Privacy Policy - Infinite Pilot Logbook

Privacy Policy

Last updated: 7 November 2025

This Privacy Policy explains how SAS AppiFow ("AppiFow", "we", "us", "our") collects, uses and protects personal data when you use the Infinite Pilot Logbook iOS application (the "App").

We are committed to complying with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller responsible for processing your personal data is:

SAS AppiFow
86-88 route de Redoute
97200 Fort-de-France
Martinique, France

You can contact us for any privacy-related request through the contact form at: https://infinitepilotlogbook.com/#contact .

2. Categories of Personal Data We Process

Depending on how you use the App, we may process the following categories of data:

2.1. Account & Profile Data

  • Name, email address and authentication information.
  • Profile information such as photo, airline/company, role, and preferences.

2.2. Logbook & Flight Data

  • Flight dates, routes, airports, times and durations.
  • Aircraft types and registrations.
  • Flight roles, approaches, functions and other operational details.
  • Information about instructors, copilots, examiners and other crew members (names, roles, signatures) as entered by you.

2.3. Licensing & Compliance-Related Data

  • Pilot license references, ratings, endorsements.
  • Information about your medical certificate (e.g. validity dates, category) if you choose to record it.

Medical certificate information is processed only as functional logbook data provided by you and is not used for medical profiling.

2.4. Technical & Usage Data

  • Device identifiers, operating system, app version.
  • Log data and diagnostic information (e.g. via Firebase Crashlytics).
  • Aggregated usage statistics (e.g. screens visited, features used), where enabled.

2.5. Location Data

The App may access your approximate or precise location when you choose to use features such as pinning a place. Location data is used only to assist you in filling logbook information and is not continuously tracked.

2.6. User-Generated Content

  • Profile photos and other content you upload.
  • Digital signatures captured on your device for logbook entries.

3. Purposes and Legal Bases

We process your personal data for the following purposes:

3.1. Providing the App and Services

  • Creating and managing your account.
  • Storing, synchronizing and displaying your logbook data.
  • Importing your existing logbooks and generating exports (e.g. PDF).

Legal basis: performance of a contract (Article 6(1)(b) GDPR).

3.2. Communication

  • Sending registration, security and account-related messages (e.g. password reset).
  • Responding to your support or privacy requests.

Legal basis: performance of a contract; legitimate interest.

3.3. Security & Integrity

  • Protecting accounts and data against unauthorized access.
  • Monitoring, detecting and preventing abuse or technical incidents.

Legal basis: legitimate interest (Article 6(1)(f)).

3.4. Analytics & Improvements

  • Understanding how the App is used to improve stability and features.

Legal basis: legitimate interest; where required by local law, consent for analytics or tracking.

3.5. Legal Obligations

Complying with legal obligations, responding to lawful requests from authorities, and defending our rights.

Legal basis: Article 6(1)(c) GDPR.

4. Data Storage & Hosting

Your data are stored on secure servers hosted by Microsoft Azure in data centers located in France. We implement technical and organizational measures designed to protect your data against unauthorized access, loss or alteration.

5. Third-Party Service Providers

We may share personal data with trusted service providers strictly for the purposes described above:

  • Microsoft Azure – hosting and database services (France).
  • Firebase / Google – analytics and crash reporting (may involve processing in the EU and US with appropriate safeguards).
  • OneSignal – push notification delivery (primarily device tokens and technical data).
  • SendGrid (Twilio) – transactional emails (e.g. account verification, password reset).
  • Apple – in-app purchases and App Store-related processing.

These providers act as processors or independent controllers depending on their role. Where required, we have data processing agreements in place, including Standard Contractual Clauses or equivalent safeguards for transfers outside the EEA.

We do not sell your personal data and do not use advertising networks within the App.

6. International Data Transfers

When personal data is transferred outside the European Economic Area, we ensure appropriate safeguards such as:

  • Standard Contractual Clauses approved by the European Commission; and/or
  • other mechanisms recognized under applicable data protection law.

7. User Profiles & Discoverability

The App may allow other users to find and reference you (e.g. as crew) using limited profile information such as your name, photo and company, subject to the settings available in the App.

You can choose whether to make this information discoverable where this feature is offered. You remain responsible for ensuring that information you enter about third parties is accurate and lawful.

8. User-Generated Content & Moderation

You are responsible for any photos or content uploaded to your profile or entries. You must not upload content that is illegal, offensive, or infringes copyright, privacy or other rights.

Content is generally not reviewed before publication. We may remove or disable any content at our discretion if it appears to breach this Policy, our Terms, or applicable law.

9. Data Retention

We retain your personal data for as long as your account is active. When you request deletion of your account:

  • We will process the request and permanently delete or anonymize your personal data within 30 days,
  • Backup copies may persist for a limited technical period (up to 90 days) before being overwritten, and are not used for any other purpose.

10. Your Rights

Under the GDPR and applicable laws, you have the right to:

  • access your personal data;
  • rectify inaccurate or incomplete data;
  • request erasure of your data ("right to be forgotten");
  • restrict or object to certain processing activities;
  • obtain a copy of your data in a structured, commonly used and machine-readable format (data portability);
  • lodge a complaint with a competent supervisory authority.

You can exercise these rights via the App where features are available (e.g. account deletion request) or by contacting us through the contact form mentioned above. We may need to verify your identity before responding.

11. Data Deletion & Export

You may request deletion of your account from within the App. Deletion is not instantaneous and is processed by our team within the timeframe indicated in Section 9.

The App currently offers export of certain data (e.g. PDF logbook). Additional export formats may be introduced to facilitate data portability.

12. Children

The App is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe such data has been provided, please contact us so we can delete it.

13. Security Measures

We use reasonable technical and organizational measures to protect your personal data, including encryption in transit, access controls, and monitoring. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted within the App and/or on our website, with an updated "Last updated" date. Where legally required, we will notify you of material changes.

15. Contact

For any questions or requests related to this Privacy Policy or your personal data, please contact us via: https://infinitepilotlogbook.com/#contact .