Privacy Policy

We collect various types of information from and about users of our website and services, including:

1.1 Personal Information

Personal information is data that can be used to identify you directly or indirectly. We may collect:

• Contact Information: Name, email address, postal address, phone number
• Account Information: Username, password, account preferences
• Identity Documents: Passport or ID details, sailing licenses/certificates (when booking a yacht charter)
• Payment Information: Credit card details, billing information
• Booking Details: Travel dates, preferences, special requirements

1.2 Non-Personal Information

We also collect non-personal information that does not directly identify you:

• Usage Data: How you interact with our website, pages visited, features used
• Device Information: Browser type, operating system, IP address, device type
• Location Data: General geographic location based on IP address or precise location if you enable location services

1.3 Collection Methods

We collect information through:

• Direct interactions when you create an account, make a booking, or contact us
• Automated technologies such as cookies and similar tracking technologies
• Third parties such as payment processors and social media platforms (if you connect these services)

We use the information we collect for various purposes, including:

2.1 Provide and Improve Services

• Process and confirm your yacht charter bookings
• Provide customer support and respond to inquiries
• Improve our website, services, and user experience
• Develop new features and offerings

2.2 Communication

• Send booking confirmations and updates
• Provide essential information about your charter or our services
• Respond to your questions and requests
• With your consent, send promotional materials about special offers or events

2.3 Administrative and Legal Purposes

• Protect our legal rights and comply with legal obligations
• Detect and prevent fraud, unauthorized access, and other harmful activity
• Enforce our terms of service and other agreements
• Process payments and maintain financial records

2.4 Personalization

• Personalize content based on your preferences and past interactions
• Recommend services that may interest you
• Remember your settings and preferences

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason compatible with the original purpose.

Under the GDPR, we must have a legal basis for processing your personal data. We rely on the following legal grounds:

Where we rely on consent, you have the right to withdraw your consent at any time. This won't affect the lawfulness of processing based on your consent before its withdrawal.

Where we rely on legitimate interests, we perform a balancing test to ensure that our interests don't override your fundamental rights and freedoms. You can request information about these assessments by contacting us.

We may share your information with the following categories of recipients:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf, such as:

• Payment processors to handle transactions
• Cloud hosting and storage providers
• IT service providers who help maintain our systems
• Email and communication service providers
• Customer support services
• Analytics providers to help us understand how our website is used

These service providers are required to protect your information and only use it for the specific services they provide to us.

4.2 Marina and Charter Partners

To fulfill your booking, we may share necessary information with:

• Marina operators where your yacht will be berthed
• Yacht owners or management companies (for fleet-managed yachts)
• Skippers or crew members assigned to your charter (if applicable)

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests, such as:

• Court orders, subpoenas, or similar legal process
• Government or regulatory authorities
• To protect our rights, property, or safety, or the rights, property, and safety of others

4.4 Business Transfers

If Unbound Sailing is involved in a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets, your information may be transferred as part of that transaction. We will notify you (for example, via email or a notice on our website) of any such change in ownership or control of your personal information.

4.5 With Your Consent

We may share your information in other ways if you specifically consent to it.

We do not sell your personal information to third parties.

Unbound Sailing is based in Croatia (European Union), and your information may be processed in Croatia and other countries where our service providers are located. These countries may have different data protection laws than your country of residence.

When we transfer personal data outside the European Economic Area (EEA) or the UK, we ensure that adequate safeguards are in place to protect your information, such as:

• Transferring to countries that have been deemed to provide an adequate level of protection by the European Commission
• Using specific contracts approved by the European Commission (Standard Contractual Clauses) that give personal data the same protection it has in Europe
• Transferring to organizations that are part of approved certification schemes, such as the EU-US Privacy Shield

If you want further information about the specific mechanism we use when transferring your personal data, please contact us using the details provided at the end of this policy.

We retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including:

• Providing our services to you
• Complying with legal, accounting, or reporting requirements
• Resolving disputes
• Enforcing our agreements
• Protecting against fraudulent, malicious, or abusive activity

The criteria used to determine our retention periods include:

• Active Accounts: While you maintain an active account with us, we retain your personal information to provide services, support, and features.
• Booking Information: We typically retain booking information for 7 years to comply with tax and accounting regulations.
• Marketing Preferences: We keep a record of your marketing preferences until you ask us to update them.
• Legal Requirements: Some information must be kept for specific periods to meet legal obligations.

When personal information is no longer needed, we securely delete or anonymize it. Anonymized information may be retained for analytics purposes.

Under the GDPR and other applicable privacy laws, you have several rights regarding your personal information:

How to Exercise Your Rights

To exercise any of these rights, please contact us using the details provided at the end of this policy. We will respond to your request within one month, though in some cases we may extend this period by up to two additional months if necessary, due to the complexity or number of requests.

There is no fee for exercising your rights. However, we may charge a reasonable fee or refuse to comply with your request if it is manifestly unfounded, excessive, or repetitive.

Complaints

If you are not satisfied with our response to your request or believe our processing of your personal information does not comply with data protection law, you can make a complaint to the Croatian Personal Data Protection Agency (AZOP) or the data protection authority in your country of residence.

We implement appropriate technical and organizational measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Our security measures include:

• Encryption: We use industry-standard encryption to protect data in transit and at rest
• Access Controls: We limit access to personal information to authorized personnel only
• Security Assessments: We regularly review and update our security practices
• Employee Training: We train our staff on data protection and security
• Secure Facilities: We maintain physical security controls at our facilities

While we take all reasonable steps to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your data.

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, in accordance with applicable law.

Our website uses cookies and similar tracking technologies to collect information about your browsing activities and to distinguish you from other users. These technologies help us provide you with a good experience when you browse our website and allow us to improve our site.

What Are Cookies?

Cookies are small text files that are stored on your browser or device. They allow the website to recognize your device and remember certain information about your visit, such as your preferences and settings.

Types of Cookies We Use

Managing Cookies

Most web browsers allow you to control cookies through their settings preferences. However, if you limit the ability of websites to set cookies, you may impact your overall user experience. Some browsers also offer "Do Not Track" features that signal to websites your tracking preferences.

To manage or delete cookies, please visit your browser's help pages:

• Google Chrome
• Mozilla Firefox
• Safari
• Microsoft Edge

Other Tracking Technologies

In addition to cookies, we may use web beacons, pixels, and similar technologies. These are small graphic files that contain a unique identifier that enable us to recognize when someone has visited our website or opened an email we have sent them.

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at the address provided at the end of this policy. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

Our website and services may contain links to third-party websites, services, and applications that are not operated by us. These links are provided for your convenience only and we have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Social Media Features

Our website may include social media features, such as Facebook, Twitter, and Instagram buttons or interactive mini-programs. These features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing it.

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this page.

For significant changes, we will also make reasonable efforts to notify you directly, such as by sending an email to the email address you provided to us or by displaying a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the new terms. If you do not agree to the changes, you should stop using our services and contact us to delete your account.