Plain-language summary: Galley Desk collects your work email and employee number to verify that you are an active American Airlines flight attendant. We use Stripe to process payments and Supabase to store your data securely. We do not sell your personal information to anyone.
Galley Desk ("we," "us," or "our") is a subscription software service built for American Airlines flight attendants. We provide tools including PBS bid analysis, contract reference, duty day calculation, and related features designed to help flight attendants navigate their workday.
Our service is operated from North Carolina. All disputes are governed by North Carolina law and subject to the jurisdiction of Mecklenburg County courts.
For privacy questions, contact us at hello@galleydesk.com.
When you create an account, we collect a personal email address of your choice and a password (stored as a secure hash via Supabase Auth). Your personal email becomes your Galley Desk login. We do not store your password in plain text.
To confirm you are an active AA flight attendant, we use a two-step process: first, we send a one-time verification code to your @aa.com address to confirm active AA employment. Second, you enter your AA employee number, which is cross-referenced against the APFA seniority roster — information accessible to all AA flight attendants through their union. Once verified, we record your employee number, seniority number, domicile base, hire date, equipment group, and base rank to personalize your bidding tools. Your @aa.com address is not retained after verification. Your employee number and seniority profile remain stored for as long as your account is active.
Subscription payments are processed by Stripe. Galley Desk does not store your credit card number, CVV, or full card details on our servers. Stripe returns a customer ID that we store in order to manage your subscription status. You can review Stripe's privacy practices at stripe.com/privacy.
We collect basic usage information such as which tools you interact with and general activity logs. This data is used to improve the service and troubleshoot issues. It is not linked to any advertising profile. How we handle your conversations with the AI Concierge is described separately below.
Each time you use the AI Concierge or the bidding assistant, we record a small set of non-identifying labels about the exchange, such as the general topic, whether the assistant answered, and which contract sections it referenced. These labels never include the text of your message or the assistant's reply, and they are not linked to your account.
The text of your conversations is stored only if you turn on "Help improve the assistant" in Settings. This setting is off by default and is entirely optional. When it is on, we store the text of your messages and the assistant's replies so that we can review them and improve the assistant's coverage and accuracy. Before any text is stored, we remove direct identifiers such as email addresses, phone numbers, and employee and seniority numbers, and the stored text is not linked to your account or to any other identifier we hold about you. This conversation text is deleted automatically within 60 days. You can turn the setting off at any time, which stops any further text from being stored.
If you submit optional feedback through the app (for example, during the subscribe flow), that message is stored in our database and used solely to improve the product.
We use browser local storage to maintain your login session. We do not use advertising cookies or third-party tracking pixels.
We do not use your information for advertising, behavioral profiling, or sale to third parties.
We retain your account data for as long as your account remains active. If you cancel your subscription and request account deletion, we will remove your personal information from our active database within 30 days. The non-identifying labels and aggregated usage data described in Section 2, which cannot be linked back to you, may be retained indefinitely to improve the service. Conversation text you choose to share through "Help improve the assistant" is deleted automatically within 60 days, regardless of your account status.
To request deletion of your account and data, email us at hello@galleydesk.com.
We take reasonable technical and organizational measures to protect your information. These include encrypted data transmission (HTTPS), hashed password storage, AES-256 encryption at rest via Supabase, row-level security controls in our database, and restricted access to production systems.
No system is completely secure. If you believe your account has been compromised, contact us immediately at hello@galleydesk.com.
You have the right to:
To exercise any of these rights, email hello@galleydesk.com. We will respond within 30 days.
Galley Desk is intended solely for adult American Airlines flight attendants. We do not knowingly collect information from anyone under the age of 18. If we become aware that a minor has created an account, we will delete it promptly.
We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. If changes are material, we will notify subscribers by email. Continued use of the service after an update constitutes acceptance of the revised policy.
If you have questions, concerns, or requests regarding this Privacy Policy or the data we hold about you, please contact us at:
Galley Desk
Operated from North Carolina, United States
Email: hello@galleydesk.com