Privacy Policy for FlightPhysical.com

Effective Date: January 6, 2026
Last Updated: January 6, 2026

1. Introduction

FlightPhysical.com ("we," "us," or "our") operates an online directory connecting pilots and air traffic controllers with Aviation Medical Examiners (AMEs) and BasicMed physicians who provide flight physical examinations. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website and services.

By using FlightPhysical.com, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

For Physicians/Medical Practitioners:

  • Name and professional credentials (MD or DO and/or additional degrees)
  • Email address
  • Practice location(s) and contact information
  • Payment information (processed securely through third-party processors)
  • Account credentials
  • Professional licensing information (subject to our occasional independent verification)
  • Light or Dark Display Preferences

For Pilots and Air Traffic Controllers:

  • No personal identifying information is collected
  • Search preferences and location data (to help find nearby physicians)

2.2 Information Collected Automatically

Public AME Directory Information:

  • We periodically crosscheck data that is publicly accessible through the FAA hosted AME locator
  • Public Data is used to seed our directory, and it is augmented at times by direct AME or BasicMed Physician input, corrections or augmentation
  • BasicMed Data is not currently collected automatically, listings require explicit BasicMed Physicians to reach out to us

Cookies and Tracking Technologies:

  • Session cookies to facilitate site navigation and maintain logged-in status
  • Analytics cookies to understand how visitors use our site
  • Browser type, device information, and IP address
  • Pages visited, time spent on pages, and referral sources

Technical Data:

  • Log files containing IP addresses, browser types, access times, and page views
  • Performance monitoring data through Laravel Pulse
  • Light or Dark Display Preferences either through your system preferences or through our UI button

2.3 Information We Do NOT Collect

  • We do not collect medical records or personally identifiable health information
  • We do not collect information from children under 13 years of age
  • We do not collect sensitive personal data beyond what is necessary for service provision
  • We do not collect general physician data - BasicMed (non AME) physicians are added to our directory only when they explicitly ask us to be listed, and they can ask to be removed at anytime

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Delivery

  • To create and manage physician directory listings
  • To process subscription payments for premium services
  • To provide search functionality connecting pilots with physicians
  • To maintain and improve website functionality

3.2 Communication

  • To send transactional emails (account confirmations, payment receipts, service updates)
  • To respond to inquiries and provide customer support
  • To send optional newsletters (only with explicit opt-in consent)

3.3 Analytics and Improvement

  • To analyze website usage patterns and improve user experience
  • To monitor application performance and identify technical issues
  • To optimize search results and directory functionality

3.4 Legal Compliance

  • To comply with applicable laws and regulations
  • To protect our rights and prevent fraud or abuse
  • To respond to legal requests from authorities

Important: We do not use your personal information for marketing purposes, and we do not sell, rent, or trade your personal data to third parties.

4. Information Sharing and Disclosure

4.1 Public Directory Information

Physician directory listings are publicly viewable and include:

  • Physician name and credentials
  • Practice locations and contact information
  • Services offered and certification types
  • Links to external websites (for premium subscribers)

4.2 Third-Party Service Providers

We share limited data with trusted service providers who assist in operating our platform:

Payment Processing:

  • Stripe and PayPal (encrypted payment information only)
  • These processors handle payment data according to PCI-DSS standards

Email Services:

  • Postmark and Mailgun (for transactional emails)
  • Our own SMTP servers
  • Email addresses and necessary message content only

Analytics:

  • Google Analytics (anonymized usage data)
  • Laravel Pulse (application performance monitoring)

Hosting:

  • Amazon Web Services (AWS) (server infrastructure)

Authentication Services:

  • Necessary authentication data to verify user identity

All third-party providers are contractually obligated to protect your data and use it only for the specified purposes.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental request, or to protect our rights, property, or safety, or that of our users or the public.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred. We will notify you via email and/or prominent notice on our website of any such change in ownership or control.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy:

7. Your Privacy Rights

7.1 Rights for All Users

You have the right to:

  • Access your personal information we hold
  • Request correction of inaccurate information
  • Request deletion of your account and associated data
  • Object to processing of your personal information
  • Withdraw consent for optional data processing
  • Opt out of marketing communications (newsletters)

7.2 Additional Rights for EU Users (GDPR)

If you are located in the European Economic Area, you have additional rights:

  • Right to data portability: Receive your data in a structured, commonly used format
  • Right to restriction of processing: Request limitation of processing under certain circumstances
  • Right to object: Object to processing based on legitimate interests
  • Right to lodge a complaint: File a complaint with your local data protection authority

Legal Basis for Processing (GDPR):

  • Contractual necessity (to provide our services)
  • Legitimate interests (to improve our services and prevent fraud)
  • Consent (for optional features like newsletters)

7.3 Additional Rights for California Users (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the sale of personal information (Note: FlightPhysical.com does not sell personal information, nor have we ever since our 1999 launch)
  • Non-discrimination for exercising your privacy rights

Categories of Personal Information Collected:

  • Identifiers (name, email, IP address)
  • Commercial information (payment history)
  • Internet activity (browsing behavior on our site)
  • Geolocation data (for physician search functionality)

7.4 Exercising Your Rights

To exercise any of these rights, please contact us through:

We will respond to your request within 30 days (or as required by applicable law).

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

Essential Cookies:

  • Required for website functionality and navigation
  • Session management and authentication
  • Cannot be disabled without affecting site functionality

Analytics Cookies:

  • Google Analytics (to understand site usage)
  • Can be disabled through browser settings or opt-out tools

8.2 Managing Cookies

You can control cookies through your browser settings:

  • Most browsers allow you to refuse cookies or delete existing cookies
  • Browser settings instructions: Chrome, Firefox, Safari, Edge

Google Analytics Opt-Out:
You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

9. International Data Transfers

FlightPhysical.com is based in the United States. If you are accessing our services from outside the U.S., please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

For EU users, we ensure appropriate safeguards are in place for international data transfers, including:

11. Children's Privacy

FlightPhysical.com does not knowingly collect personal information from children under 13 years of age. Our services are intended for adults (pilots, air traffic controllers, and medical professionals). If we become aware that we have inadvertently collected information from a child under 13, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

We encourage you to review this Privacy Policy periodically. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

13. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals websites you visit that you do not want to be tracked. Currently, there is no industry consensus on how to respond to DNT signals. At this time, FlightPhysical.com does not respond to DNT browser signals, but we do provide you with choices regarding cookie use and data collection as described in this policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

FlightPhysical.com
Privacy Contact Page: Contact Page for Privacy Issues

Response Time: We aim to respond to all privacy inquiries within 30 days.

15. Additional Disclosures

15.1 California Residents - "Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. As stated in this policy, we do not share personal information with third parties for their direct marketing purposes.

15.2 Nevada Residents

Nevada residents have the right to opt out of the sale of certain covered information collected by operators of websites or online services. We do not sell covered information as defined under Nevada law. If you have questions, please contact us using the information provided above.

Acknowledgment: By using FlightPhysical.com, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.