Security for aviation-grade communication.
JetInbox is built for airlines, MROs, lessors, and aviation suppliers who need AI-assisted email — without compromising on security, privacy, or regulatory expectations. We focus on clear data handling, strong encryption, and predictable behaviour.
JetInbox is designed to fit into existing security frameworks – not fight against them.
A detailed security overview can be shared as part of your vendor review or proof-of-concept.
How we think about security, privacy, and trust.
JetInbox is not a consumer toy. It is designed as a focused aviation productivity tool that needs to earn the trust of engineering, supply chain, leasing, and operations teams — as well as IT and security.
Your data stays yours.
We do not use customer emails or internal content to train public AI models. Your inputs and outputs are processed purely to provide the JetInbox service to your organisation.
Minimal data by default.
JetInbox is built to operate with as little personal data as practical. We focus on email text rather than large volumes of identity or behavioural data.
Enterprise-grade mindset.
We design features with corporate IT in mind — encryption, access control, auditability, and predictable data flows that can be explained to security and compliance teams.
What happens to your data inside JetInbox.
Clarity on data flow is often the first question from IT and information security. The outline below describes how JetInbox treats the content your team sends through the platform.
When a user sends a request
- Users enter context (for example an email draft, bullet points, or reply thread details) into JetInbox.
- The content is sent securely to the JetInbox backend over an encrypted connection.
- JetInbox constructs a request for the underlying AI engine using only the information required to generate a response (no additional tracking content is injected).
Processing & generation
- The AI engine processes the request and returns a suggested email or rewrite back to JetInbox.
- JetInbox applies any final formatting or glossary logic and returns the result to the user interface.
- For operational support and troubleshooting, a minimal log of activity is stored in line with our retention approach.
Storage & retention
- JetInbox keeps only the data required to operate the service, provide user history inside the app, and help investigate issues if they arise.
- Data is stored in databases secured by access controls and encrypted storage at the infrastructure level.
- Logs and records are retained for a limited period consistent with operational and legal requirements, after which they are pruned or anonymised.
No training on your content
- Customer prompts and responses are not used to train public models.
- We do not sell customer data or share your communications content with third parties for advertising or profiling.
Team & role access
- Access to operational systems is restricted to authorised personnel with a clear need to support the platform.
- Administrative access is protected by strong authentication and is monitored for misuse.
Exports & integrations
- Where integrations or exports are enabled, they follow the same principles: encrypted transport and clearly defined data paths.
- Customers retain ownership and control of exported content (for example email text that is pasted into Outlook or Gmail).
How JetInbox is engineered for secure operation.
JetInbox is built using a modern, service-based architecture with strong emphasis on secure defaults, restricted access, and observability. The high-level controls below are designed to align with typical aviation IT and vendor risk expectations.
Encryption in transit
All communication between users and the JetInbox backend is protected with modern versions of TLS. This applies to browser connections and API calls.
Encryption at rest
Databases and storage used by JetInbox are encrypted at rest using mechanisms provided by the underlying infrastructure platform, helping protect data in the event of physical compromise.
Tenant-level isolation
Data for each customer tenant is logically separated in the application layer. Access control is designed to ensure users only see information belonging to their own organisation.
Access control
Administrative and operational access is restricted to authorised staff. Application-level roles allow separation between standard users and admins where appropriate.
Logging & monitoring
Key events are logged to support troubleshooting, performance monitoring, and investigation of potential misuse. Logs are retained for a limited period and protected from unauthorised access.
Backups & resilience
Core data stores are backed up regularly so that JetInbox can be recovered in the event of infrastructure failure. Backup access is restricted and backups are stored securely.
Designed to support vendor due diligence.
For many aviation organisations, the first step is not a pilot — it’s a security questionnaire. JetInbox is structured to help your champions inside the business make a strong case to IT, InfoSec, and procurement.
Security summary & questionnaires
- Clear, written overview of data flows and architecture.
- Responses aligned with typical enterprise security questionnaires.
- Support for clarifying how JetInbox sits alongside Outlook / Gmail usage.
Pilot and staged rollout support
- Ability to start with a small, clearly defined group (for example one engineering or trading team) before expanding.
- Guidance on best practices for user access, training, and communication around appropriate use of AI tools.
Data protection & privacy alignment
- Approach designed to support common data protection frameworks, including the ability to limit personal data processed through the tool.
- Clarity on data subject ownership: your organisation retains control of the content you send through JetInbox.
Longer-term roadmap
- Readiness to integrate with your identity and access management approach (for example SSO / IdP integration) as adoption grows.
- Ongoing improvements in auditability and reporting as more enterprise customers come on board.
Security & privacy questions we hear most often.
A quick reference for teams who are evaluating JetInbox or preparing internal approvals.
Does JetInbox train on our emails?
No. Content submitted by your users is not used to train public models. It is processed solely for the purpose of delivering the JetInbox service to your organisation.
Who owns the content generated by JetInbox?
Your organisation. The emails and text generated are for your use and can be copied into your own systems (such as Outlook or Gmail) and stored under your own retention policies.
Can JetInbox be used with sensitive operational information?
Many customers use JetInbox for operational communication. We recommend applying the same standards you would use for any third-party SaaS tool: avoid including more personal or confidential data than necessary and follow your internal policies.
How does JetInbox support data protection regulations?
JetInbox is designed with common data protection principles in mind: purpose limitation, minimisation, and clear roles around who controls the data. For formal assessments, we can provide additional written detail on request.
Can we get a detailed technical overview?
Yes. As part of your evaluation process, we can share a more detailed security overview suitable for IT, security, and procurement teams, and discuss any specific controls you require.
What about attachments and screenshots?
JetInbox is primarily focused on text. If your teams include references to attachments or screenshots in their prompts, we recommend stripping out anything that is not needed for the AI to help construct the email.
Ready for a security-led conversation about JetInbox?
If you are responsible for aviation IT, security, or vendor risk — or you simply need to brief them — we can provide a clear overview of how JetInbox works, which controls are in place, and how it can be introduced safely.
JetInbox is built to feel as safe to your IT and security teams as it feels helpful to your engineers, traders, and leasing staff.