Privacy Policy

Effective date: April 26, 2026 · Last updated: April 26, 2026

This Privacy Policy explains how No Lodging or Fresh Baked Cookies, Inc., a South Dakota corporation ("Company", "we"), collects, uses, shares, and protects personal information in connection with the AirGenDec service ("Service"). It applies to pilots, fixed-base operators (FBOs), guest pilots filling out FBO intake forms, and visitors to airgendec.com.

We aim to be specific. If you want a quick read: we collect only what is needed to generate your flight paperwork and run your account. We use strong encryption for sensitive PII (passport numbers, dates of birth, passport expiry / issue dates). We do not sell your data, do not run third-party advertising trackers, and only share your data with the customs and aviation authorities you ask us to file with.

1. What we collect

Account information

• Pilots: When you sign in with Google, we receive your email address, display name, and Google account identifier (sub). You may also enter your phone number, owner/operator name, default health-declaration text, and your CARICOM eAPIS username.
• FBOs: Business name, contact email, phone, website, and either a bcrypt-hashed password or a Google-account identifier (if you sign in with Google).

Crew, passenger, and aircraft information

To prepare flight documents, you may save records about people who fly with you (crew, passengers, the pilot in command). For each person we may store first/middle/last name, sex, nationality, passport number, passport country, passport issue date, passport expiry date, date of birth, pilot license number, address, mobile phone, and country of residence. You may also save aircraft tail numbers, aircraft type, and related details.

Encryption. Passport numbers, dates of birth, passport expiry dates, and passport issue dates are encrypted at rest using Fernet symmetric encryption keyed from a server-side secret. Other personal data (names, email, phone, address) is stored plaintext in our PostgreSQL database because it is needed for display, search, and document generation.

Flight plans, submissions, and audit records

We store the flight plans you create or upload, references to which documents have been generated, status of each filing (e.g., uploaded to CARICOM, draft created on Click2Clear), the rotation number returned by the customs system, and an audit log of changes you make to saved person records (with sensitive fields redacted in the log).

Generated documents

Documents (CBP General Declaration, CARICOM eAPIS spreadsheet, Bahamas C7, PCZSAR, etc.) are generated on demand and streamed to you. We do not store generated documents on our servers. We store only metadata about the generation event.

Billing

If you subscribe to a paid plan, our payment processor (Stripe, Inc.) collects your name, billing address, and card details directly. We receive a Stripe customer identifier and high-level subscription status — we do not see or store your card number.

Logs and diagnostics

We log standard server diagnostics — request paths, response codes, timing, and IP address — for security, abuse-prevention, and troubleshooting. Personal data is sanitised out of logs where practicable. Logs are retained on a rolling 30-day basis.

Cookies and similar storage

See Cookie Policy for the full list. In short: we use only strictly-necessary cookies — a session JWT (auth_token for pilots, fbo_auth_token for FBOs) and a temporary OAuth-state cookie. We do not run advertising trackers, third-party analytics tags, or marketing pixels.

Guest pilot intake submissions (FBO portal)

When you fill out an FBO's intake link without an AirGenDec account, we collect the information that link's form requires (typically pilot name, email, phone, aircraft details, and crew/passenger personal data). Sensitive PII fields are encrypted as described above. The submission auto-deletes one day after the flight unless you choose to opt in to creating an account.

2. How we use it

• To create and run your account.
• To generate the flight documents you ask for.
• To transmit forms to customs and aviation authorities only when you instruct us to — for example, when you click "Upload to CARICOM" or "Create Click2Clear Draft".
• To bill you (paid plans) and meet recordkeeping obligations.
• To detect, investigate, and prevent fraud, abuse, security incidents, and violations of our Terms.
• To communicate with you about the Service (transactional emails, service updates, security alerts).
• To comply with applicable law and respond to lawful requests.

3. How we share it

We share personal data only as needed:

• Customs and aviation authorities (CARICOM eAPIS portal, Bahamas Customs Click2Clear, U.S. CBP eAPIS in the future, French DGAC for PCZSAR, etc.): only when you instruct the Service to file on your behalf, and only the data those authorities require.
• Stripe, Inc.: billing and subscription management. Stripe is an independent controller for the payment data it processes; see Stripe's privacy notice at stripe.com/privacy.
• Google: only the OAuth handshake when you choose to sign in with Google. We do not push your data to Google beyond what is needed for that handshake.
• Service providers who help us operate the Service (hosting infrastructure, monitoring) under confidentiality and data-protection commitments.
• Legal and safety: when required by valid legal process or to protect the rights, property, or safety of users, the Company, or the public.
• Business transfers: in connection with a merger, acquisition, financing, or sale of assets — with notice to you and continued protection of your data.

We do not sell or rent personal data, and we do not share it with advertising networks.

4. Data subject rights

You have the right to request:

• Access to the personal data we hold about you.
• Correction of inaccurate data.
• Deletion of your account and associated personal data.
• A portable copy of your data in a structured format.
• Restriction of certain processing.
• Objection to processing in some circumstances.
• Withdrawal of consent where consent was the legal basis (you can also revoke our access to your Google account at any time via your Google account settings).

To exercise any of these rights, email airgendec@nolodging.com. We will respond within 30 days. We may need to verify your identity before acting on a request.

If you are in the European Economic Area or the United Kingdom, you also have the right to lodge a complaint with your local data protection authority. If you are a California resident, the California Consumer Privacy Act (CCPA) provides additional rights; see Section 9 below.

5. Retention

6. Security

We protect personal data using a combination of technical and organizational measures:

• TLS in transit (Let's Encrypt).
• Fernet symmetric encryption at rest for sensitive PII (passport number, date of birth, passport expiry / issue dates), with key rotation supported.
• Bcrypt for FBO password hashes.
• HttpOnly, Secure, SameSite=Lax authentication cookies.
• Origin/Referer-based CSRF protection on all state-changing requests.
• Strict Content Security Policy, frame-ancestors deny, HSTS preloading.
• Database isolated on a private Docker network.
• Continuous integration with automated security scanning (Bandit, pip-audit, Trivy).

No system is perfectly secure. If we become aware of a breach affecting your personal data, we will notify you and applicable supervisory authorities within the timeframes required by applicable law (within 72 hours under GDPR where applicable, sooner where feasible).

7. International transfers

Our servers are located in Germany. If you access the Service from outside the European Economic Area, your personal data will be transferred to and stored in Germany. Where required, we rely on standard contractual clauses or other approved transfer mechanisms.

8. Children

The Service is intended for licensed pilots and aviation-industry professionals and is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe we have received personal data from a child under 16, contact us and we will delete it.

9. California residents (CCPA / CPRA)

If you are a California resident, you have rights to know what personal information we collect, to access it, to request deletion, to correct inaccuracies, and to opt out of "sale" or "sharing" (we do not sell or share personal information for cross-context behavioural advertising). Categories of personal information collected and the purposes are described in Section 1 ("What we collect") and Section 2 ("How we use it") above. We do not use sensitive personal information for inferring characteristics about you. To submit a request, email airgendec@nolodging.com. You may designate an authorized agent. We will not discriminate against you for exercising these rights.

10. EEA / UK residents (GDPR / UK GDPR)

If you are in the European Economic Area or the United Kingdom, the legal bases on which we process your personal data are: performance of a contract (operating the Service for you, billing you), legitimate interest (security, fraud prevention, service improvement — balanced against your rights), consent (where you have given it, revocable at any time), and legal obligation (record-keeping, responding to lawful requests). For purposes of GDPR, the Company is the data controller. To contact us about EEA/UK matters, email airgendec@nolodging.com.

11. Changes to this policy

We may update this Privacy Policy. If we make material changes we will give reasonable notice (for example, by email or in-app banner) before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact