Back to Variograph

Legal

Privacy Policy

Effective date: January 1, 2026  ·  Last updated: May 2026

1. Who We Are

Variograph (“we”, “our”, “us”) is a flight analysis platform operated by Flight Tech Labs. Our service lets pilots upload IGC and GPX flight logs, analyse them in the browser, and generate 3D terrain prints. Questions about this policy can be sent to by.concers@gmail.com.

2. Data We Collect

Flight files (IGC / GPX)

Files you upload are processed entirely in your browser and in our server-side API routes. We do not store your flight files permanently. Session data (file content) is kept only in your browser’s sessionStorage and is automatically cleared when you close the tab.

Account data (optional)

If you create an account, we collect your email address via Supabase Auth. No flight data is linked to your account unless you explicitly choose to save or share a flight.

Terrain elevation data

When you generate a 3D model, our server fetches terrain tiles from the AWS Terrain Tiles service (elevation-tiles-prod.s3.amazonaws.com) on your behalf. The bounding box of your flight (latitude/longitude range) is sent to this third-party service. No personal data is included in that request.

Usage data

We may collect standard server logs (IP address, browser type, pages visited, timestamps) for security and performance monitoring. These logs are retained for a maximum of 30 days.

3. How We Use Your Data

  • To analyse your flight and display statistics, charts, and 3D models in your browser.
  • To generate and serve terrain elevation data required for 3D print exports.
  • To authenticate you if you choose to create an account.
  • To diagnose bugs, improve performance, and ensure the security of the service.
  • We do not sell, trade, or rent your personal data to third parties.
  • We do not use your flight data to train machine-learning models.

4. Cookies & Local Storage

We use browser localStorage to save your display preferences (colour scheme, overlay settings). No tracking or advertising cookies are set. Supabase Auth uses a secure HTTP-only cookie to maintain your login session if you have an account.

5. Third-Party Services

Supabase — authentication and optional data storage. Subject to the Supabase Privacy Policy.

AWS S3 Terrain Tiles — public elevation tile service. No personal data is transmitted; only geographic bounding boxes.

Vercel — hosting provider. Subject to the Vercel Privacy Policy.

6. Data Retention & Deletion

Flight files you upload are never written to disk on our servers beyond the duration of a single API request. If you have an account and wish to delete it and all associated data, contact us at by.concers@gmail.com and we will process the request within 30 days.

7. Security

All data in transit is encrypted via HTTPS/TLS. We follow industry-standard practices to protect the infrastructure and limit access to production systems. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

8. Children’s Privacy

Variograph is not directed to children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. Continued use of the service after changes constitutes acceptance of the revised policy.

10. Contact

For any privacy-related questions or requests, email by.concers@gmail.com.

Terms of ServiceBack to Variograph