Privacy Policy

1. Overview

MileHighers is built to work locally first. You can use the app without an account, and cloud sync is optional.

2. What Data We Collect

• Email address — used for account authentication via email/password or supported OAuth providers.
• Flight booking data — routes, airlines, cabins, dates, and notes you enter. Stored locally on your device and, if you sign in, synced to Supabase.
• No advertising trackers — we do not use Google Analytics, Facebook Pixel, or similar third-party marketing trackers.

3. Purpose & Legal Basis

We process your data to provide the MileHighers app (Art. 6(1)(b) GDPR — performance of a contract). Your account details are used only for sign-in and sync. Your booking data is processed to provide the app’s core functionality.

4. Data Processor

Cloud data is stored in Supabase (Supabase Inc., San Francisco, CA). Supabase acts as a data processor under a Data Processing Agreement where applicable. Data is hosted in the configured region.

5. Data Retention

Your data is stored for as long as your account exists. You can delete your account and associated cloud data at any time via Settings. Local data on your device is managed by your browser.

6. Cookies & Local Storage

MileHighers uses essential browser storage such as localStorage and the authentication session required for sign-in. No third-party advertising cookies are used.

7. Your Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data
• Export your data
• Object to processing
• Lodge a complaint with a supervisory authority

8. Contact & Data Controller

[Malte Gerhardt]
[Auf den Scheffeln 32]
[44894, Bochum, Deutschland]
Email: milehighers.app@gmail.com
Contact form: Open the contact page