Privacy Policy

1. Introduction

LogLibro ("we," "our," or "us") operates the LogLibro digital pilot logbook service (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and ensuring the security of your personal information. By using LogLibro, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

When you create an account, we collect:

• Email address (used for authentication and communication)
• Name or username (for account identification)
• Authentication data through Auth0 (our identity provider)

2.2 Flight Logbook Data

When you use our logbook features, we store:

• Flight dates, times, and durations
• Aircraft registration numbers and types
• Departure and arrival airports
• Pilot-in-command, dual instruction, and other flight time categories
• Instrument approaches, landings, and other flight operations data
• Remarks and notes you add to entries

2.3 Usage Data

We automatically collect certain information when you access our Service:

• Device type and browser information
• IP address and general location data
• Pages visited and features used
• Date and time of access

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the LogLibro Service
• Authenticate your identity and secure your account
• Store and manage your flight logbook entries
• Calculate flight time totals, currency requirements, and license milestones
• Send important service-related communications
• Respond to your requests and provide customer support
• Analyze usage patterns to improve our features
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations

4. Data Storage and Security

4.1 Data Storage

Your data is stored securely on MongoDB Atlas cloud infrastructure with industry-standard encryption. Our servers are located in secure data centers with appropriate physical, technical, and administrative safeguards.

4.2 Security Measures

We implement robust security measures including:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication through Auth0
• Regular security audits and vulnerability assessments
• Access controls limiting data access to authorized personnel
• Secure coding practices and regular software updates

4.3 Data Breach Notification

In the event of a data breach that may compromise your personal information, we will notify you via email within 72 hours of becoming aware of the breach, in accordance with applicable laws and regulations.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following limited circumstances:

• Service Providers: With third-party vendors who assist us in operating our Service (e.g., Auth0 for authentication, MongoDB Atlas for data storage), subject to confidentiality agreements.
• Legal Requirements: When required by law, court order, or governmental request, or to protect our rights, property, or safety.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice to you.
• With Your Consent: When you explicitly authorize us to share your information with third parties.

6. Your Rights and Choices

You have the following rights regarding your data:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of any inaccurate or incomplete data.
• Deletion: Request deletion of your account and associated data, subject to legal retention requirements.
• Export: Request an export of your logbook data in a portable format.
• Withdraw Consent: Withdraw consent for optional data processing activities at any time.

To exercise any of these rights, please contact us at privacy@loglibro.com.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to maintain your session, remember your preferences, and analyze how our Service is used.

• Essential Cookies: Required for authentication and core functionality.
• Preference Cookies: Store your settings like dark mode preference and country selection.
• Analytics Cookies: Help us understand how users interact with our Service.

You can control cookies through your browser settings. Disabling essential cookies may affect your ability to use the Service.

8. Data Retention

We retain your personal information and logbook data for as long as your account is active or as needed to provide you with our Service. If you request account deletion:

• Your account will be deactivated immediately
• Personal data will be deleted within 30 days
• Backup copies may be retained for up to 90 days
• Some data may be retained longer if required by law or for legitimate business purposes

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer your data internationally, we implement appropriate safeguards to protect your information, including standard contractual clauses and ensuring our service providers maintain adequate security measures.

10. Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe we may have collected information from a child under 16, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we may also send you an email notification. Your continued use of the Service after any changes indicates your acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy, your data, or our privacy practices, please contact us:

13. Additional Rights for Specific Jurisdictions

13.1 European Economic Area (GDPR)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

13.2 California Residents (CCPA)

California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete personal information, the right to opt-out of sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising CCPA rights.