable EU Member State data protection laws

2. Data controller

For the purposes of applicable data protection law, the data controller is:

Aurelius Capital Limited
Company No: 17036964
Registered Office: 20 Wenlock Road, London, England, N1 7GU
Email: info@techsaero.com

The Company determines the purposes and means of processing personal data collected through the Website.

3. Scope of processing

We process personal data in connection with:

  • Online retail of civilian drones and accessories
  • Order processing and delivery
  • Payment authentication
  • Fraud prevention
  • Customer support
  • Legal and regulatory compliance

We do not operate as a marketplace and do not facilitate third-party peer-to-peer sales.

4. Categories of personal data collected

We may collect and process the following categories of personal data:

4.1 Identity Data

  • First name
  • Last name
  • Title (if provided)

4.2 Contact Data

  • Email address
  • Telephone number
  • Delivery address
  • Billing address

4.3 Transaction Data

  • Products purchased
  • Order value
  • Transaction timestamps
  • Payment metadata
  • Order history

4.4 Technical Data

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Time zone setting
  • Cookies and tracking identifiers

4.5 Usage Data

  • Website interaction data
  • Clickstream data
  • Page response times
  • Session duration

4.6 Fraud Prevention Data

  • Risk scoring indicators
  • Transaction verification status
  • Device fingerprinting outputs
  • Authentication logs

We do not intentionally collect special category data (such as health data, biometric data, political opinions, etc.).

5. Sources of data

Personal data may be obtained:

  • Directly from you when placing an order
  • Through payment processing providers (e.g., Stripe)
  • Through automated technologies such as cookies
  • Through fraud prevention tools integrated into payment systems

6. Legal bases for processing (article 6 gdpr)

We rely on the following lawful bases:

6.1 Performance of Contract

Processing necessary to fulfil orders, process payments, and deliver products.

6.2 Legal Obligation

Processing necessary for:

  • Tax compliance
  • Accounting requirements
  • Consumer protection obligations
  • Regulatory reporting

6.3 Legitimate Interests

Including:

  • Fraud prevention
  • Chargeback prevention
  • Website security
  • Business continuity
  • Dispute handling

We conduct balancing assessments where legitimate interest is relied upon.

6.4 Consent

Where required (e.g., non-essential cookies), processing is based on user consent.

7. Payment processing

Payments are processed securely via Stripe.

  • We do not store full card numbers.
  • Payment authentication may include 3D Secure.
  • Stripe may act as an independent controller for financial transaction data.
  • Payment metadata may be retained for fraud prevention and evidential purposes.

8. Fraud monitoring and automated processing

To protect against fraud and chargeback abuse:

  • Transactions may undergo automated risk scoring.
  • Behavioural analysis may be performed.
  • IP address and device data may be evaluated.
  • Geolocation inconsistencies may be flagged.

No solely automated decision producing legal effects is made without the possibility of human review.

Where enhanced due diligence is required (e.g., high-value transactions), additional identity verification may be requested.

9. Data sharing

Personal data may be shared with:

  • Payment processors (e.g., Stripe)
  • Logistics providers (e.g., DHL, UPS)
  • IT hosting providers
  • Fraud prevention service providers
  • Professional advisers (legal, accounting)
  • Regulatory or law enforcement authorities where legally required

All third parties are required to process personal data lawfully and securely.

10. International transfers

Where personal data is transferred outside the UK or EEA:

  • Transfers rely on adequacy decisions where available.
  • Otherwise, Standard Contractual Clauses (SCCs) or equivalent safeguards are implemented.
  • We ensure appropriate technical and organisational protections are in place.

11. Data retention

We retain personal data only for as long as necessary.

11.1 Accounting Records

Retained for a minimum of six (6) years under statutory requirements.

11.2 Fraud & Dispute Data

May be retained longer where necessary for evidential purposes.

11.3 Technical Logs

Retained for security monitoring for a limited duration.

After retention periods expire, data is securely deleted or anonymised.

12. Data security

We implement appropriate technical and organisational measures including:

  • SSL encryption
  • Secure hosting environments
  • Restricted employee access
  • Tokenised payment processing
  • Access logging and monitoring
  • Regular system reviews

No system can guarantee absolute security; however, we take commercially reasonable measures to protect data.

13. Data subject rights

Under GDPR, individuals have the right to:

  • Access personal data
  • Rectify inaccurate data
  • Request erasure (subject to legal limitations)
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent (where applicable)

Requests may be submitted via info@techsaero.com.

We may require identity verification before responding.

14. Complaints

UK residents may lodge complaints with:

Information Commissioners Office (ICO)

EU residents may lodge complaints with their local supervisory authority.

We encourage contacting us first to resolve concerns.

15. Children’s data

The Website is not intended for individuals under 18 years of age.

We do not knowingly collect personal data from minors.

16. Cookies

The Website uses:

  • Essential cookies (required for functionality)
  • Analytical cookies (subject to consent)
  • Security-related cookies

Full details are available in our Cookie Policy.

17. Changes to this policy

We may update this Privacy Policy periodically.

The latest version will always be published on the Website.

© 2026 All rights reserved.
Successfully added to your cart.