DECTYR
Back to the Knowledge Hub

Building a drone (UAS) policy for your organisation

What to put in your internal UAS policy: authorised use, no-fly rules, incident response, evidence handling and how to coordinate with police and aviation authorities.

Last updated : April 30, 20269 min read

A drone policy (UAS Policy) spells out what your organisation tolerates, forbids and does in case of an incident. It is also a deliverable requested by insurers, auditors and public authorities. Here is the backbone of an operational policy.

Scope and definitions

Define the scope explicitly (sites covered, airspace boundaries, height), the types of drones concerned (leisure, professional, delivery, internal services) and the actors (employees, contractors, media, law enforcement).

Quote the binding texts: EU Regulation 2019/947, French Order of 27 December 2019 (signalement électronique), Order of 3 December 2020 (professional use), and any sector-specific text (critical infrastructure operators, defence, energy, correctional).

Authorised uses and notification process

List the cases where a flight is allowed on your site: maintenance by a qualified contractor, technical inspection, communication imagery, civil security drill. Mandate a notification form with lead time (D-7 or D-14), pilot identity, drone serial and operator number.

Appoint a single point of entry (UAS focal point) to validate flights and coordinate with security.

No-fly zones and signage

Map your no-fly zones (helipads, tank walls, listed buildings, VIP perimeters). Share the map with regular contractors and your security team; post it at access points where appropriate.

Incident process and evidence handling

In case of an unauthorised overflight: who is called first? How long to mobilise? Who logs the incident? The signed PDF report generated by the DECTYR RX-5 or DECTYR Hub serves as evidence: timestamped detection, trajectory, Remote ID if available, distance to the site.

Store evidence for the duration set in the policy (often 12 or 24 months) under access control. Critical infrastructure operators may face longer retention requirements.

Coordination with the authorities

Identify your contacts in advance: local police precinct, prefectural security advisor, aviation authority for the aviation angle. Prepare a ready-to-send information pack (under 30 minutes) including internal report, VMS clip and signed PDF report.

FAQ

Should the UAS policy be public?

External publication (partner extranet, corporate site) is useful for contractors and insurance communication. The detailed security procedures, however, should remain internal.

How often should it be updated?

Annual review is the minimum. Across 2025-2026, the rapid evolution of EU rules (move to 100 g) justifies more frequent follow-ups.

Does the UAS policy protect the organisation legally?

It does not exempt anyone from following the rules, but it demonstrates the employer’s due diligence, which weighs positively in case of third-party claims or insurance challenges.

Related guides

Drone fundamentals: what is a drone?

What a drone really is, how it communicates with its pilot, and the categories you will encounter in the field — from sub-250 g consumer quadcopters to fixed-wing professional aircraft.

Drone applications: how are drones used today?

A practical tour of legitimate and illegitimate drone uses — inspection, mapping, agriculture, photography, smuggling, espionage — and what each one means for your security plan.

Drone laws: regulations in France, the EU and the USA

An operator-friendly overview of EASA categories, French Alphatango rules, FAA Part 107 and Remote ID — to understand who can legally fly, where, and how you can enforce it.

Take the DECTYR RX-5 for a spin

Discover what's in your airspace before committing to a permanent counter-UAS system. Our experts walk you through the platform and prepare a tailored offer.

Talk to an expertView specs