Privacy

Box Miles is designed to work with minimal personal data and without email, passwords, payments, or real-world travel records.

What Box Miles Stores

• Your UUID, public callsign, selected base airport, status, and account timestamps.
• Miles ledger entries, virtual bookings, flight seats, challenge progress, challenge completions, and public profile records.
• Practice names and content after they have been encrypted in the browser.
• Progress metadata, such as minutes logged, targets, and game records needed to calculate miles and challenges.

What Box Miles Does Not Collect

• No email addresses, passwords, payment details, or real-world travel data are required.
• No real airline bookings, boarding passes, passport details, location tracking, or payment information are part of the app.
• No analytics cookies, advertising cookies, or third-party tracking cookies are used.

Cookies And Browser Storage

Box Miles uses essential browser storage only. The authentication cookie is named boxmiles_uuid, and local browser storage may keep the UUID and client state so the app can keep you signed in.

Clearing cookies or localStorage signs the browser out or removes local state. You can recover the account only if you saved the UUID.

Practice Privacy

Practice names and content are encrypted in the browser before storage. The server still stores progress metadata and game records, because those records are needed to award miles, show history, and calculate challenge progress.

Public Profile Data

Your callsign, status, base badges, visited airports, routes taken, and virtual travel history may appear on your public profile. Practice content and UUIDs are not shown on public profiles.

Account Retention

Users are responsible for saving their UUID. Account recovery uses the UUID, and clearing browser storage may require UUID recovery. Accounts inactive for 67 days may be deleted, and a deleted UUID may be blocked from reuse.

Children

Box Miles is not intended for children under 13.