❓Security FAQ

Little Arms Studios is a tech startup incorporated in the USA 🇺🇸

as Little Arms Studios Inc.

All user data and content is stored in the USA 🇺🇸 on Amazon Web Services (AWS), which is backed by the same infrastructure and security that Amazon uses for its own services.

Customer data is stored in USA data centers. The website https://zephyr-sim.com and its assets may be cached in other geographic locations by AWS's CDN service CloudFront.

Access to private content through https://zephyr-sim.com is always validated through our API using a permission system.

Amazon's AWS follows and leads most of the industries best practices and is compliant with major security standards.

Yes all customer data is encrypted at rest and in-transit.

• In transit we use HTTPS TLS 1.2 to encrypt all traffic served to end users.

• At rest on Amazon Web Services (AWS) we use AES-256

• littlearms.com

• *.littlearms.com

• zephyr-sim.com

• *.zephyr-sim.com

• https://littlearms.us.auth0.com

• port 443

By default, all customer data can only be accessed by themselves or Little Arms Studios Administrators. If a customer accepts an invitation to join an Organization as a Student, then their data can be access by the Instructors or Administrators of that Organization.

Customers may also choose to make some of their data public on their personal profile to showcase their flight time, achievements and obtained certifications.

The only required piece of information to sign up and start using Zephyr is an email address.

When purchasing a Certification test such as the BPERP, personal information such as first name, last name and email address is required and provided to the Airborne Public Safety Association, which review and approve the BPERP certification.