Developer terms

By requesting an API key and using the Skyden API, you agree to the terms on this page. These terms summarize the rules Skyden expects partners to follow. If you have signed a separate agreement with Skyden, that agreement takes precedence where it differs from this page.

Every piece of pilot data the API returns belongs to the pilot. Your access is granted by the pilot, through the linking flow, and only for as long as they choose to stay linked.

You must:

Only request data you actually need to run the feature the pilot is using.
Only use that data to power features the pilot has signed up for in your app.
Stop using a pilot’s data as soon as they disconnect, and delete any cached copies within 30 days of disconnection.
Never share a pilot’s data with any third party unless the pilot has explicitly consented to that specific sharing.

If a pilot asks you for a copy of their data or asks you to delete it, respond within a reasonable time (7 days is a good target) and keep a record of the request.

2. Acceptable use

You may use the Skyden API to:

Display a pilot’s own flight totals inside features they have asked for.
Power logbook-aware workflows (training progress, currency tracking, reporting to the pilot’s employer if the pilot has opted in).
Build dashboards that show a pilot’s own data, or aggregated data for pilots who have explicitly linked to your app.

You may not use the Skyden API to:

Resell raw pilot data, or provide it in bulk to any third party.
Build a competing flight-data aggregation product using Skyden as the data source.
De-anonymize pilots, cross-reference them against other datasets, or profile them in ways they have not consented to.
Scrape or attempt to access data beyond what the API returns for linked pilots.
Circumvent rate limits, authentication, or scope checks.

3. Security

You must:

Store your Skyden API key as a server-side secret. Never ship it in a mobile app binary, single-page app bundle, public repository, log file, or error message.
Serve your integration over HTTPS end to end.
Encrypt cached Skyden data at rest.
Restrict internal access to Skyden data to employees and contractors who need it for the integration.
Notify security@skyden.app without undue delay (target: 72 hours) if you suspect any leak, theft, or misuse of Skyden data or API keys.

If we believe a key has been compromised, we may rotate or revoke it without notice.

4. Branding

When referring to Skyden in your app, use the name “Skyden” with a capital S. Do not imply that Skyden endorses, certifies, or is a partner of your product unless we have agreed to that in writing. Logo assets are available on request from support@skyden.app.

5. Changes to the API

The API is versioned (see Versioning & support). We may add new optional fields or endpoints to v1 at any time. Your integration should ignore unknown fields gracefully. Breaking changes ship under a new version prefix with at least 12 months of notice.

6. Termination

Skyden may suspend or revoke API access at any time if:

You materially breach these terms.
A pilot reports that their data is being misused by your app.
Law or regulator instruction requires it.
Your integration causes operational or security problems for Skyden.

We will give notice where practical, but we can act immediately to protect pilots.

You may stop using the API at any time. Delete any cached pilot data you hold within 30 days of stopping.

7. Liability and warranties

The API is provided “as is”. Skyden makes no warranty that flight totals are complete, accurate, or fit for a specific regulatory purpose. Pilots remain responsible for their own logbooks of record. Do not rely on the API as a legal logbook, a source of truth for check-ride readiness, or a substitute for official regulatory records without the pilot’s own review.

8. Contact

Compliance and data-handling questions: legal@skyden.app
Security incidents: security@skyden.app
Everything else: support@skyden.app