01 · What we collect from principals
Your name, contact, manifest history, and the introducer who proposed your membership. Nothing else by default.
Placeholder. Full posture lives on trust; this section formalizes the principal data inventory: name, primary contact, household and delegate scopes, completed flight manifests, payment instruments held in escrow.
02 · What we do not collect
No tracking pixels, no third-party analytics, no advertising identifiers, no cross-site fingerprinting.
Principal-facing surfaces (this site's home, principal, invite, intelligence, trust pages) carry zero telemetry — first-party or third-party. We do not run a pageview beacon on them. We do not set tracking cookies on them. Inspect at your leisure.
03 · Where your data lives
Principal data is stored in EU-region GCP infrastructure by default. Operator and broker data is stored in US-region by default.
Placeholder. Section will detail Cloud Firestore region pinning, CMEK encryption, VPC Service Controls perimeter, and the residency-election option.
04 · Who has access
Engineers under audited just-in-time access. No analytics teams, no marketing teams, no third-party processors except those listed below.
Placeholder. Sub-processor list to be inventoried before launch.
05 · Your rights under GDPR / CCPA
Access, correction, deletion, portability — within 30 days. Article 17 deletion requests are tombstoned within 72 hours and excluded from the next nightly model retrain.
Placeholder. Section will detail the request channels, identity verification procedure, response SLA, and the audit-chain handling for tombstoned data (the leaf hash remains; the data behind it is removed).
06 · Contact
Privacy questions: privacy@oneways.ai. Security disclosures: security@oneways.ai.