Effective Date: April 9, 2026
Range (collectively referred to as “Range,” “we,” “us,” or “our”), are committed to protecting the privacy and security of the personal data entrusted to us by our customers, partners, website visitors, and other stakeholders.
This Data Privacy Policy (“Policy”) describes how we collect, use, disclose, retain, and protect personal information when you visit our websites (flyrange.com, and any Range-branded websites), use our products and services, or otherwise interact with us.
This Policy is designed to comply with applicable data protection laws, including but not limited to: the General Data Protection Regulation (EU) 2016/679 (“GDPR”); the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”); and other applicable U.S. federal and state privacy laws.
This Policy applies to all personal information collected through our websites, applications, products, services, and any offline interactions such as trade shows, events, or direct communications. It applies to:
• Visitors to our websites and online platforms
• Business customers, prospects, and partners (B2B contacts)
• Users of our products and services, including autonomous robotics platforms
• Individuals who communicate with us via email, phone, or other channels
• Job applicants and employees (to the extent not covered by a separate employee privacy notice)
• Contact information: name, email address, phone number, company name, job title, and mailing address
• Account information: login credentials, user preferences, and profile data
• Transaction and billing information: purchase orders, invoices, payment method details (processed by third-party payment processors), and shipping addresses
• Communications: inquiries, support requests, feedback, and correspondence submitted through forms, emails, or other channels
• Event and marketing information: registration details for webinars, trade shows, and other events
• Device and browser information: IP address, device type, operating system, browser type and version, screen resolution, and language preferences
• Usage data: pages visited, links clicked, time spent on pages, referring URLs, and navigation paths
• Cookies and similar technologies: cookies, web beacons, pixels, local storage, and similar tracking technologies (see Section 10 for details)
• Log data: server logs, error reports, and access timestamps
• Geolocation data: approximate geographic location derived from IP address
• Business partners and resellers who refer or transact on your behalf
• Publicly available business databases and directories
• Analytics providers, advertising networks, and marketing platforms
• Social media platforms when you interact with our social media pages or log in through social authentication
We process personal information for the following purposes:
• To provide, maintain, and improve our products and services, including autonomous robotic mapping and software platforms
• To process transactions, manage accounts, and fulfill contractual obligations
• To communicate with you, including responding to inquiries, providing customer support, and sending service-related notifications
• To send marketing and promotional communications (where you have opted in or where permitted by law)
• To personalize your experience and provide content relevant to your interests
• To conduct analytics and research to improve our websites, products, and services
• To detect, prevent, and address fraud, security threats, and technical issues
• To comply with legal obligations, enforce our terms, and protect our rights and the rights of others
• To facilitate business transactions such as mergers, acquisitions, or asset sales
If you are located in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, we rely on the following legal bases under the GDPR to process your personal data:
|
Legal Basis |
Description |
|
Contractual Necessity |
Processing necessary to perform our contract with you or to take pre-contractual steps at your request (e.g., fulfilling orders, managing accounts). |
|
Legitimate Interests |
Processing necessary for our legitimate business interests, such as marketing to existing customers, improving our services, fraud prevention, and network security, where these interests are not overridden by your fundamental rights. |
|
Consent |
Where you have given clear, affirmative consent for a specific processing activity (e.g., subscribing to newsletters, accepting non-essential cookies). You may withdraw consent at any time. |
|
Legal Obligation |
Processing necessary to comply with applicable laws, regulations, court orders, or governmental requests. |
We may share your personal information with the following categories of recipients:
• Service providers and processors: Third parties who assist us in operating our websites, processing payments, delivering products, conducting analytics, sending emails, and providing customer support. These providers are contractually obligated to protect your data and may only process it on our behalf.
• Business partners and resellers: Trusted partners involved in the delivery of products and services to you, subject to appropriate data protection agreements.
• Affiliates and subsidiaries: Exyn Technologies, Inc. and Range may share personal information between them for the purposes described in this Policy.
• Legal and regulatory authorities: When required by law, regulation, legal process, or enforceable governmental request, or to protect the rights, property, or safety of Exyn, our customers, or the public.
• Business transfers: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring entity.
We do not sell personal information as defined under the CCPA/CPRA. We do not share personal information for cross-context behavioral advertising purposes unless you have provided opt-in consent.
If you are located in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:
• Right of access: request a copy of the personal data we hold about you
• Right to rectification: request correction of inaccurate or incomplete data
• Right to erasure: request deletion of your personal data, subject to certain exceptions
• Right to restriction of processing: request that we limit how we process your data
• Right to data portability: receive your data in a structured, commonly used, machine-readable format
• Right to object: object to processing based on legitimate interests or for direct marketing
• Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing
• Right to lodge a complaint: file a complaint with your local data protection authority
If you are a California resident, you have the following rights under the CCPA/CPRA:
• Right to know: request disclosure of the categories and specific pieces of personal information we have collected, the sources of collection, the purposes for collection, and the categories of third parties with whom we have shared your information
• Right to delete: request deletion of your personal information, subject to certain exceptions
• Right to correct: request correction of inaccurate personal information
• Right to opt out of sale or sharing: direct us not to sell or share your personal information for cross-context behavioral advertising. We do not currently sell personal information.
• Right to limit use of sensitive personal information: if applicable, you may limit our use of sensitive personal information to purposes necessary to provide the services you have requested
• Right to non-discrimination: we will not discriminate against you for exercising any of your privacy rights
We honor Global Privacy Control (GPC) signals and other opt-out preference signals as valid requests to opt out of the sale or sharing of personal information, as required by applicable law.
Residents of states with comprehensive privacy legislation (including but not limited to Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others) may have similar rights to access, correct, delete, and opt out of certain processing. We will honor valid requests in accordance with applicable state law.
To submit a privacy request, please contact us using the information provided in Section 16 below. We will verify your identity before processing your request using reasonable methods such as matching the information you provide with the records we maintain. Authorized agents may submit requests on your behalf with proper verification.
We will respond to verifiable requests within the timeframes required by applicable law (generally within 30 days under GDPR and 45 days under CCPA/CPRA, subject to permitted extensions).
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, contractual, or reporting requirements.
Retention periods are determined based on:
• The nature and sensitivity of the data
• The purposes for which we process the data
• Applicable legal, regulatory, and contractual requirements
• The potential risk of harm from unauthorized use or disclosure
When personal information is no longer required, we will securely delete or anonymize it in accordance with our data retention schedule and applicable law.
We implement appropriate technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to:
• Encryption of personal data in transit (TLS/SSL) and at rest where appropriate
• Access controls and authentication mechanisms to limit access to authorized personnel
• Regular security assessments, vulnerability scanning, and penetration testing
• Employee training on data protection and information security best practices
• Incident response procedures to address potential data breaches promptly
No method of transmission or storage is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.
Our websites use cookies and similar technologies to enhance your browsing experience, analyze website traffic, and personalize content. The types of cookies we use include:
|
Cookie Type |
Purpose |
Legal Basis |
|
Strictly Necessary |
Essential for website functionality (e.g., security, session management) |
Legitimate interest / Contractual necessity |
|
Performance / Analytics |
Collect anonymized data about website usage to improve performance and content |
Consent |
|
Functional |
Remember your preferences, language, and settings for a personalized experience |
Consent |
|
Marketing / Targeting |
Deliver relevant advertisements and measure campaign effectiveness |
Consent |
You can manage your cookie preferences through our cookie consent banner displayed upon your first visit, or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality of our websites.
We honor Do Not Track (DNT) browser signals and Global Privacy Control (GPC) signals as opt-out requests in jurisdictions where required by law.
Exyn Technologies, Inc. and Range are headquartered in the United States. If you are located outside the United States, your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.
For transfers of personal data from the EEA, UK, or Switzerland to the United States or other countries not deemed to provide an adequate level of data protection, we rely on appropriate safeguards, including:
• Standard Contractual Clauses (SCCs) adopted by the European Commission
• UK International Data Transfer Agreement or UK Addendum to the EU SCCs, as applicable
• Supplementary measures, including technical and organizational safeguards, as appropriate based on transfer impact assessments
• The EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework, to the extent applicable and certified
You may request a copy of the safeguards we use for international transfers by contacting us at the address provided in Section 16.
Exyn and Range do not currently engage in automated decision-making or profiling that produces legal effects or similarly significant effects on individuals, as described under Article 22 of the GDPR. If we introduce such processing in the future, we will update this Policy and provide you with meaningful information about the logic involved, the significance of such processing, and the envisaged consequences.
We may use automated tools for analytics, fraud detection, and service optimization. These tools assist our personnel in making decisions but do not make decisions with legal or similarly significant effects without human review.
Our websites and services are not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal data from a child, we will take steps to delete such information promptly. If you believe that a child has provided us with personal information, please contact us using the information in Section 16.
Our websites may contain links to third-party websites, applications, or services that are not operated or controlled by Exyn or Range. This Policy does not apply to such third-party services. We encourage you to review the privacy policies of any third-party services you access through our websites.
We may update this Policy from time to time to reflect changes in our practices, applicable laws, or regulatory guidance. When we make material changes, we will notify you by posting the updated Policy on our websites with a revised effective date. We may also provide additional notice, such as email notification, for significant changes. We encourage you to review this Policy periodically.
If you have questions, concerns, or requests regarding this Data Privacy Policy or our data practices, please contact us:
Exyn Technologies, Inc.
Attn: Privacy Team
Email: privacy@exyn.com
Website: www.exyn.com
Physical Address: 2118 Washington Ave Suite 1000 Philadelphia, PA 19146
For data subjects located in the EEA, UK, or Switzerland, you may also contact your local data protection authority to lodge a complaint if you believe your rights have been violated.
For California residents, you may also submit a privacy request through the “Do Not Sell or Share My Personal Information” link on our website, if applicable.
The following disclosures are provided in accordance with the CCPA/CPRA for California residents. This appendix supplements the main body of this Policy.
|
CCPA Category |
Examples |
Source |
|
Identifiers |
Name, email, phone, company name, IP address |
Directly from you; automatic collection |
|
Commercial Information |
Purchase history, transaction records, billing information |
Directly from you; service providers |
|
Internet / Electronic Activity |
Browsing history, search history, interactions with our website |
Automatic collection |
|
Geolocation Data |
Approximate location from IP address |
Automatic collection |
|
Professional / Employment Information |
Job title, company, professional background |
Directly from you; business partners |
|
Inferences |
Preferences, characteristics, and interests derived from collected data |
Internal analysis |
Exyn and Range do not sell personal information as defined under the CCPA/CPRA. We do not share personal information for cross-context behavioral advertising unless you have provided opt-in consent.
We do not collect or process sensitive personal information as defined under the CCPA/CPRA (e.g., Social Security numbers, financial account credentials, precise geolocation, racial or ethnic origin, or biometric information) beyond what is necessary to provide our products and services.
|
Category |
Retention Period |
|
Identifiers |
Duration of business relationship plus 3 years, or as required by law |
|
Commercial Information |
Duration of business relationship plus 7 years (tax and audit requirements) |
|
Internet / Electronic Activity |
Up to 26 months from collection (analytics); session-based for strictly necessary cookies |
|
Geolocation Data |
Up to 26 months from collection (tied to analytics data) |
|
Professional / Employment Information |
Duration of business relationship plus 3 years |
|
Inferences |
Retained only as long as the underlying data is retained; deleted or anonymized thereafter |
Financial Incentive Programs
We do not offer financial incentive programs tied to the collection, retention, or sale of personal information.
