DaPilot

Legal

Privacy Policy

Last updated June 7, 2026 (draft, pending legal review).

This Privacy Policy explains what data DaPilot collects, why we collect it, where it lives, and what choices you have. This policy covers the DaPilot iOS app and the dapilot.pro website.

1. What we collect

We collect three categories of data.

1.1 Account data

  • Apple Sign in with Apple identifier: a unique user identifier issued by Apple. We use this to sign you in.
  • Email address:from Apple Sign in with Apple. You may choose Apple’s private-relay email, in which case we never see your real email.
  • Name: from Apple Sign in with Apple, if you choose to share it.

1.2 Logbook data

  • Flights: every field you log (date, route, aircraft, times, landings, approaches, holds, remarks, and so on).
  • Aircraft: tail numbers and types you add to your fleet.
  • Flight Duty Periods and rest periods: if you use Airline Mode.
  • Voice transcripts and scanned logbook photos: processed in transit by a third-party AI provider (see Section 2). The audio and the image content are not retained server-side after the response is returned.

1.3 Endorsement, signature, and training data

If you request or issue a signature or endorsement, or use the checkride reference, we also collect:

  • FAA certificate numbers: your own, and any certificate number you enter to look up or request a signature from an instructor.
  • Full legal name: used on signatures and endorsements, and shown to a pilot who looks you up by certificate number (see Section 6).
  • Signatures: the typed or drawn signature you apply to a flight or an endorsement.
  • Endorsement records: the endorsement text, the section reference, the issuing and receiving accounts, the dates, and any revocation.
  • Audit log of signature events: an append-only record of signature, undo, and revocation events so the history of a record can be reconstructed.
  • Checkride reference data: the per-flight area-of-operation marks and experience confirmations you record, and the certificate you are working toward.

1.4 Usage data

  • Voice and scan counters: we count how many voice entries and logbook scans your account has made for free-tier metering.
  • Subscription status: active, expired, or none. Provided by RevenueCat from the App Store receipt.
  • IP address: read from request headers for rate limiting on the AI endpoints. Not stored in long-term logs beyond the rate-limit window.
  • Push notification tokens: if you enable currency or medical reminders.
  • Website analytics: page views and aggregate web vitals captured by Vercel Analytics and Plausible. No cookies, no cross-site tracking, no personal identifiers.

1.5 In-app permission for AI features

Before your first use of Voice Log or Scan Logbook, DaPilot presents an in-app consent screen that describes exactly what data will be sent and which third parties receive it. AI extraction is disabled on your account until you tap Allow. You can revoke this permission at any time from Settings, Manage Account, AI Data Sharing; once revoked, no further transcripts or images are sent until you accept again. Manual entry remains available either way.

2. The AI data path

Voice transcripts and scanned logbook photos are sent to OpenRouter for routing to Google Gemini 2.5 Flash Lite, which performs the extraction. The audio or image is held only in transit. After the model returns the structured JSON, the audio or image is discarded by the upstream provider. Neither DaPilot nor the upstream provider retains the original audio or image after the response. The structured output (the parsed flight fields) is returned to your device, where you review and confirm before it is saved to your logbook.

No personally identifying information is included in the AI request: your name, email address, and account identifier are never sent to OpenRouter or Google. The request contains only the transcript text or the image bytes plus the system prompt that defines the extraction schema.

OpenRouter and Google have published privacy commitments substantially equivalent to those described in this Policy with respect to the data sent for AI processing. In particular, the transcript text and image bytes are processed only in transit for the purpose of returning the structured response, are not retained server-side after the response, and are not used to train shared or general-purpose models. Their public commitments are available at openrouter.ai/privacy and policies.google.com/privacy.

3. Where data lives

Logbook data is stored in Supabase (Postgres) in the United States. Row-level security policies enforce that you can only access your own data. A local cache of your data also lives on your iPhone in SwiftData for offline reading and writing.

Subscription state is held by RevenueCat (entitlement record only) and synced into your DaPilot profile via webhook.

4. What we use it for

  • To provide the logbook, currency, medical, and Airline Mode features.
  • To provide endorsements, signatures, and the checkride reference, including the certificate-number lookup and the signature audit log.
  • To meter free-tier voice and scanning usage.
  • To run the AI extraction you initiate.
  • To send push reminders you opt into.
  • To respond to your support requests.
  • To detect and prevent abuse of the AI endpoints.

We do not sell your data. We do not run cross-site tracking. We do not show ads.

5. Cookies and tracking

The dapilot.pro website uses cookieless analytics: Vercel Analytics and Plausible. No tracking cookies, no third-party social pixels, no cross-site identifiers. The only cookies set by the website are first-party cookies needed for the email signup form (Buttondown). The iOS app does not use cookies.

Because the website does not set tracking cookies and does not collect personal data through analytics, we do not display a cookie banner. The full data path is documented above.

6. Sharing

6.1 Service providers and legal

We share data with:

  • Service providers we depend on to operate the Service: Supabase (database and auth), RevenueCat (subscription state), Apple (Sign in with Apple, App Store, push notifications), OpenRouter and Google (AI processing), Vercel (web hosting), Buttondown (email list), Plausible (analytics), and Cloudflare (DNS).
  • Authorities, when required by law or to protect rights, safety, or property.
  • A successor entity in the event of a merger, acquisition, or sale of assets.

6.2 Other DaPilot users you interact with

The endorsement, signature, and instructor features share data directly with other DaPilot users you choose to interact with. You initiate each of these, and they are the consent to the sharing described:

  • Requesting a signature shares that flight, along with your name and FAA certificate number, with the instructor whose certificate number you entered. They can sign, decline, or (if they have not joined DaPilot yet) the request waits until they do.
  • Mirroring lets an instructor copy a flight you logged into their own logbook; the copy then lives in their account. Your original stays in yours.
  • Suggested edits share a proposed change with you for review. Nothing changes in your logbook until you approve it.

6.3 Certificate-number lookup

DaPilot includes an open lookup: any signed-in pilot can enter an FAA certificate number and, if it matches an account, see that account holder’s name and aggregate checkride-reference progress. This lets an instructor review a student’s progress before an endorsement without the student exporting anything. The lookup does not expose individual flights, contact details, or the rest of a logbook.

Because the lookup is open to any signed-in pilot who has your certificate number, your name and aggregate progress are discoverable through it by default. If you do not want to be discoverable this way, you can opt out: email info@dapilot.proto be excluded, and an in-app setting to opt out of the lookup is planned. While you are opted out, your account does not appear in another pilot’s certificate-number search.

7. Your rights

7.1 Access and export

The full export of your logbook is available any time from inside the iOS app: Settings, Export. You receive a CSV file you can take anywhere.

7.2 Deletion

You can delete your account by emailing support@dapilot.pro from the address associated with your account. Within seven days we permanently remove your profile, every flight, every aircraft, every FDP, and every rest period from our servers, along with your authentication record. The local cache on your devices clears on next launch. There is no undo path; export a CSV first if you want a backup. (In-app one-tap deletion is on the roadmap.)

7.3 GDPR

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have rights of access, rectification, erasure, restriction, objection, and portability under GDPR. Email info@dapilot.pro to exercise them. The lawful bases we rely on are: consent (for the email list), contract (for the Service itself), and legitimate interest (for rate-limiting and abuse prevention on the AI endpoints).

7.4 CCPA / CPRA

California residents have the right to know what personal information we collect, the right to delete it, and the right to opt out of any sale or sharing. We do not sell or share personal information. Requests can be sent to info@dapilot.pro.

8. Security

All connections between the app, the website, and our servers use TLS. Logbook data is protected by row-level security policies in Postgres scoped to your account ID. We use industry-standard measures to protect data in transit and at rest, but no system is perfectly secure. Notify us at info@dapilot.pro if you believe your account has been compromised.

9. Children

DaPilot is not directed to children under 17 (App Store age rating 17+). We do not knowingly collect personal information from anyone under 17. If you believe a minor has created an account, contact us and we will delete it.

10. Changes

We may update this Privacy Policy when our practices change. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated in-app or by email when feasible.

11. Contact

Questions about this Privacy Policy can be sent to info@dapilot.pro.

See also: Terms of Service and Regulatory Disclaimer.