HANGAR36← Back to home

Privacy Policy

Last updated: June 10, 2026

1. Introduction

This Privacy Policy explains how Hangar36 (“we,” “us,” “our”) collects, uses, shares, and protects personal information when you use the Hangar36 website and services (the “Service”). By using the Service, you agree to this Policy. If you do not agree, do not use the Service.

2. Information We Collect

  • Account information: name, email address, password (stored hashed by our authentication provider), and your role within an organization.
  • Organization and operational data: aircraft details, schedules and reservations, dispatch and check-in records, meter readings (Hobbs/Tach), maintenance and squawk records, logbook and document uploads (including images and any text within them), pilot reimbursements, and billing records.
  • Communications: messages you send us and notification preferences.
  • Payment information: payments are processed by our third-party payment processor, Stripe; we do not store full card numbers. We may receive limited billing details such as plan, subscription status, and the last four digits of your card.
  • Usage and device data: log data, IP address, browser/device type, and actions taken in the Service, used for security and to operate and improve the Service.
  • Cookies: we use strictly necessary cookies to keep you logged in and to operate the Service. We do not use them to sell your data.

3. How We Use Information

We use personal information to: provide, operate, secure, and maintain the Service; create and manage accounts and organizations; process scheduling, maintenance, document, and reimbursement features; send transactional and notification emails (such as reservation reminders, receipts, and account messages); process payments and manage subscriptions; respond to support requests; detect, prevent, and address fraud or abuse; comply with legal obligations; and improve the Service.

4. Automated Processing (OCR and AI)

To support document- and logbook-capture features, uploaded images and documents may be processed by third-party optical-character-recognition and artificial-intelligence providers (currently Google Cloud Document AI and Anthropic) to extract text and generate draft entries. These providers process the data to return results to us; we do not use this content to train third-party models, and outputs are presented to you as drafts for review. See Section 6 for the list of providers.

5. How We Share Information

We do not sell your personal information. We share it only:

  • With your organization: data you submit is visible to authorized members/administrators of your organization according to their roles.
  • With service providers (sub-processors): vendors who process data on our behalf to run the Service, under contracts that limit their use of the data (see Section 6).
  • With integrations you enable: if you connect a third-party accounting platform (e.g., Wave, QuickBooks Online), we share the data necessary to provide that integration, at your direction.
  • For legal reasons: to comply with law, enforce our Terms, or protect the rights, safety, and security of users, the public, or Hangar36.
  • In a business transfer: in connection with a merger, acquisition, or sale of assets, subject to this Policy.

6. Sub-Processors

We rely on the following categories of providers (subject to change as the Service evolves):

  • Hosting / database / authentication: Supabase; Vercel.
  • Transactional email: Resend.
  • Document OCR / AI drafting: Google Cloud Document AI; Anthropic.
  • Payments: Stripe.
  • User-initiated accounting integrations: Wave; QuickBooks Online (Intuit) — only when you connect them.

7. Data Retention

We retain personal information for as long as your account is active and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, we delete or anonymize it. Organizations and users may request deletion as described in Section 9.

8. Security

We use technical and organizational measures to protect personal information, including encryption in transit, access controls, and row-level security on our database. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Your Rights and Choices

Depending on where you live, you may have rights to access, correct, delete, or receive a copy of your personal information, and to object to or restrict certain processing. California residents (CCPA/CPRA) have rights to know, delete, correct, and to opt out of “sale”/“sharing” (we do not sell or share personal information for cross-context behavioral advertising). Canadian and EU/UK residents have rights under PIPEDA and the GDPR/UK GDPR, respectively. To exercise any right, contact hello@hangar36.app; we will respond as required by applicable law. You will not be discriminated against for exercising your rights. Note that some data is controlled by your organization, and we may direct certain requests to the organization that administers your account.

10. International Data Transfers

We are based in the United States and process data there and with providers that may operate in other countries. Where required, we use appropriate safeguards for cross-border transfers.

11. Children’s Privacy

The Service is not directed to children and is intended for users 18 and older. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

12. Changes to This Policy

We may update this Policy from time to time. We will post the updated Policy with a new “Last updated” date and, for material changes, provide additional notice where appropriate.

13. Contact

Questions or privacy requests: hello@hangar36.app.

Terms of ServicePrivacy PolicyAviation Disclaimer