Privacy Policy


Effective Date: February 10, 2025

Executive Summary

  • What Data We Collect:
    • Personal Information: Name, email, phone number, and other account details you provide.
    • Usage Data: Information about your interactions (pages viewed, search queries, device information, and, where applicable, location data).
    • Third-Party Information: Data provided on behalf of someone else, with their permission.
  • How We Use Your Data:
    • To provide, improve, and personalize our cruise booking services.
    • For customer support, communications (e.g., offers, updates), and fraud prevention.
    • To analyze trends and usage, and to ensure data security.
  • Legal Bases for Processing:
    • We process your data based on your consent, contractual necessity, legitimate interests, and legal obligations.
  • Your Rights:
    • Right to access, correct, or delete your data.
    • Right to restrict or object to processing, including automated decision-making.
    • Right to data portability and to withdraw consent.
    • Instructions to contact our Data Protection Officer for any concerns.
  • Data Sharing & Retention:
    • Your data is shared with specific third parties (e.g., service providers, payment processors, analytics partners) only as needed to deliver our services.
    • We retain your data only as long as necessary or as required by law.
  • International Data Transfers:
    • Data may be processed and stored outside your home country using approved security measures and legal safeguards.
  • Contact Information:
    • For inquiries or concerns, please reach out to our Data Protection Officer at info@boardanywhere.com.

Beta Version Notice

This is a beta version of the BoardAnywhere app. While we work hard to keep your data secure, some features are still in testing and may change. This policy applies only to the beta version and may be updated as new features (or changes to booking and payment processes) are introduced. We welcome your feedback at the email provided at the end of this policy. Your feedback will be securely stored and used only to improve the app.

Definitions

  • Personal Data: Any information that can directly or indirectly identify you.
  • Data Controller: The person or organization that determines how and why your data is processed.
  • Data Processor: The person or organization that processes your data on behalf of the Data Controller.

BoardAnywhere (“we,” “our,” or “us”) values your privacy and is committed to protecting your personal data. This policy explains how we collect, use, share, and safeguard your personal information when you use our website and app (https://www.boardanywhere.com/). By using our services and accepting this Privacy Policy (including our cookie practices), you agree to the collection and use of your data as described below.

  1. How We Collect and Use Personal Information

When you log in or sign up to book our services or update your profile, we collect the following types of information:

  1. Information You Provide:
    • Your name, email, phone number
    • Feedback, satisfaction ratings, and other details you voluntarily share (e.g., passwords)
    • Your device’s IP address
  2. Information We Collect When You Use Our Services:
    • Details about your interactions (e.g., pages viewed, searches made)
    • User-generated content (reviews, photos, recordings) that you submit
    • Device and software information (hardware model, OS version, browser type, language, battery level, and time zone)
    • Location Data and Device Sensors: If enabled on your device, we may collect your approximate location or other sensor data to enhance your experience.
      Note: This information is anonymized and not stored in a way that directly identifies you.
  3. Information from Third Parties:
    • If you provide information on behalf of another person, you confirm that you have their permission to do so.
  4. Log Information:
    We record technical details such as:
    • Usage details (pages visited, access times)
    • Device information (browser type, language)
    • IP address and cookie identifiers

Legal Bases for Processing:
We process your data based on the following legal grounds:

  • Consent: When you opt in to specific uses of your data.
  • Contractual Necessity: To provide the services you request.
  • Legitimate Interests: To enhance our services, improve security, and analyze usage trends.
  • Legal Obligations: To comply with laws and regulations.

How We Use Your Information:
Your data is used to:

  • Provide, operate, and improve our cruise booking services
  • Enhance and personalize your user experience
  • Communicate important updates, offers, and customer support information
  • Prevent fraud and verify identity
  • Analyze trends and usage to optimize service delivery
  • Automated Decision-Making and Profiling: In certain cases (such as personalized offers or fraud detection), we use automated processes. You have the right to object or request human review of such decisions.
  1. Cookies Policy and Analytics

Cookies are small text files stored on your device when you visit our site. They help us provide a better user experience by remembering your preferences and monitoring site usage. We use various types of cookies:

  • Necessary Cookies:
    Essential for website functionality (e.g., logging in, setting privacy preferences). Blocking these may disable certain features.
  • Preference Cookies:
    Save settings like your language or region.
  • Analytics/Statistics Cookies:
    Collect anonymous data about visitor usage (e.g., page views, navigation patterns) so we can improve performance.
  • Marketing/Advertising Cookies:
    Placed by advertising partners to show relevant ads based on your browsing behavior.
    Do Not Track Signals: We respect Do Not Track signals as applicable and adjust our advertising practices accordingly.

When you first visit our site, you will see a Cookie Banner that lets you accept all cookies or adjust your settings. You can also change your browser settings to manage cookies. For more details on managing cookies, please visit allaboutcookies.org or youronlinechoices.com.

Some cookies we use include:

  • _ga: Google Analytics statistical tracking (expires in 2 years)
  • ga#: Tracks repeat visits (expires in 2 years)
  • _gat: Limits Google Analytics request rate (expires in 1 day)
  • _gid: Registers a unique ID for tracking visitor statistics (expires in 1 day)
  1. Links to Third-Party Websites

Our services may include links to third-party websites (such as social media sites, blogs, etc.). We do not control these sites and are not responsible for their privacy practices. Please review their privacy policies if you visit them. Additionally, we share data with third-party service providers, which may include:

  • Payment Processors: To handle booking transactions.
  • Analytics Providers: To help us understand and improve usage trends.
  • Advertising Partners: For marketing and retargeting purposes.
  • Social Media Platforms: If you choose to share content via social media. Each category is governed by contractual agreements that ensure your data is handled securely and lawfully.
  1. Sharing Your Information

We share your personal data primarily to facilitate your bookings and enhance our services. This includes sharing your data with:

  • Service Providers and Business Partners: For service fulfillment, including payment processing and customer support.
  • Professional Advisors: Such as auditors, lawyers, or accounting firms, when required by law.
  • Authorities: To protect our rights, investigate violations, or prevent fraud.
  • Business Transactions: In the event of a merger, acquisition, or asset sale, your data may be transferred to the new owner.
  • Aggregated/Anonymized Data: We may also share de-identified data for analytical purposes.
  1. Data Retention

We store your account information (e.g., name, phone number, email) only as long as necessary for the services provided or as required by law. If you stop using our services, you can request deletion of your account. In some cases, data may be retained for a limited period after deletion (e.g., deactivated accounts) or for compliance, fraud prevention, and security purposes. For direct marketing, if you withdraw consent, your data is maintained on an unsubscribed list for three years to document compliance.

  1. Data Security Measures

We take the security of your data seriously. Our technical and organizational measures include:

  • Encryption of data in transit and at rest
  • Access controls and regular security audits
  • Anonymization and pseudonymization techniques where appropriate
  • Monitoring systems to detect and prevent unauthorized access
    While we strive to secure your data, please understand that no security system is completely foolproof.
  1. Your Rights Over Your Information

Under the GDPR and other applicable European regulations, you have the following rights regarding your personal data:

  • Right to Information: Know what data is processed and why.
  • Right of Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccuracies in your data.
  • Right to Erasure: Request deletion of your data under certain conditions.
  • Right to Restrict Processing: Limit how your data is used.
  • Right to Object: Object to processing, including for direct marketing or automated decision-making.
  • Right to Data Portability: Receive your data in a machine-readable format or request direct transfer.
  • Right to Withdraw Consent: You may withdraw your consent at any time.
  • Right to Lodge a Complaint: Contact your supervisory authority if you believe your rights have been violated.
  1. Access, Correction, and Deletion of Personal Information

You can request access to, correction of, or deletion of the personal data we hold about you. You may also restrict or object to the processing of your data. Direct these requests to our Data Protection Officer at:
Email: info@boardanywhere.com

  1. International Data Transfers

We may collect, process, and store your data in countries outside your home country. Our servers are primarily located in the EU (Croatia), but data may also be transferred to other countries. When transferring data outside the EEA, we employ standard contractual clauses, additional technical measures, and comply with legal safeguards such as the European Commission's adequacy decisions.

  1. Children's Privacy

Our services are not directed at individuals under 18 years old, and we do not knowingly collect data from minors. If data from a minor is inadvertently collected, it will be promptly deleted unless required otherwise by law. In jurisdictions where parental consent is required, we will seek verification before processing any minor's data.

  1. Data Breach Notification Process

In the unlikely event of a data breach, we have a robust notification process in place. Our process includes:

  • Immediate investigation and mitigation of the breach
  • Notifying affected users and the relevant data protection authorities promptly if the breach is likely to result in a high risk to your rights and freedoms
  • Providing ongoing updates until the issue is resolved
  1. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Significant changes will be communicated by updating the effective date or via in-app or website notifications. Your continued use of our services after any changes means you accept the updated policy.

  1. Contact Information

If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us:

Data Controller:
Impuls Analitika d.o.o.
Address: Vinec 16, 10 000 Zagreb
Email: info@boardanywhere.com
Tel: +385 1 3861 225