Skip to content
Get Lifetime $149

Privacy

Privacy Policy

Last updated: 2026-04-24

1. Local-first by design

Aviator Archive is a local-first application. Your flight logs, currency state, and personal records live on the device you installed the app on, in a single encrypted file. We don't run a cloud database of your flight data, and we don't want one — keeping it on your device is the whole point.

2. Sync between your own devices

When two of your devices are on the same local network, they discover each other via mDNS / Bonjour and establish a direct, mutually-authenticated TLS (mTLS) channel using a private certificate authority bundled with the app. Each device holds its own leaf certificate, issued during a one-time enrollment.

Sync traffic stays on the local network. There is no relay server. We do not observe, store, or proxy your flight data during sync.

3. What Cloudflare actually does

We use Cloudflare Workers and Cloudflare D1 to run two narrow services:

  • Federated sign-in — when you sign in, Cloudflare validates the auth provider's token and returns a session.
  • License entitlement — when you buy Lifetime, the entitlement record that unlocks premium features and unlimited logging lives in our D1 database keyed to your user ID.

That is the entire scope of our cloud. Your flight data does not pass through it.

4. The minimum we store

For account management and licensing, we store:

  • Your email address (sign-in identifier).
  • An internal user ID.
  • Your Lifetime license status and the transaction ID from your purchase.
  • The public certificate fingerprint of each device you've enrolled, so we can validate sync handshakes.

We don't store flight totals, aircraft, names, currency state, or any other logbook contents on our servers. We don't have analytics on your in-app behavior.

5. Purchases & Merchants of Record

To handle global tax compliance and payments, we partner with established Merchants of Record (MoR):

  • Lemon Squeezy — MoR for direct web purchases. Your payment details are handled entirely by Lemon Squeezy. We never see your card.
  • Apple App Store & Google Play — MoR for in-app purchases on iOS and Android.

When a transaction completes, the MoR sends a webhook with a transaction ID and buyer reference. We use that to flip your license status to Lifetime across every device you sign in on.

6. Website analytics

This marketing site uses Cloudflare Web Analytics — a server-side, cookie-free, privacy-respecting product. We do not load Google Analytics, Facebook Pixel, or any third-party tracking script. We do not build a user profile about you.

7. Open data we ship

Aviator Archive bundles the airport, aircraft type, manufacturer, and map data it needs to work offline. Those datasets come from public-domain and open-data communities — OurAirports, OpenSky Network, and OpenStreetMap. See the credits page for source links, licences, and instructions if you ever want to refresh your local copy from the upstream.

8. Contact

Questions? [email protected]. A real human responds, usually inside 24 hours.