Privacy Policy
Last updated: April 2026. This policy applies to the VesselParty website (vesselparty.com and tenant subdomains) and the VesselParty mobile applications for iOS and Android.
Information We Collect
Contact Info: name, email address, phone number, billing and mailing address. Identifiers: account user ID, device identifiers (including Apple/Google push notification tokens used to deliver booking alerts and to sign contract audit records). User Content: photos you upload to your profile or experiences, messages exchanged with vessel providers, electronic contract signatures, and reviews. Usage Data: pages viewed, experiences searched, bookings initiated, and interaction with the app. Diagnostics: crash reports, performance metrics, and other diagnostic data used to improve the service. Location: coarse (city-level) location used to find nearby experiences β this is processed as an ephemeral query and is not stored against your user profile. Payment Information: payment card details are collected and processed by our payment processor Stripe; we do not store full card numbers on our servers. Third-Party Login Data: if you sign in with Apple or Google, we receive your name, email, and a provider user identifier.
How We Use Your Information
We use the data we collect to: (a) create and authenticate your account; (b) process bookings, payments, refunds, and payouts; (c) facilitate communication between guests and vessel providers; (d) generate and store electronic contracts signed within the platform, including device and IP metadata needed for ESIGN / UETA audit evidence; (e) send booking confirmations, reminders, and transactional push notifications; (f) surface nearby experiences based on coarse location you provide; (g) detect, prevent, and respond to fraud, abuse, and safety incidents; (h) comply with legal, tax, and regulatory obligations; and (i) analyze aggregated usage and crash data to improve reliability and product features. We do not use your personal information for cross-app or cross-website advertising tracking, and we do not sell your personal information.
How We Share Your Information
Vessel providers: when you book an experience, we share your name, contact details, and booking specifics with the provider so they can deliver the service. Payment processors: Stripe processes card payments, marketplace payouts, and chargebacks. Infrastructure providers: Microsoft Azure hosts our application and data; Azure Communication Services / SendGrid deliver transactional email; Expo and Apple/Google push services deliver mobile notifications. Analytics and error reporting: Sentry receives crash reports and diagnostic data. Legal and safety: we may disclose information to respond to lawful requests, enforce our terms, or protect the rights, property, or safety of users and the public. Corporate transactions: in the event of a merger, acquisition, or asset sale, user information may be transferred, subject to this policy. We do not share your personal information with third parties for their own marketing.
Data Retention, Security, and Your Rights
We retain account and booking records for as long as your account is active and for the period required to meet legal, accounting, tax, and dispute-resolution obligations (typically up to 7 years for financial records). Contract audit metadata is retained for the legal life of the contract. Diagnostics and crash data are retained for up to 90 days. We protect your information using encryption in transit (TLS), encryption at rest, role-based access controls, network segmentation, and routine security reviews. You have the right to access, correct, export, or delete your personal data, to withdraw consent where processing is based on consent, and to object to or restrict certain processing. California residents have additional rights under the CCPA/CPRA, including the right to know and the right to delete. EEA and UK residents have rights under the GDPR. To exercise any of these rights, email privacy@vesselparty.com; we respond within 30 days.
Children, International Transfers, Changes, and Contact
VesselParty is not directed to children under 13 (or under 16 in the EEA), and we do not knowingly collect personal information from children. If you believe a child has provided us information, contact privacy@vesselparty.com and we will delete it. Your information may be processed in the United States and in other countries where our service providers operate; where required, we use appropriate safeguards such as Standard Contractual Clauses. We may update this policy from time to time; material changes will be announced in the app and by email. Questions, complaints, or data-subject requests: VesselParty, privacy@vesselparty.com. The effective date of this version is shown above.