Privacy Policy
How we collect, use, and protect your personal information.
Last updated: July 3, 2025
GDPR Compliant: This policy complies with the EU General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.
1. Information We Collect
Personal Information:
- Account Data: Name, email address, password (encrypted)
- Contact Information: Home postcode (optional)
- Account Type: Private owner, commercial fleet, or service provider
Vessel Information:
- Boat Details: Name, type, make, model, specifications
- Location Data: Home port, berthing location
- Photos: Vessel images you upload
- Documentation: Maintenance records, receipts, manuals
Usage Data:
- Maintenance Logs: Service records, costs, dates
- Captain's Log: Voyage entries, weather conditions
- System Usage: Login times, feature usage (anonymized)
2. How We Use Your Information
We use your personal information solely to provide VesselVault services:
- Service Delivery: Account management, data storage, feature access
- Maintenance Reminders: Email notifications for scheduled tasks (if enabled)
- Service Matching: Connecting you with local marine service providers
- System Improvements: Analyzing usage patterns to enhance features
- Security: Protecting against fraud and unauthorized access
- Legal Compliance: Meeting regulatory requirements
3. Data Sharing and Third Parties
Limited data sharing occurs only in these specific cases:
- Service Providers: When you request quotes, only relevant boat and contact details are shared with selected providers
- Legal Requirements: If required by law or court order
- Emergency Situations: To protect safety or prevent fraud
4. Data Security
We implement industry-standard security measures:
- Encryption: TLS/SSL encryption for all data transmission
- Password Protection: Secure password hashing (bcrypt)
- Access Controls: Role-based permissions and authentication
- Server Security: Regularly updated and monitored systems
- Data Backups: Encrypted, secure backup procedures
5. Your Rights Under GDPR
You have the following rights regarding your personal data:
Right to Access
Request a copy of all personal data we hold about you.
Right to Rectification
Correct any inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Export your data in a structured, machine-readable format.
6. Data Retention
We retain your data only as long as necessary:
- Active Accounts: Data retained while account is active
- Closed Accounts: Data deleted within 30 days of account closure
- Legal Requirements: Some data may be retained longer for legal compliance
- Anonymized Analytics: Usage statistics (without personal identifiers) may be retained indefinitely
7. Cookies and Tracking
VesselVault uses minimal cookies for essential functionality:
- Session Cookies: Required for login and security
- Preference Cookies: Remember your settings
- No Tracking: We do not use advertising or analytics cookies
8. International Data Transfers
Your data is stored on servers located in:
- Primary: United Kingdom and European Union
- Backups: EU-based data centers with adequate data protection
- No Third Countries: Data is never transferred to countries without adequate protection
9. Contact and Complaints
For privacy-related questions or to exercise your rights:
Data Protection Officer: privacy@vesselvault.com
Response Time: We will respond within 30 days
Complaints: You may also contact the UK Information Commissioner's Office (ICO)
10. Policy Updates
We may update this privacy policy to reflect changes in our practices or legal requirements. Users will be notified of significant changes via email.