Privacy Policy

Privacy at FlightPal

FlightPal LLC ("FlightPal," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and mobile apps at tryflightpal.com and related properties (collectively, the "Services").

Age Requirements

By accessing our Services, you represent that you are at least 18 years old. We do not knowingly collect information from users under 18. If we become aware that we have collected data from a minor, we will delete it promptly.

HIPAA Disclaimer

FlightPal is not a covered entity under the Health Insurance Portability and Accountability Act (HIPAA). Your FlightPal account is not subject to HIPAA protections. If you have health insurance or are using funds from a health savings account to pay for FlightPal, we recommend confirming with your insurance provider whether they cover this service.

What Information We Collect

2.1 Information You Provide Directly

When you use FlightPal, you may provide us with information such as:

• Account information: Email address, password, name, phone number
• Subscription information: Plan selected, introductory and renewal pricing, billing dates, cancellation date, and subscription status
• Wellness data: Responses to our onboarding quiz, journal entries, fear scores, breathing exercise data, AI coach conversations, and other program-related inputs you choose to share
• FlightReady scores and progress data: Your personal performance metrics within the program
• Payment information: Billing name, address, and payment method (processed securely by Stripe, our payment processor; we never directly store credit card data)
• Support communications: Messages, emails, and feedback you send to our support team

2.2 Information We Collect Automatically

When you use our Services, we automatically collect certain technical information:

• Device and log data: Device type, browser type, IP address, operating system, pages visited, time spent on pages, and referral source
• Approximate geolocation: Derived from IP address (we do not collect precise GPS location)
• Cookies and pixels: Identifiers stored on your device to recognize you on return visits and measure ad performance
• App analytics: Crash reports, feature usage, and session metrics (via PostHog and similar analytics platforms)

2.3 Information from Third Parties

We may receive information about you from:

• Social login providers: If you sign up or log in via Google, Apple, or Facebook, we receive basic profile information (name, email, profile picture)
• Advertising networks: Information about your interaction with our ads on Meta, Google, and other platforms

2.4 California Privacy Rights Act (CPRA) Categories

Under California law, the information we collect falls into these categories:

• Identifiers: Email, name, phone, account ID, IP address, device ID
• Customer records: Account and billing information
• Internet activity: Browsing behavior, pages visited, time spent, clicks, search history
• Geolocation: Approximate location derived from IP address
• Inferences: Profiles of your interests, preferences, and habits created from data analysis
• Sensitive personal information: Health and wellness data (quiz responses, journal entries, coaching conversations)

How We Use Your Information

We use the information we collect to:

• Provide and improve our Services: Deliver your personalized FlightPal program, generate your FlightReady score, and optimize content
• Manage your account: Process signups, manage subscriptions, and handle payment transactions
• Communicate with you: Send transactional emails (confirmations, receipts), marketing updates, and support responses
• Send subscription-related communications: Renewal reminders, cancellation confirmations, and payment receipts
• Analytics and insights: Understand how users interact with our Services, identify trends, and measure the effectiveness of our program
• Personalization: Customize your experience based on your preferences and history
• Security and compliance: Detect fraud, prevent abuse, enforce our Terms of Service, and comply with legal obligations
• Marketing and advertising: Measure ad performance and retarget you with relevant content across platforms (Meta, Google, etc.)

Why We Process Your Data

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your data based on one or more of the following legal grounds:

• Performance of a contract: To deliver our Services under your subscription agreement
• Legitimate interests: To improve our Services, ensure security, prevent fraud, and conduct analytics
• Consent: For marketing communications, cookies, and tracking (which you can withdraw at any time)
• Legal obligation: To comply with tax, financial, and other legal requirements

How We Share Your Information

We do not sell your personal information. We may share your data only in these limited circumstances:

Service Providers

We work with trusted third parties to deliver our Services:

• Payment processing: Stripe (payment processor)
• Cloud hosting: Amazon Web Services (AWS) and similar infrastructure providers
• Analytics: PostHog, Google Analytics
• AI and coaching: Anthropic (AI model provider for Flighty, our AI coach feature)
• Email and communications: Email service providers
• Advertising and analytics: Meta, Google, and similar ad networks

All service providers are contractually obligated to use your data only as necessary to provide services and to maintain appropriate security measures.

Business Transfers

If FlightPal is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice if your data becomes subject to a different privacy policy.

Advertising and Retargeting

We share information with advertising partners (Meta, Google) to:

• Measure the effectiveness of our ads
• Retarget you with relevant content
• Build audience segments for lookalike campaigns

These partners may use your information to improve their own services, subject to their privacy policies.

Legal and Safety

We may disclose your information if required by law, court order, or government request, or if we believe in good faith that disclosure is necessary to:

• Protect your safety or the safety of others
• Enforce our Terms of Service or other agreements
• Prevent fraud or security breaches
• Comply with legal obligations

With Your Consent

We may share information with third parties if you explicitly consent (for example, if you authorize us to share your progress with a therapist or coach).

Cookies, Pixels, and Tracking Technologies

We use cookies and similar technologies to recognize you, store your preferences, and measure engagement. These fall into four categories:

Essential Cookies

Required for basic functionality. These cannot be disabled without breaking the website (authentication, security, session management).

Preference Cookies

Store your choices (language, layout, settings) so we can remember them on your next visit.

Analytics Cookies

Help us understand how you use FlightPal — which features are most popular, where users drop off, and how to improve the experience. We use PostHog and Google Analytics.

Advertising Cookies and Pixels

Enable us to measure ad performance on Meta and Google, and to show you relevant ads across the web. Meta and Google use this data to improve their platforms as well.

Your Control Over Cookies

You can control most cookies through your browser settings. You may also opt out of targeted advertising through:

• Meta Ad Preferences
• Google Privacy Settings
• Network Advertising Initiative

Global Privacy Control (GPC)

If your browser is configured with the Global Privacy Control signal, we honor that as a signal to opt out of selling or sharing your personal information for targeted advertising purposes.

How We Protect Your Data

We implement comprehensive security measures to protect your information:

• Encryption: Data in transit is encrypted via HTTPS; sensitive data at rest is encrypted
• Access controls: Only authorized employees can access personal data, and only when necessary
• Secure infrastructure: We host on Amazon Web Services with robust security protocols
• Regular testing: We conduct security audits and vulnerability assessments
• Incident response: We have a documented plan to respond to security breaches, including user notification

How Long We Keep Your Data

We retain your information for as long as necessary to provide our Services and comply with legal obligations:

• Active accounts: Data is retained while your account is active
• After account deletion: Most personal data is deleted within 90 days of account closure or unsubscribe
• Aggregated data: We retain aggregated, anonymized data indefinitely for analytics and research
• Backup copies: Deleted data may persist in backups for up to 90 days before being purged
• Legal holds: If required by law or litigation, we may retain data longer

Wellness data (quiz responses, journal entries, coaching conversations) is treated as sensitive and is deleted within this same 90-day window unless you consent to longer retention.

Cross-Border Data Transfers

FlightPal is based in the United States. Your information is processed and stored in the U.S. and may be transferred to, stored in, and processed in the U.S. or other countries where our service providers operate.

For EEA and UK Users

If you are located in the European Economic Area or the United Kingdom, we rely on Standard Contractual Clauses (SCCs) and other approved mechanisms to ensure your data is protected even when transferred outside your region. These mechanisms include:

• Standard Contractual Clauses (SCCs) with our processors
• Adequacy decisions (where applicable)
• Consent-based transfers for non-essential processing

You have the right to request information about the safeguards we use for your data. Contact privacy@tryflightpal.com for details.

Your Privacy Rights

Rights for All Users

Regardless of your location, you have the right to:

• Access: Request a copy of your personal data
• Correction: Correct inaccurate information
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Withdraw consent: Withdraw consent for optional processing (such as marketing emails)
• Opt out of marketing: Unsubscribe from marketing emails or newsletters

Rights for EEA and UK Residents

Under GDPR and UK GDPR, you additionally have the right to:

• Restrict processing: Ask us to limit how we use your data while we verify accuracy
• Object: Object to processing based on legitimate interests or for direct marketing
• Data portability: Receive your data in a structured, commonly used format and transfer it to another provider
• No automated decision-making: Object to decisions made solely by automated means that have a legal effect on you
• Lodge a complaint: File a complaint with your data protection authority

To exercise any of these rights, contact privacy@tryflightpal.com.

Rights for US Residents

Residents of California, Virginia, Colorado, Connecticut, Utah, Montana, Texas, Oregon, and other states with privacy laws may have additional rights:

• Opt out of targeted advertising and sale: We do not sell your data, but you may opt out of targeted advertising
• Opt out of automated decision-making: Object to purely automated profiling with legal consequences
• Limit sensitive data: Request that we limit use of sensitive data to what is necessary to provide our Services (California residents)
• Right to appeal: If we deny your request, you may appeal our decision
• Non-discrimination: We will not discriminate against you for exercising your privacy rights

To submit a privacy request or appeal, use the form below or contact privacy@tryflightpal.com.

Washington and Nevada Consumer Health Data Notices

Washington My Health My Data Act

If you are a Washington resident, your wellness data collected through FlightPal is protected under the Washington My Health My Data Act. You have the right to:

• Access your health data
• Delete your health data (subject to legal retention requirements)
• Correct inaccurate health information
• Opt out of the sale or sharing of your health data for advertising purposes

FlightPal does not sell your health data. Your wellness information is used only to provide and improve our Services, with exceptions for law enforcement or legal compliance. To exercise these rights, contact privacy@tryflightpal.com.

Nevada Privacy of Consumer Health Information Law

If you are a Nevada resident, you have the right to opt out of any potential sale of your health data. While FlightPal does not currently sell health data, Nevada residents can submit an opt-out request at privacy@tryflightpal.com to prevent any future such sales.

Resolving Disputes and Appealing Decisions

If you believe we have violated your privacy rights, we encourage you to contact us first so we can resolve the issue:

1. Email us: Send a detailed description of the issue to privacy@tryflightpal.com
2. We will respond: Within 30 days, we will acknowledge your complaint and work to resolve it
3. Appeal process: If you are unsatisfied with our response, you may appeal in writing. Provide your original request reference number and explain why you believe our response was incomplete or incorrect
4. Final review: We will conduct a final review within 30 additional days and notify you of the outcome

For EEA and UK residents: You have the right to lodge a complaint with your data protection authority. Contact your local supervisor (for example, the UK Information Commissioner's Office or your country's equivalent).

For California and other US residents: You may submit a complaint to your state's attorney general if you believe FlightPal has violated privacy laws.

We Do Not Serve Users Under 18

FlightPal is intended only for users age 18 and older. We do not knowingly collect, use, or disclose personal information from children under 18. If we become aware that we have collected data from a minor, we will delete it promptly without further notice.

If you are a parent or guardian and believe we have collected information from your child, please contact us immediately at privacy@tryflightpal.com.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify you via email if we are expanding how we use your data or materially reducing your privacy protections
• Obtain your consent if required by applicable law

Your continued use of FlightPal after changes become effective constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please reach out:

We aim to respond to all privacy inquiries within 10 business days. For account-related support or technical issues, please contact support@tryflightpal.com.