1. About us (Data Controller)
The data controller responsible for your personal data is INLD LIMITED, a company registered in England and Wales (Company Number 12040493, incorporated 10 June 2019). Registered office: Redhill Marina, Ratcliffe-on-Soar, Nottingham, NG11 0EB, United Kingdom. We operate the MyYacht.me yacht charter booking platform; operations are conducted in Montenegro.
EU/EEA Representative (GDPR Art. 27): as INLD LIMITED is established in the United Kingdom (post-Brexit) and processes personal data of EU/EEA data subjects, an EU/EEA Representative will be appointed before public Platform launch in EU/EEA markets.
Data Protection Officer: INLD LIMITED has not appointed a formal DPO under GDPR Article 37, as the processing scale does not currently trigger a mandatory DPO. The Director acts as Data Protection Lead. A formal DPO will be appointed if/when processing scale triggers Art. 37 or external counsel recommends it.
2. Data we collect
2.1 Account and profile data — full name, email address, phone number, password (hashed — we never see your plain-text password), optional profile photo, language and currency preferences, marketing preferences (opt-in only).
2.2 Booking data — yacht selection, charter dates, number of guests, departure marina, special requests (free-text — see §3), booking history, loyalty program data (points, tier).
2.3 Payment data — MyYacht.me does NOT receive, store, or process raw card numbers, CVV, or expiry dates. Card data is collected and processed DIRECTLY by Stripe and PayPal SDKs as payment service providers. Our servers receive only tokenised payment references (Stripe Customer ID, Payment Intent ID, PayPal Order ID), payment status, transaction amount and currency, and the last 4 digits of card + card brand for receipts and support. INLD LIMITED qualifies as a PCI DSS SAQ-A merchant.
2.4 Identity verification data (KYC) — for bookings of €10,000 or more (internal AML risk-based trigger), we collect a government ID document image, selfie photo, date of birth, nationality, and residential address via Sumsub. For €10,000+ bookings we additionally collect Source of Funds documentation. Photos and documents go DIRECTLY to Sumsub and are NOT stored on your device or on INLD servers.
2.5 Location data — the mobile app may collect precise GPS location only during an active yacht charter, only in the foreground, only when you tap "Start Charter". Location updates stop within 30 seconds when the app moves to the background or the screen locks. We do not request "Always" location permission and we do not collect background location.
2.6 Communications data — customer support messages, pre-charter messages with the captain, transactional email correspondence.
2.7 Technical data — IP address (truncated for analytics), device type, operating system, browser, screen resolution, anonymous mobile device identifiers (no IDFA for cross-app tracking), pseudonymised crash logs.
2.8 What we do NOT collect — health/fitness data (with the free-text exception in §3), sensitive special category data, biometric identifiers (Sumsub processes selfie biometrics as separate controller), phone contacts, audio recordings, SMS messages, browsing history outside the app/site, calendar data, background location.
3. Free-text fields and sensitive data
MyYacht.me's booking flow includes optional "Special Requests" free-text fields. Please DO NOT include in any free-text field: medical or health information (except where strictly necessary for safe charter, e.g. severe allergies); disability information (except where reasonable accommodation is required); religious beliefs; political opinions; sexual orientation; trade union membership; criminal record information; genetic or biometric data; financial account numbers; government-issued ID numbers.
If you voluntarily submit sensitive personal information, we treat it as special category data under GDPR Article 9. We process it ONLY to fulfil your booking request — never for profiling, analytics, marketing, or any other purpose. Access is restricted to the Boat Owner of your booking and MyYacht.me support staff if needed for the booking. Free-text content is excluded from analytics, marketing, and crash logs. We delete or redact this information when no longer necessary, unless legal retention applies.
Lawful basis: if you submit sensitive data voluntarily, we process it under GDPR Article 9(2)(a) — explicit consent. For health-related accommodation needs that are necessary for safe charter, we may also rely on Article 9(2)(c) — vital interests.
4. Why we collect your data (lawful bases)
| Purpose | Lawful basis (GDPR Art. 6) | Examples |
|---|---|---|
| Booking facilitation | Art. 6(1)(b) — Performance of contract | Processing your booking, sharing details with the Boat Owner, payment processing |
| Identity verification (KYC) | Art. 6(1)(c) — Legal obligation + Art. 6(1)(f) — Legitimate interests | AML/CTF compliance, fraud prevention, Stripe/PayPal merchant requirements |
| Customer support | Art. 6(1)(b) | Responding to queries, resolving issues |
| Account management | Art. 6(1)(b) | Managing your account, login, profile |
| Marketing communications | Art. 6(1)(a) — Consent | Newsletters, promotional offers (only if you opt in) |
| Analytics and platform improvement | Art. 6(1)(f) | Understanding how users interact with the Platform |
| Fraud prevention | Art. 6(1)(f) + Art. 6(1)(c) | Stripe Radar, internal fraud register |
| Legal compliance | Art. 6(1)(c) | Tax, accounting, AML records, regulatory reporting |
| Sensitive data (free-text) | Art. 9(2)(a) — Explicit consent / Art. 9(2)(c) — Vital interests | Voluntary submission of sensitive info to fulfil booking |
5. AML / KYC processing for high-value bookings
MyYacht.me's KYC verification at €10,000+ is an internal risk-based AML trigger adopted by INLD LIMITED voluntarily. Below €10,000 we rely on standard Stripe/PayPal fraud checks. €10,000 and above triggers government ID + selfie via Sumsub; €10,000 and above additionally triggers Source of Funds documentation.
Data flow: ID document images and selfies go DIRECTLY to Sumsub via the Sumsub Mobile SDK — not stored on your device or our servers. Sumsub performs face match, document authenticity check, sanctions screening, and PEP check, then returns a PASS/FAIL result. INLD's MLRO has access to review documents in the Sumsub portal as part of compliance review. KYC status (verified / pending / rejected) is stored on INLD systems linked to your account.
Sumsub: Sumsub is INLD's data processor for KYC verification, ISO 27001 and SOC 2 Type II certified. Sumsub processes biometric face-match data as a separate biometric controller. KYC data is retained 5–7 years per UK MLR 2017 requirements.
Your rights regarding KYC data: you can request access (Art. 15), deletion (Art. 17 — subject to AML retention exceptions), and object to automated decision-making (Art. 22 — Sumsub combines automated and human review). Email privacy@myyacht.me.
6. Mobile app specific disclosures
MyYacht.me is available as a web app at https://myyacht.me, on iOS (Apple App Store), and on Android (Google Play Store).
Cross-platform SDK differences: iOS uses Apple MapKit and may offer Sign in with Apple; Android uses Google Maps SDK and may offer Sign-In with Google. Google may use map queries for its own analytics — see §8 for details.
Crash / diagnostic data: the apps use a crash reporting SDK (Crashlytics or Sentry — final choice TBD). Crash data is pseudonymised. We do NOT attach to crash reports: name, email, phone, booking/payment ID, KYC status or documents, precise location, or free-text booking notes. Retention is ≈90 days at the SDK provider.
Mobile permissions requested: camera (KYC only); photo library (KYC only); location "when in use" (only after you tap Start Charter); push notifications (after your first booking); Face ID / biometric (only if you enable in Settings). We do NOT request background location, contacts, SMS, microphone, calendar, phone/call log, or installed apps tracking. The iOS App Tracking Transparency prompt is NOT shown because we do not track you across other companies' apps.
9. International data transfers
Some service providers are located in countries that do NOT have an EU adequacy decision (e.g. USA). We rely on Standard Contractual Clauses (SCCs) and Transfer Impact Assessments, plus supplementary safeguards (encryption, pseudonymisation, access controls). Where applicable, we rely on the EU-US Data Privacy Framework for certified processors (Stripe, Google, Meta). For UK data exports, we use the UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU SCCs.
You may request a copy of the SCCs we use or object to international transfers (subject to the limit on our ability to provide services).
10. Data Retention Matrix
We retain your personal data only as long as necessary for the purposes in this Policy or as required by law:
| Data category | Retention period | Lawful basis / reason |
|---|---|---|
| User profile (name, photo, preferences) | Until account deletion + 30-day grace period | Contract performance |
| Login credentials | Until account deletion | Contract performance |
| Marketing preferences and consent records | Until withdrawal + 3 years | GDPR accountability (Art 7(1)) |
| Booking records (all bookings) | 7 years post-charter completion | UK Companies Act, HMRC tax requirements |
| Booking records ≥€10,000 (KYC triggered) | 7 years post-charter completion | UK MLR 2017 Reg 40 + tax |
| Payment records (tokenized refs) | 7 years | Tax / accounting / chargeback defence |
| KYC documents (in Sumsub portal) | 7 years post-relationship | UK MLR 2017 Reg 40 |
| Source of Funds documentation (≥€10,000) | 7 years post-relationship | UK MLR 2017 Reg 40 |
| Sanctions / PEP screening results | 7 years post-relationship | UK MLR 2017 |
| Suspicious Activity Reports (SARs) | 7 years | UK MLR 2017 |
| Charter GPS tracks | 5 years post-charter | Chargeback dispute window (Visa CE 3.0) |
| Customer support messages | 3 years (or 7 years if dispute / chargeback) | Customer service + dispute defence |
| Free-text booking notes | Deleted with the booking record | Booking record retention |
| Crash diagnostics (pseudonymised) | ≈90 days at SDK provider | Debugging |
| Fraud prevention records (Stripe Radar, internal register) | 5 years | Legitimate interest in fraud prevention |
| Cookie consent records | Until withdrawal + 3 years | GDPR accountability |
| Website analytics (aggregated) | 26 months | Industry standard |
| CCTV / device logs | 12 months | Security |
| Email logs (transactional) | 3 years | Operational + dispute defence |
Even after account deletion, we retain certain records where legally required. Retained data is technically and organisationally segregated and accessed only for the specific legal purpose.
11. Your rights as a data subject
Under GDPR you have the right to:
- Access your personal data (Art. 15)
- Rectify inaccurate data (Art. 16)
- Erasure — "right to be forgotten" (Art. 17), subject to retention exceptions
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Object to processing (Art. 21)
- Withdraw consent at any time (Art. 7(3))
- Not be subject to automated decision-making (Art. 22) — KYC combines automated and human review
- Lodge a complaint with a supervisory authority (Art. 77)
To submit a request, email privacy@myyacht.me with your full name, the email used on MyYacht.me, the right you wish to exercise, and any specific data or time period the request relates to. We may ask for proof of identity to prevent unauthorised disclosure and respond within 30 days (extendable to 60 for complex requests). Exercising your rights is free of charge.
12. Account deletion process
MyYacht.me supports account deletion in compliance with Apple App Store Guideline 5.1.1(v), Google Play app account deletion requirements, and GDPR Article 17. You can initiate deletion in three ways:
- In-app: Settings → Account → Delete Account
- On the web: https://myyacht.me/delete-account
- By email: privacy@myyacht.me with the subject "Account Deletion Request".
Flow: initiate → confirmation screen → re-authentication → Data Deletion Matrix shown → confirm → 30-day grace period (recoverable by signing in) → hard deletion of all personal data except legal retention exceptions. Email confirmation is sent at each step.
What is retained for legal compliance: booking records ≥€10,000 (7 years, UK MLR 2017); payment records (7 years); KYC documents in Sumsub (7 years post-relationship); charter GPS tracks (5 years, chargeback window); fraud prevention records (5 years).
13. Children's privacy
MyYacht.me is NOT directed at children. Mobile apps are rated 17+. We do not knowingly collect personal data from children under 16. If we become aware that we have collected such data without verifiable parental consent, we will delete it. If you believe we have collected data from your child, contact privacy@myyacht.me.
14. Data security measures
Technical: encryption in transit (TLS 1.2+, TLS 1.3 where supported); encryption at rest (AES-256); password hashing (bcrypt or equivalent); MFA for admin access; regular security updates and patching; network segmentation and firewalls; audit logging; annual penetration testing (planned before public launch).
Organisational: role-based access controls (least privilege); confidentiality agreements with all staff and contractors; privacy and security training; background checks for staff with access to sensitive data; Data Processing Agreements with all sub-processors; vendor risk assessments.
Independent external penetration testing and security review is planned before public production launch.
15. Data breach procedures
We notify the UK ICO within 72 hours of becoming aware of a personal data breach (GDPR Art. 33) where required, and Montenegro DPA where applicable. Affected data subjects are notified without undue delay if the breach is likely to result in high risk to their rights and freedoms (Art. 34). All breaches are documented per Art. 33(5). Detailed procedures are in our internal Data Breach Response Protocol.
16. Changes to this policy
We may update this Privacy Policy from time to time. When we do we update the "Last Updated" date at the top, notify users of material changes via email and/or in-app notification at least 30 days before they take effect, and maintain a version history available upon request. Continued use of MyYacht.me after the effective date constitutes acceptance of the updated Policy.
17. Contact and complaints
Privacy contact: email privacy@myyacht.me, phone / WhatsApp / Telegram +382 68 758 345, or postal: Mrs Alla Tarasevych, Director / Data Protection Lead, INLD LIMITED, Redhill Marina, Ratcliffe-on-Soar, Nottingham, NG11 0EB, United Kingdom.
Right to lodge a complaint. If you are not satisfied with our response you can lodge a complaint with the UK Information Commissioner's Office (https://ico.org.uk), with the Montenegro Data Protection Agency (https://azlp.me), or with the supervisory authority in your country of residence. We encourage you to contact us first so we can resolve concerns promptly.
B. Appendix B: Sub-processors register (live)
Last reviewed: 10 May 2026.
| Sub-processor | Service | Region | DPA status |
|---|---|---|---|
| Stripe Payments UK Ltd / Stripe Group | Card payment processing | UK / USA / Global | DPA via Stripe terms |
| PayPal (Europe) S.à r.l. et Cie, S.C.A. | PayPal payment processing | Luxembourg / USA / Global | DPA via PayPal terms |
| Sumsub (Sum and Substance Ltd) | KYC verification | UK / Global | DPA signed |
| ComplyAdvantage (Compliance.AI Ltd) | Sanctions / PEP screening | UK / Global | DPA in place |
| Vercel Inc. | Web hosting | USA | DPA via Vercel terms |
| Supabase Inc. | Backend database + Auth | USA / EU | DPA via Supabase terms |
| Apple Inc. | iOS App Store / MapKit / Sign in with Apple | USA | Apple Developer Program agreement |
| Google LLC | Android Google Play / Maps SDK / Sign-In / Analytics / Ads | USA | Google terms + DPA where applicable |
| Meta Platforms Inc. | Meta Pixel / Ads (consent-based) | USA | Meta terms |
| Crashlytics OR Sentry (final TBD) | Mobile crash reporting | USA / Germany | DPA via vendor terms |
| Resend (resend.com) | Transactional + marketing email | USA / EU | DPA via Resend terms |
| SMS gateway (TBD) | SMS notifications | EU / Global | DPA via vendor terms |
To be notified when sub-processors change, email privacy@myyacht.me with the subject "Sub-processor notifications".