Aerostar Type Ratings logo
Enrollment

Privacy Policy

PRIVACY POLICY

Last updated: May 22, 2026

1. INTRODUCTION

AeroStar Training Services, LLC, doing business as AeroStar Type Ratings (“Company,” “we,” “us,” “our”), is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website aerostartyperatings.com (the “Site”), use our online services, or interact with us in connection with our flight training programs (collectively, the “Services”).

AeroStar is an FAA Part 61, Part 141, and Part 142 certificated flight training organization located at Kissimmee Gateway Airport (KISM), 3954 Merlin Dr., Kissimmee, FL 34741.

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Services.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the “Last updated” date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

2. INFORMATION WE COLLECT

We may collect information about you in a variety of ways. The information we may collect via the Services includes:

Personal Data

Personally identifiable information that you voluntarily provide to us when registering for our Services, expressing an interest in obtaining information about us or our training programs, or otherwise contacting us. Personal Data may include, but is not limited to:

  • Full name
  • Date of birth
  • Mailing address and country of residence
  • Phone number (including WhatsApp)
  • Nationality and citizenship
  • Pilot certificate information (certificate number, ratings held, medical certificate class and date)
  • FAA tracking number (FTN)
  • Training and aviation experience history

Financial Data

Financial information related to your payment method (e.g., credit card number, card brand, expiration date) when you make a purchase through our Services. We do not store your full payment card information on our servers. All payment transactions are processed through our third-party payment processor, Stripe, Inc., and are subject to Stripe’s Privacy Policy (https://stripe.com/privacy) and Terms of Service (https://stripe.com/legal). We may retain limited transaction records (such as transaction amounts, dates, and the last four digits of your payment card) for our internal accounting and record-keeping purposes.

Sensitive Documents

In connection with enrollment and regulatory compliance, you may be asked to upload documents containing sensitive personal information, including:

      • Government-issued identification (passport, driver’s license)
      • FAA medical certificates
      • FAA pilot certificates and ratings documentation
      • TSA documentation and authorization records
      • Visa and immigration documents (for international students)
      • Military service records or VA documentation (for veterans using GI Bill benefits)

These documents are handled with heightened security measures as described in Section 8 of this Privacy Policy.

Usage Data

Information that is automatically collected when you access our Site, including your IP address, browser type and version, operating system, referring URLs, pages visited, time and date of visits, time spent on pages, and other diagnostic data. This information is collected through cookies, log files, and similar tracking technologies.

3. HOW WE COLLECT YOUR INFORMATION

We collect information from you through the following methods:

      • Direct interactions: When you fill out forms on our Site, submit enrollment applications, contact us by phone or WhatsApp, use our live chat feature, correspond with us, or submit documents through our online portal.
      • Automated technologies: When you navigate through our Site, certain information is collected automatically through cookies, server logs, and similar technologies.
      • Third-party sources: We may receive information about you from third parties including payment processors, advertising partners, analytics providers, and government databases (such as the FAA Airmen Certification database) for verification purposes.

4. HOW WE USE YOUR INFORMATION

We may use the information we collect about you for the following purposes:

    • To process your enrollment and facilitate your flight training
    • To process payments and manage your account
    • To verify your identity, pilot certificates, medical certificates, and regulatory eligibility
    • To comply with FAA regulations, TSA requirements, and other applicable federal, state, and local laws
    • To communicate with you regarding your training, account, scheduling, and other service-related matters
    • To send you marketing and promotional communications (where permitted by law and subject to your opt-out rights)
    • To respond to your inquiries, comments, and requests
    • To improve our Site, Services, and training programs
    • To monitor and analyze usage trends and preferences
    • To detect, prevent, and address fraud, unauthorized access, and other illegal activities
    • To comply with legal obligations and enforce our Terms of Use
    • To process visa sponsorship and FTSP applications for international students

5. DISCLOSURE OF YOUR INFORMATION

We may share your information in the following circumstances:

      • Regulatory authorities: We may disclose your information to the Federal Aviation Administration (FAA), Transportation Security Administration (TSA), U.S. Citizenship and Immigration Services (USCIS), the Department of Homeland Security (DHS), the Department of Veterans Affairs (VA), or other government agencies as required by law or in connection with your training, certification, visa processing, or benefits administration.
      • Payment processing: We share payment information with our third-party payment processor, Stripe, Inc., solely for the purpose of processing your transactions.
      • Service providers: We may share your information with third-party vendors and service providers who perform services on our behalf, such as cloud hosting (Amazon Web Services), customer relationship management (Keap), website analytics, and marketing services. These providers are contractually obligated to protect your information and may only use it for the purposes for which it was disclosed.
      • Legal requirements: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, judicial proceedings, court orders, or legal processes.
      • Business transfers: If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
      • With your consent: We may disclose your information for any other purpose with your express consent.

We do not sell your personal information to third parties. We do not share your personal information with third parties for their direct marketing purposes without your explicit consent.

6. THIRD-PARTY SERVICE PROVIDERS

Our Services rely on the following third-party service providers. Each provider’s handling of your data is governed by their own privacy policies:

      • Amazon Web Services (AWS): Cloud infrastructure, hosting, and secure document storage. AWS stores data in the United States. Privacy policy: https://aws.amazon.com/privacy/
      • Stripe, Inc.: Payment processing. Stripe is PCI DSS Level 1 certified. Privacy policy: https://stripe.com/privacy
      • Keap (Infusionsoft): Customer relationship management and email communications. Privacy policy: https://keap.com/legal/privacy-policy
      • Plausible Analytics: Privacy-focused website usage analytics. Plausible does not use cookies, does not collect personally identifiable information, and does not track users across websites. All data is aggregated and anonymous. Privacy policy: https://plausible.io/privacy
      • Amazon CloudFront: Content delivery network for website performance. CloudFront may place cookies for performance optimization.
      • Tidio: Live chat and chatbot platform. Tidio may collect your name, email address, IP address, browser information, and chat transcripts when you interact with the chat widget on our Site. Tidio may also place cookies to maintain chat sessions and improve functionality. Privacy policy: https://www.tidio.com/privacy-policy/

We may engage additional service providers from time to time. Any new providers that handle personal data will be subject to appropriate data protection agreements.

7. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies to collect and track information about your activity on our Site and to enhance your experience. Cookies are small data files placed on your device when you visit a website.

Types of cookies we use:

      • Essential cookies: Required for the operation of the Site, including session management, security, and authentication.
      • Analytics: We use Plausible Analytics for website usage analytics. Plausible is a privacy-focused, cookieless analytics platform that does not use cookies, does not collect personally identifiable information, and does not track individual users. All analytics data is aggregated and anonymous.
      • Performance cookies: Used by our content delivery network (Amazon CloudFront) to optimize Site loading speed and performance.
      • Marketing cookies: May be used to deliver relevant advertisements and track the effectiveness of our marketing campaigns. These cookies may be set by our advertising partners.

Managing cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse cookies or to alert you when cookies are being sent. If you disable cookies, some features of the Site may not function properly.

We may use technologies such as pixel tags (also known as web beacons or clear GIFs), which are small graphic files that allow us to monitor the use of our Site. We may also use social media pixels from platforms such as Facebook and Instagram to measure the effectiveness of our advertising.

8. SENSITIVE DOCUMENTS AND FLIGHT TRAINING RECORDS

Due to the nature of flight training, we collect and maintain certain sensitive documents and records that require heightened protection. These include government-issued identification, FAA certificates and medical records, TSA authorization documents, and immigration documentation.

Security measures for sensitive documents:

      • Sensitive documents uploaded through our Site are transmitted using TLS (Transport Layer Security) encryption in transit.
      • Documents are stored in Amazon Web Services (AWS) S3 with server-side encryption at rest and access controls restricting access to authorized personnel only.
      • Sensitive documents are not stored in the publicly accessible portions of our website or content management system.
      • Access to sensitive documents is limited to authorized AeroStar staff on a need-to-know basis for enrollment processing, regulatory compliance, and training administration.

Flight training records, including records of training completed, grades, certificates issued, and check ride results, are maintained in accordance with FAA record-keeping requirements under 14 CFR Parts 61, 141, and 142. These records may be retained for the duration required by applicable FAA regulations, which may exceed the general data retention periods described in Section 11.

9. INTERNATIONAL STUDENT DATA

AeroStar provides services to international students, including Flight Training Student Program (FTSP) visa processing assistance and ICAO-to-FAA certificate conversions. In connection with these services, we may collect additional personal information including passport details, visa status, country of citizenship, and immigration documentation.

International student data may be shared with U.S. government agencies including the TSA (for Alien Flight Student Program approval), USCIS, the Department of State, and the Student and Exchange Visitor Program (SEVP) as required by law. By enrolling in our programs as an international student, you consent to the transfer and processing of your personal data in the United States, which may have different data protection standards than your country of residence.

If you are a resident of the European Economic Area (EEA), United Kingdom, or another jurisdiction with data protection laws, please be aware that by providing your personal data and enrolling in our training programs, you are consenting to the transfer of your data to the United States. We do not currently appoint a representative in the EEA or UK. If you have questions about cross-border data transfers, please contact us.

10. DATA SECURITY

We use administrative, technical, and physical security measures to protect your personal information. Our security measures include:

      • TLS encryption for all data transmitted through our Site
      • Encrypted storage for sensitive documents (AWS S3 with server-side encryption)
      • PCI DSS compliant payment processing through Stripe
      • Access controls and authentication requirements for internal systems
      • Regular security reviews of our infrastructure and practices

While we have taken reasonable steps to secure the personal information you provide to us, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.

11. DATA RETENTION

We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention considerations include:

      • Account and enrollment data: Retained for the duration of your active relationship with AeroStar and for a reasonable period thereafter for administrative, legal, and regulatory purposes.
      • Flight training records: Retained in accordance with FAA record-keeping requirements, which may require retention for extended periods beyond the termination of your training.
      • Financial transaction records: Retained for the period required by applicable tax and financial record-keeping laws.
      • Sensitive documents: Retained only for as long as reasonably necessary to fulfill the purposes for which they were collected, and securely deleted or anonymized when no longer needed, unless retention is required by law.
      • Marketing data: Retained until you opt out of marketing communications or request deletion.

When your personal information is no longer necessary for the purposes described above, we will securely delete or anonymize it.

12. YOUR PRIVACY RIGHTS

Depending on your state of residence, you may have certain rights regarding your personal information. These rights may include:

      • Right to access: You may request a copy of the personal information we hold about you.
      • Right to correction: You may request that we correct inaccurate or incomplete personal information.
      • Right to deletion: You may request that we delete your personal information, subject to certain exceptions (such as legal retention requirements or FAA record-keeping obligations).
      • Right to opt out: You may opt out of the sale or sharing of your personal information (note: we do not sell personal information) and opt out of targeted advertising.
      • Right to non-discrimination: We will not discriminate against you for exercising any of your privacy rights.

To exercise any of these rights, please contact us using the information provided in Section 19. We will respond to your request within the timeframe required by applicable law. We may need to verify your identity before processing your request.

Please note that certain personal information may be exempt from deletion requests where retention is required for compliance with FAA regulations, TSA requirements, tax obligations, or other legal requirements.

13. CALIFORNIA PRIVACY RIGHTS (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). In addition to the rights described in Section 12, California residents have the right to:

      • Know the categories and specific pieces of personal information we have collected about you
      • Know the categories of sources from which the personal information is collected
      • Know the business or commercial purpose for collecting or selling personal information
      • Know the categories of third parties with whom we share personal information
      • Request deletion of personal information, subject to certain exceptions
      • Not be discriminated against for exercising your CCPA rights

We do not sell personal information. We have not sold personal information in the preceding twelve (12) months. We do not sell the personal information of consumers we know to be under 16 years of age.

To exercise your CCPA rights, you may contact us by phone at (689) 285-5418, by WhatsApp at (407) 888-9011, or through the contact page on our website. You may also designate an authorized agent to make a request on your behalf.

If any complaint with us is not satisfactorily resolved, California residents can contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs in writing at 1625 North Market Blvd., Suite N 112, Sacramento, California 95834 or by telephone at (800) 952-5210 or (916) 445-1254.

14. DO NOT TRACK SIGNALS

Some browsers include a Do Not Track (“DNT”) feature that signals to websites that the user does not wish to have their online activity tracked. Because there is no uniform standard for interpreting DNT signals, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for responding to DNT signals is adopted in the future, we will revisit this policy.

15. CHILDREN’S PRIVACY

Our Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children under 18. Our Terms of Use require that all users be at least 18 years of age. If we learn that we have collected personal information from a child under 18, we will take steps to delete such information as soon as practicable. If you believe that we may have collected information from a child under 18, please contact us immediately.

16. THIRD-PARTY LINKS

Our Site may contain links to third-party websites and services that are not operated by us, including but not limited to airline career pages, FAA resources, government websites, and financial services providers. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. We strongly advise you to review the privacy policy of every website you visit. A link to a third-party website does not constitute or imply endorsement by AeroStar.

17. SMS AND TEXT MESSAGING PRIVACY

If you opt into our SMS text messaging program, we collect your mobile phone number and may collect additional information such as your name and training program enrollment status. Your mobile phone number and opt-in data will not be sold to or shared with third parties or affiliates for marketing or promotional purposes.

We may share your information with our service providers (e.g., SMS platform providers) who assist us in delivering text messages. These service providers are contractually prohibited from using your information for their own marketing purposes.

For information on opting out of SMS messages, see our Terms of Use or reply STOP to any text message from us.

18. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Last updated” date at the top of this Privacy Policy. We encourage you to review this Privacy Policy periodically. Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

19. CONTACT US

If you have questions or comments about this Privacy Policy, your personal information, our data practices, or wish to exercise your privacy rights, please contact us at:

AeroStar Training Services, LLC

d/b/a AeroStar Type Ratings

3954 Merlin Dr.

Kissimmee, FL 34741

United States

Phone: (689) 285-5418

WhatsApp: (407) 888-9011

Web: aerostartyperatings.com/contact-us