Privacy Policy

This Privacy Policy explains how FlightStratix ("we", "us", "our", or the "Company") collects, uses, stores, shares, and protects your personal information when you use our website, software platform, and related services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Who We Are

FlightStratix is an aviation software platform providing flight planning, crew scheduling, maintenance tracking, operations management, and related aviation solutions as a cloud-based Software-as-a-Service ("SaaS").

• Data Controller: FlightStratix
• Contact: [email protected]

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you provide directly to us, including:

• Account registration information: name, email address, company name, job title, phone number
• Billing information: billing address, company VAT/tax number. Payment card details are processed by our third-party payment processor and are never stored on our servers
• User content and data: any data you input into the Service, including flight data, crew information, maintenance records, operational data, and any other information uploaded or entered by you or your authorised users
• Communications: messages, support tickets, feedback, and correspondence you send to us

2.2 Information We Collect Automatically

• Device and browser information: IP address, browser type and version, operating system, device type, screen resolution, and language preferences
• Usage data: pages visited, features used, clicks, session duration, access times, referring URLs, and interaction patterns
• Cookies and similar technologies: as described in Section 10 below
• Log data: server logs, error reports, and diagnostic data

2.3 Information from Third Parties

We may receive information from third-party services you connect to the platform (e.g., single sign-on providers, aviation data providers, or integrated tools), and from publicly available sources.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Create and manage your account
• Process transactions and send related information
• Send technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and requests
• Send marketing communications (only with your consent — you may opt out at any time)
• Monitor and analyse trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions and abuse
• Comply with legal obligations, enforce our Terms and Conditions, and protect our rights

4. Legal Basis for Processing

We process your personal data on the following legal bases:

• Contract: processing necessary to perform our contract with you (providing the Service)
• Legitimate interests: improving our Service, fraud prevention, security, analytics, and marketing to existing customers
• Consent: where you have given explicit consent (e.g., marketing emails). You may withdraw consent at any time
• Legal obligation: where we are required to process data by law

5. Data Storage and Security

Your data is hosted on Amazon Web Services (AWS) in the United Kingdom. We implement industry-standard technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage.

Security measures include:

• Encryption of data in transit (TLS/SSL) and at rest
• Regular security assessments and audits
• Access controls and authentication mechanisms
• Regular backups and disaster recovery procedures
• Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We will never share your operational aviation data with competitors or use it for any purpose other than providing the Service to you. We may share your information only in the following circumstances:

• Service providers: hosting providers, payment processors, analytics providers, email services, and customer support tools that help us operate the Service. These providers are contractually bound to process data only on our instructions and in accordance with applicable data protection laws
• Legal and regulatory authorities: when required by law, court order, subpoena, or governmental request
• Business transfers: in connection with a merger, acquisition, reorganisation, or sale of assets, your data may be transferred to the successor entity
• With your consent: where you have given explicit permission to share with a named third party

7. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including countries that may not have equivalent data protection laws. Where such transfers occur, we implement appropriate safeguards including Standard Contractual Clauses (SCCs), adequacy decisions, or other legally recognised transfer mechanisms to ensure your data is protected.

8. GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). You have the right to:

• Access your personal data
• Rectify inaccurate or incomplete personal data
• Request erasure of your personal data (subject to legal obligations)
• Restrict processing of your personal data
• Data portability — request your data in a structured, machine-readable format
• Object to processing based on legitimate interests or for direct marketing
• Withdraw consent at any time where processing is based on consent
• Lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days (or as required by applicable law).

9. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. After account termination, we retain data for a period of 12 months to comply with legal obligations, resolve disputes, and enforce our agreements. After this period, data is permanently deleted or anonymised. You may request earlier deletion subject to our legal obligations.

10. Cookies

We use cookies and similar tracking technologies to operate and improve the Service. Types of cookies we use:

• Strictly necessary cookies: essential for the Service to function (login sessions, security tokens). Cannot be disabled
• Functional cookies: remember your preferences and settings
• Analytics cookies: help us understand how users interact with the Service (e.g., Google Analytics or similar)
• Marketing cookies: used to deliver relevant advertisements (only with your consent)

You can instruct your browser to refuse all cookies or manage preferences through our cookie consent tool. Disabling certain cookies may affect the functionality of the Service.

11. Children's Privacy

Our service is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected data from a child under 18, we will delete it promptly.

12. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date. For material changes, we will provide prominent notice (e.g., email notification or in-app banner). Continued use of the Service after changes constitutes acceptance.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• General enquiries: [email protected]