PRIVACY POLICY

Effective: March 31, 2026

The short version: Manifest stores only the data you provide — your flights, your profile, your preferences. We don't sell it, don't run ads, don't use analytics trackers, and don't share your data with third parties for their own purposes. Your flight log is yours.

1. Who We Are

Manifest is a flight logging and aviation lifestyle app operated by Manifest Labs. When this policy says "we," "us," or "our," it refers to Manifest Labs.

Contact: [email protected]

2. Data We Collect

Account data: When you sign up via Apple Sign In, we receive your Apple-provided email address (which may be a private relay address) and a unique identifier. We do not receive your Apple ID password.

Profile data: Name, display name, home airport, and any other information you choose to add to your profile.

Flight data: Flight details you enter or import — including airline, route, date, seat, aircraft type, tail number, class, trip purpose, and notes. This is the core of Manifest and is stored solely to provide the app's features to you.

Family data: If you create or join a family group, we store the group membership and the flight data of members who have opted in to sharing within the group.

Engagement data: Your answers to Black Box trivia questions and your reading history within the Radar tab. This is used to personalise your feed and track streaks.

We do NOT collect:

Device identifiers or advertising IDs
Precise location data
Contacts, photos, or files from your device
Usage analytics or behavioural tracking data
Health or financial data

3. How We Use Your Data

We use your data to:

Provide and operate Manifest's features — flight logging, statistics, sharing, Radar content, and Clearance deals
Enrich your flight records with aircraft and airport information from aviation data sources
Generate your personalised share cards when you choose to share
Show you relevant flight deals based on your home airport
Maintain and improve the reliability and security of the app

We do not use your data for advertising, profiling, or sale to third parties.

4. AI-Generated Content

Manifest's Radar tab includes news articles and flight deals produced by an AI-powered editorial pipeline. This pipeline uses the Anthropic API to generate, edit, and quality-check content. Your personal data is never sent to the AI pipeline. The pipeline processes publicly available aviation news and airline deal pages — it has no access to your flights, profile, or account.

5. Third-Party Services

We use a limited number of third-party services to operate Manifest:

Supabase — database, authentication, and server functions. Your data is stored in Supabase's infrastructure. Supabase Privacy Policy
Apple Sign In — authentication only. Apple provides us a scoped identifier and email; we receive no other Apple account data.
Aviation data providers (AeroDataBox, OpenSky Network) — we query these services with flight numbers and aircraft registrations to enrich your records. We do not share your identity with these services.
Meta/Instagram — when you choose to share a flight card to Instagram, your share image is passed to the Instagram app on your device. We do not send data to Meta's servers; the sharing happens locally via iOS sharing APIs.

We do not use any analytics, crash reporting, advertising, or tracking SDKs.

6. Data Storage and Security

Your data is stored in Supabase-hosted PostgreSQL databases with row-level security (RLS) enabled. This means each user can only access their own data through the API. All connections are encrypted via TLS. Authentication tokens are stored securely on your device using the platform keychain.

7. Data Retention

We retain your data for as long as your account is active. Your flight log is designed to be a permanent personal record — we will not delete it unless you ask us to.

If you delete your account, we will delete all associated data within 30 days. Some data may persist in encrypted backups for up to 90 days before being purged.

8. Your Rights

You have the right to:

Access your data — all your data is visible within the app
Correct your data — you can edit flights, profile information, and preferences at any time
Delete your data — you can delete individual flights within the app, or request full account deletion
Export your data — contact us and we will provide a copy of your data in a standard format

To exercise any of these rights, contact [email protected].

9. Children's Privacy

Manifest supports family accounts where parents can log flights for their children. The parent or guardian controls the child's profile and data. Children cannot create accounts independently. We do not knowingly collect data from children under 13 without parental consent. If you believe we have inadvertently collected such data, please contact us.

10. International Users

Manifest is available globally. Your data is processed and stored on servers in the United States (via Supabase). By using Manifest, you consent to the transfer and processing of your data in the United States. We apply the same privacy protections to all users regardless of location.

11. Changes to This Policy

We may update this policy from time to time. If we make material changes, we will notify you through the app or by email. Continued use of Manifest after changes constitutes acceptance of the updated policy.

12. Contact

Questions or concerns about your privacy? Reach us at:

[email protected]