Policy Updated December 25, 2025 (UTC)

Privacy Policy

This policy describes how minimal diagnostic data may be processed while using the site. We intentionally limit collection of personal information.

Last updated: 2025-12-25

This Privacy Policy explains how 120mAGL ("we", "our", or "us") collects, uses, and protects information when you use this website. We are committed to ensuring that your privacy is protected and that any personal data is handled in accordance with the General Data Protection Regulation (GDPR - EU 2016/679).

1. Registered User Data

If you choose to create an account, we collect and store:

Email: For authentication and communications
Display name: To personalize your experience
Password: Stored in encrypted form (bcrypt hash)
Preferences: Language, newsletter subscription
GDPR consent: Date and time of acceptance
Saved articles: Your personal bookmarks
Quiz progress: Your results and badges

This data is never sold or shared with third parties for commercial purposes.

2. Data We Do NOT Collect

For non-registered users, we do not deliberately collect personally identifiable information (PII). We do not sell data to third parties and do not use data for targeted advertising.

3. Automatically Collected Information

When you browse the site, standard technical information may be automatically collected by our hosting platform and diagnostics tools (e.g. Application Insights) including:

Browser type and version
Device type and operating system
Pages viewed and time spent
Referring URLs

This data is used solely for performance monitoring, security, and improving content relevance.

4. Cookies

This site uses only essential and analytical cookies. We do not use tracking pixels for advertising or cross‑site profiling. You can disable cookies in your browser settings; the site remains largely functional. See our Cookie Policy for details.

5. Generated Content Disclaimer

Some content is generated or assisted by Azure AI services based on publicly available EASA UAS and ENAC regulatory material. Generated responses are for educational convenience only and should not be treated as legally authoritative. Always verify with official EASA/ENAC publications.

6. Third-Party Services

We use the following services for infrastructure, diagnostics, or security:

Azure Application Insights (telemetry & performance)

GDPR-compliant Data Processing Agreements (DPA) are in place with all third-party providers.

7. Data Retention

Data is retained for the following periods:

User accounts: Until deletion request
Telemetry logs: 30-90 days
Saved articles: Until account deletion

8. Security

We implement industry-standard security practices:

Passwords encrypted with secure algorithms (bcrypt)
Mandatory HTTPS connections
Least-privilege access
Azure managed services with enterprise security
Regular encrypted backups

9. Your GDPR Rights

In accordance with GDPR (EU 2016/679), you have the following rights:

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your data (right to be forgotten)
Portability: Obtain your data in a machine-readable format
Objection: Object to processing of your data
Withdraw consent: Withdraw consent at any time

To exercise these rights, access your profile settings or contact us. We will respond within 30 days.

10. Changes to This Policy

We may update this policy periodically. Material changes will be reflected with an updated revision date at the top of this page.

11. Contact

If you have questions about this Privacy Policy or how data is handled on this site, please contact the site administrator via the GitHub repository issues page or via email at info@120mAGL.com.

Regulatory Notice: This site is an educational resource and is not affiliated with or endorsed by EASA. Always consult official regulatory sources before acting on any summary information presented here.

Cookie Consent Test

Use this button to test the cookie consent banner by clearing your saved preferences.