Privacy Policy

Privacy Policy

Last updated: 2026-05-15

What we collect

You can sign in with X, Google, or an emailed one-time link. From your provider we receive your user ID, display name, and (if you grant it) your email address. Magic-link sign-in requires your email so we can deliver the link. When you create your public flight, we store the handle, name, bio, website, profile picture URL, and the public proof links you paste in.

Why we collect it

To create your account, sign you in on subsequent visits, render your public flight page, and rank flights on the leaderboard. That's it.

Where it's stored

All data is stored in Cloudflare D1 (a hosted SQLite database) and served from Cloudflare's edge network.

Analytics

We run a self-hosted Rybbit instance to count page views and referrers. It is cookieless, does not fingerprint visitors, and does not share data with third parties. API and asset routes are excluded. We do not run advertising or third-party tracking pixels.

Who we share it with

No one. We do not sell, rent, or share your data with third parties. Your public proof URLs and handle are visible at flyinpublic.com/<your-handle> by design. That's the product.

Cookies

We set one signed cookie that holds your session. It is HTTP-only, same-site, and deleted when you sign out. We don't use third-party cookies.

Your rights

You can edit your name, handle, bio, website, profile picture, and proofs at any time from profile settings. To delete your account and all associated data, email us using the contact below.

Contact

Questions or deletion requests: max@flyinpublic.com.