← Back to home

Privacy Policy (Pilot Logbook Pro)

Effective date: 2026-04-01

Applies to

Pilot Logbook Pro mobile apps (iOS/Android) and web app (collectively, the “App”).

Overview

Pilot Logbook Pro (“we”, “us”, “our”) provides pilot logbook tools, including flight logging, imports, analytics, and optional calendar-based draft creation. This Privacy Policy explains how we access, use, store, share, protect, retain, and delete personal information, including Google user data when you connect Google Calendar.

If you do not agree with this Privacy Policy, do not use the Services.

1) Information we collect

We collect the following categories of information:

  • Account and authentication data: email address and authentication records used to create and access your account (password handling is managed by our authentication provider; we do not store plaintext passwords).
  • Profile data you provide (optional): name, airline, rank, licence/rating details, medical details, employer history, birthdate, home base, and profile photo.
  • Logbook data you provide: flight details such as date, airports, aircraft, times, crew fields, remarks, and totals-related values.
  • Import data you choose to provide: contents from PDF/CSV/Excel files, airline reports, and other files you upload for parsing/import.
  • Calendar data (only if you connect calendar features):
    • Google/Apple calendar metadata and event fields needed to generate draft flights (for example: calendar IDs/names, event title/summary, description/notes, location, start/end time, and time zone).
    • For Google connections, we may access your Google account email so we can show which Google account is connected.
  • Support/contact data: name, email, subject, and message content when you contact support.
  • Operational/security data: technical metadata needed to run and secure the service (for example, service logs, anti-abuse/rate-limit events, and limited request metadata).

We do not sell personal information.

2) How we use information

We use information to:

  • provide account access and core app functionality;
  • store, display, calculate, and export your logbook information;
  • process imports you initiate and create draft flights;
  • sync with connected calendars only when you request calendar features;
  • respond to support requests;
  • secure the service, detect abuse, and troubleshoot reliability issues;
  • comply with legal obligations.

3) Google user data: specific disclosures

If you connect Google Calendar, we process Google user data under the Google API Services User Data Policy, including Limited Use requirements.

What Google data we access: calendar read data required for schedule import (read-only scope) and your Google account email used to display connected account identity.

How we use Google data: only to provide and improve user-facing features in Pilot Logbook Pro (for example, schedule import and draft-flight generation).

What we do not do with Google data:

  • no sale of Google user data;
  • no use for advertising (including targeted, personalized, retargeted, or interest-based ads);
  • no transfer to data brokers or information resellers;
  • no use for credit-worthiness or lending decisions;
  • no use of Google user data to train generalized AI/ML models.

Human access restrictions: we do not allow human review of Google user data except when necessary for security, legal compliance, or when you explicitly ask us to investigate a support issue involving your data.

Scope minimization: we request only the minimum scopes needed for implemented features.

4) How we share information

We share information only as necessary to provide and secure the Services, including with:

  • Cloud/processors for authentication, database, storage, hosting, and operational infrastructure.
  • Google APIs when you explicitly connect and use Google Calendar functionality.
  • Support/communication providers to deliver support responses you request.
  • Legal/compliance recipients when required by law.

We do not sell personal data and do not share Google user data with third parties for advertising or data-broker purposes.

5) Data protection mechanisms for sensitive data

We implement administrative, technical, and organizational safeguards designed to protect sensitive data, including Google user data obtained through Google APIs.

  • Encryption in transit: All data transmitted between the app, users, and our backend services is encrypted using HTTPS/TLS.
  • Encryption at rest: Data stored in our managed cloud infrastructure is protected using industry-standard encryption-at-rest mechanisms provided by our cloud providers.
  • Token protection: Google OAuth tokens (including refresh tokens) are encrypted using Google Cloud Key Management Service (KMS) before storage. Tokens are decrypted only when required to perform authorized operations on behalf of the user.
  • Access controls: We enforce strict authentication and per-user authorization rules to ensure that users can only access their own data. Access to sensitive data is restricted to authorized services and personnel only.
  • Least privilege principle: System components and services are granted the minimum level of access required to perform their functions. Sensitive credentials and secrets are securely stored and never exposed in client-side code or source control.
  • Security monitoring and abuse prevention: We use logging, monitoring, and rate-limiting mechanisms to detect, prevent, and respond to unauthorized access attempts and abuse.
  • Connection lifecycle controls: When a user disconnects their Google Calendar account, all associated OAuth tokens and connection data are securely deleted.
  • Data retention and deletion: Sensitive data is retained only as long as necessary to provide the service. Users may request deletion of their data, and we process deletion requests within a reasonable timeframe. Backup data is retained only for operational recovery purposes and is automatically deleted after its retention period.
  • Incident response: In the event of a security incident, we take immediate steps to investigate, contain, and remediate the issue, and we provide notifications where required by applicable law.

While we take reasonable measures to protect data, no system can be guaranteed to be completely secure.

6) Data retention and deletion

We retain data only as long as needed for the purposes described in this policy, unless a longer period is required by law.

  • Google OAuth refresh tokens: retained while your Google Calendar connection is active; deleted when you disconnect.
  • OAuth state/callback and security troubleshooting artifacts: retained up to 30 days.
  • Support/contact records: retained up to 24 months.
  • Backup/disaster-recovery copies: retained up to 35 days before overwrite/deletion.
  • Account/logbook/profile data: retained while your account remains active, unless you request deletion earlier.

Deletion requests:

You can request deletion at support@pilotlogbook-pro.com. After verification of account ownership, we process deletion requests within a reasonable operational window and remove data from active systems, then from backups on their normal backup lifecycle (up to 35 days).

7) Your choices and rights

Depending on your location, you may have rights to access, correct, export, delete, or restrict certain processing of your personal data. You can also withdraw optional permissions (for example, calendar/location) in your device or account settings.

To exercise rights, contact: support@pilotlogbook-pro.com.

8) International data transfers

Your data may be processed in countries other than your country of residence where our providers operate. Where required, we apply appropriate safeguards for international transfers.

9) Children’s privacy

The Services are not directed to children under 13 (or higher minimum age where required by local law). If you believe a child provided personal data, contact us and we will investigate and delete as required.

10) Changes to this Privacy Policy

We may update this policy from time to time. We will update the effective date and, where required, provide additional notice. If we materially change how we use Google user data, we will update disclosures and obtain any required consent before new use.

11) Contact

Email: support@pilotlogbook-pro.com
Support page: https://www.pilotlogbook-pro.com/support