Privacy Policy
Effective July 16, 2026
This Privacy Policy explains how Genoa Labs, LLC collects, uses, and protects information in connection with Maverick, our record-keeping and compliance software for Part 61 flight schools. Maverick is sold to flight schools, and there is no student-facing login.
1. Who This Policy Covers
This policy applies to the flight schools and their administrators and instructors who use Maverick ("customers," "you"), and to the information handled through the service. Students do not have accounts. Schools enter and control student data on their students' behalf.
2. Information We Collect
- Account information. When an administrator or instructor creates an account, we collect a name, an email address, a password (stored only in a securely hashed form by our authentication provider), and optional instructor details such as a CFI certificate number, a certificate expiration date, and a digital signature used to render endorsements.
- School information. The school name, location (city and state), fleet and aircraft details, and configuration settings.
- Student training records entered by schools. Schools enter and store student data, which can include: student identity information (name, and optionally email, phone, and enrollment details); certificates and ratings held or pursued; flight and ground training times and lesson details; endorsements issued; checklist and stage-check progress; TSA verification status; and prospective-student CRM information.
- Payment information. Handled by Stripe, as described in Section 6. Maverick never receives or stores full card numbers.
- Usage and technical information. Basic technical data needed to operate and secure the service, such as authentication session data and standard server logs.
3. How Schools and Genoa Labs Share Responsibility for Student Data
The student training records in Maverick are entered and controlled by the school, for the school's own record-keeping. The school decides what to collect, is responsible for the accuracy of that data, and is responsible for obtaining any consent or authorization the law requires before entering it.
This includes any consent needed for records of students who are minors: student pilots can be under 18, and the school is responsible for any parental or guardian consent that applicable law requires. Genoa Labs processes this data on the school's behalf and in accordance with this policy. We do not use it for our own independent purposes.
4. How We Use Information
We use the information we collect to: provide, operate, secure, and improve Maverick; authenticate users and enforce access controls; process subscription payments through Stripe; send transactional and service messages (such as automated reports and account or billing notices) when those features are configured; respond to support requests; and comply with our legal obligations. We do not use student training records for advertising or to build advertising profiles.
5. We Do Not Sell Your Data
We do not sell personal information, and we do not share it for advertising or cross-context behavioral advertising. We do not use student data for advertising of any kind.
6. Payments
Subscription payments are processed by Stripe, our payment processor. Stripe collects and handles your payment method directly, under its own terms and privacy policy. Maverick stores only limited billing references (such as a customer or subscription identifier and a subscription status) needed to manage your plan. Maverick never receives, sees, or stores full card numbers or other sensitive payment credentials.
7. Service Providers (Subprocessors)
We use a small number of trusted service providers to run Maverick. Each processes information only as needed to provide its service to us:
- Supabase: database hosting and authentication.
- Vercel: application hosting and delivery.
- Stripe: subscription payment processing.
- Resend: transactional email delivery (for example, automated reports), when email features are enabled.
These providers are bound by their own agreements and privacy commitments. We may update this list as our providers change; a material change is handled as described in Section 13.
8. Cookies
Maverick uses cookies only for authentication and session management (keeping you signed in and secure). We do not use advertising or third-party tracking cookies in the application.
9. Data Security
We protect data with measures appropriate to its sensitivity, including encryption in transit, database-level access controls that isolate each school's data from every other school's, and restricted administrative access. No system is perfectly secure, and we cannot guarantee absolute security, but we work to protect your information and to limit access to it.
10. Data Retention and Deletion
We keep account and training data for as long as your account is active. When you cancel or close your account, we retain your data for a reasonable window so you can reactivate or export it, and then delete it from our active systems. Residual copies may persist in routine encrypted backups for a limited additional period before they are overwritten.
You can export your data at any time using the CSV, PDF, and full-backup tools inside Maverick.
11. Access and Deletion Requests
You can request access to, correction of, or deletion of the personal information we hold about you (or, for a school administrator, about your school's account) by contacting us at support@maverickfs.app. For student records that a school entered, direct requests to the school that controls that data, and we will support the school in fulfilling them. We respond to verified requests within a reasonable time and as required by applicable law.
12. Children's Data
Maverick is a business tool used by flight schools, not a service directed to children, and there is no student-facing login. Some student pilots are minors, and schools may enter their records. Schools are responsible for any consent that applicable law requires before entering a minor's data. If you believe a minor's information was provided to us without proper authorization, contact us at support@maverickfs.app, and we will work with the controlling school to address it.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make a material change, we will post the updated policy with a new effective date and, where appropriate, notify account administrators by email. Your continued use of Maverick after a change takes effect means you accept the updated policy.
14. Contact
Questions about this policy, or privacy requests, can be sent to support@maverickfs.app.
