Mobile app for boaters

Privacy Policy

Effective date: 15 November 2025

This Privacy Policy explains how Boat File (“Boat File”, “we”, “us”, “our”) collects, uses, and protects your personal data when you use our mobile application, website, and related services (collectively, the “Service”). We are based in Finland and process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Finnish and EU legislation.

1. Data controller For the purposes of GDPR, the data controller is: Boat File Inc Helsinki, Finland Email: info@boatfile.com We determine the purposes and means of processing personal data in connection with the Service.

2. Personal data we collect Depending on how you use Boat File, we may collect and process the following categories of personal data:

2.1. Account & profile data • Name • Email address • Country / language settings • Optional profile information you choose to provide

2.2. Boat & usage data • Boat details (e.g. name, make, model, registration, year, engine info) • Logs and notes (e.g. trips, maintenance, work done, expenses) • Uploaded content (e.g. photos, documents, PDFs, registration papers, invoices) • Settings and preferences within the app. You remain the owner of your content. Boat File only processes this data to provide the Service to you.

2.3. Device and technical data • Device type, operating system, app version • IP address, approximate location (e.g. country/region) • Technical event data (crash logs, performance metrics) • Usage data (which screens are used, frequency of use, basic interaction patterns) This is mainly collected through tools such as Firebase, Google Analytics, Crashlytics, and similar services.

2.4. Location data (optional) If you grant permission, the app may process approximate or precise location data (e.g. to tag logs with a position). You can enable or disable location access at any time in your device settings.

2.5. Communication data • Messages you send to us (e.g. support emails) • Feedback, bug reports, feature requests. We use this to respond to you and improve the Service.

3. Why we process your data (purposes & legal bases) Under GDPR, we must have a legal basis for each purpose. We use your data for:

3.1. Providing and operating the Service Legal basis: Performance of a contract (GDPR art. 6(1)(b)) • Creating and managing your account • Storing and organizing boat data, logs, and documents • Syncing data between your devices using our backend (e.g. Supabase, Firebase) • Restoring data when you reinstall or change devices

3.2. Improving the app and ensuring stability Legal basis: Legitimate interest (art. 6(1)(f)) • Monitoring technical performance and reliability • Debugging, preventing abuse, and maintaining security • Understanding in an aggregated way how features are used We do this with minimal personal data and do not use it to identify you personally unless necessary for security or support.

3.3. Customer support and communication Legal basis: Performance of a contract & legitimate interest • Answering support requests • Notifying you about important changes, security updates or critical issues

3.4. Analytics and product development Legal basis: Legitimate interest and/or consent (where required) • Aggregated app usage statistics • Improving user experience and planning new features Where required by local law, we will request your consent for analytics.

3.5. Legal obligations Legal basis: Legal obligation (art. 6(1)(c)) • Complying with obligations under EU and Finnish law • Responding to lawful requests from authorities.

4. How we share your data. We do not sell your personal data. We may share your data with:

4.1. Service providers (data processors) We use trusted third parties to operate the Service, such as: • Hosting and backend (e.g. Supabase, Google Cloud / Firebase) • Analytics / crash reporting (e.g. Google Analytics, Crashlytics) • Authentication & app stores (e.g. Apple App Store, Google Play) • Email / communication tools. These providers act as data processors and may only process your data according to our instructions and for the purposes described in this Policy. We maintain data processing agreements with them where required.

4.2. Legal and safety reasons. We may disclose personal data if required by law or in good faith belief that such action is necessary to: • Comply with a legal obligation or lawful request • Protect the rights, property, or safety of Boat File, our users, or others • Investigate suspected fraud, security issues, or abuse

4.3. Business transfers. If Boat File is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. You will be informed of any such change where required by law.

5. International transfers Some of our providers are located outside the EU/EEA (for example, services provided by Google or Supabase). When personal data is transferred outside the EU/EEA, we rely on: • Adequacy decisions by the European Commission (where available), or • Standard Contractual Clauses (SCCs) and other safeguards approved by the Commission to ensure your data enjoys a level of protection essentially equivalent to that in the EU.

6. Data security. We use reasonable technical and organizational measures to protect your data, including: • Encrypted connections (HTTPS/TLS) where appropriate • Access controls and authentication for administrative systems • Regular updates and security patches for our infrastructure However, no method of electronic transmission or storage is 100% secure. You are encouraged to maintain your own backups of important documents and logs.

7. Data retention We keep your personal data only as long as necessary for: • Providing the Service • Complying with legal obligations • Resolving disputes and enforcing our agreements In general: • Your account and boat data are kept while your account is active. • If you request account deletion, we delete or anonymize your personal data within a reasonable period, unless we must keep certain information for legal or accounting reasons.

8. Your rights (EU / EEA users) If you are in the EU/EEA or UK, you have the following rights under GDPR: • Right of access – to know whether we process your data and to receive a copy. • Right to rectification – to correct inaccurate or incomplete data. • Right to erasure – to request deletion of your personal data in certain cases. • Right to restriction – to limit processing in certain circumstances. • Right to data portability – to receive your data in a structured, commonly used format. • Right to object – to processing based on legitimate interests or direct marketing. • Right to withdraw consent – where processing is based on consent. To exercise your rights, contact us at info@boatfile.com. We may need to verify your identity before fulfilling your request. If you believe your rights have been violated, you can lodge a complaint with your local data protection authority. In Finland, this is the Office of the Data Protection Ombudsman.

9. Children’s privacy Boat File is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us so we can delete it.

10. Third-party links & services The Service may contain links to third-party websites or services (for example, external documentation, partners, or app stores). We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies separately.

11. Changes to this Privacy Policy We may update this Privacy Policy from time to time. When we make material changes, we will: • Update the “Last updated” date, and • Notify you within the app and/or by email, where appropriate. Your continued use of Boat File after changes have been posted means you accept the updated Policy.

12. Contact For questions about this Policy or our data practices: Boat File Inc, Helsinki, Finland Email: info@boatfile.com

Terms of Use
Contact Us
Boat File on Facebook
Download the App
about us