Boats Library

Privacy Policy

Last updated: January 1, 2026

This Privacy Policy describes how the platform collects, uses, stores, and protects your personal data when you use our website, applications, and services (collectively, the "Service"). We are committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller responsible for your personal data is the platform operator. For questions about data processing or to exercise your rights, contact us at privacy@catamaranbook.com.

2. Data We Collect

We collect the following categories of personal data:

2.1 Information You Provide

  • Account information: Name, email address, phone number, and password when you create an account.
  • Profile information: Profile photo, bio, location, and sailing qualifications.
  • Payment information: Credit card details, billing address, and bank account information for payouts (processed by our payment service provider).
  • Listing information: Boat details, photos, pricing, availability, and documentation uploaded by Owners.
  • Communications: Messages sent through the platform, support requests, and feedback.
  • Identity verification: Government-issued ID or other documentation when required for verification purposes.

2.2 Information Collected Automatically

  • Device and browser data: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage data: Pages visited, search queries, clicks, time spent on pages, and navigation patterns.
  • Location data: Approximate location based on IP address. Precise location only if you grant explicit permission.
  • Cookies and tracking technologies: As described in our Cookie Policy.

2.3 Information from Third Parties

  • Social login: If you sign in using a third-party service (e.g., Google), we receive your name, email, and profile picture as authorized by you.
  • Payment providers: Transaction status and fraud-related signals from our payment processor.

3. How We Use Your Data

We process your personal data for the following purposes and legal bases:

  • Contract performance: To provide the Service, process bookings, facilitate payments, and manage your account.
  • Legitimate interests: To improve the Service, prevent fraud, ensure security, provide customer support, and send service-related communications.
  • Consent: To send marketing emails, display personalized content, and use non-essential cookies (where consent is required).
  • Legal obligations: To comply with tax, accounting, and reporting requirements, and to respond to lawful requests from authorities.

4. Data Sharing

We share your personal data only in the following circumstances:

  • Between users: When a booking is confirmed, relevant contact information is shared between the Owner and Charterer to facilitate the charter.
  • Service providers: We use trusted third-party service providers for payment processing, email delivery, analytics, cloud hosting, and customer support. These providers process data only on our behalf and under contractual data protection obligations.
  • Legal requirements: We may disclose data when required by law, court order, or government regulation, or to protect our rights, safety, or property.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, subject to the same privacy protections.

We do not sell your personal data to third parties.

5. Data Storage and Security

Your data is stored on secure servers located in the European Union. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest.
  • Access controls and authentication for internal systems.
  • Regular security assessments and monitoring.
  • Employee training on data protection and security practices.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Specifically:

  • Account data: Retained while your account is active and for 3 years after account deletion.
  • Booking and transaction data: Retained for 7 years to comply with tax and accounting requirements.
  • Communication data: Retained for 2 years after the last interaction.
  • Usage and analytics data: Retained for 26 months in aggregated or anonymized form.

7. Cookies

We use cookies and similar tracking technologies to operate the Service, analyze usage, and personalize your experience. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

8. International Data Transfers

Some of our service providers may process data outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions by the European Commission for the recipient country.
  • Other legally recognized transfer mechanisms.

9. Your Rights

Under the GDPR and applicable data protection laws, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Right to restriction: Request that we limit the processing of your data in certain circumstances.
  • Right to data portability: Request your data in a structured, machine-readable format for transfer to another service.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at privacy@catamaranbook.com. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

10. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the platform. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: