Privacy Policy

Effective May 27, 2026

Pilot Medical Guardian is built so that I — the developer — cannot see your health, disclosure, or Special Issuance data. This isn't a promise to behave; it's how the app is built.

Pilot Medical Guardian and this website are operated by YellowArc LLC. Questions about this policy: support@pilotmedicalguardian.com.

What I store, and where

Your records — health readings, doctor visits, medications, medical history, Special Issuance profiles, documents, and certificates — are stored on your device and sync only through your own iCloud private database. I operate no server that holds this data and cannot query it.

Apple Health

If you connect Apple Health, the app requests read-only access to the metric types you choose. It never writes to Health, never uses health data for advertising, and never sends it to any server. It flows only: Apple Health → your device → your own iCloud.

Location

If you tap "Use Current Location" in the AME Directory, your location is used only on your device to sort AMEs by distance. It is never stored or sent anywhere.

Documents you scan

Scanned documents are turned into PDFs on your device, encrypted at rest, and synced only through your iCloud private database. On-device text recognition (OCR) never leaves your device.

Safari Web Extension (MedXPress autofill)

When you enable PMG's optional Safari extension, it runs only on medxpress.faa.gov. The extension reads your already-saved records (medications, doctor visits, medical history answers) from the same on-device storage as the main app, through Apple's shared App Group mechanism — your data never transits any server. It writes those records into MedXPress's form fields so you don't have to retype them at every renewal. You can disable the extension any time in Safari's settings; the main app keeps working without it. Like the rest of PMG, the extension uses no analytics, sends nothing to me, and connects to no third-party service.

FAA reference content

The app downloads public FAA reference data (thresholds, medications, requirements, AME data) as anonymous static files. These requests carry no identifier and no health data — they look like any other file download. Nothing about you is ever sent back.

No tracking, no ads, no selling

There is no analytics SDK on your health data, no advertising, and I never sell your data. If product analytics are ever added, they will be anonymous, opt-in, and will never include health content.

The launch email list (this website)

If you enter your email in the "Get notified at launch" form on this site, it's collected through Tally (a third-party form service) and used for one purpose only: to email you when the app is available on the App Store. This list is completely separate from the app — it never touches your medical, health, or Special Issuance data, none of which this website ever sees. It isn't sold, isn't used for advertising, and isn't linked to anything else. Ask to be removed any time at support@pilotmedicalguardian.com.

Your control

You can archive or permanently delete any record, and "Erase All Data & Start Over" removes everything from your device and iCloud. Because your data lives in your iCloud, it is also governed by your Apple account security.

Contact

Questions about this policy or how the app handles data can be emailed to support@pilotmedicalguardian.com. You can also send feedback right from the app (About → Send feedback).

This app is an information and record-keeping tool — not medical, legal, or FAA compliance certification, and not medical advice.