TropiqTROPIQ
Why Tropiq

Privacy Policy

Last updated: February 24, 2026

1. Introduction

Tropiq Inc. ("Company," "we," "us," or "our") operates Tropiq, a mobile and web-based aviation application (the "Service"). We are committed to protecting your personal information and being transparent about what data we collect, how we use it, and your rights regarding it.

This Privacy Policy applies to all users of the Tropiq mobile application (iOS and Android) and the Tropiq web platform (collectively, the "Service"). By creating an account or using the Service, you agree to the collection and use of information as described in this Policy.

If you do not agree with this Policy, please do not use the Service.

2. Information We Collect

2.1 Account and Profile Information

When you create an account, we collect:

  • Full name and email address
  • Password (stored in hashed/encrypted form — we cannot read your password)
  • Pilot certificate number, ratings, and certificate type
  • Aircraft information (tail number, make, model)
  • Profile preferences and notification settings

We collect certificate and aircraft data to power currency tracking, logbook automation, and aircraft-specific features. We do not use this information to verify your FAA credentials or to share with any regulatory authority unless required by law.

2.2 Location and GPS Data

Precise geolocation is classified as Sensitive Personal Information under applicable law (including California's CPRA). We treat it accordingly.

When you use location-based features of the Service (navigation, airport views, weather overlays, flight tracking), we collect:

  • Current GPS coordinates and device location
  • Flight route waypoints and filed flight plans
  • Real-time position data during active flights
  • Historical position tracks and ground tracks

When you enable background location access, position data may be recorded continuously during an active flight session for track logging purposes. Background location is used exclusively for in-flight tracking. It is not used for advertising, behavioral profiling, or any purpose unrelated to your active flight session.

You may disable location access at any time in your device's operating system settings; doing so will limit navigation and tracking features but will not affect logbook entry or other non-location features.

2.3 Flight Logs and History

We collect and store data related to your flight activity, including:

  • Logbook entries (departure, destination, date, duration, aircraft)
  • Automatically recorded flight tracks (GPS-derived)
  • Instrument, cross-country, night, and other logged flight time
  • Endorsements and certifications stored in your logbook
  • Currency tracking data (takeoffs, landings, instrument approaches)

We use flight log data to provide your electronic logbook, calculate FAA currency, generate reports, and sync your records across devices.

2.4 Flight Conditions and Weather Data

We collect data related to your use of weather and airspace features, including:

  • Weather briefings you request or view
  • NOTAM and TFR queries associated with your planned flights
  • METARs, TAFs, PIREPs, and SIGMETs you access
  • Airspace queries and altitude preferences

We use this data to deliver relevant weather and airspace content and to improve the relevance of flight briefing features.

2.5 Payment Information

When you purchase a subscription or in-app product, payment is processed by our third-party payment processor (e.g., Apple App Store, Google Play Store, or Stripe). We do not store your full credit card number, CVV, or bank account details on our servers.

We may retain:

  • Subscription tier and billing cycle
  • Transaction confirmation IDs and timestamps
  • Billing address (for tax and invoicing purposes)

2.6 Device Data (Identifiable)

We automatically collect certain technical information that may be linked to your account:

  • Device type, operating system, and version
  • App version and build number
  • IP address and derived general geographic region
  • Crash reports and error logs linked to your session

2.7 Anonymized Analytics

Separately from device data, we collect feature usage statistics that are de-identified before storage and are not linked to your account or identity (e.g., how often a particular feature is used across all users). We cannot re-identify you from this data.

2.8 Communications

If you contact us for support or submit feedback, we collect the contents of your messages and your contact information. We use these solely to respond to your inquiry and to improve the Service.

2.9 Cookies and Tracking Technologies

The Tropiq web platform uses the following tracking technologies:

Strictly Necessary Cookies: Required for the Service to function (session management, authentication). These cannot be disabled.

Analytics Cookies: Help us understand how users interact with the web platform (e.g., page views, feature usage). These are non-essential and will only be set with your consent where required by law.

Preference Cookies: Remember your settings and choices. Non-essential; consent-based where required.

We do not use advertising or behavioral tracking cookies. We do not share cookie data with ad networks.

Do Not Track / Global Privacy Control: We honor Global Privacy Control (GPC) signals from your browser. If your browser transmits a GPC signal, we will treat it as a request to opt out of the sale or sharing of your personal information, consistent with California law. We do not otherwise respond to generic "Do Not Track" signals, as there is no universally accepted standard for them.

You may manage cookie preferences through the cookie banner on our web platform or through your browser settings.

2.10 Uploaded Photos and Documents

If you upload files to the Service — including aircraft photographs, endorsement scans, medical certificate images, approach plate annotations, or any other documents — we store those files on your behalf as private user content. Uploaded files are:

  • Accessible only to you, and — where you have explicitly authorized it — to a designated flight instructor as described in Section 2.12
  • Never shared with third parties, never included in aggregate or de-identified data products, and never used for advertising, marketing, or AI/ML training without your separate, explicit opt-in consent (see Section 3.2)
  • Retained for the life of your account and permanently deleted within 30 days of account deletion

2.11 Referral and Acquisition Data

When you create an account, we collect information about how you discovered the Service, including:

  • Referral source (e.g., link from a partner website, app store search, referral from another user)
  • Marketing campaign attribution (e.g., which promotion or advertisement led to your signup)
  • Referring URL or app store search terms

We use this data solely for internal marketing effectiveness analysis and to improve how we reach new users. It is not shared with third parties for their marketing purposes and is not linked to your flight activity, logbook data, or any ongoing usage behavior.

2.12 Instructor-Student Relationship Data

If you use the flight instructor (CFI) features of the Service, we collect and manage the following relationship data:

If you are a student: When you invite a CFI to access your logbook, we record the relationship, the date it was established, and the scope of access you granted. You own this relationship entirely and may revoke the CFI's access at any time from your account settings. Upon revocation, the CFI immediately and permanently loses access to your full logbook and to all future entries.

CFI retained access after revocation: After a student revokes a CFI's access, the CFI retains permanent read-only access limited strictly to the specific logbook entries and endorsements they personally created, signed, or certified during the period the relationship was active. This retained access cannot be expanded — the CFI cannot view entries predating their access grant or any entries made after revocation.

If you are a CFI: Your name, certificate number, and any endorsements you create are recorded as a permanent part of the student's logbook. Because endorsements constitute legal FAA records, they cannot be deleted by you or by the student after they are created, consistent with applicable FAA regulatory requirements.

3. How We Use Your Information

The table below maps each data type to its specific purpose.

| Data Type | Purpose | |---|---| | Account / profile info | Account management, authentication, subscription | | Pilot certificate / ratings | Currency calculation, logbook automation | | GPS / location data | Navigation, nearby airports, weather, flight tracking; de-identified aggregate used for AI/ML training (Tier 1) | | Flight logs | Logbook, currency, sync across devices, reports; de-identified aggregate used for AI/ML training (Tier 1) | | Weather / conditions data | Delivering relevant briefings and airspace features | | Payment data | Billing, invoicing, fraud prevention | | Identifiable device data | Security, crash diagnostics, fraud prevention | | Anonymized analytics | Product improvement, feature development | | Communications | Support responses, product improvement | | Cookies (non-essential) | Analytics, preferences | | Uploaded photos / documents | Private storage; displaying your content to you | | Referral / acquisition data | Internal marketing attribution only | | CFI relationship data | Enabling authorized instructor access to logbook |

We do not use your data for automated decision-making that produces legal or similarly significant effects.

3.1 Product Experimentation (A/B Testing)

We may use your account and usage data to run controlled product experiments — for example, testing whether a new navigation layout or feature placement improves usability. You may be placed in an experiment group without individual notice. Experiments use only data necessary to measure the specific change being tested and do not involve sharing your data with third parties. Results are analyzed at the aggregate level.

3.2 Flight Data Use for AI, Machine Learning, and Performance Profile Systems

We use flight data to build and improve the AI and machine learning systems that power the Service, including route optimization, safety alerting, weather pattern analysis, anomaly detection, and performance profile features. This is a core part of how the Service functions and improves over time. This use operates on two tiers based on data type.

Tier 1 — De-identified and aggregated data (standard disclosed use)

We collect and process de-identified, aggregated flight pattern data — including anonymized route statistics, performance distributions, maneuver characteristics, altitude profiles, and fleet-level trends — as a routine part of operating and improving the Service. Before any data enters our AI/ML training pipelines or performance systems, all personal identifiers are removed: your name, account ID, email address, and aircraft tail number are stripped and cannot be re-associated with the processed data.

This anonymized data is used to:

  • Train and validate the AI/ML models that power Service features
  • Verify the accuracy and integrity of performance profiles used in our training systems — for example, confirming that flight performance data is internally consistent and plausible before it enters a model training run
  • Identify systemic patterns in routing, weather decision-making, and flight performance to improve safety-relevant features across the Service

Because this data is genuinely de-identified and cannot reasonably be used to identify you, it does not constitute personal information under applicable law. This use does not require opt-in consent. You may opt out of contributing your data to Tier 1 processing by contacting support@tropiq.app or through your account settings; opting out may limit certain AI-powered features of the Service.

Tier 2 — Individual-level GPS tracks and performance data (opt-in)

If you separately consent, we may retain and use your individual flight tracks, specific performance data points, and linked logbook entries — with aircraft type and flight context intact — to improve personalized features such as individual flight analysis, currency projections, and personalized recommendations. All personal account identifiers are still stripped even in Tier 2 processing.

Tier 2 requires your explicit opt-in via a separate, clearly labeled consent prompt in the app. You may withdraw consent at any time from your account settings. Withdrawal stops future individual-level data use but does not affect models already trained on data contributed before withdrawal.

Uploaded photos, documents, and endorsements are explicitly excluded from both Tier 1 and Tier 2 AI/ML use, regardless of your settings.

3.3 Aviation Safety Data Programs (Opt-In)

We may participate in voluntary aviation safety data programs, such as the NASA Aviation Safety Reporting System (ASRS) or similar initiatives operated by the FAA, AOPA, or other recognized aviation safety organizations. Any contribution of data to such programs will be:

  • Opt-in only — we will never contribute your data to a safety program without your explicit consent
  • Anonymized and de-identified — all personal identifiers, account information, aircraft tail numbers, and precise location data will be removed before submission; data is contributed at the aggregate or statistical level only
  • Non-commercial — safety program data contributions are made to support the broader aviation safety mission, not for revenue

We will describe each specific program and what data would be contributed at the time you are invited to participate.

3.4 Insurance Partnership Program (Future; Opt-In Only)

We do not currently share any user data with insurance providers. In the future, we may offer an optional program that allows pilots to share flight behavior data — such as maneuver smoothness, crosswind landing frequency, or adherence to filed altitudes — with aviation insurance partners in exchange for potential premium discounts or other benefits.

If and when such a program is offered, participation will be strictly opt-in. No flight data, logbook data, or any other personal information will be shared with any insurance partner until you have reviewed the specific program terms and affirmatively enrolled. You may disenroll at any time, and disenrollment will stop future data sharing immediately.

4. How We Share Your Information

We do not sell your personal information to third parties. We do not share your personal information with third parties for their direct marketing purposes.

4.1 Service Providers

We share data with trusted third-party vendors who help us operate the Service, including cloud hosting providers, payment processors, analytics platforms, and customer support tools. These vendors are contractually prohibited from using your data for any purpose other than providing services to us, and are required to maintain appropriate security standards.

4.2 Third-Party Aviation Integrations (Opt-In Only)

With your explicit, informed consent, we may share your flight logs or aircraft data with third-party aviation services (such as maintenance tracking, flight analysis, insurance, or scheduling platforms). You may authorize and revoke these integrations at any time in your account settings.

Important: Revoking access prevents future data sharing but does not automatically delete data already transferred to the third party. You must contact that provider directly to request deletion of data they have already received.

4.3 Legal Requirements

We may disclose your information if required by law, subpoena, court order, or other legal process. We will notify you of such requests where legally permitted to do so.

We may also disclose information if we have a good-faith belief that disclosure is reasonably necessary to protect against imminent harm to any person, including a pilot in an emergency situation.

4.4 Business Transfers

If Tropiq Inc. is acquired by or merged with another company, or if we sell substantially all of our assets, your information may be transferred as part of that transaction. We will notify you by email or prominent in-app notice as soon as reasonably practicable after such a transfer, and in any event before your data becomes subject to a materially different privacy policy. You will have the right to delete your account at that time.

4.5 Aggregate, De-identified Data

We may share statistical data that has been de-identified and aggregated such that it cannot reasonably be used to identify you. We apply technical and organizational safeguards before any such sharing and do not share aggregate data that could foreseeably enable re-identification, including aggregates of precise GPS data at the individual flight or route level.

4.6 Instructor-Student Data Access

When you grant a CFI access to your logbook, we share the following data with that CFI within the Service:

  • Your logbook entries for flights occurring during the active relationship
  • GPS track data associated with those entries, if track logging was enabled
  • Currency status and totals relevant to the instructor's duties

This access is controlled entirely by you as the student. You may revoke it at any time. Upon revocation, the CFI retains permanent read-only access only to the specific entries and endorsements they personally created or signed — they cannot access your full logbook, your account information, your uploaded documents, or any data outside their direct contributions. We do not share CFI-student relationship data with any third party.

5. Data Retention

We retain your personal data for the following periods:

| Data Type | Retention Period | Basis | |---|---|---| | Account data | Duration of account, plus 30 days after account deletion | Account recovery window | | Flight logs and logbook entries | Duration of account, deleted within 30 days of account deletion | User-owned records | | Raw GPS track data | 24 months from date of flight, then deleted | Product functionality; rolling reference window | | Uploaded photos and documents | Duration of account, deleted within 30 days of account deletion | User-owned private content | | Referral / acquisition data | 24 months from account creation | Marketing attribution | | CFI endorsements in student logbook | Indefinite; not deletable by student or CFI | FAA regulatory record | | CFI read-only access to signed entries | Indefinite following relationship revocation | FAA regulatory record | | Payment records | 7 years from transaction | Legal and tax obligation (IRS, state law) | | Crash logs and device data | 12 months | Debugging and security | | Support communications | 3 years from last contact | Dispute resolution | | Analytics (anonymized) | Indefinite (not personal data once anonymized) | N/A |

Why 24 months for GPS track data? We retain raw tracks for two annual cycles to support year-over-year logbook comparison, insurance lookbacks, and safety event review. After 24 months, the summary data (flight time, airports, etc.) remains in your logbook; only the raw GPS trace is deleted.

Requests to delete your data before these periods expire will be honored for data we are not legally required to retain. See Section 8.

6. Security

We implement the following security measures to protect your information:

  • Encryption of data in transit (TLS 1.3 or higher; minimum TLS 1.2)
  • Encryption of sensitive data at rest (AES-256)
  • Role-based access controls and least-privilege principles for internal personnel
  • Regular third-party security audits and penetration testing
  • Vulnerability disclosure program

No method of transmission or storage is 100% secure. In the event of a data breach that materially affects your rights, we will notify you as required by applicable law and will provide information about what occurred and what steps you can take.

7. Your Rights and Choices

To submit any data rights request, contact us at support@tropiq.app. We will acknowledge your request within 5 business days and respond substantively within the timeframes below.

7.1 Access and Portability

You may request a copy of the personal data we hold about you, including your logbook data, flight history, and account information, in a portable format (CSV, PDF, or JSON). Response time: within 45 days, extendable by an additional 45 days with notice.

7.2 Correction

You may update or correct your account information at any time through the app. For data you cannot edit directly, contact us.

7.3 Deletion

You may request deletion of your account and personal data. We will process your request within 30 days, subject to data we are required to retain by law (e.g., billing records). Your account will be deactivated immediately upon request; all personal data will be deleted within 30 days.

7.4 Opt-Out of Marketing

You may opt out of promotional emails at any time by clicking "unsubscribe" in any marketing email or adjusting your notification settings in the app. You will continue to receive transactional messages (receipts, security alerts, service notices) regardless of marketing opt-out.

7.5 Limit Use of Sensitive Personal Information

You have the right to limit our use of Sensitive Personal Information (including precise GPS location) to purposes strictly necessary to provide the Service. To exercise this right, contact support@tropiq.app or use the in-app settings.

7.6 California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and share (this Policy provides that disclosure)
  • Delete your personal information (subject to certain legal exceptions)
  • Correct inaccurate personal information
  • Opt out of the sale or sharing of personal information — we do not sell personal information; to opt out of sharing for cross-context behavioral advertising (which we do not currently conduct), contact support@tropiq.app
  • Limit use of Sensitive Personal Information (see Section 7.5)
  • Non-discrimination: we will not deny you service, charge different prices, or provide a lower quality of service because you exercised any of these rights

To submit a CCPA/CPRA request, contact us at support@tropiq.app. We will not require you to create an account to submit a rights request.

8. Children's Privacy

The Service is directed to users aged 18 and over. We do not knowingly collect personal information from anyone under the age of 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@tropiq.app and we will delete that information promptly and terminate the account.

9. Third-Party Links and Services

The Service may contain links to third-party websites, weather data providers, chart services, or other aviation platforms. This Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you use in connection with the Service.

10. Geographic Scope

The Service is intended for use within the United States. Tropiq Inc. is based in the United States, and all personal data collected through the Service is stored and processed on servers located in the United States. We do not currently direct the Service to residents of the European Union, European Economic Area, United Kingdom, or Switzerland, and we do not take active steps to market to or serve users in those regions. If you are located outside the United States and choose to use the Service, you do so at your own risk and subject to U.S. law.

11. Export Controls

The Service incorporates aeronautical data and software that may be subject to U.S. export control laws, including the Export Administration Regulations (EAR). By using the Service, you represent that you are not located in, under the control of, or a national or resident of any country subject to U.S. trade embargo, and that you are not on any U.S. government restricted-party list.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will classify changes as either material or non-material:

Non-material changes (clarifications, formatting, new contact information): We will update the "Last Updated" date and post notice in the app.

Material changes (new data uses, new sharing partners, changes to your rights): We will send you advance notice by email at least 30 days before the change takes effect.

13. Contact Us

If you have any questions, concerns, or data rights requests, please contact us:

Tropiq Inc. Attn: Privacy 131 Continental Dr Suite 305 Newark, DE 19713 Email: support@tropiq.app

This Privacy Policy is incorporated by reference into the Tropiq Terms of Service.