Privacy Policy

2.1 Controller

The controller of your personal data is Skyloft Technologies Ltd (details in 1.1). For data-protection queries contact [VERIFY: privacy contact email].

(Governed by the UK GDPR — the retained version of Regulation (EU) 2016/679 as it forms part of UK law — and the Data Protection Act 2018, c. 12. [VERIFY: most UK controllers must register with the ICO and pay the annual data-protection fee under the Data Protection (Charges and Information) Regulations 2018, SI 2018/480 — confirm whether you need to register.])

2.2 Our approach

Skyloft is built to be privacy-light by design: it is guest-based, so we do not create user accounts, do not ask for your name or email to use the service, and do not build a persistent profile of you across journeys. Your session identity is a random, transient ID that exists only for the duration of your flight.

2.3 What we collect

[VERIFY: this list must match what your systems actually do — confirm each line and add anything missing.]

• Payment information — when you buy Premium, payment is processed by Stripe. We receive confirmation of payment and limited transaction metadata (amount, currency, timestamp, Stripe payment ID). We do not receive or store your full card number.
• Session and seat data — your seat/session identifier, entitlement status, and premium expiry timestamp, held on the onboard edge server for the duration of your journey. This data is not linked to any personal identity.
• Device/pairing data — if you use your own phone as a remote, the pairing connection between your device and your seat (a WebSocket session, no personal data beyond what your browser transmits in a standard HTTP request).
• Content interactions — what you browse and play during your session, used to surface recommendations during that session only. This data is used in-session only and is not aggregated or retained beyond the flight.
• Technical and security data — limited server logs needed to operate and secure the service (e.g. error logs, connection events). The onboard system operates on the aircraft’s isolated cabin network; IP addresses in that context are internal network addresses, not personal identifiers. Our cloud component may receive the aircraft’s external IP address in connection with billing webhooks; these are not stored beyond standard server logs.

2.4 Why we use it, and our lawful basis

• To provide and deliver Premium content you purchased — performance of a contract (UK GDPR Art. 6(1)(b)).
• To operate, secure and maintain the service, prevent fraud and abuse — legitimate interests (Art. 6(1)(f)).
• To power in-session content recommendations — legitimate interests (Art. 6(1)(f)). Recommendations use no identifying personal data beyond the transient session ID.
• To set non-essential cookies or send marketing communications, if any — consent (Art. 6(1)(a); see the Cookie Policy).

2.5 Payment processing

Payments are handled by Stripe, which processes your payment data as [VERIFY: processor and/or independent controller — confirm Stripe’s contractual role with your solicitor; Stripe’s standard terms make it a controller for certain fraud-prevention purposes] under its own privacy terms at stripe.com/privacy.

2.6 Who we share data with

We share personal data only with: our payment provider (Stripe); [VERIFY: the transport operator/airline — what, if anything, is shared with them? e.g. do they see aggregated usage stats? seat-level entitlement status?]; our hosting and infrastructure providers (Vercel for the cloud component) acting as processors under written agreements; and authorities where legally required. We do not sell your personal data.

2.7 International transfers

Stripe may transfer payment data internationally in accordance with its privacy policy and applicable data-transfer safeguards. Our cloud infrastructure is hosted in the EU (Frankfurt). The onboard system operates on an isolated local network with no external data transfer.

2.8 How long we keep it

We keep personal data only as long as needed for the purpose collected:

• Session data (seat ID, entitlement, content interactions): retained on the onboard edge server for the duration of the flight; the session expires on landing and the database is purged between flights as part of the standard turnaround procedure. [VERIFY: confirm this purge is implemented in your production ops — it is not yet automated in the current build.]
• Payment records: Stripe retains payment data per its own retention policy; we retain transaction metadata (amount, timestamp, Stripe payment ID) for [VERIFY: N years — typically 6 years for UK tax/accounting under HMRC rules].
• Technical logs: [VERIFY: state actual log retention — e.g. 30 days, 90 days.]

2.9 Your rights

Under UK data-protection law you have the right to access, rectify, erase, restrict or object to processing of your personal data, to data portability, and to withdraw consent where we rely on it. To exercise any of these, contact [VERIFY: privacy contact]. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk.

2.10 Children

[VERIFY: passengers may include children. Confirm your position — e.g. “the service is intended to be set up by the seat holder or an accompanying adult; we do not knowingly collect personal data from children under 13; premium purchases require a payment card and are intended to be made by an adult.” Confirm what content controls exist, if any.]

2.11 Changes

We will post any updates to this policy here with a revised “last updated” date.