Privacy Policy
Effective Date: June 9, 2026. Last Updated: June 9, 2026.
1. Who We Are
This policy is from AMTIL Inc., a Delaware C-corporation. We operate from 7308 E Independence Blvd #1118, Charlotte, NC 28227. AMTIL builds aviation maintenance training software for FAA Part 147 schools, commercial airlines, and Maintenance, Repair & Overhaul (MRO) providers. Our team is small. When this policy says "we," "us," or "our," that is AMTIL Inc.
If you want the short version: we collect what we need to run the product, we name every third party we share data with, we do not sell personal information, and you can email us at privacy@amtil.co to ask about anything below.
2. What This Policy Covers
This policy applies to the AMTIL sites and applications we operate ourselves: amtil.co (the marketing site you are reading now), app.amtil.co (the authenticated learning app), admin.amtil.co (our internal CMS used by AMTIL marketing, sales, and operations), command.amtil.co (the B2B partner portal for schools, airlines, and MROs), and connect.amtil.co (the community module).
It does not cover third-party sites we link to. If you click through to LinkedIn, YouTube, or a partner school site, the privacy policy of that destination governs the visit.
3. Information We Collect
We collect three categories of information, and we try to be honest about why we hold each one.
3.1 Information you give us. Your name, work or school email address, phone number (only if you provide it), employer or school affiliation, role (student, instructor, technician, manager), and if you participate in our FAA Part 147 student programs your Airman Certificate number when required for certification tracking. If you pay for a subscription, Stripe processes the transaction and we receive a payment metadata record (last four card digits, billing country, charge ID). We never see or store your full card number.
3.2 Information we collect automatically. When you use one of our sites or apps we collect server logs (your IP address, the URL requested, the user agent string, the timestamp), client-side analytics events (which page you visited, which buttons you clicked, how long you stayed), and device information (browser type, OS, screen size, language). On the learning app we also record training progress: which 3D modules you opened, which assessments you took, which questions you answered correctly. That is the data the product is built around.
3.3 Information from third parties. If you sign in with Google or LinkedIn we receive your name, email, and profile photo from those services. If a school administrator enrolls you, the school gives us your contact and program information directly. If you accept a calendar invite from us, our Google Workspace tenant logs the response. We disclose every integration in section 6.
4. How We Use Your Information
We use the data above to run the product, communicate with you, measure how the product is doing, and meet our legal obligations.
Running the product: authenticating you, saving your training progress, processing payments through Stripe, sending transactional email through Resend (account confirmations, password resets, receipts), and keeping our servers up.
Communicating with you: service messages (which you cannot opt out of without closing your account), and marketing email (which you can opt out of at any time via the unsubscribe link in every marketing message). If you talk to our sales team we save the call notes in our CRM so the next person you speak with is not starting from zero.
Measuring the product: aggregate analytics on which features are used and which paid campaigns drive sign-ups. We do not build advertising profiles of individual users for resale. Section 7 covers our advertising-platform integrations in detail.
Security and legal: detecting fraud and abuse, enforcing our Terms of Service, complying with subpoenas and lawful requests, and meeting tax and accounting recordkeeping requirements.
5. Legal Bases (GDPR Article 6)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we need a lawful basis to process your data. We rely on four:
- Contract: to provide the services you have signed up for (account creation, course delivery, payment processing).
- Legitimate interest: to run an effective B2B marketing program for aviation maintenance employers and schools, to keep our infrastructure secure, and to improve the product through aggregate analytics. We balance this against your rights, and you can object at any time.
- Consent: for marketing email and for optional analytics or advertising cookies. You can withdraw consent at any time.
- Legal obligation: to keep records required by US tax law, to respond to subpoenas, and to meet FAA reporting obligations where they apply.
6. Who We Share Data With
We share data with a short list of service providers ("sub-processors"). Each one is named, with its role and where it processes the data. We pick vendors that publish their own Data Processing Agreements and that we can name without embarrassment.
- Supabase, Inc. (United States): primary database, authentication, file storage, and Vault (encrypted secret storage). Most of your account data lives here.
- Stripe, Inc. (United States): payment processing for paid subscriptions. Stripe is a PCI-DSS Level 1 service provider; we never store full card numbers.
- Resend, Inc. (United States): transactional email delivery (account confirmations, password resets, receipts).
- Vercel, Inc. (United States): application hosting and edge delivery for our web apps.
- Cloudflare, Inc. (United States): content delivery network, DDoS protection, and edge caching.
- Google LLC / Google Workspace (United States): our internal email, calendar, and document storage; also Google Analytics 4 for aggregate web traffic measurement on amtil.co.
- LinkedIn Corporation (United States, subsidiary of Microsoft Corporation): Marketing Developer Platform for paid-campaign management and reporting. Section 7 has the detail.
- TikTok Inc. (United States): Ads Manager for paid social campaigns, used manually today.
- OpenAI, L.L.C. (United States): used in a narrow set of internal content-production workflows; no end-user personal data is sent.
- Upstash, Inc. (United States): Redis rate-limiting on our API endpoints to prevent abuse.
We do not sell personal information to anyone. We do not license email lists to advertisers. We do not trade data with other ed-tech companies. If we add a new sub-processor we update this page; material changes to who handles your data get an email notice as well.
7. Advertising and Marketing Platforms
This is the section LinkedIn reviewers will want to read carefully, so we will be specific.
AMTIL is an approved (or, at the time you are reading this, applying to be approved) developer on the LinkedIn Marketing Developer Platform. Our internal CMS at admin.amtil.co integrates the LinkedIn Advertising API to plan, launch, and measure paid LinkedIn campaigns advertising AMTIL's own products and services to aviation employers and schools. We are a Direct Advertiser. We do not provide ad-platform tooling to third parties.
The OAuth 2.0 scopes we request from LinkedIn are r_ads, rw_ads, r_ads_reporting, and r_organization_social. We request these scopes against AMTIL's own LinkedIn Ad Account and AMTIL's own LinkedIn Company Page (linkedin.com/company/amtiltraining). We do not request, store, or process individual LinkedIn member personal data through these scopes. The data we receive is campaign metadata, creative content we authored ourselves, and aggregate performance metrics (impressions, clicks, spend, conversion counts, and demographic and firmographic breakdowns at LinkedIn's standard aggregation thresholds).
Refresh tokens from LinkedIn are stored encrypted at rest in Supabase Vault. They are never logged, never exposed to client-side JavaScript, never emailed, and never sent to any other system. Access is limited to AMTIL employees with the marketing-admin role inside the CMS, enforced by Supabase Row Level Security and our internal role-based permission system.
We comply with the LinkedIn API Terms of Use and the LMDP policies. We do not resell, sublicense, or proxy LinkedIn API access. We do not scrape LinkedIn member profiles. We do not build audience lists from LinkedIn data. We do not use LinkedIn data to train machine-learning models.
We also use Google Analytics 4 on amtil.co for aggregate traffic measurement, and Google Ads and TikTok Ads Manager on a manual, non-API basis for paid acquisition. If we add Meta Ads, X Ads, or any other ad platform in the future we will update this section before going live with the integration.
8. How Long We Keep Your Data
Different categories of data have different retention windows. The rough breakdown:
- Account data: for the lifetime of your account plus 24 months after closure, so we can restore your progress if you come back, then deleted.
- Training progress and assessment records: same as account data, except where a school or employer has paid for a longer certification-evidence window. In that case we keep what the contract requires.
- Marketing campaign performance data: 36 rolling months. That is the LinkedIn reporting horizon we need to model year-over-year campaign return.
- Server logs and security events: 90 days, then automatic deletion. Sentry and GlitchTip error events: 90 days.
- Stripe transaction and tax records: 7 years, required by US tax law.
- Sales call notes and CRM correspondence: 36 months after last contact, then archived.
- Backups: encrypted nightly backups are kept for 30 days on a rolling window.
If you ask us to delete your account we honor it within 30 days, except for the Stripe records (legal obligation) and any in-flight invoices.
9. How We Protect Your Data
The boring but important stuff. All traffic to our sites runs over TLS 1.3. Data at rest in Supabase is encrypted with AES-256. OAuth refresh tokens, API keys, and other secrets sit inside Supabase Vault, separated from the main application database. Internal access to production data requires Google Workspace SSO with a hardware security key, and our employee permissions are role-based. Most people do not have read access to production user data, by design.
In April 2026 we completed a migration moving session token storage off our legacy auth middleware and into Supabase Vault, after an internal review flagged the older pattern as out of line with our then-current commitments. We mention it because it is the kind of change you should expect us to make and document, not because it was a breach. There was no incident.
Write operations against our CMS produce an immutable audit log row (actor, timestamp, request ID, before-state, after-state). We run a quarterly internal security review, and we welcome responsible disclosure of vulnerabilities at security@amtil.co.
10. Your Rights
Wherever you live, you can ask us to do the following with your data:
- Tell you what we have on you (access).
- Fix anything that is wrong (rectification).
- Delete it (subject to the retention exceptions in section 8).
- Export it to another service in a portable format (portability).
- Stop processing it for marketing purposes (objection).
- Restrict processing while you contest something (restriction).
- Withdraw consent for anything we are doing on a consent basis (withdrawal).
To exercise any of these rights, email privacy@amtil.co from the address associated with your account. We respond within 30 days, or sooner. If we need to verify your identity we will ask for a confirmation through your account email; we do not ask for a passport scan for a routine request.
If you live in the EEA or the UK and you think we have mishandled your data, you have the right to complain to your national supervisory authority (in the UK that is the ICO; in Ireland that is the DPC; and so on). We would rather you came to us first so we can fix it.
11. California Residents (CCPA / CPRA)
If you live in California, the CCPA and CPRA give you the right to know, delete, correct, and opt out of the "sale" or "sharing" of your personal information. We do not sell personal information in the sense the CCPA defines that term, and we do not share it for cross-context behavioral advertising. So there is no opt-out to send you. There is nothing to opt out of. If you want to confirm that for yourself, email privacy@amtil.co and we will send you the categories of personal information we hold about you and how we use them.
California also gives you a right to non-discrimination. If you exercise any privacy right we do not charge you a different price, give you a worse service, or treat you any differently.
12. International Data Transfers
We are a US company and our infrastructure runs in the United States. If you are using AMTIL from the EEA, the UK, or Switzerland your data is transferred to and processed in the US. Where required, we rely on the European Commission's Standard Contractual Clauses (2021) with our sub-processors, and on adequacy decisions where they exist (UK adequacy decision, Swiss-US Data Privacy Framework, and so on). The sub-processors named in section 6 all publish their own Data Processing Agreements and SCCs; we sign them.
13. Children
The AMTIL platform is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. In the EEA and the UK we do not knowingly collect personal information from anyone under 16 without verifiable guardian consent.
FAA Part 147 aviation maintenance programs sometimes enroll students aged 16 and 17. When a partner school enrolls a minor with us we ask the school to confirm it has parental notice and (where required) consent on file. If you are a parent and you would like us to delete a minor's account, email privacy@amtil.co and we will do it within 14 days.
14. Changes to This Policy
If we change anything material in this policy (adding a new sub-processor that handles user data, changing a retention window, expanding what we collect) we send a notice to your account email at least 30 days before it takes effect, and we keep an in-app banner up for that window. Non-material changes (clarifying wording, fixing a typo, adding a sub-processor that does not touch user data) get a new "Last Updated" date but no notice.
We keep prior versions of this policy on file. If you want to see the diff between the version you signed up under and the current version, email privacy@amtil.co and we will send it.
15. Contact
Email: privacy@amtil.co
Mail: AMTIL Inc., 7308 E Independence Blvd #1118, Charlotte, NC 28227, United States.
We aim to respond to privacy correspondence within five business days.