Privacy Policy

Last Updated: December 15, 2025

1. Introduction

Welcome to JetPalate ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our API documentation platform and related services (collectively, the "Services").

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Services.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when using our Services:

  • Account Information: Username, email address and password (encrypted)
  • API Integration Data: API keys, webhook URLs, and integration configurations
  • Flight Information: Departure airport codes, departure dates and times, FBO, information, aircraft types, tail numbers
  • Metadata: Custom JSON objects containing booking references, payment methods, contact information, and other integration-specific data you choose to provide

2.2 Automatically Collected Information

When you access our Services, we automatically collect certain information:

  • Technical Data: IP addresses, browser type, device information, operating system
  • Usage Data: API endpoint access patterns, request/response logs, timestamps, rate limit statistics
  • Performance Data: Response times, error rates, system availability metrics
  • Log Files: Server logs containing request details, including headers and query parameters

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain user sessions and authentication
  • Store user preferences and settings
  • Monitor and analyze usage patterns
  • Ensure security and prevent fraud

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

  • Provide, maintain, and improve our API services
  • Process and fulfill ordering link requests
  • Authenticate and authorize API access
  • Generate and manage access links for flight information

3.2 Communication

  • Send system notifications and service updates
  • Respond to inquiries and provide customer support
  • Deliver webhook notifications as configured
  • Send administrative messages regarding your account

3.3 Analytics and Improvement

  • Monitor API performance and usage patterns
  • Identify and fix technical issues
  • Analyze user behavior to improve our Services
  • Develop new features and functionality

3.4 Security and Compliance

  • Detect and prevent fraudulent activities
  • Enforce our Terms and Conditions
  • Comply with legal obligations and regulatory requirements
  • Protect the rights and safety of our users

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in:

  • Cloud hosting and infrastructure (e.g., AWS EC2)
  • Database management and storage
  • API monitoring and analytics
  • Security and fraud prevention

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Governmental or regulatory requests
  • Protection of our rights, property, or safety
  • Emergency situations involving potential harm

4.3 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

5. Data Retention

We retain your information for as long as necessary to:

  • Provide our Services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Support business operations and analytics

Specific Retention Periods: - Account Data: Retained for the duration of your active account plus 90 days after account closure - API Logs: Retained for 90 days for operational purposes - Webhook Event Data: Retained for 30 days - Flight/Ordering Link Data: Retained for 365 days or as required by applicable regulations

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

6.1 Security Measures

  • Industry-standard encryption (TLS/SSL) for data in transit
  • Encrypted storage for sensitive data at rest
  • Secure API key management and authentication
  • Regular security audits and vulnerability assessments
  • Role-based access controls and user authentication
  • Firewall protection and network security monitoring
  • Regular backups and disaster recovery procedures

6.2 Limitations

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify you promptly of any security breach as required by applicable law.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

7.1 Access and Portability

  • Request access to your personal information
  • Obtain a copy of your data in a structured, machine-readable format

7.2 Correction and Deletion

  • Request correction of inaccurate or incomplete information
  • Request deletion of your personal information (subject to legal retention requirements)

7.3 Restriction and Objection

  • Request restriction of processing your information
  • Object to processing based on legitimate interests

7.4 Withdrawal of Consent

  • Withdraw consent for data processing where consent is the legal basis
  • Opt-out of marketing communications

7.5 Exercising Your Rights

To exercise any of these rights, please contact us at: - Email: [email protected] - Subject Line: "Privacy Rights Request"

We will respond to your request within 30 days.

8. International Data Transfers

Our Services are operated from the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

We ensure appropriate safeguards are in place for international data transfers, including: - Standard contractual clauses approved by relevant authorities - Data processing agreements with third-party providers - Compliance with applicable data protection frameworks

9. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information promptly.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request details about the personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (Note: We do not sell personal information)
  • Right to Non-Discrimination: Exercise your privacy rights without discriminatory treatment

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect: - Changes in our practices or Services - Legal, regulatory, or operational requirements - Improvements to our privacy practices

Notification of Changes: - We will post the updated Privacy Policy on this page - We will update the "Last Updated" date at the top - For material changes, we will provide prominent notice or email notification - Continued use of our Services after changes constitutes acceptance

12. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to third-party services. We are not responsible for the privacy practices of third parties and encourage you to review their privacy policies.

13. API-Specific Privacy Considerations

13.1 Webhook Data

When you configure webhooks, we will send event notifications to your specified URLs. You are responsible for: - Securing your webhook endpoints - Complying with privacy laws regarding data received - Properly handling and storing webhook data

13.2 Metadata Fields

Custom metadata fields allow you to store additional information. You should: - Not include unnecessary sensitive personal information - Ensure compliance with applicable privacy laws - Implement appropriate security measures for metadata

13.3 API Keys

Your API keys provide access to our Services. You must: - Keep API keys confidential and secure - Rotate keys regularly - Immediately revoke compromised keys - Not share keys with unauthorized parties

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

JetPalate Support - Email: [email protected] - Privacy Inquiries: [email protected] - Website: https://jetpalate.com - Address: [Your Company Address]

For urgent privacy concerns or data breach notifications, please mark your communication as "URGENT" in the subject line.

15. Consent

By using our Services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.

For API Users: Your use of our API constitutes acceptance of this Privacy Policy. Integration with our API implies consent to data processing as outlined in this document.

For End Users: If you access ordering links or flight information through our platform, this Privacy Policy applies to your use of those features.

Back to Home