Privacy policy

PRIVACY POLICY

The Private Jet App platform

Last updated: 8 May 2026

This Privacy Policy explains how Aviation Software Int AB (“Aviation Software”, “we”, “us”, or “our”) handles personal data in connection with The Private Jet App platform (the “Platform”).

Aviation Software builds and operates the Platform. We license it to charter operators, brokers, and other private aviation companies (each a “Customer Company”) so they can communicate with and serve their own customers under their own brand. A Customer Company can use the Platform either as a hosted experience inside our unified application “The Private Jet App” (where their End Users enter a company code to access their content) or as a standalone branded application distributed via the Apple App Store or Google Play under the Customer Company's trademark. Both delivery models are part of the same Platform.

Quick Read

If you only read one section, read this:

  • Most likely, your relationship is with a Customer Company, not with us. If you are a passenger using a charter operator's app (whether branded as theirs or accessed via The Private Jet App with a company code), the Customer Company is the Data Controller for your information. For requests about your data, contact the Customer Company directly. We support them as their Data Processor.

  • We act as Data Controller only in limited cases: when you visit our website, when you administer the Platform on behalf of a Customer Company, when we communicate with you in a sales or support context, or where we process data for our own platform operations (security, fraud prevention, aggregate analytics). The rest of this Privacy Policy describes that processing.

  • We do not sell personal data.

  • Contact: contact@theprivatejetapp.com for any privacy question, including a current list of our service providers.

1. Definitions

Application — any smartphone application built on the Platform — whether the unified application “The Private Jet App” (where End Users enter a company code to access a Customer Company's content) or a standalone branded application distributed by a Customer Company via the Apple App Store or Google Play under their own trademark.

Aviation Software / we / us / our — Aviation Software Int AB, registered company number 559436-4639, registered address Hovslagargatan 5, 111 48 Stockholm, Sweden.

Customer Company — a charter operator, broker, or other private aviation company that licenses the Platform from us under a Master Subscription Agreement, and uses the Platform to communicate with its own customers.

End User — an individual (such as a passenger, contractor, or employee of a Customer Company) who installs and uses an Application provided by a Customer Company.

GDPR — the EU General Data Protection Regulation.

Personal Data — any information that relates to an identified or identifiable individual.

Platform — The Private Jet App platform, comprising the Application, the admin web platform at ops.theprivatejetapp.com, related mobile admin applications, and the underlying infrastructure.

Service — the services we provide via the Platform, including hosting, maintenance, and support.

Sub-processor — a third party that processes Personal Data on our behalf to support the Platform. A current list is available to Customer Companies on written request.

You — in this Privacy Policy, the individual whose Personal Data we are processing as a Data Controller — typically a website visitor, a Customer Company user, or a sales/support contact.

2. Our Roles Under Data Protection Laws

Whether Aviation Software acts as a Data Controller or a Data Processor under GDPR depends on the data in question.

2.1 As Data Processor (most End User data)

When you use a Customer Company's Application — whether as a passenger, a contractor, or an employee — the Customer Company is the Data Controller for your Personal Data. Aviation Software processes your Personal Data on the Customer Company's documented instructions, in accordance with the Data Processing Addendum that forms part of our Master Subscription Agreement with the Customer Company.

If you have questions, requests, or rights to exercise (such as access, correction, or deletion) regarding the Personal Data you have submitted via an Application, please contact the Customer Company directly. We will support the Customer Company in responding to your request. Our DPA terms are available in our Master Subscription Agreement.

2.2 As Data Controller (limited cases)

Aviation Software acts as a Data Controller for the following categories of data, and the rest of this Privacy Policy describes that processing:

  • Website visitors — when you visit theprivatejetapp.com, contact us through our website, or sign up for marketing communications.

  • Customer Company users — when you administer the Platform on behalf of a Customer Company (e.g., as a dispatcher, operations manager, or super-admin).

  • Sales and support contacts — when we communicate with you in a sales, onboarding, or support context.

  • Platform-internal processing — limited processing of usage and security data necessary to operate, secure, and improve the Platform (for example, anomaly detection, abuse prevention, aggregate analytics).

3. Personal Data We Collect As Controller

3.1 Information you provide

  • Name and contact details (email, phone, company)

  • Job title and role within a Customer Company

  • Login credentials for the admin platform

  • Billing contact details (where you are responsible for invoicing)

  • Information you submit through contact forms, support requests, or sales conversations

3.2 Information we collect automatically

  • Device, browser, and operating system information

  • IP address and approximate location derived from it

  • Pages visited, features used, and time spent on the Platform

  • Diagnostic, performance, and crash data

3.3 Information from third parties

We may receive limited information from analytics, fraud prevention, and email delivery providers we engage as Sub-processors. A current list of Sub-processors is available to Customer Companies on written request.

4. How We Use Personal Data (Controller)

Where we act as Data Controller, we use Personal Data for:

  • Operating, securing, and improving the Platform.

  • Managing your account on the admin platform.

  • Performing the contract under our Master Subscription Agreement (including billing via Fortnox).

  • Communicating with you about the Platform — operational notices, updates, security alerts.

  • Sales and marketing communications, where you have opted in or where we have a legitimate interest and have given you the opportunity to opt out.

  • Responding to support requests and inquiries.

  • Detecting, investigating, and preventing fraud, abuse, and security incidents.

  • Meeting our legal, regulatory, accounting, and tax obligations.

5. Legal Basis (GDPR)

Where the GDPR applies, we rely on the following legal bases when processing Personal Data as Controller:

  • Performance of a contract — to deliver the Platform and Service to a Customer Company and the individuals who administer it.

  • Legitimate interests — to operate, secure, and improve the Platform; to manage our business; and to communicate with sales and support contacts.

  • Consent — for marketing communications, optional cookies, and any processing that requires it. You may withdraw consent at any time.

  • Legal obligation — to comply with applicable law (e.g., bookkeeping, tax, fraud prevention).

6. How We Share Personal Data

We share Personal Data in the following circumstances:

  • With Sub-processors. We engage Sub-processors to operate the Platform — including cloud hosting, email delivery, push notification services, error monitoring, and invoicing. A current list of Sub-processors is available to Customer Companies on written request. Each Sub-processor is contractually required to handle Personal Data only on our instructions and to maintain appropriate security.

  • With Customer Companies. Where you administer the Platform on behalf of a Customer Company, that Customer Company has access to your administrative activity in accordance with our agreement with them.

  • For business transfers. In connection with a merger, sale of company assets, financing, or acquisition of all or part of our business.

  • With your consent. For any other purpose with your explicit consent.

  • To comply with law. Where required by law, court order, or governmental authority, or where necessary to protect our rights or the safety of users.

We do not sell your Personal Data.

7. Retention

We retain Personal Data only for as long as necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (for example, to comply with bookkeeping, tax, or other legal obligations, or to resolve disputes).

Usage data and diagnostic data are generally retained for shorter periods, except where they are used to strengthen security, improve functionality, or where we are legally obliged to retain them for longer.

8. International Data Transfers

Personal Data is processed at our operating offices and at our Sub-processors' facilities, which may be located outside your country of residence. Where we transfer Personal Data outside the European Economic Area (EEA), we put in place appropriate safeguards under GDPR — including, where required, Standard Contractual Clauses approved by the European Commission.

9. Security

We use commercially reasonable technical and organisational measures to protect Personal Data, including access controls, encryption in transit, and ongoing monitoring. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Your Rights

10.1 Where we are the Data Controller

If you are in the EEA or UK, you have the right to:

  • Access the Personal Data we hold about you and request a copy.

  • Request correction of inaccurate or incomplete Personal Data.

  • Request erasure of your Personal Data, subject to applicable legal exceptions.

  • Request the transfer of your Personal Data to another organisation in a structured, commonly used, machine-readable format.

  • Object to processing based on legitimate interests, or to direct marketing.

  • Withdraw consent at any time, where processing is based on consent.

  • Lodge a complaint with a Data Protection Authority. In Sweden, this is the Swedish Authority for Privacy Protection (IMY): imy.se.

To exercise any of these rights, contact us at contact@theprivatejetapp.com. We may ask you to verify your identity before responding.

10.2 Where we are the Data Processor

If you are an End User of a Customer Company's Application and your request relates to Personal Data the Customer Company controls, please contact the Customer Company directly. We will support them in responding to your request, but the Customer Company is responsible for fulfilling controller-level rights.

10.3 California residents (CCPA/CPRA)

If you are a California resident and we act as a Business under the CCPA in respect of your Personal Information, you have specific rights including the right to know, the right to delete, the right to correct, the right to opt out of the sale or sharing of personal information, the right to limit the use of sensitive personal information, and the right not to be discriminated against for exercising these rights. We do not sell personal information as commonly understood.

To exercise these rights, contact us at contact@theprivatejetapp.com. We will respond within 45 days, with a possible 45-day extension where reasonably necessary.

11. Children's Privacy

The Platform is not directed to children under 16. We do not knowingly collect Personal Data from anyone under 16 in our role as Controller. If you are a parent or guardian and you believe your child has provided us with Personal Data, please contact us, and we will take steps to remove the information.

12. Links to Other Websites

Our website and Platform may contain links to third-party sites we do not operate. We are not responsible for the privacy practices of those third parties. Review their privacy policies before submitting personal data to them.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date at the top. Where the changes are material, we will provide at least 30 days' notice via email or a prominent notice within the Platform before the change takes effect.

14. Contact Us

Aviation Software Int AB

Hovslagargatan 5, 111 48 Stockholm, Sweden

Registered company number: 559436-4639

Email: contact@theprivatejetapp.com

Master Subscription Agreement: theprivatejetapp.com/msa