Privacy Policy

MarineQA

Effective April 19, 2026

1. Introduction

MarineQA (“Company,” “we,” “us,” or “our”) describes in this Privacy Policy how we collect, use, disclose, and safeguard information when you use our public website, web-based console or administration tools, mobile application, and hosted APIs and related services (collectively, the “Service”). The Service is intended for professional marine survey and related workflows tied to your organization's account.

By using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service.

2. Information we collect

We process categories of information that you or your device provide in connection with survey operations. These align with data stored in our systems for authenticated users and their organizations.

2.1 Account and authentication

  • Name and email address for your user profile.
  • Credentials: passwords are stored using salted one-way hashing on our servers (for example, PBKDF2); we do not store your password in readable form.
  • Organization membership, roles, and permissions that govern what you can access.
  • Session security: we issue access and refresh tokens for API access. Refresh tokens are recorded server-side; access and refresh tokens are stored on your device using the platform secure store (for example, iOS Keychain or Android Keystore) where applicable.

2.2 Survey, vessel, and contact data

  • Survey records: titles, dates, status, assignments, and structured responses you enter into survey forms.
  • Vessel information: names, identifiers (such as USCG documentation or HIN where provided), specifications, and related notes.
  • Contacts and business relationships: names, job titles, departments, phone numbers, email addresses, postal addresses, and notes.
  • Field responses may include free text, selections, address components, and photos you attach.
  • Images and files you upload are stored with our Service (including cloud object storage) and linked to your organization's content.

2.3 Data on your device (offline and preferences)

  • To support offline use, our mobile app may maintain a local database on the device with synced surveys, vessels, contacts, forms, field values, image metadata, and sync queue entries.
  • Survey-related images may be cached as files on the device prior to upload or after download.
  • The app may store your last signed-in email address and selected organization identifiers locally to restore your session experience.
  • Appearance settings (such as light or dark mode preference) may be stored in the device secure store.

2.4 Device permissions and technical data

  • Camera and photo library: used when you choose to capture or attach images to survey fields in the mobile app. We access images you select; we do not browse your library beyond what you confirm.
  • We do not collect device location. Photos you attach in the mobile app are processed for upload and are not used to determine your location.
  • When you use the Service, standard technical information may be processed automatically, such as IP address, timestamps, browser or app version signals, and diagnostic data needed to operate and secure the Service.

On Android, the application manifest may list permissions required by the operating system or bundled libraries. We request permissions only as needed for functionality you use.

2.5 Cookies and similar technologies (web)

When you use our website or web console, we and our service providers may use cookies, local storage, and similar technologies—for example, to keep you signed in, remember preferences, maintain security, and understand how the Service is used. You can control some of these technologies through your browser settings; disabling certain cookies may limit functionality.

3. How we use information

  • Provide, operate, and improve the Service (including offline sync and upload where applicable).
  • Authenticate you, enforce organization roles, and protect accounts.
  • Store and display survey, vessel, and contact content for your organization.
  • Process subscriptions and billing where applicable (for example, through payment processors associated with your organization's plan).
  • Detect, prevent, and address fraud, abuse, and security issues.
  • Comply with law, respond to lawful requests, and enforce our terms.
  • Communicate with you about the Service (for example, service-related notices).

4. How we share information

We do not sell your personal information. We may disclose information only as described below:

  • Organization access: survey, vessel, and contact data is available to authorized users within your organization according to role settings.
  • Service providers: we may use vendors for hosting, storage, email, analytics of infrastructure logs, payment processing (for example, Stripe for subscription billing), and other functions that process data on our behalf under contractual safeguards.
  • Legal and safety: we may disclose information if required by law, regulation, legal process, or to protect the rights, safety, and property of users, the public, or the Company.
  • Business transfers: information may be transferred as part of a merger, acquisition, financing, or sale of assets, subject to appropriate protections.

5. Retention

We retain information for as long as your account is active, as needed to provide the Service, and as necessary to comply with legal obligations, resolve disputes, and enforce agreements. Local copies on your device remain until you remove the app, clear cached data through app settings where available, or your organization's data is removed from the Service pursuant to our practices.

6. Security

We use administrative, technical, and organizational measures designed to protect information, including encryption in transit for API communication, secure storage of tokens on-device where applicable, and access controls on our systems. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

7. Your choices and rights

Depending on your location, you may have rights to access, correct, delete, or export personal information, or to object to or restrict certain processing. To exercise rights, contact us using the information below. You can also manage some data within the Service (for example, profile or organizational tools provided to your administrator).

8. Children

The Service is not directed to children under 16 (or the age required by your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us and we will take appropriate steps.

9. International users

If you access the Service from outside the United States, your information may be processed and stored in the United States or other countries where we or our providers operate. Those jurisdictions may have different data protection rules than your country of residence.

10. Third-party sites

The Service may reference or link to third-party websites. We are not responsible for their privacy practices. Review their policies before providing information.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated policy on the Service (and may provide additional notice for material changes). Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact us

For questions about this Privacy Policy or our data practices, contact MarineQA at marineqa.privacy@gmail.com. When reporting an issue, including your app or browser version and platform helps us assist you.

© 2026 MarineQA. All rights reserved.