Privacy Policy

Version 2026-05-25 · Effective 5/25/2026

1. Scope

This Privacy Policy describes how Av8Book ("we," "us," or "our") collects, uses, discloses, and protects information when You access or use the Av8Book service (the "Service"). Capitalized terms not defined here have the meaning given in our Terms of Service. By using the Service You agree to this Privacy Policy.

2. Roles — Controller and Processor

For data submitted into the Service by a Customer (a flight school or other organization that subscribes to the Service), the Customer is the data controller and Av8Book is the data processor. We process such data on the Customer's behalf and in accordance with the Customer's configured settings and these documents. Customers are responsible for ensuring they have the legal basis to provide personal information to the Service and to instruct us to process it.

For information collected directly from end users via marketing pages, demo requests, sign-ups, and similar interactions outside a Customer-administered organization, Av8Book is the data controller.

3. Information We Collect

The Service collects the following categories of information:

Account information. Name, email address, mobile phone number, role within an organization, password (hashed), and authentication tokens.
Aviation operational data. Bookings, dispatch records, flight times, instructor sign-offs, training records, endorsements, logbook entries, aircraft squawks, maintenance items, certificate numbers, and other aviation-specific records.
Regulatory data.FAA Tracking Number (FTN), TSA citizenship status, AFSP approval, medical certificate class and expiration, driver's license number, passport number, and similar identifiers when entered to satisfy FAA / TSA / AFSP requirements.
Billing data. Invoice line items, payment records, account balances, and prepaid package usage. Payment instrument data (card numbers, ACH bank account numbers) is never stored on our infrastructure; we use Stripe as the payment processor and store only Stripe customer / payment method identifiers, brand, and last four digits.
Communications. Email and SMS messages sent through the Service. For email we keep the subject and the first 200 characters of the body for the delivery log. For SMS we keep delivery metadata (recipient phone number, timestamp, status) but do not retain the message body in plaintext after send.
Technical data. IP address, browser/device identifiers, access timestamps, audit log entries, and uploaded document metadata (filename, size, ClamAV scan result).
Cookies and similar technologies. Strictly-necessary cookies for authentication. We do not use third-party advertising cookies.

4. How We Use Information

To provide, maintain, and improve the Service;
To authenticate users, prevent fraud, and enforce our Terms;
To process payments via Stripe;
To send transactional notifications by email and SMS (booking confirmations, reminders, receipts, maintenance alerts, account and security messages);
To send service announcements and, with appropriate opt-in, marketing communications;
To respond to support requests;
To comply with legal obligations and regulatory requests;
To generate aggregate, de-identified analytics for product development.

5. Sub-Processors

We use the following sub-processors to operate the Service. Each sub-processor has its own privacy commitments; we contractually require security and confidentiality protections at least as protective as ours.

Supabase— Postgres database hosting, file storage, real-time messaging.
Fly.io— API and ClamAV malware scanning compute hosting.
Vercel— web frontend hosting and CDN.
Stripe— payment processing, ACH micro-deposit verification, subscription billing.
Resend— transactional email delivery.
Twilio— SMS delivery (when enabled by the Customer). Used solely to send the messages described in Section 6. Twilio is a service provider, not a marketing partner.
QuickBooks Online (Intuit)— optional accounting integration; only the data You explicitly sync is shared.
MyFlightbook / LogTen Pro / ForeFlight— optional logbook integrations; only data You explicitly send is shared.
Google (Google Calendar API)— optional calendar push. Used only after You explicitly click “Connect Google Calendar” on Your profile. Av8Book transmits booking details (date/time, aircraft tail, instructor first name, Av8Book booking ID) to Your Google Calendar; no other Google user data is read or stored. See Section 18 (Google Calendar Integration) below.
Sentry— error reporting (when enabled); IP address and email may be included in error events.
ImprovMX— inbound email forwarding for messages sent to support and other av8book.com addresses. Forwarded message metadata (sender, recipient, subject, timestamp) transits ImprovMX's infrastructure.
Anthropic (Claude API)— optional AI-assisted document reading. Used onlywhen an end user explicitly opts in by clicking “Read this document” on the upload wizard. The document file is sent to Anthropic for one-shot structured-field extraction. Per Anthropic's standard API terms, inputs and outputs are not used to train Anthropic's models. Anthropic may retain inputs and outputs for up to thirty (30) days for trust-and-safety review before deletion. See Section 17 (AI-Assisted Document Reading) below.

Changes to sub-processors.We will provide at least thirty (30) days' advance notice via in-product banner or email before engaging a new sub-processor that will process Customer Data. Customer may object in writing to Support@av8book.com within the notice period. If the objection cannot be resolved by reasonable means (including by suspending the affected feature or by Customer configuring the Service to avoid the affected sub-processor), Customer may terminate the affected portion of the Service and receive a pro-rated refund of pre-paid fees attributable to the terminated portion.

6. SMS / Text Messaging Communications (A2P 10DLC)

Av8Book operates an Application-to-Person (A2P) text-messaging program in the United States, registered through Twilio under the 10DLC framework. This Section 6 governs that program and is incorporated into this Privacy Policy.

6.1 What we send

SMS messages are transactional and operationalin nature. They are sent in connection with a flight school's use of the Service, and include:

Booking confirmations, schedule changes, and pre-flight reminders (typically 24 hours and 2 hours before a scheduled lesson);
Cancellation and no-show notifications;
Payment receipts and payment-failed alerts;
Maintenance and aircraft-grounding alerts (sent to dispatchers, mechanics, and affected instructors);
Account and security messages (one-time verification codes, password-reset links, multi-factor authentication codes);
Onboarding and account-welcome messages.

We do not send promotional, marketing, or advertising SMS messages through this program.

6.2 How users opt in

SMS delivery is off by default. A user opts in by:

Entering their mobile phone number into the Notifications card on their Profile page in the Service;
Clicking “Verify” and entering the six-digit verification code we send to that number; and
Toggling on at least one SMS notification category (e.g., Booking reminder).

Until all three steps are completed, no SMS message will be sent to that number. Verification of the phone number is express written consent to receive SMS messages from Av8Book in the categories listed in Section 6.1.

6.3 Message frequency

Message frequency varies based on a user's schedule and account activity. A typical instructor or active student receives between two and ten messages per week. Message and data rates may apply and are determined by Your mobile carrier. Av8Book does not charge for SMS messages.

6.4 How users opt out

You may opt out of all Av8Book SMS messages at any time by replying STOP to any message we send. We will send one final confirmation message acknowledging the opt-out and will then cease sending SMS to that number. To resume SMS delivery, reply START or re-enable SMS notifications on Your Profile.

For help, reply HELP to any message. You may also contact Support@av8book.com at any time.

6.5 Mobile information sharing — CTIA disclosure

No mobile information (including phone numbers, opt-in data, or consent records) will be shared with third parties or affiliates for marketing or promotional purposes. Mobile opt-in data and SMS-program consent are explicitly excluded from any data sharing described elsewhere in this Privacy Policy.

Information sharing with subcontractors who support the SMS program (such as Twilio for message delivery and the Customer's organization administrators acting on the Customer's behalf) is permitted, strictly to operate the program described in this Section 6. We do not sell phone numbers, share them with data brokers, or use them for any marketing purpose unrelated to the Service.

6.6 Carrier disclaimer

Mobile carriers are not liable for delayed or undelivered messages. Delivery of SMS messages through the Service depends on Your mobile carrier's network availability and on Twilio's and the carrier's message-routing systems. The Service is not a substitute for in-person notification of safety-critical or time-critical information.

6.7 Supported carriers

The SMS program is currently available to subscribers of major U.S. carriers including AT&T, T-Mobile, Verizon, U.S. Cellular, and most regional carriers and MVNOs. Coverage on other carriers is best-effort and not guaranteed.

7. Sharing

We do not sell personal information. We share information only:

With sub-processors as described in Section 5, strictly to provide the Service;
With Customer administrators within the same organization (this is the operating model of multi-tenant SaaS — e.g., a flight school's owner sees student data within their school);
With Av8Book platform support staff for the limited purpose of investigating support tickets, with all access logged in our audit log;
To comply with valid legal process, regulatory request, or to protect the safety, property, or rights of any person;
In connection with a merger, acquisition, financing, or asset sale, subject to confidentiality obligations and successor adoption of this Policy.

For the avoidance of doubt, and as stated in Section 6.5, mobile opt-in data and consent records are not shared with any third party for marketing purposes under any of the categories above.

8. Data Security — And Limits Thereof

We implement commercially reasonable technical and organizational measures to protect information, including TLS in transit, encryption at rest at the storage layer, role-based access control, multi-tenant isolation, password hashing, rate limiting, malware scanning of uploaded documents, and audit logging of privileged actions.

However, no system is perfectly secure. You acknowledge and agree that information transmitted to or stored on the Service can be lost, intercepted, corrupted, exposed, or destroyed as a result of bug, attack, third-party failure, or operator error. You are solely responsible for maintaining Your own backups and, as set forth in the Terms of Service, for maintaining a downtime / data-loss procedure sufficient to support Your business operations and Your regulatory obligations independent of the Service.

9. Data Retention

We retain Customer Data for as long as the Customer's account is active and for a reasonable period thereafter to allow for reactivation, billing reconciliation, dispute resolution, and legal compliance. Audit log entries, payment records, and aviation training records may be retained for longer periods to satisfy regulatory and accounting requirements (typically seven years from the date of the record).

SMS opt-in records (the verified phone number, the date and method of consent, and any subsequent STOP request) are retained for the life of the account and for at least four years after deactivation, as required by U.S. mobile-industry compliance frameworks.

Customers may request deletion of personal information by contacting Support@av8book.com. We will honor deletion requests subject to our regulatory and legitimate-business retention obligations.

10. Your Choices and Rights

Depending on Your location, You may have the right to access, correct, delete, or receive a copy of Your personal information; to object to or restrict certain processing; to withdraw consent; and to lodge a complaint with a supervisory authority. To exercise these rights, contact us at Support@av8book.com. For end users whose data was provided to us by a Customer (e.g., students of a flight school), please contact the Customer first; we will support the Customer in responding to Your request.

Response time. We will acknowledge a verifiable rights request within ten (10) days and substantively respond within thirty (30) days of verification. We may extend by an additional thirty (30) days for requests that are complex or numerous, in which case we will notify You of the extension and the reason for it.

Identity verification.Before fulfilling a request that would disclose, modify, or delete personal information, we will verify the requester's identity using reasonable measures appropriate to the sensitivity of the information involved (for example, by confirming control of the account email and, where warranted, a knowledge-based challenge). For requests submitted by an authorized agent on Your behalf, we may require written authorization and proof of identity.

Data portability format.When You request a copy of Your personal information, we will provide it in a structured, commonly-used, machine-readable format — specifically JSON for structured records and CSV for tabular records (such as logbook entries, invoices, and bookings) — sufficient to satisfy GDPR Art. 20 and analogous portability rights.

You may opt out of marketing emails using the unsubscribe link in any such email. You may opt out of SMS messages by replying STOP as described in Section 6.4. Transactional and security messages delivered by email may continue after an SMS opt-out.

11. Children

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If You believe a child has provided us personal information, contact Support@av8book.com and we will delete the account.

For minor student pilots (typically 14–17), Customers must obtain parental or guardian consent prior to entering the minor's information into the Service, in accordance with applicable law. SMS opt-in for a minor must be performed by the minor's parent or guardian.

12. International Transfers

We are based in the United States. By using the Service, You consent to the transfer of Your information to the United States and other countries where we or our sub-processors operate, which may have data-protection laws different from Your country.

13. California Residents

If You are a California resident, You have the rights described under the California Consumer Privacy Act, including the right to know, the right to delete, the right to correct, and the right to opt out of the sale or sharing of personal information. We do not sell personal information. To exercise CCPA rights, contact Support@av8book.com.

14. EU/UK Residents

If You are in the EU, EEA, or UK, processing of Your personal data is governed by the General Data Protection Regulation (GDPR) or the UK GDPR. Our legal bases for processing include performance of the contract You enter into when using the Service, our legitimate interests in operating and improving the Service, Your consent (where required), and compliance with legal obligations. Cross-border transfers from the EEA or UK to the United States are governed by Standard Contractual Clauses or another approved transfer mechanism.

15. Limitation of Liability for Privacy Events

Without limiting the more general limitation of liability set forth in our Terms of Service: to the maximum extent permitted by law, our liability for any loss, exposure, or unauthorized use of personal information arising from the Service is subject to the same exclusions, caps, and conditions described in Section 5 (Limitation of Liability) of the Terms of Service.

16. Updates

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or by email. Continued use of the Service after updated text takes effect constitutes acceptance.

17. AI-Assisted Document Reading

The Service includes an optionalfeature that uses Anthropic's Claude AI to read uploaded documents (medical certificates, pilot certificates, and similar) and pre-fill structured fields for the user to review and confirm.

Strictly opt-in. Documents are onlysent to Anthropic when the end user explicitly clicks “Read this document” on the upload wizard. An equivalent manual entry path is always available; no document is ever sent to Anthropic automatically as part of a routine upload.
What is sent. The file bytes of the specific document being processed, plus a short structured prompt identifying the document category. No surrounding profile data, adjacent documents, or other school records are included.
No training; limited retention.Per Anthropic's standard API terms, inputs (the document file and prompt) and outputs (the extracted fields) are not used to train Anthropic's models. Anthropic may retain inputs and outputs for up to thirty (30) days for trust-and-safety review, after which they are deleted from Anthropic's systems. We do not separately retain the document on any AI provider beyond this Service's own document storage, which is described in Section 9 above.
User confirmation gate.The model's extracted values are shown to the user in editable fields. Nothing is saved to Your profile or downstream records until the user explicitly confirms. The user may discard, edit, or replace any value before saving.
Disabling the feature. Customers may instruct us to disable AI-assisted extraction for their organization by contacting Support@av8book.com. Individual users can simply choose not to click the “Read this document” button and use manual entry instead.
Accuracy. AI-extracted values are best-effort and may be wrong, incomplete, or misread. The user is responsible for confirming the values before saving. The Service is not a substitute for the underlying official document.

18. Google Calendar Integration

Av8Book offers an optional integration with Google Calendar so users can see their flight schedule on the calendar app they already use. This Section describes Av8Book's handling of Google user data and is written to comply with the Google API Services User Data Policy, including the Limited Use requirements.

18.1 Scope of access

When You click “Connect Google Calendar” on Your profile, Av8Book initiates an OAuth 2.0 flow that requests the following Google scopes:

https://www.googleapis.com/auth/calendar.events — permission to create, update, and delete calendar events on Your behalf.
https://www.googleapis.com/auth/userinfo.email + openid— permission to read Your Google account email, used solely to display the address in Your profile so You know which account is connected.

18.2 What we do with it

Av8Book pushes Your Av8Book bookings (date/time, aircraft tail number, instructor first name, and Av8Book booking ID) to Your primary Google Calendar as events. When You create, reschedule, or cancel a booking in Av8Book, the corresponding Google Calendar event is created, updated, or deleted in real time.

The data flow is one-way only: Av8Book → Google Calendar. Av8Book does not read events from Your Google Calendar, does not list other events, does not access any other calendars, and does not modify any events that Av8Book did not itself create.

18.3 Limited Use commitment

Av8Book's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, Av8Book does not:

Transfer or use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising;
Allow humans to read Google user data unless we have Your affirmative agreement for specific messages, doing so is necessary for security purposes (e.g., investigating abuse), to comply with applicable law, or our use is limited to internal operations and the data has been aggregated and anonymized;
Sell Google user data;
Use Google user data for purposes other than providing or improving the user-facing Google Calendar push feature;
Use Google user data to determine credit-worthiness or for lending purposes.

18.4 Storage

Av8Book stores Your Google OAuth refresh token and short-lived access token, encrypted at rest using AES-256-GCM, so Av8Book can push booking updates without re-prompting You for consent on each push. Av8Book also stores Your Google account email (in plaintext) so the “Connected as” label can display it on Your profile, and the Google Calendar event IDs that Av8Book created (so Av8Book knows which event to update or delete when a booking changes).

No event content from Your Google Calendar is ever read or stored by Av8Book.

18.5 Revoking access

You can disconnect Google Calendar at any time by clicking Disconnecton Your profile. Doing so revokes Av8Book's access tokens at Google (best-effort call to Google's OAuth revoke endpoint) and clears the encrypted tokens from Av8Book's database. Events that Av8Book previously pushed to Your Google Calendar remain on Your calendar; You may delete them manually if You wish.

You can also revoke Av8Book's access independently at any time via Your Google Account at myaccount.google.com/permissions.

19. Network Benchmarking & Aggregated Insights

The Service includes Network Intelligence— a feature that compares Your organization against anonymized, aggregatedoperational benchmarks computed across participating flight schools (for example, how Your no-show rate, cancellation rate, or aircraft utilization compares to the network median). It exists both to give You useful context and to help us improve the Service's shared intelligence for everyone.

Aggregates only; k-anonymity. Only aggregate statistics (medians and percentiles) derived from a group of at least five (5) contributing organizationsare ever computed, stored, or displayed. Any figure that would draw on fewer than five organizations is suppressed. No individual school's values, identity, or raw records are exposed to any other organization.
What is used. Operational metrics derived from data already in the Service (for example, booking outcomes, fleet utilization, and student-activity rates). No student personal information, training records, logbook entries, medical or certificate details, or document contents are ever shared across organizations.
No cross-organization access.Participation never grants any organization access to another organization's data. Each organization's records remain isolated exactly as described elsewhere in this Policy; Network Intelligence surfaces only the suppressed aggregate statistics described above.
Opt-out. Your organization is included by default so the benchmarks are meaningful, but an owner or admin may opt out at any time at Settings → Right Seat → Network Intelligence. Opting out removes Your organization from future aggregation; visibility is reciprocal, so an opted-out organization also stops seeing network comparisons.
No AI model training on Customer Data.We may use these anonymized, aggregated signals to improve the Service's shared features (such as default insights and assistant guidance). We do not use Customer Data to train or fine-tune any third-party AI model.

20. Contact

Questions about this Privacy Policy or Your data: Support@av8book.com.

Questions about the SMS program described in Section 6, including opt-in records or consent revocation: Support@av8book.com. You may also reply HELP to any SMS message we send for the same support path.