Logo
Take the Quiz

FlightPal LLC Privacy Policy

Effective Date: September 28, 2025

Last Updated: September 28, 2025

1. Introduction

FlightPal LLC ("FlightPal", "we", "us", or "our") provides websites, mobile applications, and related services (collectively, the "Services"). This Privacy Policy explains how we collect, use, share, and protect your information, and outlines your rights and choices under laws in the United States (including California, Virginia, Colorado, Connecticut, Utah, Washington, and others), the United Kingdom, and the European Economic Area (EEA).

Our Services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. By using the Services, you agree to the practices described here. If you do not agree, please do not use the Services.

Important: FlightPal provides educational content and self‑help tools for fear of flying. We are not a medical provider and do not offer professional medical advice or treatment. We also do not collect protected health information under HIPAA.

2. Information We Collect

2.1 Information You Provide Directly

This may include:

  • Account & Contact: name, email, password, and similar identifiers.
  • Self‑reported wellness inputs: journal entries, survey responses, or AI chat messages you choose to enter about your feelings, anxieties, or reflections related to flying. We treat this data with heightened care and do not infer medical diagnoses from it.
  • FlightReady scores and inferences: we may generate a score or insights about your readiness/anxiety level based on your inputs to personalize your experience. These are not used to make decisions with legal or similarly significant effects on you.
  • Payment: billing name, billing address, and payment method details (processed securely by third‑party processors like Stripe; we do not store full card numbers on our servers).
  • Support & Communications: content of messages you send to us and optional testimonials or survey feedback.

2.2 Information Collected Automatically

When you use our Services, we automatically collect:

  • Device & Log Data: IP address, device type, OS/browser version, pages/screens viewed, timestamps, referrers, interaction events (clicks, taps, scrolls), and error/crash data.
  • Approximate Location: derived from IP or device settings (e.g., country or city). We do not collect precise GPS unless you explicitly enable it.
  • Cookies/Similar Tech: cookies, pixels, and device identifiers for essential functions, preferences, analytics, and—where allowed—advertising/retargeting.

2.3 Information from Third Parties

If you choose to connect FlightPal with third‑party services (e.g., social login) we may receive basic profile details (like name and email) or other information with your permission. We will inform you and obtain appropriate permission before enabling new integrations.

2.4 California Categories of Personal Information (CPRA)

  • Identifiers: name, email, account ID, IP address.
  • Customer records: payment/transaction info.
  • Internet/electronic activity: as described above.
  • Geolocation data: general location (non‑precise).
  • Inferences: insights like FlightReady score or content recommendations.
  • Sensitive information: wellness‑related data you choose to provide; handled with heightened care and used only to provide the Services.

We do not collect biometric identifiers, government IDs, or protected health information under HIPAA.

3. How We Use Your Information

We use personal data to:

  1. Provide and improve the Services: operate the app/site, personalize content (including FlightReady insights), fix bugs, analyze trends, and develop features.
  2. Manage accounts and provide support: authentication, account administration, and responding to requests.
  3. Analytics & research: understand usage to improve effectiveness; we may use aggregate/de‑identified metrics.
  4. Communicate: service emails (e.g., confirmations, security alerts) and, where permitted, marketing messages you can opt out of.
  5. Payments: process subscriptions and purchases.
  6. Security & fraud prevention: protect users and our platform; enforce Terms.
  7. Legal compliance: meet legal, regulatory, and tax obligations.

If we use your information for materially new purposes, we will notify you and obtain consent where required.

5. How We Share Information

We do not sell your personal information for money. We share data only as needed to run our business and provide the Services:

5.1 Service Providers (Processors)

  • Payments: processors like Stripe.
  • Cloud/Infrastructure & Storage: secure hosting and databases.
  • Analytics/Debugging: usage and performance insights.
  • Customer communications: email/helpdesk tools.
  • AI platform providers: if an AI engine is used to generate responses to your inputs, content may be sent to that provider solely to deliver the feature.

These providers are contractually bound to protect and use data only as instructed.

5.2 Business Partners (Future)

We do not currently share personal information for joint programs. If we introduce partnerships (e.g., with airlines or coaches), we will share data only with your knowledge/consent and update this Policy.

5.3 Advertising & Analytics

We may use advertising/analytics cookies or pixels. Sharing of identifiers for cross‑context behavioral advertising may be considered a “sale”/“sharing” in some jurisdictions. You can opt out—see Cookies & Tracking and Your Rights.

5.4 Legal, Safety, and Corporate Transactions

We may disclose information to comply with law, protect rights/safety, or in mergers/acquisitions, with appropriate safeguards.

5.5 Affiliates & Contractors

Personnel and contractors supporting the Services (e.g., in the US/EU/UK) may access data as needed under confidentiality obligations and our direction.

5.6 With Your Consent

We share additional data when you direct us to do so (e.g., testimonials, integrations).

6. Cookies and Tracking Technologies

We use cookies and similar technologies for essential functionality, preferences, analytics, and—in some regions—advertising.

  • Consent: where required (e.g., EEA/UK), we seek consent for non‑essential cookies.
  • Manage: adjust browser settings and use our on‑site cookie controls (where available).
  • Global Privacy Control (GPC): we honor GPC signals as requests to opt out of “sale”/“sharing” for targeted advertising for that browser.
  • Do Not Track: no current industry standard; we respond to GPC as described.

7. Data Security

  • Encryption in transit and at rest for sensitive data.
  • Access controls and monitoring on secure, cloud‑based infrastructure.
  • Incident response and required notifications.
  • No method is 100% secure; use a strong, unique password and protect your credentials.

8. Data Retention

We retain personal data only as long as necessary for the purposes described or as required by law.

  • Account data: kept while your account is active; upon deletion, we remove or anonymize data except where retention is legally required or permitted (e.g., tax records, security logs). Backups may retain residual copies briefly.
  • Aggregated/de‑identified data: may be retained for analytics.

9. International Data Transfers

We operate primarily from the United States. For UK/EEA/Swiss users, where data is transferred to countries without an adequacy decision, we rely on Standard Contractual Clauses (SCCs) and apply supplementary measures as needed.

10. Your Rights and Choices

10.1 All Users

  • Access/Know and Portability
  • Correction
  • Deletion (subject to legal exceptions)
  • Withdraw consent (where processing is based on consent)
  • Opt out of marketing communications

10.2 EEA/UK

  • Object or restrict in certain circumstances (e.g., to processing based on legitimate interests).
  • No solely automated decisions with legal or similarly significant effects.

10.3 U.S. State Rights (CA/VA/CO/CT/UT and others)

  • Opt‑out of targeted advertising and any “sale”/“sharing” of personal information.
  • Appeal a denied request (where applicable; see Appeals below).
  • Limit use of sensitive information (we already limit sensitive wellness data to providing the Services).
  • Non‑discrimination for exercising your rights.

We do not knowingly sell/share data of consumers under 16.

To exercise rights, contact us at privacy@tryflightpal.com. We generally respond within the time required by law (e.g., 45 days under CCPA, one month under GDPR).

11. Washington & Nevada Consumer Health Data Notice

For Washington (My Health My Data Act) and Nevada SB 370 residents, certain wellness inputs you provide (e.g., fear‑of‑flying levels, journal entries, mood) may be considered “consumer health data”. We collect this data directly from you to provide and improve the Services, personalize your program, and track progress. We do not sell this data or disclose it for advertising. We share it only with service providers under contract, at your direction, for legal/safety reasons, or during corporate transactions, and only as permitted by law.

Your additional rights may include: access, correction, deletion, portability, and withdrawal of consent. To exercise these, use the contact methods below. We will verify requests given the sensitivity of the data.

12. Dispute Resolution and Appeals

We aim to resolve concerns directly. If we decline to act on a privacy request, you may appeal by replying to our response and stating you wish to appeal. We will respond in the timeframe required by law (e.g., 45 days in Virginia). Where available, you may also contact your state’s regulator if unresolved.

Any disputes otherwise arising from this Policy shall be handled as set forth in our Terms (including binding arbitration in Wilmington, Delaware, where permitted by law).

13. Children’s Privacy

Our Services are not directed to children under 18, and we do not knowingly collect personal information from them.

14. Updates to This Privacy Policy

We may update this Policy from time to time. If material changes occur, we will update the “Last Updated” date and, where appropriate, provide additional notice (e.g., email or in‑app notice). Your continued use of the Services after changes indicates acceptance.

15. Contact Us

To ask questions, exercise rights, or appeal a decision, contact us:

FlightPal LLC

131 Continental Dr, Suite 305

Newark, Delaware 19713, USA

Email: privacy@tryflightpal.com

Website: www.tryflightpal.com

We do not discriminate against you for exercising your privacy rights. Some features may not function if you request deletion or opt out of certain processing.

Acknowledgment

By using FlightPal, you acknowledge that you have read and understand this Privacy Policy and agree to its terms regarding how we handle your personal information.