Privacy Policy

Avion Shift is committed to protecting your privacy. This policy describes what data we collect, why we collect it, where it is stored, and what third-party services receive it.

Avion Shift is a wellness tool, not a medical device. It provides general guidance for managing jet lag and does not provide medical advice.

The following data is stored only on your device and is never transmitted to our servers:

• Your jet lag schedule and shift plan
• Sleep preferences (bedtime, wake time)
• Age (used for schedule calculations)
• Melatonin use preference
• Notification preferences

This data is used entirely on-device to calculate your personalized schedule. Deleting the app permanently removes it.

When you create an account, the following data is stored on our backend infrastructure (PostgreSQL database and AWS Cognito user pool):

• Email address — collected via Sign in with Apple. Used solely for account identification and authentication. We do not send marketing emails.
• Apple account identifier — the unique identifier issued by Apple for your account. Used to authenticate you across sessions.

We do not store your trip data, sleep schedules, health preferences, or any other app content on our servers. That data stays on your device.

Avion Shift uses Sign in with Apple as its only authentication method. Apple may provide us with your email address or a private relay address depending on your privacy settings. We store this address solely for account management purposes.

Your use of Sign in with Apple is also subject to Apple's Privacy Policy.

Avion Shift communicates with the following third-party services in the course of normal operation:

Sentry — Used for crash reporting only. Performance monitoring, user interaction tracing, and network request tracking are all explicitly disabled. Before any crash report leaves your device, a beforeSend filter strips your email address, username, IP address, and device hostname. URL query strings in breadcrumbs are also stripped so flight numbers and airport codes are not attached to reports. Your identity in Sentry is tagged with a one-way hash of your Apple-issued account identifier — not your email or name. This hash cannot be reversed to identify you. The only data Sentry receives is: device model, iOS version, app version, anonymized stack traces, and the opaque hashed identifier. Sentry is subject to its own Privacy Policy.

AWS Cognito — Used to manage user authentication. Stores your email address and Apple account identifier as described above. Subject to the AWS Privacy Notice.

Local notifications — Reminders (light exposure windows, sleep times, etc.) are scheduled entirely on-device using iOS local notifications (UNUserNotificationCenter). They do not go through Apple Push Notification Service and no data leaves your device to deliver them.

• We do not collect analytics or usage telemetry
• We do not use advertising SDKs
• We do not sell your data
• We do not share your data with advertisers
• We do not read from or write to Apple HealthKit (this may change in a future version, at which point this policy will be updated)
• We do not track your location

Avion Shift is not a medical device and does not provide medical advice. The schedules it generates are general wellness guidance based on circadian rhythm research. Always consult a qualified healthcare provider before making changes to your sleep schedule, taking supplements such as melatonin, or if you have any medical conditions that may be affected by changes in sleep or light exposure.

• All on-device data is protected by iOS standard storage security
• All communication with our servers and third-party APIs uses HTTPS
• Authentication is handled by AWS Cognito using industry-standard OAuth 2.0 flows
• Crash reports are anonymized before leaving your device, as described above

You have full control over your data:

• Delete account in-app — go to Profile → Delete Account to permanently delete your account and all associated data from our servers with a single tap. No email required.
• Delete local data — deleting the app removes all on-device data permanently

You can also contact us at support@avionshift.com if you need help with account deletion.

If you are located in the EEA, UK, or Switzerland, the following applies in addition to the rest of this policy.

Controller: Anthony Sgro, an individual developer based in the United States. Contact: support@avionshift.com.

Legal basis for processing: We process your email address and Apple account identifier on the basis of contractual necessity (GDPR Art. 6(1)(b)) — it is required to provide you with an account. Crash reporting via Sentry relies on our legitimate interest in maintaining app stability (GDPR Art. 6(1)(f)), with PII stripped before transmission as described above.

International transfers: Our backend infrastructure (AWS) and third-party services (Sentry, AeroDataBox) are operated in the United States. By using the app, your data may be transferred to and processed in the United States. We rely on Standard Contractual Clauses and the data processing agreements of each provider for these transfers.

Your rights under GDPR / UK GDPR: you have the right to access, rectify, erase, restrict, object to, and port your personal data. You can delete your account and all associated data directly within the app (Profile → Delete Account). For other requests, contact us at support@avionshift.com. You also have the right to lodge a complaint with your local data protection authority.

Retention: We retain your account data for as long as your account is active. If you request deletion, we will remove your data from our active systems within 30 days.

If you are a California resident, the CCPA/CPRA gives you specific rights regarding your personal information.

We do not sell or share your personal information as defined under the CCPA/CPRA. We do not disclose personal information for cross-context behavioral advertising.

Categories collected: identifiers (email address, Apple account identifier) for account management only.

Your rights: right to know, right to delete, right to correct, right to opt out of sale (no sale occurs), and right to non-discrimination. You can delete your account directly in the app. For other requests, contact support@avionshift.com.

Avion Shift is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please contact us at support@avionshift.com and we will delete the account promptly.

If this privacy policy changes, the updated version will be posted on this page. The “Last Updated” date at the top will be revised accordingly. Continued use of the app after changes are posted constitutes your acceptance of the updated policy.

For questions about this privacy policy or to exercise your data rights, contact us at support@avionshift.com or open an issue on GitHub.