Privacy Policy

Last updated: 3 March 2026

This Privacy Policy explains how we collect, use and protect your personal data when you use the Logga application and visit our website. We process personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable national data protection laws.

Logga is a digital solution for pilots and aircraft owners to manage flights, maintenance and aircraft documentation in compliance with aviation regulations (including EASA requirements).

1. Data Controller and Contact

The data controller responsible for processing your personal data in connection with Logga is:

Logga
Email: privacy@logga.app

If you have any questions about this Privacy Policy or how we process your personal data, you can contact us using the email address above.

2. Categories of Personal Data We Process

We process the following categories of personal data in connection with the Logga application and website:

2.1. Account and profile data

  • Basic account data (email address, password hash)
  • Identification data (first name, last name, preferred language, theme)
  • Profile photo of the user/pilot (if uploaded)

2.2. Pilot and qualifications data

  • Pilot profile data (contact details, pilot identification information)
  • Qualifications data (licenses, ratings, language proficiency, medical certificates and their validity dates)
  • Signature images used to sign logbook and technical log entries

2.3. Aircraft and group data

  • Aircraft data (registration marks, type, serial numbers, engine and propeller details, base aerodromes)
  • Aircraft photos and documentation (e.g. scans of certificates, ARC, insurance)
  • Flying group data (group name, membership information, roles such as Admin, Owner, Pilot, Mechanic)

2.4. Operational and maintenance records

  • Flight records (date, route, times, flight time, block time, landings, fuel and oil data, nature of flight)
  • Pilot logbook data (time as PIC, dual, night, IFR, cross-country, SIM, approaches, remarks)
  • Crew and passenger data (names and roles recorded in the context of a flight)
  • Technical log and maintenance entries, SB/AD status and resource (time/calendar/cycle) information

2.5. Website and technical data

  • Log data when you access our website or application (IP address, browser type, device information, timestamps, basic usage events)
  • Cookies and similar technologies necessary to provide the service and maintain security (see section 7)

3. Purposes and Legal Bases of Processing

We process your personal data for the following purposes:

3.1. Providing and operating the Logga service

  • Creating and managing user accounts and pilot profiles
  • Enabling the recording, storage and export of pilot logbooks and aircraft journey logs in EASA-compliant formats
  • Managing aircraft data, maintenance records, SB/AD, resources and documentation
  • Managing flying groups and memberships

Legal basis: Article 6(1)(b) GDPR (performance of a contract) – processing is necessary to provide the Logga service to you.

3.2. Compliance with legal obligations

  • Keeping records that may be required by applicable aviation, accounting or tax regulations

Legal basis: Article 6(1)(c) GDPR (compliance with a legal obligation).

3.3. Security, fraud prevention and service improvement

  • User authentication and access control
  • Maintaining logs to detect abuse, troubleshoot issues and protect the security of the service
  • Analysing anonymised or aggregated usage data to improve reliability and user experience

Legal basis: Article 6(1)(f) GDPR (legitimate interest) – our legitimate interest in ensuring the security and proper functioning of the service.

3.4. Communication with you

  • Responding to your support requests and other inquiries (e.g. via email)
  • Informing you about important changes to the service or this Privacy Policy

Legal basis: Article 6(1)(b) and 6(1)(f) GDPR – performance of the contract and our legitimate interest in maintaining contact with users.

3.5. Marketing and analytics (if applicable)

If we use cookies or similar technologies for analytics or non-essential marketing on the website, we will rely on your consent where required by law and provide you with appropriate choices.

Legal basis: Article 6(1)(a) GDPR (consent), where applicable.

4. Data Retention

We keep your personal data only for as long as necessary for the purposes described in this Privacy Policy or as required by applicable law.

  • Account and profile data are stored for the duration of your use of Logga and for a reasonable period after account deletion to resolve any outstanding issues, unless a longer period is required by law.
  • Flight, logbook and technical records are stored for as long as you maintain them within the service and, where applicable, for periods required under aviation or other regulations.
  • Technical logs (such as security and access logs) are typically retained for a limited period necessary to ensure security and traceability (for example 30–180 days), unless a longer retention is necessary in connection with a security incident.

5. Data Sharing and Processors

We do not sell your personal data. We may share your personal data with the following categories of recipients:

  • Service providers (processors) who provide hosting, infrastructure, email delivery, backup and other technical services necessary to operate Logga.
  • Flying groups and co-owners – if you join a flying group in Logga, certain data (such as your name, relevant pilot information and flight records) may be visible to other members of that group according to the group configuration.
  • Public authorities where we are legally obliged to do so (for example to comply with court orders or lawful requests from regulatory authorities).

Where we engage processors, we ensure that they provide sufficient guarantees to implement appropriate technical and organisational measures and we enter into data processing agreements as required by Article 28 GDPR.

6. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, such as:

  • An adequacy decision of the European Commission for the country in question, or
  • Standard Contractual Clauses approved by the European Commission, together with additional technical and organisational measures where necessary.

7. Cookies and Similar Technologies

We use cookies and similar technologies on the Logga website and application primarily to:

  • Maintain your session and authentication state
  • Provide security features and prevent abuse
  • Remember some of your preferences (such as language or theme)

These cookies are necessary for the proper functioning of the service and are used on the basis of our legitimate interest (Article 6(1)(f) GDPR) or, where applicable, for the performance of the contract (Article 6(1)(b) GDPR).

If we introduce additional analytics or marketing cookies that are not strictly necessary, we will inform you separately and, where required, obtain your consent.

8. Your Rights Under the GDPR

As a data subject, you have the following rights in relation to your personal data, subject to the conditions set out in the GDPR:

  • Right of access – to obtain confirmation whether we process your personal data and to receive a copy of such data.
  • Right to rectification – to have inaccurate or incomplete personal data corrected.
  • Right to erasure – to request the deletion of your personal data in certain circumstances (for example when it is no longer necessary for the purposes for which it was collected).
  • Right to restriction of processing – to request that we restrict the processing of your personal data in certain situations.
  • Right to data portability – to receive your personal data in a structured, commonly used and machine-readable format and to transmit those data to another controller where technically feasible.
  • Right to object – to object, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling.
  • Right to withdraw consent – where processing is based on consent, you have the right to withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

You can exercise your rights by contacting us at privacy@logga.app. We may ask you to provide information necessary to verify your identity before fulfilling your request.

You also have the right to lodge a complaint with your local data protection authority. In particular, you can contact the supervisory authority in the EU Member State of your habitual residence, place of work or place of the alleged infringement.

9. Security

We take appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

These measures include, among others, access controls, encryption at rest and in transit where appropriate, secure development practices and regular backups. However, no system can be completely secure, and we cannot guarantee absolute security of your data.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes in our service, legal requirements or data protection best practices.

When we make material changes, we will take reasonable steps to inform you, such as posting a notice on the website or in the application, or sending you an email. The "Last updated" date at the top of this page indicates when this Privacy Policy was last revised.