Terms of Use

This site (ffs-status.sim.aero) is published and operated by:

For any matter related to this site, including personal-data requests, contact Simaero through any usual channel (web form, switchboard, or your account contact). All such requests are routed internally to Simaero's Group Compliance Director.

FFS Status is a private informational dashboard provided by Simaero to authorised airline customers and Simaero employees. It displays a near-real-time view of:

• Service Requests (SRs) recorded against Full Flight Simulators (FFS) operated by Simaero;
• Booking slots on those simulators.

The information presented on this dashboard is provided for information only. It is a convenience view derived from Simaero's internal systems and may be subject to delays, omissions, or errors.

Only data recorded in Simaero's primary on-site systems is authoritative for any regulatory, contractual, or operational purpose. Any decision having a regulatory or contractual impact must be based on those primary systems, not on this dashboard.

Access requires an authorised account. Two account types exist:

• Simaero employees: authentication via Microsoft Entra ID single sign-on (SSO).
• External (airline) users: self-registration with email and password, subject to email verification and manual approval by a Simaero administrator.

Users undertake to:

• provide accurate identification information;
• keep credentials confidential and not share them;
• rotate their password at least every 6 months — expired passwords are refused at sign-in and three reminder emails are sent (at 6, 7 and 8 months) prompting the user to reset via the forgot-password flow;
• notify Simaero immediately of any suspected unauthorised access;
• use the service for its intended purpose only.

Simaero may disable or delete any account at any time, without prior notice, if these terms are breached or if the account is no longer needed.

Users shall not:

• attempt to circumvent authentication, authorisation, or rate-limiting controls;
• scrape, copy, or redistribute data displayed on the site beyond their internal business need;
• use the service for any purpose other than reviewing the status of simulators their organisation is contractually associated with.

Simaero acts as the data controller for personal data processed via this site, in accordance with Regulation (EU) 2016/679 ("GDPR") and the French Data Protection Act.

6.1 Data processed

• Account data: first name, last name, email address, employer (airline), role within the app.
• Authentication and security data: password hash (bcrypt), session token, email-verification and password-reset tokens, login timestamps, IP-derived counters used solely for rate limiting.
• Application data: link between a user and the airline whose simulators they may view.

No special categories of data (Art. 9 GDPR) are processed.

6.2 Lawful basis

Processing is necessary for the performance of the service offered to airlines under their commercial agreement with Simaero (Art. 6(1)(b) GDPR), and for Simaero's legitimate interests in operating the service securely (Art. 6(1)(f) GDPR).

6.3 Subprocessors

Data is processed by Simaero and the following subprocessors:

• Microsoft Entra ID — single sign-on (EU).
• MongoDB Atlas — database hosting.
• Zeabur — application hosting.
• Resend — transactional email delivery.

Some subprocessors may operate outside the European Economic Area; appropriate transfer mechanisms (Standard Contractual Clauses or equivalent) apply.

6.4 Retention

• Active accounts: kept for the duration of authorised use.
• Unverified registrations: deleted automatically after 30 days.
• Inactive accounts (no sign-in for 3 years): removed during periodic clean-up, in line with the account holder's reasonable expectation that an unused account is no longer needed.
• Session and reset tokens: deleted upon use or upon expiry (max. 24 h / 1 h).
• Application and audit logs: kept no longer than 12 months.

6.5 Your rights

You have the right to access, rectify, erase, restrict, port, or object to processing of your personal data, and to lodge a complaint with the French data-protection authority (CNIL, www.cnil.fr).

A self-service page is available at /me where you can view the personal data we hold on you and delete your account. For any other request, contact Simaero (any channel) — your request will be routed to the Group Compliance Director.

6.6 Personal-data breach

In the event of a personal-data breach likely to result in a risk to your rights and freedoms, Simaero will notify the CNIL within 72 hours of becoming aware of the breach (Art. 33 GDPR) and, where the risk is high, notify affected users without undue delay (Art. 34 GDPR).

The site uses strictly necessary cookies for authentication (HTTP-only signed session cookie, and a short-lived PKCE cookie used during the SSO redirect). No analytics, advertising, or third-party tracking cookies are used.

All content displayed remains the property of Simaero. No licence is granted beyond the limited right to view it for internal operational purposes.

The service is provided on a best-effort basis, without uptime guarantee. Simaero excludes all liability for any direct or indirect damage arising from the use of, or inability to use, this site, to the maximum extent permitted by law.

Simaero may update these terms at any time. The version in effect is the one displayed on this page at the date of use. Material changes will be highlighted at sign-in.

These terms are governed by French law. Any dispute relating to the service shall be brought before the Tribunal de commerce de Pontoise, to which the parties grant exclusive jurisdiction, save mandatory provisions of consumer law.