Declare Flights

Privacy Policy

Last updated: January 2025

Declare Flights is committed to protecting your privacy. This policy explains how we collect, use, disclose, and safeguard your information when you use our digital logbook and passenger declaration service.

1. Information We Collect

We collect the following categories of information:

Account Information

  • Name and email address
  • Password (securely hashed)
  • Profile picture (optional)

Pilot Profile

  • CAA licence number
  • Licence type (PPL, CPL, ATPL, LAPL)
  • Ratings held

Aircraft Data

  • Aircraft registration
  • Type and class
  • Notes

Passenger Records

  • Name, email, phone
  • Pilot licence exemption status
  • Guardian info for minors

Flight & Logbook Data

  • Flight dates and times
  • Routes and durations
  • Landings and costs

Declaration Data

  • CAP 1590 acknowledgments
  • Electronic signatures
  • Timestamps and device info

Security Information

  • IP addresses
  • Browser and device info
  • Login timestamps

Payment Information

  • Stripe customer ID
  • Subscription status
  • Last 4 digits of card

2. How We Use Your Information

Provide and maintain our digital logbook service
Generate and manage CAP 1590 passenger declarations
Send declaration invites via email or SMS
Calculate flight hours and currency requirements
Process subscription payments
Send security notifications
Send flight-related notifications
Maintain audit trails for compliance

3. Data Retention

Declarations & Flight Data

In accordance with CAP 1590, signed declarations and associated flight data are retained for a minimum of 6 months from the flight date. This retention period is locked and cannot be shortened.

Account Data

Retained while your account is active. Deleted upon account deletion, except where legally required.

Audit Logs

Retained for 2 years to support regulatory compliance and security investigations.

4. Information Sharing

We do not sell your personal information. We may share data with:

Service Providers

Stripe — Payment processing
Resend — Email delivery
Vercel — Hosting infrastructure
Neon — Database hosting

Passengers

When you invite passengers to sign declarations, they see flight details including route, date, and aircraft information.

Legal Requirements

We may disclose information if required by law, court order, or governmental authority, including to the UK CAA for regulatory purposes.

5. Data Security

Encryption in transit (HTTPS/TLS)
Encryption of sensitive data at rest
Secure password hashing
Content integrity hashing for declarations
Rate limiting against brute force attacks
New device login notifications

6. Your Rights (GDPR)

Under UK GDPR, you have the right to:

Access
Request a copy of your personal data
Rectification
Correct inaccurate personal data
Erasure
Request deletion (subject to legal requirements)
Portability
Receive data in machine-readable format
Object
Object to processing of your data
Restrict
Request limitation of processing

To exercise these rights, contact us at privacy@declare.flights

7. Cookies & Local Storage

Session Cookies

Essential for authentication and maintaining your logged-in state.

Local Storage

For storing user preferences such as theme settings.

We do not use third-party tracking cookies or advertising cookies.

8. International Data Transfers

Your data may be processed in countries outside the UK where our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.

9. Children's Privacy

Our service is not directed at children under 13. Passengers who are minors must have declarations signed by a parent or guardian. We collect guardian information in these cases to ensure valid consent.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices:

privacy@declare.flights