Afloat (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store and protect your personal data when you visit our website or use the Afloat platform.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Afloat is a software platform for sailing clubs, boating organisations and marinas, providing tools for membership management, communications, events and administration.

Data Controller:
Ricorocks Digital Agency trading as Afloat Club
United Kingdom

If you have any questions about this policy or how we handle your data, you can contact us at:
Email: tech@afloat.club

2. What data we collect

We may collect and process the following types of personal data:

a. Information you provide directly

  • Name

  • Email address

  • Password (stored in hashed form)

  • Club or organisation name

  • Role within a club or organisation

  • Contact details

  • Any information you submit via forms or support requests

b. Membership and usage data (for platform users)

  • Membership status and role

  • Event participation

  • Communications sent via the platform

  • System activity logs related to your account

c. Technical data

  • IP address

  • Browser type and version

  • Device and operating system

  • Pages visited and actions taken on the website

  • Date and time of access

This data is collected using cookies and similar technologies.

3. How we use your data

We use your personal data for the following purposes:

  • To provide and operate the Afloat platform

  • To manage user accounts and permissions

  • To enable clubs and organisations to manage their members

  • To send essential service communications

  • To respond to enquiries and support requests

  • To improve our website and platform performance

  • To maintain security and prevent misuse

  • To comply with legal and regulatory obligations

We do not sell your personal data.

4. Lawful basis for processing

Under UK GDPR, we rely on the following lawful bases:

  • Contract – when processing is necessary to provide the Afloat service

  • Legitimate interests – for platform improvement, security and support

  • Legal obligation – where required by law

  • Consent – where you have explicitly given it, such as for non-essential cookies

5. Data sharing

We only share personal data where necessary and in a controlled manner.

This may include:

  • Hosting and infrastructure providers

  • Email and notification services

  • Analytics and monitoring services

All third parties are required to process data securely and in accordance with UK GDPR.

Clubs and organisations using Afloat are typically independent data controllers for their own members’ data. Afloat acts as a data processor on their behalf where applicable.

6. International transfers

Where data is processed outside the UK, we ensure appropriate safeguards are in place, such as:

  • UK adequacy regulations

  • International Data Transfer Agreements

  • Standard contractual clauses

7. Data retention

We retain personal data only for as long as necessary:

  • While your account is active

  • As required to provide services

  • To meet legal or regulatory obligations

When data is no longer required, it is securely deleted or anonymised.

8. Your rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure of your data

  • Object to or restrict processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, contact us at privacy@afloat.app.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://www.ico.org.uk

9. Cookies

Our website uses cookies to:

  • Ensure core functionality

  • Analyse usage and improve performance

Non-essential cookies are only set with your consent.

For more information, please see our Cookie Policy.

10. Security

We take security seriously and use appropriate technical and organisational measures to protect your data, including:

  • Encrypted connections

  • Access controls

  • Secure hosting

  • Regular updates and monitoring

No system is completely secure, but we take reasonable steps to minimise risk.

11. Children’s data

Afloat is not intended for use by children under 16 without parental or organisational consent. Clubs are responsible for ensuring appropriate permissions are in place for junior members.

12. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website with the effective date.

Site by Ricorocks
Terms & Conditions

We use cookies to enhance your browsing experience, understand how you use our site, deliver relevant content, and keep certain features secure.

By clicking “Accept All”, you agree to the use of all cookie categories. You can choose “Custom” to customise which types of cookies you consent to, or select “Essential Only” to allow only essential cookies. For more information, including a list of third‑party cookies we use, please see our Cookie Policy.

Custom

Allow Ad Storage
Allow Ad User Data
Allow Ad Personalisation
Allow Analytics Storage