Privacy Policy
This Privacy Policy describes how Joker Aviation LLC ("Joker Aviation," "we," "us," "our") collects, uses, and protects information when you use the JMGMT aviation maintenance management platform (the "Service"). JMGMT is a software-as-a-service tool licensed to FAA Part 145 repair stations and aircraft maintenance shops; the customer organization that contracts with Joker Aviation (the "Customer") owns its own operational data, while Joker Aviation operates the platform on the Customer's behalf.
1. Information we collect
1a. Account information
When the Customer's authorized administrator creates a user account for you, we collect your name, username, role, optional email address, and (if your organization enables two-factor authentication) your mobile phone number. Your password is stored as a one-way scrypt hash and is never readable by us or the Customer.
1b. Operational data
JMGMT records the work-related activity you perform inside the platform: work orders, time-clock punches, parts pulled, signatures captured, audit trail entries, and similar maintenance-record content. This information is the property of the Customer organization, not Joker Aviation.
1c. Technical data
For security and audit purposes we log IP addresses, browser user agents, and (when your browser provides it) coarse geolocation at login + time-clock events. This information is visible to authorized administrators of the Customer organization and is retained as part of the platform's security audit log.
If your administrator enrolls you in two-factor authentication, your mobile phone number is collected for the sole purpose of sending you 6-digit verification codes during sign-in.
We do not sell, share, transfer, or otherwise disclose your mobile number to any third party for marketing, advertising, or any other purpose. Mobile numbers are transmitted only to our SMS delivery vendor (Twilio) for the technical purpose of routing the verification SMS to your device.
Message frequency: typically 1–2 messages per sign-in session, and 1 message when your administrator enrolls or changes your phone number. Message and data rates may apply depending on your mobile carrier plan.
Reply STOP to any verification SMS to opt out of further messages. Reply HELP
for support, or contact your organization's administrator. Opting out disables 2FA on your account; your
administrator may then enroll you under a different phone number.
2. How we use the information
- To authenticate you and authorize the actions you take inside the platform
- To send the verification SMS codes described above (mobile number only)
- To maintain the audit and security logs required for FAA Part 145 record-keeping and for the Customer's internal compliance
- To provide the operational features of the platform (assigning work orders, tracking time, generating invoices, etc.)
- To diagnose service issues and improve platform reliability
We do not use your personal information for advertising. We do not build advertising profiles. We do not sell any personal information.
3. Information sharing
We disclose information only in these narrow circumstances:
- Within your Customer organization: Authorized administrators at the Customer can see operational data and audit-log entries you generate as part of normal platform use.
- Service providers acting on our behalf: We use a limited set of vendors strictly to operate the platform — currently Supabase (database hosting), Stripe (payment processing for our Customers), Twilio (SMS delivery), and DigitalOcean (application hosting). Each vendor receives only the data needed to perform its function and is contractually prohibited from using that data for any other purpose.
- Legal requirements: We will disclose information if compelled by law, court order, or law-enforcement request, but we will notify the Customer organization (and you, where lawful and practical) first.
We do not share, sell, rent, or trade your information for any commercial purpose.
4. Data retention
Operational data is retained for the duration of the Customer's contract with Joker Aviation and for a reasonable period thereafter (typically 7 years, to satisfy FAA record-keeping requirements). On contract termination, Customers can request a full export of their operational data. Personal information not required for record-keeping can be deleted on user request — contact the Customer's administrator or write to us at the address below.
5. Security
We use industry-standard encryption (TLS 1.3 in transit, AES-256 at rest), one-way password hashing, role-based access controls, comprehensive audit logging, and optional two-factor authentication on privileged accounts. No system is perfectly secure; we will notify you and the Customer organization promptly if we become aware of a breach affecting your information.
6. Your rights
You have the right to:
- Access the personal information we hold about you
- Correct inaccurate information
- Request deletion of personal information not required for record-keeping
- Opt out of SMS by replying
STOP(note: this disables 2FA on your account) - Receive a copy of your data in a portable format
To exercise any of these rights, contact your organization's administrator or write to us at the address below.
7. Children
JMGMT is a workplace tool intended for employees and contractors of FAA Part 145 maintenance organizations. We do not knowingly collect information from anyone under 18 years of age.
8. Changes to this policy
We will post any material changes to this policy on this page and update the "Last updated" date above. Continued use of the platform after changes constitutes acceptance.
9. Contact
Joker Aviation LLC
Operator of the JMGMT platform
Email: [email protected]
For Big Sky Aviation users: your local administrator can also field privacy and SMS-related questions.