Privacy policy

Last updated: May 21, 2026

The short version

TierPath has no idea who you are. We never ask for your name, your airline account credentials, your loyalty member number, or your credit card numbers. We never sell or share data with airlines, card issuers, or advertisers. We don't run any third-party trackers or ad networks. We send exactly one kind of email: the magic-link recovery email you explicitly request.

What we collect

  • An anonymous device identifier. When you start using TierPath, your browser generates a random UUID. That UUID never reaches our server. We store only a SHA256 hash of it (the device_hash), computed with a server-side salt. A database breach exposes hashes that cannot be reversed.
  • Your program and card selections. Catalog product names only , "Delta Platinum Amex", not your actual card number.
  • Your self-reported progress numbers. Current MQDs, target tier, months remaining. You type these in. We never read them from your accounts.
  • Your home airport. A three-letter IATA code only. We use this to weight the value of status at each program for your home market.
  • Your car rental preference. "Best deal" or a specific brand. Used to surface relevant rental promotions.

What we never collect

  • Your name (first or last).
  • Your email address in plain text. If you add an optional recovery email, we hash it with SHA256 before storing. We cannot read it back.
  • Your physical address.
  • Credit card numbers or financial account numbers.
  • Loyalty program member IDs.
  • Any data pulled from your airline or card accounts , we have no connection to any of them.

Cookies

We set exactly one functional cookie: sp_device, the random UUID described above. The cookie expires in two years and is HttpOnly and SameSite=Lax. We do not set tracking cookies, advertising cookies, or analytics cookies. We do not use third-party tracking or fingerprinting.

We also use a standard PHP session cookie during onboarding so your answers persist across the six steps. That cookie expires when you close your browser.

Email

You can optionally provide an email address for cross-device profile recovery. We store only SHA256(lowercase(email)), never the email itself.

We send one type of email: a recovery magic link that you explicitly request, either at signup verification or via the recovery flow. The link expires in 15 minutes and is single-use. We never send marketing email. We never share your email address with anyone, because we don't have it to share.

Data sharing

We do not sell, rent, or share your data with third parties. We have no advertising partners. We have no analytics partners. We do not share data with airlines, card issuers, or loyalty programs. We have no commercial relationships that would benefit from sharing your data.

Data retention

We retain your profile for as long as you use TierPath. If you want your profile deleted, email us from the address you used for recovery (so we can verify by hash) and we will erase the row immediately. Without a recovery email on file, simply clearing the sp_device cookie in your browser orphans the profile, we have no way to associate the data with you again, so it effectively disappears.

Children

TierPath is not directed at children under 13 and we do not knowingly collect information from anyone under 13.

Changes

If we update this policy in a way that materially changes data handling, we'll prominently note it on this page. The "last updated" date at the top tracks every revision.

Contact

Questions about privacy? Reach the maintainer at privacy@tierpath.app.