Skip to main content

Privacy Policy

Last Updated: June 2026

1. Overview

This Privacy Policy describes how Avion (“we,” “us,” or “the Company”) collects, uses, stores, and shares information when you use the Avion iOS application (the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this Policy.

2. Definitions

  • Account: A unique account created for you to access the Service.
  • Company: Refers to Avion, an individual developer based in the United States.
  • Device: Any device that can access the Service, such as a smartphone or tablet.
  • Personal Data: Any information that relates to an identified or identifiable individual.
  • Service: Refers to the Avion iOS application.
  • Service Provider: Any third-party that processes data on our behalf, including Amazon Web Services (AWS) for account hosting and Sentry for crash diagnostics.
  • You: The individual using the Service.

3. Information We Collect

Account Identifier: When you sign in with Sign in with Apple, we receive a unique Apple-issued identifier and, optionally, the name and email address you choose to share. We never receive your Apple ID password.

Sleep and Circadian Profile Data: The bedtime, wake time, chronotype, melatonin dose preference, caffeine sensitivity, light sensitivity, age (optional), and pre-trip shift days you enter in the app.

Trip and Flight Data: Flight numbers, departure and arrival airports, dates, and times you enter or look up.

Action Status Data: Your interactions with scheduled actions (whether you completed, skipped, or adjusted them) used to regenerate the schedule.

Camera and Photo Library Access: With your permission, the Service uses the device camera to scan boarding passes, or reads boarding pass images you select from your photo library. Image processing happens entirely on-device. We do not transmit, store, or retain boarding pass images. Only the parsed flight data (flight number, dates, airports) is saved to your trip — the source image is discarded once parsing completes.

Subscription and Purchase Data:When you purchase a subscription, we receive transaction metadata from Apple's StoreKit through our subscription provider (RevenueCat). This includes the product identifier, transaction identifier, purchase date, expiration date, renewal status, and your Apple Account region. We use this data to grant access to paid features and to surface subscription status. Apple processes your payment; we do not see your payment method, billing address, or financial information.

Crash and Error Diagnostics: When the app crashes or encounters an error, we collect device model, iOS version, app version, and a stack trace. Before any crash report leaves your device, a beforeSend filter strips your email address, username, IP address, and device hostname. URL query strings in breadcrumbs are also stripped so flight numbers and airport codes are not attached to reports. Your identity in Sentry is tagged with a one-way hash of your Apple-issued account identifier — not your email or name. This hash cannot be reversed to identify you. We do not collect your sleep, trip, schedule, name, email, or IP address as part of crash reports.

Usage Data (anonymized): Device type, OS version, and aggregated feature usage frequency. This is not associated with your account identifier.

Feedback You Send Us:The app includes an optional “Send Feedback” feature. When you choose to use it, your written comment along with a snapshot of your jet lag plan and sleep profile (bedtime, wake time, chronotype, melatonin and caffeine preferences, and the trip the plan was generated for) is transmitted to us. Feedback is used solely to improve the Service. Your account identifier is included so we can follow up if needed; we do not receive your name, email address, or payment information through this feature. You can review what is included before sending, and the feature is opt-in — no feedback is ever sent automatically.

Note on Health-Related Data: Sleep schedule and circadian rhythm information may be considered health-related under certain laws (such as GDPR Article 9). By entering this data, you explicitly consent to our processing of it solely to generate your circadian adjustment schedule.

4. How We Use Your Information

We use the information we collect to:

  • Authenticate you via your Apple-issued identifier.
  • Generate schedules by feeding your profile and flight itinerary into our circadian algorithm.
  • Provide notifications for scheduled actions, with your permission.
  • Improve the Service using anonymized, aggregated usage data.

We do not sell your personal information. We do not use your personal information for advertising or marketing.

Data we do not collect:

  • We do not use analytics SDKs or telemetry frameworks
  • We do not use advertising SDKs
  • We do not sell or share your data with advertisers
  • We do not read from or write to Apple HealthKit (this may change in a future version, at which point this policy will be updated)
  • We do not track your location

5. How We Store Your Information

Local storage:Your sleep profile, trip data, schedules, and action statuses are stored on your device using Apple's SwiftData framework, protected by iOS device encryption.

Cloud storage (account only): Your Apple-issued account identifier is stored on Amazon Web Services (AWS) servers in the United States, used solely to authenticate sign-in across devices and reinstalls. No sleep, trip, or schedule data is transmitted to our servers.

Flight lookup: When you look up a flight by number or route, your query (flight number, airports, date) is sent to our flight lookup API. The query itself is not associated with your account identifier and is not retained.

6. Third-Party Services

The Service uses the following third-party services. Each operates under its own privacy policy.

  • Apple Sign In with Apple for authentication.
  • Apple App Store and StoreKit for subscription billing and processing.
  • RevenueCat (RevenueCat, Inc.)for subscription management and entitlement validation. RevenueCat receives transaction metadata from Apple, your account identifier, and your subscription status. RevenueCat's privacy policy is available at revenuecat.com/privacy.
  • Amazon Web Services (AWS) for account hosting in the United States.
  • Apple Push Notification Service (APNs) — used only for premium flight alert notifications in Avion Pro (delay alerts, gate changes, cancellations). Standard schedule reminders (light, sleep, melatonin, caffeine, meal windows) are scheduled entirely on-device using iOS local notifications (UNUserNotificationCenter) — they do not go through APNs and no data leaves your device to deliver them.
  • Sentry (Functional Software, Inc.) for crash and error diagnostics. Sentry receives only stack traces, device model, iOS version, app version, and an anonymized hash of your account identifier. Performance monitoring, user interaction tracing, and network request tracking are explicitly disabled. A beforeSend filter strips your email address, username, IP address, hostname, URL query strings, and any user-supplied text from diagnostic events before they leave the app. Sentry is subject to its own privacy policy.

We do not share your personal information with third parties for advertising, analytics tracking, or marketing.

7. Medical Disclaimer

Avion is not a medical provider, medical device, or diagnostic tool. The schedules generated by the Service are for informational and educational purposes only. They are not a substitute for professional medical advice, diagnosis, or treatment.

If you have a sleep disorder, shift work disorder, take medication that affects sleep, are pregnant, or have any other medical concern, consult a healthcare provider before following any sleep, light, melatonin, or caffeine recommendation.

We do not monitor your data for medical emergencies. If you are experiencing a medical emergency, contact local emergency services immediately.

8. Data Security

We use industry-standard encryption provided by AWS to protect data in transit and at rest. Your on-device data is protected by iOS device encryption.

While we use commercially reasonable means to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Data Retention and Deletion

On-device data: Your sleep profile, trips, and schedules remain on your device until you delete them in the app or uninstall the Service.

Account data: We retain your account identifier on AWS for as long as your account is active. You can delete your account and all associated data directly in the app (Profile → Delete Account) — deletion is immediate and permanent. You may also request deletion by emailing privacy@avionapp.com; email requests are processed within 30 days.

Anonymized usage data: Retained indefinitely in aggregated form.

10. International Data Transfers

Account data is processed and stored on AWS servers in the United States. By using the Service from outside the United States, you consent to this transfer.

If you are located in the European Economic Area, the United Kingdom, or Switzerland, see the section below for additional rights.

11. For Users in the EEA, UK, and Switzerland (GDPR / UK GDPR)

Controller: Avion, an individual developer based in the United States, acts as the data controller. Contact privacy@avionapp.com.

Legal basis for processing:

  • Contract performance (Art. 6(1)(b)): Processing your Apple-issued account identifier to provide the Service.
  • Explicit consent (Art. 9(2)(a)): Processing health-related sleep and circadian data, which you provide by entering it. You may withdraw this consent at any time by deleting your account, which removes all associated data.
  • Legitimate interest (Art. 6(1)(f)): Anonymized usage data to improve the Service.

Your rights: You have the right to access, rectify, erase, restrict, object to, and port your personal data, and to lodge a complaint with your local data protection authority. To exercise these rights, contact privacy@avionapp.com.

International transfers: Account data is transferred to AWS infrastructure in the United States. AWS provides standard contractual clauses and appropriate safeguards under Article 46 GDPR.

Retention: As stated above. Withdrawing consent removes all health-related data associated with your account.

12. For California Residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you specific rights regarding your personal information.

We do not sell or share your personal information as those terms are defined under the CCPA/CPRA. We do not disclose personal information for cross-context behavioral advertising. We do not knowingly handle the personal information of consumers under 16.

Categories collected: identifiers (Apple-issued account identifier, optional email), health-related data (sleep schedule, chronotype), and aggregated usage data.

Your rights: You have the right to know, the right to delete, the right to correct, the right to opt out of sale or sharing (there is nothing to opt out of here), the right to limit use of sensitive personal information, and the right not to receive discriminatory treatment for exercising these rights. Contact privacy@avionapp.com to exercise any of these rights.

13. Children's Privacy

The Service is not directed to anyone under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe a person under 16 has provided us with personal information, contact privacy@avionapp.com and we will take reasonable steps to delete the information.

14. Security Incidents

In the event of a security issue affecting account data on our servers, we will notify affected users by email and through an in-app notice. Where required by applicable law, we will also notify the relevant data protection authority.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Last Updated” date at the top of this policy will be revised, and material changes will be announced through an in-app notice. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.

16. Contact Us

If you have questions about this Privacy Policy, or wish to exercise any of your data rights, contact us at privacy@avionapp.com.