Privacy Policy
Summary of Data Processing for Dutysheet App
- Access credentials for your airline portal are stored locally and securely in the Apple Password Vault.
- The connection to your airline portal for retrieving the schedule is encrypted and direct, identical to accessing it via a regular browser.
- The loaded schedule is sent to the Dutysheet server for parsing. This connection is secure, and no credentials are sent. The schedule is processed on the server and sent back without being stored permanently.
- If participating in the Masterplan, your schedule data and personal details (e.g., name, employee ID, phone number) are stored on the server exclusively for exchange within the Masterplan. Only colleagues from the same airline who also share their data can view it.
Summary of Data Processing - EASA vs Airline FTL App
- User access and data are processed exclusively on your device. No personal data is stored on the server.
- The app generates and analyzes only anonymous usage statistics to improve functionality and reach. For this purpose, only the user's airline is transmitted.
- Your personal data remains confidential at all times and is not permanently stored or shared with third parties.
Please read the full declaration
This privacy policy outlines the processing of personal data ("data") for the apps "Dutysheet Wx," "Dutysheet Buddy," "EASA vs Airline FTLs," "Airports Plus," "Flitekit," and associated websites and content ("online offering"). Terms like "personal data" and "controller" follow the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Controller

Email address: See Legal Notice / Support Section of the app
Legal Notice
Types of Data Processed
- Basic data (name, address)
- Contact data (phone number, email address)
- Content data (e.g., text inputs, photos, videos)
- Usage data (visited web pages, access times)
- Metadata/communication data (IP address, browser information)
- Schedule data, names, and personnel numbers of the user and their colleagues
Purpose of Processing
- Provision of online and app services and content
- Communication and contact handling
- Security measures
- Audience measurement and marketing
Legal Basis
In accordance with Art. 13 GDPR, we inform you about the legal basis for our data processing activities:
- Consent is based on Art. 6(1)(a) and Art. 7 GDPR.
- Processing to fulfill contractual services and respond to inquiries is based on Art. 6(1)(b) GDPR.
- Processing to fulfill our legal obligations is based on Art. 6(1)(c) GDPR.
- Processing to protect our legitimate interests is based on Art. 6(1)(f) GDPR.
Your Rights as Data Subject
You have the right to request access to your data, correction, deletion, or restriction of processing. You also have the right to data portability and to lodge a complaint with a supervisory authority. If you have given consent, you can withdraw it at any time, effective for the future.
Right to Withdraw Consent
According to Art. 7(3) GDPR, you have the right to revoke any consent given to us, effective for the future.
Right to Object
In accordance with Art. 21 GDPR, you may object at any time to the future processing of your personal data, particularly in the case of processing for direct marketing purposes.
Deletion of Data
Your personal data will be deleted or restricted in processing in accordance with Articles 17 and 18 GDPR. Unless explicitly stated in this privacy policy, data stored with us will be deleted as soon as it is no longer required for its intended purpose and no statutory retention obligations exist.
Contact
When you contact us (e.g., via contact form, email, phone, or social media), your information will be used to process the contact request and handle it in accordance with Art. 6(1)(b) GDPR.
Hosting
We use hosting services to provide this online offering, including infrastructure and platform services, computing capacity, storage space, and database services. In this context, we or our hosting provider process basic data, contact data, content data, contract data, usage data, metadata, and communication data of customers, prospects, and visitors.
Access Data and Log Files
Based on our legitimate interests, we or our hosting provider collect data on every access to the server (so-called server log files). Access data includes the name of the retrieved website, file, date and time of access, data volume transferred, and other technical information.
Cookies
We use cookies to improve the user experience. You can disable cookies in your browser settings, which may affect the functionality of our website.