Dive Buddy Logo

Privacy Policy

This section outlines how Dive Buddy collects, uses, shares, and protects personal information.

Effective Date: 24 August 2025

Dive Buddy (“we”, “our”, “us”) is committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website, mobile application, and associated services.

1. Information We Collect

We may collect the following types of personal data:

  • Personal Identification Information: Name, email address, phone number, postal address, and other contact details.

  • Account Information: Usernames, passwords, profile information, and app usage history.

  • Location Data: With your consent, we may collect location information to support app functionality (e.g., finding dive centres and dive buddies).

  • Payment Information: Billing details and transaction history for purchases or partnerships. Note: We do not store payment card details directly; these are handled securely by Stripe.

  • Verification Information: A selfie and a government-issued ID image (collected only for verification; deleted immediately after use).

  • Technical Data: IP address, browser type, device details, operating system, and browsing behaviour (via cookies or analytics tools).

2. How We Use Your Information

We process your data under the following legal bases:

  • Contractual Necessity: To create and manage accounts, process bookings, and provide services.

  • Legitimate Interests: To maintain community safety, verify users, and improve our services.

  • Consent: For marketing, newsletters, push notifications, and location-based services.

  • Legal Obligation: To comply with tax, accounting, and regulatory requirements.

3. User Profiles

When you create a profile, other users can view your public information, including display name, diving interests, verification status, and general location.

Your sensitive contact details (email, phone number, residential address) are never visible to other users.

When you make a booking through Dive Buddy, the relevant dive centre will receive your necessary contact information (name, email, phone number) to manage your booking. Once shared, dive centres act as independent data controllers responsible for their own handling of that data.

4. Verification Process

To access certain community features (such as “Find a Dive Buddy”), you must complete verification.

This involves uploading:

  • A selfie, and

  • A government-issued photo ID.

We use these solely to confirm that the ID matches the selfie. Once verification is complete, these images are deleted immediately.

Verification is carried out in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

5. Sharing Your Information

We may share your information with:

  • Service Providers:

    • Stripe Payments Europe, Ltd. – secure payment processing.

    • Firebase (Google Cloud): app hosting, secure database storage, and messaging services.

    • Mapbox, Inc. – map and search functionality.

    • Google Analytics (for Android users) – app performance insights.

    • Apple Analytics (for iOS users) – app performance insights.

  • Dive Centres: When a booking is made, your contact details are shared with the relevant dive centre to fulfil the booking. Dive centres are independent controllers of this information.

  • Business Partners: With your consent, we may share data with partners offering promotions or affiliate discounts.

  • Legal Authorities: Where required by law, or to protect our rights.

6. Cookies and Tracking Technologies

We use cookies and analytics technologies to:

  • Remember your preferences and improve app functionality.

  • Analyse app and website usage for performance and improvements.

You can manage cookies and analytics permissions through your device or browser settings. Disabling them may reduce functionality.

7. Data Security

We use technical and organisational measures such as encryption, secure servers, and regular security checks to protect your personal data. However, no method of transmission or storage is completely secure.

8. Data Retention

We retain your data only as long as necessary, or as required by law:

  • Verification images (selfie and ID): Deleted immediately after verification.

  • Booking and payment records: Retained up to 6 years for tax and legal obligations.

  • General account data: Retained while your account is active, and for up to 12 months after account deletion for dispute handling, unless you request earlier erasure.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data.

  • Rectify inaccurate or incomplete data.

  • Erase data in certain circumstances.

  • Restrict processing.

  • Port your data to another provider.

  • Object to certain processing (e.g., marketing).

To exercise these rights, contact us at [email protected].

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data is not being handled lawfully: www.ico.org.uk.

10. Children’s Privacy

Dive Buddy is available with the following age restrictions:

  • Ages 13–15: May use the app with parent/guardian consent.

  • Ages 16–17: May use the app independently, but cannot access verification-gated features such as “Find a Dive Buddy.”

  • Ages 18+: May access all app features, including verification-gated community features.

If we learn that we have collected personal data from a child without the required parental consent, we will delete it promptly. Parents/guardians may contact us at [email protected] to review or request deletion of their child’s data.

11. International Transfers

Some of our service providers process data outside the UK/EEA. For example:

  • Stripe – payment processing (US and other jurisdictions).

  • Firebase (Google Cloud) – hosting, storage, messaging (US and global infrastructure).

  • Mapbox – mapping services (US).

  • Google Analytics – analytics for Android users (US/global).

  • Apple Analytics – analytics for iOS users (US/global).

Where international transfers occur, we ensure safeguards such as UK-approved Standard Contractual Clauses (SCCs) or reliance on adequacy decisions to protect your data.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be published with a revised effective date.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Email: [email protected]

Discover dive sites, find dive buddies, and book dives with trusted centres — all in one app. Dive smarter, not harder.

Download Now