PilotSense

Privacy Policy

Effective April 3, 2026

1. Information We Collect

PilotSense collects the following categories of personal information:

Account Information

Name, email address, and authentication credentials.

Health and Biometric Data

Sleep duration, sleep stages, and sleep efficiency (via Apple HealthKit); heart rate variability (HRV); resting heart rate; respiratory rate; Psychomotor Vigilance Test (PVT) reaction times and lapse counts.

Self-Reported Data

Karolinska Sleepiness Scale (KSS) scores; self-assessed fatigue, illness, stress, and emotional state; alcohol consumption and medication use; mental wellness screening responses (PHQ-2 and GAD-2).

Flight and Location Data

Flight schedules, departure and arrival airports, GPS location for automatic flight detection, duty time and currency records.

Device Information

Device type, operating system version, app version, and Firebase Cloud Messaging tokens for notifications.

2. How We Use Your Information

  • Generate your daily fatigue readiness score (0–100) using a weighted algorithm based on sleep quality, circadian phase, cognitive performance, and self-reported factors.
  • Provide personalized fatigue management guidance and countermeasure recommendations.
  • Track fatigue trends over time and build a personalized fatigue response model.
  • Share readiness information with your organization's administrators if you join an organization and explicitly consent to data sharing.
  • Send pre-flight notifications and check-in reminders.
  • Generate safety reports and compliance documentation for organizations.
  • Improve PilotSense through aggregated, de-identified usage analytics.

3. Organization Data Sharing

If you join a flight school or aviation operator organization within PilotSense, certain data will be shared with your organization's administrators for aviation safety purposes only. The data shared depends on the privacy tier you select when joining:

Score Default

In addition to your name, role, currency/medical/BFR status, flight schedule, and circadian low status, administrators see your individual readiness band, numerical readiness score, readiness summary, and hours since wake. Administrators do not see your sleep duration, KSS score, IMSAFE self-report responses, PVT results, biometric data, or any raw physiological measurements at this tier.

Full Details

In addition to everything shared at the Score tier, administrators see sleep duration and efficiency, KSS subjective sleepiness score, IMSAFE self-report responses, PVT reaction times and lapse counts, heart rate variability, resting heart rate, caffeine indicator, and top fatigue drivers.

Status Only

The minimum tier. Administrators see only your name, role, currency status, whether you checked in, and fleet-level aggregate readiness distribution. Your individual readiness score and band are not visible.

Regardless of tier, your identity and readiness band will be disclosed to administrators if a safety escalation occurs: REST or ELEVATED readiness band with a scheduled flight, a missed check-in with a scheduled flight, a manual safety override, or an urgent wellness concern you elected to share.

Sleep duration, KSS scores, and IMSAFE responses are only useful as safety signals if pilots answer them honestly. The default tier protects honest self-reporting by keeping raw subjective data private unless the pilot affirmatively opts into Full Details.

Never shared with organizations at any tier:

Mental wellness screening scores (PHQ-2 and GAD-2), personal notes, raw Apple HealthKit data, and internal algorithm records. Organization administrators are contractually prohibited from using PilotSense data for hiring, firing, promotion, discipline, scheduling discrimination, or any non-safety employment decision.

4. Data Storage and Security

Your data is stored using Google Firebase cloud services with the following protections:

  • Encryption in transit using TLS 1.2 or higher.
  • Encryption at rest for all stored data.
  • Firebase Security Rules restricting data access to authorized users.
  • Role-based access controls separating pilot data from administrator access.
  • Mental wellness data stored in a separate, access-restricted collection that is never exposed to organization administrators.

5. Data Breach Notification

In the event of a breach of unsecured personal or health information, PilotSense will notify affected individuals and, where required, regulators without unreasonable delay and in accordance with applicable law, including within any maximum time periods prescribed by law (such as 60 days after discovery, where applicable). Notification will be provided via email and in-app notification.

6. Your Privacy Rights

All Users

  • You may request to know what personal data we have collected about you.
  • You may delete your account and all associated data at any time from your Profile settings.
  • You may export your personal data in a machine-readable format (JSON) from your Profile settings.
  • You may withdraw consent for organization data sharing at any time.
  • You may opt out of non-essential data collection.

California Residents (CCPA/CPRA)

  • You have the right to know, access, correct, and delete your personal information.
  • You have the right to limit the use of your sensitive personal information, which includes health data, biometric data, and precise geolocation.
  • You have the right to non-discrimination for exercising your privacy rights.
  • To exercise these rights, contact admin@pilotsense.net.

EU/EEA Residents (GDPR)

  • You have the right to explicit consent for processing of health data under Article 9.
  • You have the right to data portability under Article 20.
  • You have the right to erasure (“right to be forgotten”) under Article 17.
  • You have the right to withdraw consent at any time.
  • You have the right to lodge a complaint with a supervisory authority.
  • To exercise these rights, contact admin@pilotsense.net.

7. Data Retention

  • We retain your personal data for as long as your account is active.
  • Check-in history and flight logs are retained for the duration of your account.
  • Mental wellness screening entries are retained for 12 months for trend analysis, then automatically deleted.
  • If you delete your account, all associated data is permanently deleted within 30 days.

8. Third-Party Services

  • Google Firebase — authentication, database, cloud storage, analytics. Google Privacy Policy applies.
  • Apple HealthKit — data is read from your device with your permission; PilotSense does not write data back to HealthKit.
  • Stripe — payment processing for subscriptions. Stripe Privacy Policy applies.

We do not sell your personal data to third parties. We do not share your data with advertisers. We do not use your health data for any purpose other than providing the PilotSense service as described in this policy.

9. Children's Privacy

PilotSense is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16.

10. Changes to This Policy

We may update this privacy policy from time to time. Material changes to data collection practices or sharing policies will be communicated via email and in-app notification at least 14 days before taking effect and will require renewed consent. Non-material changes take effect upon posting.

11. Contact Us

For privacy inquiries, data requests, or concerns:

Email: admin@pilotsense.net

Web: pilotsense.net

PilotSense is operated by Pilot Sense Inc., a Delaware corporation.