Privacy Policy

This Privacy Policy applies to both FBOTrack (fuel and service logging) and FBOShift (shift scheduling). The two apps share a single account on a single backend, so the same policy governs both. References to "the platform" below cover both apps.

1. Information We Collect

The data we collect maps to Apple's App Store privacy categories as follows. All data is collected for app functionality only — none of it is used to track you across other companies' apps or websites, and none of it is sold to third parties or used for advertising.

• Contact Info — your name and email address, provided when your account is created. Linked to your identity. Used for app functionality only.
• Identifiers — a user ID (your account's UUID) and a device ID (the push-notification token from your phone). Linked to your identity. Used for app functionality only.
• User Content— "Other User Content" in Apple's taxonomy. This covers everything you create inside the apps:
  • FBOTrack: fuelings, refills, transfers, deliveries, and other ground-service entries.
  • FBOShift: shifts assigned to you, time-off requests, shift-swap requests, availability changes, on-call status, and call-off entries.
  Linked to your identity. Used for app functionality only.
• Usage Data — "Other Usage Data" in Apple's taxonomy. Login timestamps and the timestamp/device of your last active session, used so managers can see active staff and so we can detect stale sessions. Linked to your identity. Used for app functionality only.
• Diagnostics — "Crash Data" collected by Apple's system crash reporter. Not linked to your identity. Used for app functionality only.

We do not collect: photos, audio, contacts, location, browsing history, search history, financial information, health and fitness data, sensitive info, gameplay content, or advertising data.

2. How We Use Your Information

Your information is used solely for App Functionality as defined by Apple's App Store guidelines: to provide and improve FBOTrack and FBOShift, authenticate your identity, maintain service and schedule records for your FBO, deliver push notifications you opt into, and secure your account. We do not use your data for advertising, third-party advertising, analytics outside the platform itself, or product personalization that targets you across other apps.

3. Data Storage & Security

Your data is stored securely using Supabase (built on PostgreSQL) with row-level security policies. All data is encrypted in transit via HTTPS. Access to your FBO's data is restricted to members of your organization through role-based access controls. Security PINs are bcrypt-hashed and never stored in plaintext.

4. Data Retention

Service records and schedule history are retained for as long as your FBO maintains an active subscription. When a user account is deactivated, those records are preserved for billing and audit purposes. Deleted accounts have personal information removed but service records are anonymized and retained.

5. Account Deletion

You can permanently delete your account from inside either app via Settings → Delete Account. Because FBOTrack and FBOShift share a single account, deleting from either app removes you from both. Your personal information is erased; service and schedule records are anonymized and retained for company audit purposes as described in section 4. Account deletion cannot be undone.

6. Your Rights

You have the right to access, correct, or request deletion of your personal data. You can delete your account directly from either app, contact your FBO manager, or email support@fbotrack.com to exercise these rights.

7. Contact

For questions about this privacy policy, contact us at support@fbotrack.com.