Scope and who decides how information is used
The final notice will cover the Boats & Partners marketing site, broker portal, owner portal, administrative console, product communications, and related support. Third-party websites and the independent charter services offered by yacht owners, brokers, and operators have their own practices.
Boats & Partners is expected to decide the purposes of its own demo inquiries, account administration, authentication, security, subscriptions, support, service operations, and business measurement. Yacht-owner and yacht-broker organizations ordinarily decide why their prospect, customer, guest, booking, and uploaded-document information is entered into the service. For that tenant-controlled content, Boats & Partners is expected to operate as a processor or service provider under contract.
Partner discovery, shared inventory, cross-organization requests, and platform-level analytics require a final role decision because the factual purpose—not a contract label—determines whether an organization acts as a controller, processor, or both.
Information the service handles
The final notice will list only fields verified in the live service. Current product evidence includes:
- Demo and sales information: name, business email, company, role, requested workflow improvements, and follow-up history. The current offline form does not transmit these fields.
- Account and organization information: name, email or administrative username, credential hashes and salts, role, memberships, invitations, business profile, address, timezone, currency, and workspace settings.
- Charter operations information: prospects, customers, contact preferences, itinerary and date details, party size, vessel options, notes, campaign/source, quote, deal, hold, booking, payment, refund, partner, and activity history.
- Fleet and partner information: vessel details and media, rates, policies, availability, maintenance, partner relationships, grants, and owner or broker requests.
- Transaction metadata: quoted amounts, owner base, broker markup, deposits, balances, refunds, payment status, provider identifiers, and accounting entries. Live card-data handling must be verified before the final notice describes it.
- Files: vessel images, forms, contracts, licenses, customer documents, and other tenant uploads. Free-text and uploads can contain information the platform did not request, so collection and access restrictions are required.
- Device, security, and audit information: session and authentication events, IP-address or keyed-IP security data, request metadata, rate limits, trusted-device state, audit history, and push-subscription details.
- Communications and administration: transactional email, verification and invitation messages, push notifications, preferences, plan status, entitlements, support activity, and administrative audit records.
Information may come from the person, their organization administrator, a yacht owner or broker, an authorized partner, service-generated activity, or approved hosting, communications, security, and payment providers.
How information is used
- Respond to and schedule requested product demonstrations once a production intake is approved.
- Provision accounts and administer owner, broker, partner, and platform workspaces.
- Operate inventory, availability, customer, quote, deposit, hold, booking, document, partner, and accounting workflows.
- Authenticate users, control access, prevent abuse, preserve audit evidence, and investigate incidents.
- Send requested operational, verification, invitation, security, and push communications.
- Troubleshoot, maintain, measure, and improve the service using approved data and providers.
- Comply with law, enforce contracts, protect legal rights, and support a controlled corporate transaction.
- Send promotional communications only through an approved choice, consent, and opt-out process.
If EU or UK law applies, each purpose must be mapped to a verified lawful basis. Consent will not be described as the basis unless it is specific, informed, demonstrable, and as easy to withdraw as to give.
Who may receive information
Information may be disclosed only for approved purposes to:
- authorized users and administrators in the relevant tenant workspace;
- participating owner and broker organizations when a user initiates a shared-inventory, access, request, quote, hold, or booking workflow;
- approved hosting, storage, queueing, security, email, push, support, analytics, and payment providers;
- professional advisers, insurers, auditors, and authorities where law permits or requires it; and
- a buyer or successor in a properly controlled financing, merger, acquisition, or asset transaction.
Cloudflare is part of the currently verified infrastructure. Stripe and any future scheduling, CRM, support, consent, analytics, or malware-scanning provider must not be described as active until the live integration and contract are verified. The final notice also needs a maintained subprocessor list and a clear explanation of what participating owner and broker organizations can see.
No statement about a California “sale” or “sharing,” targeted advertising, or automated decisions will be published until the live tags, audience use, provider settings, enrichment, marketplace purposes, and API/export terms have been verified.
Cookies, storage, and analytics
The current offline marketing source does not set cookies, use browser storage, or load an analytics beacon. A production host may still create request and security logs. The authenticated CRM uses necessary session and security mechanisms, and its production configuration authorizes Cloudflare Web Analytics.
Before publication, every production host and account state must be tested for cookies, storage keys, pixels, beacons, SDKs, server-side analytics, embedded media, and provider defaults. Nonessential technology must be blocked until any required consent is obtained. A misleading “accept all” banner will not be shown if the service uses only necessary authentication and security technology.
Retention and deletion
The final notice will describe approved retention criteria for demo leads, accounts, invitations, sessions, leads, customers, quotes, requests, holds, bookings, payments, accounting, files, communications, audit and security records, exports, queues, backups, tenant offboarding, legal holds, and marketing suppression records.
Each lifecycle needs a triggering event, period or objective criterion, accountable owner, deletion method, backup expiry, exception, and evidence. The phrase “as long as necessary” will not substitute for that operating schedule.
Choices and privacy rights
Before launch, Boats & Partners must provide a monitored request channel and a verified process for access, correction, deletion, portable export, consent withdrawal, restriction or objection where applicable, marketing opt-out, authorized-agent requests, and appeals where required. Identity verification must be proportionate and must not expose one tenant's records to another.
Requests about Boats & Partners' own website lead, account, security, subscription, or direct communication data should be handled by Boats & Partners. A charter customer should ordinarily contact the yacht owner, broker, or operator that controls the charter record; Boats & Partners can assist that organization under its processing agreement.
Security and incidents
Boats & Partners uses administrative, technical, and organizational measures designed to protect information, but no system can guarantee absolute security. The final notice will mention only controls supported by current evidence and will not inherit a vendor's certification as the platform's own.
The operating program must include access control, secure disposal, vendor incident terms, investigation and evidence preservation, tenant escalation, and notices to affected people and regulators as required by applicable law. Publishing a notice does not by itself satisfy Florida's safeguarding, disposal, breach, or recordkeeping duties.
International users and transfers
EU and UK coverage depends on establishment, intentional targeting or monitoring, and covered tenant commitments. Before covered information is transferred to the United States or another country, the responsible organization must verify the provider chain, transfer impact or risk analysis, contractual safeguards, supplementary measures, and any representative or data-protection-officer requirement.
This draft does not claim an adequacy decision, Standard Contractual Clauses, a UK IDTA or Addendum, or Data Privacy Framework certification for the still-unconfirmed operating legal entity.
Minors and sensitive guest information
The marketing site and SaaS accounts are intended for adult business users and are not designed for direct collection from children under 13. Adult charter users may enter information about minor guests. The product must minimize that information, restrict unnecessary health or identity details, confirm adult authority, limit access and retention, and provide an appropriate removal path.
Contact, marketing, and changes
The final operator name, formation jurisdiction, business and postal address, monitored privacy email, public request form, and escalation owner remain unconfirmed. They must be inserted and tested before this notice can be published or rights can be promised.
Promotional email will require accurate sender information, truthful subject lines, a valid postal address, and a working opt-out. Phone, SMS, or WhatsApp marketing will require a separate channel-specific legal and consent review; a privacy notice is not consent. Material notice changes will receive an effective date and appropriate advance communication, and prior versions will be retained.