MyFlightbook Privacy Policy

General policy around personal information and logbook data

We don't really want your personal data, but an email address and password are required to provide a degree of security and a way to reach you for service-related issues. We are not going to sell it, rent it, or otherwise disclose it. MyFlightbook is hosted in a secure environment and adheres to common security best practices. We do need an email to contact you about site related stuff and for things like password reminders.

We do not send solicitations via email. We will not spam you.

In addition to email and password, you may also optionally provide to us:

Your name. This is used so that can address you by name, and so that it can display in a print view
Your address. This is only used in the print view. We do not send physical mail, nor do we share this.
Your pilot license/certificate and expiration. This is used for printing, for signing flights (if you an instructor), and for tracking expiration dates
Date of your medical. This is used for tracking expiration dates

By default, your flights are private. If someone tries to access a flight that is not theirs and which is not explicitly marked as public, they will see a route of the flight but no information beyond that (date, aircraft, pilot, etc.). You can, however, mark a flight as public. If you do this, many details of the flight will be visible to others, including the date, the aircraft, your name, the route of flight, any remarks about the flight, and any images/videos. This is particularly useful for sharing on social media (see below)

We do not share either the personal information described above or your logbook data (i.e., your flights, airplanes you fly, etc.) with anybody, except with your explicit consent or an appropriate legal process. Of course, in tracking problems on the site or otherwise providing you support, however, we may need to occasionally dive into the database to make a diagnosis, and that means that we will see your data. Of course, as explained above, we dont' want (nor do we request) a lot of personal information about you, so this data cannot be tied to a person beyond your email address.

Cookies

MyFlightbook uses cookies; by using the service, you must consent to their use.

Some of the functionality that requires cookies includes:

Preserving your sign-in status. Without this, you'd have to sign in every time you visit the site.
Providing continuity of experience. One example: when you save a flight, the aircraft you used for that flight is remembered in a cookie so that it can be the default aircraft used for your next flight.
Offering limited advertising on the site (described below), which uses cookies.

The above list is not exhaustive.

Social Networking

You can tweet your flights on Twitter or post them on Facebook. If the flight is not public, not a lot will be shared (just a link to a map of the route), but if you make the flight public, it will expose more detail (as described above).

You can post to Facebook/Twitter in one of two ways: either by clicking on a link to do so (just a web link), or by granting permission for MyFlightbook to post on your behalf and then posting as a side effect of saving a flight.

If you do this, MyFlightbook does NOT request permissions from Facebook or Twitter beyond what is needed to post to your feed on their behalf. I.e., we do NOT get a list of your friends or otherwise pull data from Facebook/Twitter; we only push, and only at your direction.

Cloud Storage

You can download your data, either to your own computer or to a cloud storage provider such as Dropbox, Google Drive, or OneDrive. We, of course, can't control what you do with it then. But, if you enable storage to a cloud provider, you should be aware that:

MyFlightbook cannot do anything with a cloud-storage provider unless you explicitly sign-in to your cloud-storage account and explicitly grant MyFlightbook permission to write files to your account. (The technical protocol for this is "OAuth2", if you want the gory details of how it works)
MyFlightbook does not read any of your data from the cloud storage. Its operations are limited to writing your logbook data and, as needed, images and telemetry data. Note that it is possible for MyFlightbook to overwrite an existing that it has already written.

You can revoke the permission granted to MyFlightbook to write data to your cloud storage provider whenever you like.

Images, videos, and documents

Images, videos, and documents on MyFlightbook are stored using Amazon Web Services. You can review their privacy policy here.

Aircraft are shared on MyFlightbook, and thus ALL aircraft images are shared among users who have those aircraft in their accounts. So if you upload a naked selfie for an aircraft you fly, it will be visible to other pilots. We recommend not doing that.

We like showing images on maps. If you upload an image that is geotagged, then the geotag is preserved; anybody who views the image can determine where it was taken.

Note that at this time, MyFlightbook does NOT provide access control to images and videos, so they are generally visible to anybody who has the correct (hard, but not impossible, to guess) URL for them. This is done because there are a variety of scenarios where authentication in real time is not possible, or where direct access to Amazon's web services is required. So again, we recommend against anything too sensitive.

Instructors

If you set up a relationship with an instructor using MyFlightbook, that instructor will have the ability to issue digital endorsements to you and to view (but not edit/delete) those endorsements.

You may also optionally grant permission for the instructor to view your logbook. If you do this, they may view your logbook information, though their ability to make changes is limited to signing unsigned entries or re-signing signed entries that have been edited since being signed.

You can revoke the ability of an instructor to view your logbook at any time. You can also delete the relationship; doing so will prevent them from accessing your account in any way, but will preserve any signatures or endorsements that they provided during the tenure of the relationship. You can, of course, also re-establish the relationship at any time.

Passwords

Your passwords, by the way, are stored in the database using a one-way hash. (When you authenticate, we hash the password you provide and compare that with the saved hashed password). We cannot recover a password for you, nor can we see your password in the database. Ditto the answer to your secret question. (We obviously can't one-way hash the question itself, since we need to be able to show it to you to recover your password.)

Mobile apps and location

If you use one of the mobile apps, these apps may collect GPS position data. On some platforms, you can choose whether to grant permission for this; on others, it is a condition of using the application.

This position information is used for the following functions:

Helping you to fill out your logbook entry (appending the nearest airport to your route of flight, detecting takeoff/landing, determining day/night, and so forth)
Recording your route of flight (at your option on all mobile devices)
Geotagging any images that you take from within the application so that you can later see where you were when you took the picture

This location information is not stored other than as described above, nor is it shared other than as above. Note that if you share a flight ("Public", as above), then visitors to MyFlightbook will be able to see the geo-tagged image and/or the recorded flight path. But if you don't share it, they won't be able to see it.

Social Media

There is now a Facebook group for MyFlightbook, and MyFlightbook may include Facebook widgets on the site, and these widgets may use Facebook cookies to determine things like your status as a fan and such. If you are a member of Facebook, Facebook may be able to deduce that you use MyFlightbook. Please see the Facebook Privacy Policy for more information about their privacy policy. MyFlightbook never, however, explicitly shares any information with Facebook.

Advertising

MyFlightbook uses Google Ads on the site, and they use cookies. In fact, they are now doing "interest based" advertising, which means that they will probably figure out that this is an aviation-oriented web site, and may conclude that you are interested in aviation. Here is some slightly more legalese detailed information:

If you are within the European Economic Area, you will not see personalized ads. However, you still must accept the use of cookies to use the site.

MyFlightbook uses third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you.
Google, as a third party vendor, uses cookies to serve ads on this site.
Google's use of the DART cookie enables it to serve ads to you based on your visit to this site and other sites on the Internet.
You may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy.

Deleting your account

Of course, we hate to see you go, but if you want to delete your account, just contact us and we will take care of it.

You will receive an emailed copy of your logbook data (just in case), but we delete all of your other information, with two exceptions:

If you are an instructor and have signed flights for a student, your name/email are preserved on the student's record. We do NOT email that email address; rather, it serves as a unique identifier to say that the signer had that email on the date of signing.
For development and support purposes, we do keep backup copies of the database going back a few months. Usually, only the most recent of these backups is installed on a development machine. Deleting your account does not affect database backups from prior to the deletion.