Security

1. Scope

This Security page applies to the Trails AMS platform available at trails.aero and related subdomains, including ams.trails.aero, and any related mobile applications (collectively, the “Platform”).

It provides a general overview of how we approach security. It does not describe every internal control, system configuration, vulnerability, infrastructure detail, or operational procedure.

2. Our Security Approach

We use reasonable technical and organisational measures intended to protect information from loss, misuse, unauthorised access, disclosure, alteration, or destruction.

These measures may include, as applicable:

• account-based access controls;
• role-based permissions and authorised-user workflows;
• secure session handling and request protections;
• encryption in transit for supported Platform connections;
• logging and monitoring to support troubleshooting, security review, and abuse detection;
• secure hosting and operational practices appropriate for a SaaS platform;
• limited access to production systems and operational data based on business need.

3. Account and Access Security

Trails AMS uses authenticated accounts and role-based access to help ensure users access only the areas and records relevant to their account, organisation, or authorised role.

You are responsible for maintaining the confidentiality of your login credentials and for all activity that occurs under your account, including activity by authorised users.

You must promptly notify us if you suspect unauthorised access, credential compromise, or misuse of your account.

4. Data Handling and Privacy

Trails AMS handles account information, aviation records, operational information, documents, and technical data in accordance with our Privacy Policy.

We do not sell your data and we do not share your information with third parties for their direct marketing purposes.

Some Platform features may allow information to be made public or visible to other users, including public reference areas, technical library content, public maintenance builder content, and public profile visibility options. You are responsible for reviewing where you upload information and what you choose to make public.

5. Public and Shared Content

Trails AMS includes public and shared reference features. Information uploaded or submitted to public areas may be accessible by other users or the public, depending on the feature and settings used.

Do not upload confidential, restricted, copyrighted, personal, commercially sensitive, or security-sensitive information to public areas unless you have the right to do so and are comfortable with that information being accessible to others.

6. Platform Integrity

To protect the Platform and its users, you must not:

• attempt to gain unauthorised access to accounts, systems, data, APIs, or infrastructure;
• scrape, bulk extract, reverse engineer, overload, disrupt, or abuse the Platform or API;
• probe, scan, or test the Platform in a way that could degrade service, access other users’ data, or bypass controls;
• upload malicious files, malware, exploit code, or content intended to compromise the Platform or another user;
• share credentials or provide access to unauthorised persons.

We may restrict, suspend, revoke, or terminate access where we reasonably believe activity poses a risk to the Platform, users, data, service availability, or Trails AMS.

7. Operational Reliability

We aim to operate Trails AMS responsibly and maintain reasonable availability, integrity, and reliability for the Platform.

However, no online service can guarantee uninterrupted availability, and Trails AMS may be modified, suspended, limited, or unavailable from time to time due to maintenance, security, infrastructure, compliance, or business reasons.

You should maintain independent backups and hard-copy records for critical aircraft, maintenance, operational, compliance, and other records that you are required or may need to retain.

8. Security Incidents

If we become aware of a security incident affecting the Platform or user information, we will take reasonable steps to assess, contain, investigate, and respond to the incident.

Where required by applicable law, we will notify affected users or relevant authorities. The timing, content, and method of any notification will depend on the nature of the incident, legal requirements, and the information available at the time.

9. Reporting a Security Concern

If you believe you have found a security issue affecting Trails AMS, please contact us via the contact methods listed on trails.aero.

When reporting a concern, please include enough information for us to understand and reproduce the issue, without accessing, modifying, deleting, copying, or exposing data that does not belong to you.

10. No Absolute Guarantee

No system, network, application, or method of transmission is 100% secure. While we take reasonable steps to protect the Platform and user information, we cannot guarantee that unauthorised access, data loss, misuse, service interruption, or security incidents will never occur.

Your use of Trails AMS is subject to our Terms & Conditions and Privacy Policy.

11. Changes to this Page

We may update this Security page from time to time as the Platform, infrastructure, security practices, or legal requirements change. Material changes will be posted on this page, and the “Last Updated” date will be revised.

12. Contact

For security questions or suspected security issues, contact us via the contact methods listed on trails.aero.