Privacy Policy

Effective: May 19, 2026

The short version
  • We collect your email, airline, home base, role, survey responses, and waitlist signup. That's the entire current collection.
  • When the app ships, we'll also collect verification info (airline email confirmation, crew badge photo, selfie for verification), basic in-app activity, and billing info if you subscribe.
  • We don't sell your data. Ever.
  • We don't share crew identity with venues, advertisers, or other companies. Aggregated data only.
  • You can request deletion of your data at any time by emailing hello@groundtime.com.

1. Who we are

GroundTime is operated by Threadwell Labs LLC, a California limited liability company. References to "we," "us," or "our" mean Threadwell Labs LLC. References to "the app" or "GroundTime" mean the GroundTime product, currently available as a marketing site at groundtime.com with a mobile app in development.

2. What we collect

Current collection (marketing site, validation phase):

  • Email address (when you sign up for the waitlist or submit the survey)
  • Airline you work for (self-reported)
  • Home base (self-reported)
  • Role (flight attendant, pilot, etc.)
  • Survey responses (free-text and multiple choice answers about the product idea)
  • Standard web analytics (page visits, referral source, device type, IP address — see Section 7 on cookies)

Planned collection (when the app launches):

  • Verification data: airline-domain email address (for confirmation code verification), crew badge photo, selfie for face match
  • Profile information: name, optional photo, optional preferences
  • App activity: meetups created, joined, attended; group chat messages; base chat participation
  • Communications you exchange with other users inside the app
  • Billing information (handled by our payment processor; we do not store credit card numbers)
  • Device identifiers, push notification tokens

We will update this policy when the app ships with the full collection list. We will notify users of material changes by email.

3. How we use your information

  • To verify you are a real airline crew member
  • To provide the core features of the service (meetups, group chats, base chats, vouching)
  • To send service-related notifications (account, security, transactional emails)
  • To send marketing emails about GroundTime, with your consent and the ability to unsubscribe at any time
  • To improve the product (aggregate analytics, never individual identity)
  • To protect the safety of crew using the platform (moderation, abuse detection, fraud prevention)
  • To comply with legal obligations

We do not sell your personal information. We do not share crew identity with venues, advertisers, or third-party marketers.

4. Who we share information with

We work with third-party service providers who help us run the product. Each receives only the information they need to perform their function:

  • Supabase — database and authentication infrastructure
  • Resend — transactional and marketing email delivery
  • Persona (planned, when app launches) — identity and crew badge verification
  • Stripe (planned, when app launches) — payment processing for subscriptions
  • Apple App Store and Google Play (planned, when app launches) — app distribution and in-app billing
  • Firebase / Google Cloud (planned, when app launches) — push notifications, file storage, app infrastructure

We share aggregated, non-identifying data (e.g., "300 users from Southwest signed up this month") with no one outside the company today. If we ever introduce sponsored content from local venues (a planned future feature), we will share aggregated demographics only — never individual crew identity.

We may share information when required by law (subpoena, court order, government request) or when necessary to protect safety, prevent fraud, or enforce our Terms of Service.

5. Data retention

  • Account data: retained as long as your account is active. Upon account closure, we anonymize or delete personal data within 90 days, except where retention is required by law.
  • Verification artifacts (crew badge photo, selfie, ID images — when the app launches): deleted 30 days after verification result, unless the verification is under active dispute or escalation, in which case retained until resolution plus 90 days.
  • Email logs: retained 12 months for deliverability and abuse-prevention purposes.
  • Aggregated, non-identifying analytics: retained indefinitely.

6. Your rights

Depending on where you live, you have rights regarding your personal information:

  • California residents (CCPA/CPRA): the right to know what we collect, the right to delete your information, the right to correct inaccuracies, the right to opt out of any "sale" of personal information (we do not sell personal information), and the right to non-discrimination for exercising these rights.
  • European Economic Area, UK, and Switzerland residents (GDPR): the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, and the right to object to processing.
  • All users: you can request deletion of your data at any time by emailing hello@groundtime.com. We will respond within 30 days.

7. Cookies and tracking

We use minimal cookies and tracking on the marketing site:

  • Essential cookies for site functionality (authentication, session)
  • Lightweight analytics to understand traffic patterns (page views, referrals)

We do not use third-party advertising cookies or cross-site tracking. The app, when it launches, will not track you across other apps or websites.

8. Children's policy

GroundTime is for verified airline crew, who are professional adults (18+). The service is not directed to children under 18 and we do not knowingly collect information from anyone under 18. If we learn we have collected information from a child under 18, we will delete it.

9. Biometric data (planned, when app launches)

When the app launches, the verification flow will involve a selfie and face match against a crew badge photo. This constitutes biometric information under several state laws (including Illinois BIPA, Texas CUBI, Washington state law, and the California CCPA).

We will:

  • Obtain your informed consent before collecting biometric data
  • Use biometric data only for crew verification — never for advertising, identification across services, or any other purpose
  • Store biometric data in encrypted form
  • Delete biometric data within 30 days of verification result (or sooner if you request deletion), except where required by law to retain longer
  • Not sell or otherwise commercially benefit from biometric data

We will publish a more detailed biometric-data policy before the app launches.

10. Security

We use industry-standard security measures to protect your data: encryption in transit (TLS), encryption at rest, access controls, and regular security review. No system is perfectly secure; if we ever experience a data breach affecting your personal information, we will notify you in accordance with applicable law.

11. International users

GroundTime is operated from the United States. If you access the service from outside the U.S., your information may be transferred to, stored in, and processed in the U.S. By using the service, you consent to this transfer. We will comply with applicable cross-border data transfer requirements, including under GDPR for users in the EEA.

12. Changes to this policy

We may update this policy from time to time. When we make material changes, we will notify users by email and update the "Effective" date at the top. Continued use of GroundTime after a material change constitutes acceptance of the updated policy.

13. Contact us

Questions about this policy?
hello@groundtime.com
Threadwell Labs LLC
1111 6th Ave Ste 550 #269241
San Diego, CA 92101