Privacy Policy

Contrails Aviation Platform · Nightingale Skies LLC

Effective May 1, 2026 · Last updated May 4, 2026

1. About this policy

Contrails is a business-to-business aviation operations platform used by Part 91, Part 135, and Part 145 operators to manage flight operations, crew, maintenance, documents, and finance. The platform consists of a web application, an iOS application ("Contrails"), and supporting backend services. This policy explains what personal information we collect, how we use it, with whom we share it, and the choices you have.

Contrails is not a consumer product. Accounts are provisioned by your employer (the "Operator") who is the controller of your data. Nightingale Skies LLC("we", "us") operates the platform on the Operator’s behalf as a processor.

2. Information we collect

Account & identity

  • Name, work email address, employee ID, department, job title, and phone number (provided by your Operator at provisioning).
  • Password (stored only as a salted bcrypt hash — never in plaintext) and, if you enable them, time-based one-time passcodes (TOTP) and hardware-backed passkeys (WebAuthn).
  • Optional personal profile fields you may choose to add: personal email, emergency contact, biography, signature block, profile image.

Operational records (Part 91/135/145)

  • Pilot certificate numbers, medical class & expiry, type ratings, currency & checkride records, training records, and crew documents you upload (e.g., medical, passport, license).
  • Trip data: assignments, duty periods, flight logs (OOOI times, fuel, expenses), passenger and cargo manifests, and supporting trip documents you upload.
  • Maintenance records: squawks, work orders, MELs, inspection status, component times.
  • Aircraft, customer, and contract records.
  • Audit logs of significant actions you take (e.g., releasing a trip, signing a logbook entry) — required for FAA compliance under 14 CFR §135.63 and equivalents.

Device & session data

  • Device model, OS version, app version, and a per-device push-notification token (Apple Push Notification service) for trip-release and acknowledgment alerts.
  • Mobile session metadata: session ID, last-seen timestamp, optional trusted-device record. Sessions can be revoked at any time from the iOS app or by an administrator.
  • Authentication events (success / failure) and IP address at sign-in, used for audit and security review.

Location data (only when in use)

  • When you actively log a flight in the iOS app, the app may record device GPS coordinates as flight track data associated with the leg you are flying. Tracking only runs for the duration of an active leg. We do not collect background location, advertising IDs, or location history outside of an active flight.
  • Location is permitted via the standard iOS “While Using” prompt. You may revoke access at any time in iOS Settings → Privacy & Security → Location Services.

Optional integrations you initiate

  • Google Calendar (OAuth) — to sync your duty schedule. Refresh tokens are stored encrypted at rest.
  • Google Workspace and Microsoft email — outbound email delivery only (operator-level integration).
  • QuickBooks Online — for invoice and expense sync (operator- level integration).

What we do NOT collect

  • No third-party advertising identifiers (IDFA).
  • No analytics or tracking SDKs in the iOS app.
  • No collection of personal contacts, calendars (other than the calendar you explicitly OAuth), photos, or microphone input.
  • No biometric template data — Face ID / Touch ID are used by iOS to unlock a passkey on-device; the biometric itself never leaves your device.
  • No social media identifiers.

3. How we use information

  • Provide the service. Operate the web and iOS applications you and your Operator have requested — flight operations, crew management, maintenance tracking, document distribution, finance.
  • Regulatory compliance. Maintain records required by the Federal Aviation Regulations (notably 14 CFR §135.63 record retention, §135.83 information to be made available to crew, §135.293/297/299 currency tracking) and equivalent requirements outside the United States.
  • Authenticate users and secure the platform. Verify credentials, enforce two-factor authentication where enabled, audit access, and detect suspicious activity.
  • Operational notifications. Push, email, and in-app notifications such as trip release, document acknowledgment requests, and crew-acceptance reminders.
  • Customer support and improvement. Respond to support requests; diagnose bugs from logs you choose to share.

We do not use your data for advertising, profiling, or sale to data brokers. We do not train AI/ML models on your operational data.

4. Legal bases (EEA / UK)

  • Contract — to deliver the service your Operator contracted with us to provide.
  • Legal obligation — to satisfy aviation regulatory record-keeping.
  • Legitimate interests — to secure the platform, detect fraud, and improve reliability.
  • Consent — for optional integrations you choose to connect (e.g., Google Calendar).

5. Sharing & disclosures

Your Operator

Your employer/Operator is the controller of your work-related records and has full access to them. We do not share your data across Operators — each Operator’s tenant is stored in an isolated database file.

Sub-processors

We use a small number of vendors to run the service:

  • IONOS (Germany / United States) — virtual private server hosting the application and tenant databases.
  • Cloudflare — TLS termination, edge protection, and traffic delivery.
  • Apple Push Notification service — delivery of push notifications to your iOS device.
  • GitHub Container Registry — distribution of application images; does not receive customer data.
  • Google (Calendar, Workspace email) and Microsoft (email) — only when you or your Operator opt in to those integrations.
  • Intuit QuickBooks — only when your Operator enables billing sync.

Legal requests

We may disclose data when required by valid legal process (subpoena, court order) or to protect the rights, property, or safety of users, the public, or Nightingale Skies LLC. Where permitted, we will notify the affected Operator before producing data.

Business transfers

If we are involved in a merger, acquisition, or asset sale, personal data may transfer subject to the same protections described in this policy.

6. Data retention

  • Trip, crew, maintenance, and audit records are retained for the periods required by 14 CFR §135.63 (and equivalents) — generally a minimum of 6 months for some items and indefinite for the operator’s logbook records. Soft-deleted trips retain regulated child records under a retention hold.
  • Active accounts are retained as long as your Operator provisions them. When your Operator deactivates your account, personal-profile fields you contributed (bio, signature, profile image, personal email) are removed; regulated operational records remain attributable to you for the legal retention period.
  • Backups are retained for up to 30 days and overwritten on rotation.
  • Push tokens are deleted when you sign out, when iOS reports them invalid, or when an administrator revokes the device.

7. Your rights & choices

  • Access & correction.View and edit your profile information at any time in the web app (“Account → Profile”) or iOS app (“Settings”).
  • Account deletion. Request deletion of your account by emailing [email protected]. We will confirm with your Operator and remove personal- profile data within 30 days. Regulated operational records will be retained for the period required by FAA rules; we will notify you of what is retained and why.
  • Data export. Request a machine-readable copy of your personal data via the same email above.
  • Push notifications. Disable in iOS Settings or revoke individual devices in the app.
  • Location.Disable in iOS Settings → Privacy & Security → Location Services. Flight track logging will be unavailable while disabled.
  • EEA/UK/California residents have additional rights including objection, restriction, portability, and the right to lodge a complaint with a supervisory authority. We will honor these rights through the contact email above.
  • We do not “sell” or “share” personal information as those terms are defined under the CCPA/CPRA.

8. Security

  • Transport security — all client/server traffic uses TLS 1.2+ via Cloudflare.
  • Mobile session tokens are signed JWTs scoped to the user and device, with optional payload encryption between the iOS app and the API.
  • Sensitive secrets (TOTP seeds, OAuth refresh tokens) are encrypted at rest with an application-managed key.
  • Tenant isolation — each Operator’s data is stored in a separate per-tenant database file accessed only after JWT claim verification.
  • Account protections — bcrypt password hashing, rate-limited login, optional TOTP two-factor authentication, optional hardware-backed passkeys (WebAuthn / iOS Secure Enclave).

9. Children

Contrails is for professional aviation users and is not directed to children. We do not knowingly collect data from anyone under 16. If you believe a minor has provided us information, contact us and we will remove it.

10. International transfers

Personal data may be processed in the United States and the European Union depending on your Operator’s region. Where required, we rely on Standard Contractual Clauses for cross-border transfers.

11. Changes to this policy

We will post material changes here and notify Operators by email at least 30 days before they take effect. The “Last updated” date at the top of this page reflects the most recent revision.

12. Contact us

Nightingale Skies LLC
Privacy: [email protected]
Support: [email protected]

© 2026 Nightingale Skies LLC · Support · Terms