← UAS SkyCheck|

Privacy Policy

Effective: March 18, 2026

This Privacy Policy describes how UAS SkyCheck, a subsidiary of SudoKodes LLC (“we,” “us,” or “our”) collects, uses, and shares information when you use UAS SkyCheck at uas-skycheck.app (the “Service”). By using the Service you agree to the practices described here.

Our Commitment

We built UAS SkyCheck to help drone pilots make better preflight decisions, not to collect or monetize personal data. Our data practices follow directly from that purpose:

  • We do not sell your data. Your personal information, flight check history, and location queries are never sold to third parties, data brokers, advertisers, or anyone else. This is an unconditional commitment, not subject to exceptions or future policy changes without explicit notice.
  • We do not use your data for advertising. We have no advertising partners. We do not build behavioral profiles, serve targeted ads, or share data with ad networks. UAS SkyCheck is ad-free by design.
  • Data is used only to serve you. The information we collect exists for one purpose: to provide accurate preflight intelligence and improve the product for pilots. Usage patterns help us understand which features matter most and which data gaps need filling. That is the full extent of it.
  • No AI provider receives your data. Flight check requests are processed entirely on our own infrastructure. No data is sent to OpenAI, Anthropic, Google, or any other AI or machine learning provider.

1. Information We Collect

Information you provide

  • Account information: email address and authentication credentials when you create an account via Google OAuth (processed by Supabase).
  • Payment information: billing details entered during checkout are processed directly by Stripe. We do not store payment card numbers.
  • Support communications: messages you send to admin@sudokode.co.

Information collected automatically

  • Location queries: the coordinates, zip code, city, or airport identifier you enter when running a pre-flight check. These are sent to our backend API to generate your results and are not stored beyond the immediate request for anonymous sessions.
  • Usage data: number of checks performed per day and features accessed. This data is associated with your account when signed in to enforce subscription limits and is used in aggregate, anonymized form to understand which features pilots use most.
  • Device and log data: IP address, browser type, operating system, and request timestamps collected in standard server logs. Logs are retained for up to 90 days and used solely for security, debugging, and abuse prevention.

What we do not collect

We do not collect precise GPS location beyond what you explicitly type into the search field. We do not access your device’s location sensor passively or in the background. We do not collect contacts, photos, microphone input, or any other device resource.

2. How We Use Your Information

Every use of your information maps directly back to providing and improving the Service. Specifically:

  • To run preflight checks: processing your location query against airspace, weather, and restriction data to generate your results.
  • To authenticate your account and enforce subscription tier limits.
  • To process payments and manage billing through Stripe.
  • To send transactional emails (subscription receipts, password resets). We do not send marketing email without your explicit opt-in.
  • To investigate abuse, enforce our Terms of Service, and comply with legal obligations.
  • To analyze aggregate, anonymized usage patterns (which zone types pilots encounter most, which features are used, which states have thin data coverage) in order to improve the dataset and product for everyone.

We do not use your information for any other purpose. If that ever changes materially, we will notify you before it takes effect.

3. How We Share Your Information

We do not sell, rent, or trade your information. We share data only in these narrow circumstances:

  • Infrastructure providers: Supabase (authentication and database), Stripe (payments), Render (API hosting), Vercel (frontend hosting), Resend (transactional email), and Sentry (error monitoring) process data on our behalf under contractual data protection obligations. These providers act as processors; they cannot use your data for their own purposes.
  • Legal requirements: We may disclose information if required by law, subpoena, or other legal process, or to protect the rights, property, or safety of SudoKodes LLC, our users, or the public. We will notify affected users of such requests where legally permitted.
  • Business transfers: In connection with a merger, acquisition, or sale of substantially all of our assets, your information may be transferred. We will provide notice and the same data commitments described here will be required of any successor.

4. Data Retention

Account data is retained for as long as your account is active. You may request deletion of your account and associated data at any time by emailing admin@sudokode.co. We will process deletion requests within 30 days, subject to any legal retention obligations. Anonymized aggregate usage data (which contains no personal identifiers) may be retained indefinitely.

5. Cookies and Local Storage

The Service uses browser local storage to persist your recent location searches and authentication session tokens (stored entirely on your device, never transmitted to our servers beyond what is required for authentication). We use the Supabase JavaScript client, which stores session tokens in browser local storage by default. We do not use advertising, tracking, or analytics cookies of any kind.

Error monitoring: When application errors occur, Sentry may receive diagnostic data including error messages, stack traces, browser type, and the page URL at the time of the error. Sentry does not receive your location queries, flight check results, or any personally identifying information beyond what is incidentally included in a stack trace. This data is used solely to identify and fix bugs.

6. Security

We use industry-standard measures including TLS encryption in transit, row-level security on our database, and JWT-based authentication. No method of transmission over the internet is completely secure; we cannot guarantee absolute security.

7. Children’s Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data, to object to or restrict certain processing, or to receive a copy of your data in a portable format. To exercise any of these rights, email admin@sudokode.co. We will respond within 30 days.

9. Changes to This Policy

We may update this Privacy Policy periodically. Material changes, including any change to the data commitments in the “Our Commitment” section above, will be communicated via email and in-app notice at least 30 days before taking effect. The effective date at the top of this page reflects the most recent revision.

10. Contact

Privacy questions or requests may be sent to admin@sudokode.co.