✓ All data stays on your device. Nothing is transmitted to a server, no tracking cookies, no analytics.
1. Data controller
This application is provided as a data-entry tool. The user is solely responsible for the data entered and its use in the context of their flight operations.
2. Data collected
The application may process the following categories of data, entered manually by the user:
- Full names of crew members and passengers
- Nationality
- Passport or licence numbers
- Dates of birth
- Flight information (aircraft, route, dates, operator)
3. Storage location and method
Data is stored exclusively in your browser's localStorage, on your local device. It never leaves your device.
No remote database, no server, and no third-party service receives this information. PDF generation is performed entirely client-side (in the browser).
The only external resource loaded is the jsPDF library (from cdnjs.cloudflare.com), which is a static JavaScript file with no access to any data you enter.
4. Purpose of processing
Data is processed solely to generate General Declarations (GenDec) for private or non-commercial flight operations, in compliance with ICAO Annex 9 and EASA Part-NCO / NCC requirements.
5. Retention period
Data is retained in localStorage until the user manually deletes it (via the application interface or by clearing browser data). There is no automatic deletion.
6. Rights of data subjects (GDPR art. 15–22)
Any person whose data is entered in the application has the following rights:
- Access — view the data relating to them
- Rectification — correct inaccurate data
- Erasure — delete their data from the address book or history
- Portability — data is directly accessible in the browser
- Objection — refuse to have their data entered in the tool
These rights may be exercised directly within the interface (Address Book and History tabs) or by contacting the application operator.
7. Legal basis
Processing is based on the legitimate interest of the aircraft operator (GDPR art. 6.1.f) in producing the regulatory documents required for their flights, as well as a legal obligation arising from ICAO Annex 9 and EASA Part-NCO.GEN.135 requirements.
8. Security
ℹ localStorage is not encrypted. It is accessible to anyone with physical access to your device and browser session. For sensitive operations, ensure your session is locked and that you use a secure device.
It is recommended to regularly clear old GenDec records from history and not to leave passenger data on a shared device.
9. Cookies
This application uses no cookies. It does not include any audience analytics, advertising, or behavioural tracking tools.
10. Web analytics — Cloudflare Web Analytics
This website uses Cloudflare Web Analytics to collect anonymous, aggregate statistics about visits (number of page views, countries of origin, device types, referrers). This service is operated by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.
✓ Cloudflare Web Analytics sets no cookies and does not track individual users across sites. No personal data is stored by this service.
Data collected is limited to aggregate metrics. IP addresses are not stored by Cloudflare Web Analytics. Cloudflare is certified under the EU–US Data Privacy Framework (DPF), making data transfers to the USA lawful under GDPR Article 45.
A Data Processing Agreement (DPA) has been concluded with Cloudflare via the Cloudflare dashboard, as required by GDPR Article 28. For more information, see Cloudflare's Privacy Policy.
11. Amendments
This policy may be updated with new versions of the application. The last update date is shown below.
Last updated: April 2026 · GenDec Manager — gendec.ch