My Aero Docs

PRIVACY POLICY (My Aero Docs)

MyAeroDocs is designed to collect as little data as possible. This policy describes exactly what we collect, why, where it goes, and your rights under the Malaysian Personal Data Protection Act 2010
(PDPA).01. SCOPE OF THIS POLICYThis Privacy Policy applies to the MyAeroDocs iOS application ("the App"), the supporting Supabase
backend, and the official website at https://www.myaerodocs.appventureai.com. It does not apply to caam.gov.my or any other third-party site accessed via the App.By using the App, you acknowledge that you have read and understood this policy. If you do not agree with any part of it, please do not use the App.02. INFORMATION WE COLLECTDocument index usage — none. Browsing, searching, and opening CAAM publications requires no account, no sign-in, and generates no identifying record on our servers. PDF rendering happens inside an
in-app Safari view connected directly to caam.gov.my; the App itself never sees which document you opened.AI Co-Pilot queries — when you submit a question through the AI Co-Pilot tab, the following are recorded server-side in an audit log: (a) the text of your question, (b) the identifiers of the source chunks our retrieval system selected to answer it, and (c) the first 500 characters of the generated response. The audit log exists exclusively for safety, abuse prevention, response-quality
review, and good-faith demonstration of our retrieval-augmented architecture if requested by regulators.AI Co-Pilot conversation context — to support multi-turn conversations (follow-up questions, the FDP
guided wizard, definitional escape questions), up to the last ten (10) messages of your current
conversation are forwarded with each query to our LLM provider for context. Conversation content is
also persisted locally on your device under Application Documents/Conversations as encrypted-at-rest JSON files; conversations are NOT uploaded or backed up by us. You may delete individual conversations or clear all conversations at any time from the AI Co-Pilot tab.FDP Calculator inputs — when you use the standalone FDP Calculator or the conversational FDP wizard,
the operational parameters you provide (report time, sector count, acclimatisation status, preceding rest category, crew configuration, rest-facility selection, in-flight rest duration, standby location/start/notice) are sent to our compute_fdp Edge Function for one-time deterministic calculation. These parameters are NOT stored, logged, or retained server-side and are not personally identifying.Subscription processing — if and when paid subscriptions are introduced for the AI Co-Pilot, all
payment processing is handled by Apple Inc. via the App Store Payment card details are never received or stored by us. Subscription entitlement state may be cached locally and refreshed via RevenueCat's SDK using a randomly-generated anonymous identifier.Crash and diagnostic data — Apple's standard, opt-in iOS analytics may share aggregated and anonymised crash reports with developers if you have not disabled "Share with App Developers" in iOS Settings > Privacy & Security > Analytics & Improvements. We do not integrate any additional crash-reporter SDK.Location (optional, only when explicitly requested) — when you use the "Find Nearby Examiners"
feature OR ask a location-aware question in the AI Co-Pilot (e.g. "medical examiners near me"), the
App requests one-time "When in Use" location access via iOS CoreLocation. Your GPS coordinates
(latitude/longitude only) are sent to our Supabase backend in Singapore for a single Haversine-distance query against the indexed CAAM Designated Medical Examiner list. Coordinates are NOT stored, logged, or retained server-side after the response is returned. No background tracking, no continuous tracking, no location history.Remote configuration — on app launch and when you open the AI Co-Pilot tab, the App fetches its
current Hot Topics list and any pending Bulletin Banner from our config endpoint. These fetches
contain no user data — they are unauthenticated public reads of a server-managed feature-flags table. Anonymous identifiers stored on your device for bulletin-deduplication (lastSeenBulletinId) never leave the device.On-device storage — the following are stored locally on your device only, never uploaded: AI Co-Pilot conversations, Notes (PencilKit drawings + linked source URL), Bookmarks, app preferences
and settings, cached Hot Topics, cached Bulletin Banner, last-seen Bulletin identifier, and disclaimer-acknowledgement state. You can clear all of this by deleting the App from your device.03. INFORMATION WE DO NOT COLLECTWe do not collect, request, store, or process any of the following: your name, email address, phone number, postal address, date of birth, government identification, or any other directly-identifying
personal data.We do not collect: continuous or background location tracking; IP-derived geolocation; Wi-Fi
positioning; your contacts; your photos (except images you explicitly add to a Note via the iOS photo picker, which stay on-device); your microphone audio; your camera feed; your calendar; your health data; your motion data; your installed apps; your advertising identifier (IDFA); or any device-fingerprinting signal. The only location data we ever see is a single one-time GPS coordinate when you explicitly invoke a location-aware feature — see Section 2.We do not track which documents you view, how long you read them, or any reading-behaviour analytics. We have no document-level usage telemetry.04. PURPOSE OF PROCESSINGAI query audit logs are processed for: (a) detecting and preventing abuse or misuse of the AI Co-Pilot; (b) reviewing response quality and identifying retrieval failures; (c) providing a good-faith audit trail of how the App grounds its responses in CAAM source material, should that ever be requested by a regulator.Subscription information is processed solely for the purpose of administering your paid access to
the AI Co-Pilot feature.We do not process any data for marketing, advertising, behavioural profiling, scoring, or sale to
third parties under any circumstance.05. DATA RETENTIONAI query audit logs are retained for up to ninety (90) days from the date of the query, after which they are anonymised (query text removed) or deleted. Aggregate statistical summaries may be retained longer for safety analysis but contain no individual query text.Subscription records are retained for the duration of an active subscription and for such additional period as required by Malaysian tax and accounting law (typically seven (7) years).Anonymous device identifiers (if generated for rate-limiting purposes) are purged after thirty (30)
consecutive days of inactivity.06. THIRD-PARTY PROCESSORSWe rely on the following third-party service providers to operate the App. Each is contractually
limited to processing data on our behalf only for the purposes described in Section 4.Supabase (Singapore region) — primary backend host. Stores the document index metadata, the AI
Co-Pilot vector database, and the audit log. Subject to Supabase's privacy policy.Anthropic (United States) — provides the Claude Haiku 4.5 large language model. When you submit an AI query, the following are sent to Anthropic for response generation: your question text, the retrieved CAAM chunks selected by our retrieval system, and up to the last ten (10) messages of your current conversation (for multi-turn context such as follow-up questions and the FDP guided wizard). Anthropic's API processes this data per its data-processing terms and does not, under its enterprise terms, use API inputs to train models. Subject to Anthropic's privacy policy.OpenAI (United States) — provides the text-embedding-3-small embedding model. Your question text is sent to OpenAI to generate a numeric vector representation for similarity search. Subject to
OpenAI's privacy policy.Apple Inc. — operates the iOS App Store and processes any subscription transactions. Subject to
Apple's privacy policy.Subscription payment processing is performed exclusively by Apple Inc. via the App Store using StoreKit 2. The Developer does not directly receive, process, or store your payment card details, billing address, or Apple ID. Subscription entitlement is verified on-device through Apple's signed transaction receipts; no purchase data is forwarded to the Developer's servers. Apple's processing of your payment is subject to Apple's own privacy policy.We do NOT share data with: advertising networks, data brokers, marketing platforms, social media
analytics, or any party not listed above.07. INTERNATIONAL DATA TRANSFERBy using the AI Co-Pilot, you acknowledge and consent to your query text being transferred to and
processed in jurisdictions outside Malaysia — specifically, the United States (Anthropic, OpenAI, RevenueCat) and Singapore (Supabase).These jurisdictions may not offer the same level of data protection as Malaysian PDPA. We rely on
the respective processors' standard data-protection commitments and contractual terms to safeguard
your data in transit and at rest.If you do not consent to international transfer, do not use the AI Co-Pilot feature. The document Index portion of the App operates without sending any data to international processors.08. YOUR RIGHTS UNDER PDPA (2010)Under the Malaysian Personal Data Protection Act 2010, you have the following rights with respect to
any personal data we hold about you:Right of access — you may request a copy of any personal data we hold about you.Right of correction — you may request that we correct inaccurate or incomplete data.Right to withdraw consent — you may withdraw consent at any time, after which we will cease processing your data for the purposes for which consent was given.Right to limit processing — you may request that we limit the processing of your data for specific purposes.Right to be informed — you may request information about the purposes for which your data is being processed and the third parties to whom it has been or may be disclosed.To exercise any of these rights, contact us at the email address provided in Section 15. We will
respond within twenty-one (21) days as required by the PDPA.09. SECURITY MEASURESWe use industry-standard security practices including: HTTPS/TLS for all data in transit; encryption-at-rest for the Supabase database; restricted database access via service-role keys held only in server-side environment secrets; row-level security policies on all tables; and regular review of access patterns.No system is perfectly secure. While we take reasonable measures to protect any data we hold, we
cannot guarantee absolute security against all possible threats.If we become aware of any unauthorised access affecting our database, we will notify affected users where reasonably possible and report to the Department of Personal Data Protection as required under the PDPA.10. CHILDREN'S PRIVACYMyAeroDocs is designed for use by Malaysian aviation professionals, students, and personnel. It is
not intended for or directed at children under the age of 13.We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected such data, we will take reasonable steps to delete it.11. COOKIES AND TRACKINGThe App is a native iOS application and does not use cookies.The supporting website at https://www.myaerodocs.appventureai.com may use minimal first-party
cookies strictly necessary for site operation (e.g. CSRF protection, session continuity). The site
does not use third-party advertising cookies, analytics cookies, or any tracking pixel.12. ANONYMOUS USAGEThe document-index portion of the App can be used entirely anonymously — no account, no profile, no signup, no email address, no phone number.The AI Co-Pilot tab does generate a server-side audit log of queries as described in Section 2, but this log does not link queries to any directly-identifying personal information. Audit log entries can be associated with a device only via the anonymous identifier described in Section 5.---
13. CHANGES TO THIS POLICYWe may revise this Privacy Policy from time to time. Material changes will be reflected by updating
the version number and "Last updated" date shown at the top of this document.Where a material change affects how we process personal data we hold about you, we will use
reasonable means to notify you — for example, by an in-app banner on next launch.Continued use of the App after the effective date of a revised policy constitutes your acceptance of
the revised terms.14. COMPLIANCE & APPLE PRIVACY NUTRITION LABELThis policy is designed to align with the Malaysian Personal Data Protection Act 2010 and the Apple
App Store Review Guidelines (in particular Guideline 5.1, Privacy).The Apple App Store Connect "App Privacy" disclosures we publish accurately reflect the practices
described in this document. If at any point our App Privacy disclosures and this policy diverge, this policy is the authoritative source and we will update the disclosures to match.15. CONTACTFor privacy enquiries, to exercise your PDPA rights, or to request the removal of any data you
believe we hold about you, contact:[email protected]Official website: https://www.myaerodocs.appventureai.com