Privacy Policy

1. Introduction

This Privacy Policy describes how Crossfeed Consulting LLC (“we”, “us”, or “our”) collects, uses, and protects information through Flight Desk Pro (“the App”). The App is operated by and for a single Certificated Flight Instructor (CFI) to manage their flight training clients.

By using the App, the CFI agrees to the practices described in this policy.

2. Information We Collect

The CFI enters the following information about their clients into the App:

• Personal identifiers: full name, date of birth, email address, phone number
• Government-issued ID references: FAA certificate number, FTN (IACRA), driver’s license or state ID, passport or birth certificate identifier
• Medical information: medical certificate class and examination date
• Training history: flight hours, solo dates and hours, endorsements, stage check results, checkride dates and outcomes
• Aircraft information: aircraft ownership status and associated aircraft records
• For minor clients (under 18): parent or guardian name and email address

The App also collects the CFI’s own profile information: name, FAA certificate number and expiration date, email, phone number, and push notification token (if notifications are enabled).

3. How We Use Information

All information collected through the App is used exclusively for flight training management between the CFI and their clients. Specifically:

• To display and track client training progress, endorsements, and certifications
• To allow clients to view their own training record through the client portal
• To send push notifications to the CFI regarding training alerts or reminders (if enabled)

We do not use any collected information for advertising, analytics products, or any commercial purpose beyond operating the App.

4. Children’s Privacy (COPPA)

The App is aware that flight training clients may include minors. We take the following position regarding children’s data:

• The App does not knowingly provide client portal access to users under the age of 13.
• The CFI is responsible for obtaining and retaining verifiable parental or guardian consent before adding any client under the age of 13 to the App.
• If a client’s date of birth indicates they are under 13, the App will display a warning to the CFI and require acknowledgment before the record is saved. The client will not be able to create or use a portal login.
• For clients aged 13–17, the CFI is required to provide the parent or guardian’s name and email address when creating the client record. The CFI affirms they have obtained appropriate consent.

If you believe we have inadvertently collected data from a child under 13 without proper consent, please contact us immediately using the information in Section 8.

5. Parental Access Rights

Parents or legal guardians of minor clients have the following rights:

• Access: You may request a summary of the personal data the CFI has recorded about your child.
• Correction: You may request that inaccurate data be corrected.
• Deletion: You may request that your child’s data be deleted from the App.

Requests should be directed to the CFI who manages your child’s training record. The CFI is responsible for honoring these requests within 30 days. If you are unable to reach the CFI, you may contact us using the information in Section 8 and we will facilitate the request.

6. The CFI as Data Controller

The CFI is the primary account holder and the responsible party for all client data within their account. This means:

• The CFI decides what data to enter and is responsible for its accuracy.
• The CFI is responsible for obtaining any consents required by law before adding a client’s information.
• Crossfeed Consulting LLC provides the App infrastructure but does not independently review, audit, or control the data the CFI enters.

7. Data Retention and Deletion

Client data is retained in the App for as long as the CFI account remains active.

• If a CFI deletes their account, all associated client records will be permanently deleted within 30 days.
• A parent or guardian may request deletion of a minor client’s data at any time (see Section 5).
• Individual client records can be removed by the CFI at any time through the App.

Data is stored using Supabase, a third-party database provider. Supabase infrastructure is used solely for storage and App delivery and operates under its own data processing agreements.

8. Contact Information

If you have questions about this Privacy Policy, wish to exercise your data rights, or need to report a concern, please contact the CFI directly through the App’s Settings screen.

For matters that cannot be resolved through the CFI, you may contact the App developer via the feedback form in the Settings screen.