Privacy Policy

Effective Date: July 1st 2025
1. Introduction
This Privacy Policy explains how Marinapy ("we", "us", "our") collects, uses, processes, and protects personal data in connection with our platform and services. Marinapy is a SaaS platform that provides digital tools for marinas to manage their operations and client relationships, including communications, invoicing, and administration.
By using our services or accessing our website, you acknowledge that you have read and understood this Privacy Policy.
2. Who We Are
Marinapy is operated by Otek Media Consulting, registered under the laws of France.
We act primarily as a data processor on behalf of marina operators, who are the data controllers with respect to the personal data of their customers (e.g., boaters).
If you are a boater and your personal data appears in Marinapy, please contact your marina directly for any data-related requests.
3. Types of Data We Collect
Marinapy is firmly committed to the principles of data minimization and purpose limitation.
We collect and process only the personal data that is strictly necessary to deliver, secure, and support our services. We do not collect excessive or unrelated information.
For Marina Users (our direct users or clients):
We collect only what is required to register and manage your account, ensure platform functionality, and provide support:
  • Full name
  • Business contact details
  • User credentials and roles
  • Billing and usage data
For Boaters (end users managed by the marina):
We process only the personal data explicitly entered by the marina, which may include:
  • Name and contact details
  • Boat information (e.g, dimensions, registration)
  • Invoices and payment records
  • Facility usage history
We do not independently collect, enrich, or cross-reference boater data from third parties. All such data is processed solely on behalf of the marina, under their control and responsibility.
Access Restriction and Role-Based Visibility: In addition to limiting data collection, Marinapy implements strict access control measures to ensure that personal data is only visible to users who require it to perform their authorized duties.
For example:
  • A marina’s billing administrator may view invoicing and client data.
  • A dock or handling operator will not be shown personal or billing details of a boater unless explicitly required for the task (e.g., berth assignment).
  • Access to sensitive or financial data is always role-based and auditable.
These controls are enforced through our technical architecture and are subject to regular review to ensure ongoing compliance with data protection regulations.
We do not knowingly collect personal data from children under the age of 13. Where applicable (e.g., COPPA), we rely on the marina to ensure parental consent is obtained before entering such data into the system.
4. How We Use Personal Data
We process personal data for the following purposes:
  • To provide and maintain the platform
  • To enable marina users to manage clients, invoices, bookings, and communications
  • To ensure system security and prevent fraud
  • To respond to support requests and inquiries
  • To analyze platform usage and improve our services (aggregated/anonymous data only)
  • To send service-related notifications
We do not sell personal data or use it for targeted advertising.
5. Legal Basis for Processing
Where applicable under the data privacy laws and regulations, we rely on the following legal bases:
  • Performance of a contract (e.g., providing the service)
  • Legitimate interest (e.g., system security, troubleshooting)
  • Compliance with legal obligations
  • Consent (for specific optional features, marketing communications)
6. Sharing and Disclosure
We do not share personal data with third parties except:
  • With trusted subprocessors who help us provide the service (e.g., hosting, analytics, email delivery)
  • When required by law or competent authorities
  • If necessary to protect rights, safety, or prevent fraud
  • In case of a corporate merger or acquisition (with notice)
All subprocessors are bound by data processing agreements and comply with applicable privacy laws.
7. Data Retention
We retain personal data only as long as necessary for the purposes outlined above or as required by law. Upon account termination or request, data may be deleted, anonymized, or archived as appropriate.
Boaters should direct deletion requests to their marina.
8. Your Rights
Depending on your jurisdiction (GDPR, CCPA, LGPD, etc.), you may have rights to:
  • Access your personal data
  • Correct or update inaccurate information
  • Request deletion ("right to be forgotten")
  • Object to processing or withdraw consent
  • Data portability
  • Lodge a complaint with a supervisory authority
Requests can be submitted to the contact below. We may ask you to verify your identity before processing requests.
9. Data Security
We implement technical and organizational measures to safeguard personal data, including:
  • Encryption in transit and at rest
  • Access controls and audit logs
  • Regular security reviews and incident response plans
10. Cookies and Tracking
We use essential cookies for platform functionality. We may also use optional cookies (analytics, preferences) with user consent.
For more details, refer to our Cookie Policy.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification.
12. Contact Us
For any privacy-related questions, requests, or concerns, please contact:
Data Protection Officer (DPO)
Email: legal@marinapy.com