Last updated: January 16, 2026

This Privacy Policy explains how Aircraft Performance Group LLC ("APG"), APG Avionics LLC (doing business as Seattle Avionics), and RocketRoute Ltd. (together, the "APG Group," "we," "us," or "our") collect, use, disclose, and otherwise process personal data when you:

• visit any of our websites;
• use our applications and related services (including APG, Seattle Avionics, and RocketRoute applications and services); or
• communicate with us (such as by email, phone, web forms, or support channels).

This Privacy Policy also covers personal data we may receive from third parties.

If your access to or use of a service is governed by a written agreement with us (such as a Master Service Agreement or Terms of Service), that agreement may include additional terms. Where this Privacy Policy is incorporated by reference into a contract, it is subject to that contract. Capitalized terms not defined here have the meaning given in the applicable agreement.

1) Controllers and how to contact us

Which entity is responsible (controller) depends on the product/service you use:

• APG services: Aircraft Performance Group LLC
• Seattle Avionics services: APG Avionics LLC (d/b/a Seattle Avionics)
• RocketRoute services: RocketRoute Ltd.

Primary privacy contact (all products): support@apgdata.com
If you use RocketRoute services, you may also contact: gdpr@rocketroute.com or support@rocketroute.com
If you use Seattle Avionics services, you may also contact: customerservice@seattleavionics.com or support@seattleavionics.com

2) The personal data we collect

We collect personal data directly from you, automatically from your devices/browsers, and from third parties.

a) Information you provide to us

Depending on the services you use, this may include:

• Account and profile information (e.g., name, email address, password/credentials, username, pilot profile information, aircraft profile information).
• Communications and support (e.g., emails, chat logs, phone records where permitted, contact preferences, and information you provide when requesting support).
• Flight planning and operational data (e.g., flight plan details, aircraft details, route information, flight crew information, passenger counts, schedule, and related operational details).
• Content you choose to upload or share (e.g., documents, photos, posts, comments, fuel price updates, group participation).
• Contacts (if you choose to use contact-sync features): contact details you upload to connect with others or share activity (you represent you have authority to share such information).
• Payments: payment details necessary to complete purchases or subscriptions (see Section 6).

If you provide personal data of another individual (e.g., crew, passengers, contacts), you represent you have obtained any required permissions and consents for that disclosure and use.

b) Information we collect automatically

When you use our websites or apps, we may collect:

• Device and network information (e.g., device ID, IP address, operating system, browser type, app version, language settings, device model, and similar technical identifiers).
• Usage and diagnostic data (e.g., feature usage, pages visited, clicks, timestamps, crash logs, performance logs, and event logs).
• Log files (e.g., IP address, ISP, referring/exit pages, platform type, date/time stamp, session IDs/user IDs/device identifiers).

c) Location and flight recording data

Some services depend on location and flight recording:

• We may process precise geolocation, movement, and related sensor-derived data (e.g., latitude/longitude, heading, speed, altitude, track logs), along with aircraft/flight details.
• Certain RocketRoute and Seattle Avionics features may record flights to create logbook entries, enable later review, or enable sharing (subject to your settings).
• RocketRoute FlightPlan may collect location data to enable flight recording and detect takeoff/landing times, including when the app is closed or not in use (where enabled by device permissions).

If you disable location permissions or flight recording, certain navigational or flight logging features may not function properly.

d) Information from connected devices and integrations

If you connect devices or third-party services (e.g., ADS-B/GPS receivers or flight briefing/filing services), we may receive data from those devices/services. For example:

• Apps may store certain diagnostic logs (such as ADS-B log files) locally on your device, and those logs are typically only sent to us if you choose to transmit them (e.g., at support request).
• If you use third-party integrations, those third parties may receive information as required for their services (see Section 7).

e) Information from third parties

We may receive personal data from third parties, such as:

• someone subscribing or purchasing on your behalf;
• analytics or software providers that help us understand how users interact with our apps;
• data specialists who provide insights based on aggregated datasets;
• government or law enforcement authorities involved in official inquiries;
• other users who share content or flight information with you, tag you, or comment about you.

3) How we use personal data

We use personal data to:

• Provide and operate the services (including account creation, authentication, subscription management, and delivering requested features).
• Enable flight planning, filing, and related aviation features, including submitting flight plans to applicable aviation authorities where you instruct us to do so.
• Provide customer support and troubleshoot issues, including analyzing logs and diagnostic data.
• Process payments and manage subscriptions, including renewals where enabled (see Section 6).
• Improve and develop our products, including analytics, performance monitoring, and feature development.
• Communicate with you, including service notices, security alerts, and administrative messages.
• Send marketing communications, where permitted by law and your choices (see Section 5).
• Maintain safety and security, prevent fraud, enforce our agreements, and protect rights and property.
• Comply with legal obligations and respond to lawful requests.

We may also aggregate and de-identify information (including de-identified geolocation-derived data) for internal business purposes and to improve and develop our products and services. De-identified/aggregated information is not intended to identify you.

4) Legal bases for processing (UK/EU/EEA and similar regimes)

Where applicable law requires a legal basis (including UK/EU/EEA), we process personal data on one or more of the following bases:

• Contract: to provide the services you request and perform our agreements with you.
• Legitimate interests: to operate, secure, improve, and market our services, and to understand user needs (balanced against your rights).
• Consent: where required (for example, certain marketing preferences, and certain cookies/advertising technologies). You can withdraw consent at any time.
• Legal obligation: to comply with applicable laws and lawful requests.
• Vital interests / public interest: where necessary for emergencies, safety, or aviation accident investigation, or other public-interest grounds, where applicable.

5) Marketing preferences

We may send marketing communications about our products and services:

• Where you have opted in, where required by law (commonly for UK/EU/EEA users), or
• Where otherwise permitted under applicable law, and subject to your choices.

You can opt out at any time by using the unsubscribe mechanism in the message or by contacting us:

• APG: support@apgdata.com
• RocketRoute: support@rocketroute.com or gdpr@rocketroute.com
• Seattle Avionics: customerservice@seattleavionics.com

We maintain records of opt-out requests to ensure we respect your preferences.

6) Payments and subscription renewals

Payments are processed by third-party payment processors. Depending on the product and payment method:

• payment details may be provided directly to the processor, and we may receive transaction confirmations and summary information; and/or
• for recurring subscriptions, an encrypted payment credential or token may be stored by us or by a trusted payments service provider to enable automatic renewal, consistent with PCI requirements and contractual controls.

You may be able to manage renewal settings through your account management pages (where available) or by contacting support.

7) How we share personal data

We may share personal data with:

a) Service providers

Third parties that provide services on our behalf, such as:

• hosting, infrastructure, systems maintenance, and database management;
• analytics and data insights;
• payment processing and fraud prevention;
• customer support tooling;
• advertising and marketing service providers (where permitted and consistent with your choices);
• delivery/logistics (where relevant).

Service providers are required to protect personal data and use it only for the services they provide to us.

b) Affiliates

We may share personal data among APG Group companies where necessary to provide the services, operate a unified account experience, improve products, or for internal administration.

c) Commercial partners (limited)

We may share personal data with commercial partners in limited circumstances, such as to enable them to advise us on how best to communicate with you on their behalf. We do not provide your data to partners for them to market directly to you unless you have separately agreed or applicable law permits.

d) Integrations and third-party services you choose

If you connect third-party apps, plugins, or services (e.g., briefing/filing, avionics, or other integrations), those providers may receive data as required to operate the integration. Their processing is governed by their own policies and terms, and we are not responsible for third-party practices.

e) Legal, safety, and enforcement

We may access, preserve, and disclose information if we believe disclosure is required or appropriate to:

• comply with law enforcement requests and legal process (e.g., court orders, subpoenas);
• comply with applicable law;
• enforce our agreements and policies;
• investigate, prevent, or take action regarding suspected fraud or illegal activity; or
• protect the rights, property, or safety of you, us, or others (including in emergencies and aviation accident investigations).

f) Business transfers

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of assets, or transition of services, personal data may be transferred as part of that transaction as permitted by law and/or contract.

8) Community and sharing features (Seattle Avionics only)

Some services include social, group, or sharing features (for example, flight sharing, groups, or document groups). Your content and activity may be shared with others depending on your settings and feature configuration.

Seattle Avionics services may support multiple privacy levels for flight sharing (e.g., private, shared with selected users, or shared broadly). Defaults and available options depend on the specific product version and your settings.

Seattle Avionics-specific privacy settings

Seattle Avionics services include settings that control flight recording and sharing:

• Flight recording: The flight recorder may be enabled by default to support logbook and post-flight review features.
• Sharing controls: You can typically select privacy levels (e.g., private; shared with selected users; or broader sharing). By default, flights are not shared; however, depending on your settings, limited profile information (such as name, home airport, and number of flights) may be visible to other pilots to request permission to follow your flying. If set to "Private," no information is shared with other pilots.
• Groups/Document Groups: Content you add in Groups or Document Groups may be visible to other participants consistent with the feature design and your settings.
• Manage settings: https://www.seattleavionics.com/manage
• DMCA notices: We may forward DMCA notifications as submitted, without deletions.

9) Cookies and similar technologies

We use cookies, pixels, web beacons, SDKs, and similar technologies to:

• remember preferences and session information;
• analyze website/app usage and performance;
• help secure and administer services; and
• where permitted, deliver and measure marketing and advertising.

Choices and consent (important):

• You can often control cookies through browser/device settings.
• Where required by law (including in the UK/EU/EEA for non-essential cookies), we will request consent through a cookie banner or similar mechanism before placing such cookies.

Do Not Track: Some services do not recognize browser-initiated "Do Not Track" signals because industry standards are not fully developed.

10) Security

We use reasonable organizational, technical, and administrative measures designed to protect personal data. However, no method of transmission or storage is 100% secure. If you believe your interaction with us is no longer secure, please contact us promptly using the contact details in Section 1.

11) Data retention

We retain personal data for as long as necessary to:

• provide services and maintain your account,
• meet legal and contractual obligations,
• resolve disputes, enforce agreements, and protect the security and integrity of our services.

Retention periods vary by data type and product. As a general guide:

• we often retain account/subscription data while your account is active and for a period afterward (commonly up to five (5) years for account/subscription-related records);
• we may retain certain records that could give rise to disputes for longer periods (commonly up to seven (7) years);
• deletion requests may take time to complete across systems (in some cases up to 30 days) and certain information may be retained where required or permitted by law (e.g., fraud prevention, billing records).

We may de-identify and aggregate information that is no longer needed for identifiable purposes.

12) Your rights and choices

a) General rights (where applicable)

Depending on where you live, you may have rights to:

• access your personal data and obtain a copy;
• correct inaccurate data;
• delete data (subject to exceptions);
• restrict or object to certain processing (including direct marketing);
• withdraw consent (where processing is based on consent);
• receive certain data in a portable format (data portability);
• lodge a complaint with a supervisory authority (UK/EU/EEA).

We may request information to verify your identity before responding.

b) United Kingdom / EU / EEA

If you are in the UK/EU/EEA, you may lodge a complaint with your local supervisory authority. For the UK, this is the Information Commissioner's Office (ICO).

To exercise UK/EU/EEA rights, contact: support@apgdata.com or (RocketRoute users) gdpr@rocketroute.com.

c) California Residents (CCPA/CPRA)

This section applies solely to users who reside in the State of California. It supplements the information contained elsewhere in this Privacy Policy to comply with the California Consumer Privacy Act, as amended (CCPA).

1. Notice of Collection (Last 12 Months)

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. In the preceding twelve (12) months, the APG Group has collected the following categories of personal information:

• Identifiers: Real name, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, and aircraft tail number/registration.
• Commercial Information: Records of products or services purchased, obtained, or considered (including subscription history), and flight planning histories.
• Internet or Other Similar Network Activity: Browsing history, search history, information on a consumer's interaction with our websites or applications (including crash logs and feature usage).
• Geolocation Data: Physical location or movements (including precise geolocation derived from flight recording features in our apps).
• Sensitive Personal Information: Account log-in combined with password/credentials; and precise geolocation (used strictly for the purpose of providing the aviation navigation and logging services you request).

2. Sources and Purposes

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you (e.g., forms, flight plans, subscriptions).
• Indirectly from you (e.g., observing your actions on our apps).
• From third parties (e.g., aviation authorities, data analytics providers).

We use this information for the business purposes described in Section 3 (How we use personal data) of this policy.

3. Sharing and "Selling"

We do not sell your personal information for monetary value. However, we may share personal information with third parties (such as analytics providers or marketing partners) in ways that may be defined as a "sale" or "sharing" under California law for the purpose of cross-context behavioral advertising. You have the right to opt-out of such sharing.

4. Your California Rights

Subject to certain exceptions, you have the right to:

• Right to Know/Access: Request disclosure of the specific pieces of personal information we have collected about you, the categories of sources, and the categories of third parties with whom we share it.
• Right to Delete: Request that we delete personal information we collected from you (subject to exceptions for legal retention, such as aviation regulations).
• Right to Correct: Request that we correct inaccurate personal information that we maintain about you.
• Right to Non-Discrimination: We will not discriminate against you (e.g., by denying services or charging different prices) for exercising your CCPA rights.

5. How to Exercise Your Rights

To submit a verifiable consumer request for access, correction, or deletion:

• Email: support@apgdata.com
• Please include "California Privacy Request" in the subject line.

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. We may request specific information (such as your account email or recent flight details) to verify your identity before processing the request.

13) RocketRoute-specific notice

RocketRoute services may involve additional processing that is feature-dependent:

• Background location (FlightPlan): Where enabled by your device permissions, RocketRoute FlightPlan may collect location data to support flight recording and detect takeoff and landing times, including when the app is closed or not in use.
• Marketing and advertising choices: Where required by law, RocketRoute will request consent for non-essential cookies and similar technologies used for analytics and advertising, and you can withdraw consent at any time. You can also object to direct marketing at any time by contacting support@rocketroute.com or gdpr@rocketroute.com.
• Partner-related communications: RocketRoute may send offers about RocketRoute products and services (and, where permitted and consistent with your choices, communications relating to commercial partners), subject to your preferences and applicable law.

14) Third-party sites and services

Our services may link to third-party sites or include integrations. Third-party practices are governed by their own policies. Some Seattle Avionics-related "Other Sites" (such as blog/support/newsletter archives) may be hosted by third-party providers and may be subject to their terms. If you submit information in public forums, it may be visible to others indefinitely.

15) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Changes become effective when posted. If changes are material, we will provide notice as required by applicable law (for example, by posting a notice in the services or emailing account holders).