Privacy Policy

At Surfspotter ("we", "our", or "us"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and mobile application (collectively, the "Service").

Please read this privacy policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

1.1 Personal Information

We may collect personally identifiable information that you voluntarily provide, including:

• Name and email address when you create an account
• Profile information such as profile picture, bio, and location
• Payment information when you make purchases (processed securely by our payment provider Stripe)
• Communications when you contact us or participate in surveys

1.2 Usage Information

We automatically collect certain information when you use our Service:

• Device information (browser type, operating system, device identifiers)
• Log data (IP address, access times, pages viewed)
• Location data (with your permission, for surf spot recommendations)
• Cookies and similar tracking technologies

1.3 Photos and Content

If you are a photographer, we collect and store the photos you upload, along with metadata such as location, date taken, and any descriptions you provide.

1.4 Visual Recognition Data

With your explicit consent, we may collect visual characteristics to help you find photos of yourself:

• Gear-Based Matching (No consent required): Colors and types of surfing gear you describe (wetsuit color, board type, rashguard, swimwear)
• AI Face Recognition (Explicit opt-in required): Facial feature data used solely for matching you to surf photos

2.1 What is AI Face Match?

AI Face Match is an optional feature that uses facial recognition technology to help surfers find photos of themselves among thousands of surf session photos. This feature:

• Requires explicit opt-in consent before activation
• Creates a mathematical representation (face embedding) of your facial features
• Compares this embedding against faces detected in surf photos
• Returns potential matches ranked by similarity

2.2 How We Collect Biometric Data

If you choose to enable AI Face Match:

• You upload a clear selfie or select existing photos
• Our system generates a facial embedding (numerical representation)
• The original photo may be deleted after processing (you choose)
• Only the embedding is stored for matching purposes

2.3 How We Use Biometric Data

Your biometric data is used exclusively to:

• Match your face to faces detected in surf session photos
• Rank photo results by likelihood of being you
• Improve match accuracy over time (with your feedback)

We do NOT:

• Sell or share your biometric data with third parties
• Use your biometric data for advertising purposes
• Use biometric data for any purpose other than photo matching
• Allow law enforcement access without valid legal process

2.4 Biometric Data Retention

Your biometric data is stored as follows:

• Active accounts: Retained while you have an active account with Face Match enabled
• Disabled feature: Deleted within 30 days of disabling Face Match
• Account deletion: Permanently deleted within 30 days of account deletion
• Maximum retention: 3 years from last use, then automatically deleted

2.5 Your Biometric Rights

You have the right to:

• Refuse: Decline to provide biometric data and use gear-based matching instead
• Withdraw consent: Disable Face Match at any time in your account settings
• Request deletion: Have all biometric data permanently deleted
• Access: Request information about what biometric data we hold
• Portability: Export your biometric data in a standard format

As a privacy-friendly alternative to facial recognition, we offer gear-based matching:

• Wetsuit color: Black, blue, red, etc.
• Board type: Shortboard, longboard, bodyboard, SUP
• Board color/design: Distinctive patterns or colors
• Rashguard/swimwear: Colors and patterns
• Accessories: Hats, sunglasses, etc.
• Stance: Regular or goofy footer

This data is stored in your profile and is not considered biometric data. You can update or delete this information at any time.

We use the information we collect to:

• Provide, maintain, and improve our Service
• Process transactions and send related information
• Send you technical notices, updates, and support messages
• Respond to your comments, questions, and customer service requests
• Communicate with you about products, services, and events
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions and abuse
• Personalize your experience and provide content recommendations

We may share your information in the following situations:

• With Service Providers: Third parties that perform services on our behalf (hosting, payment processing, analytics)
• With Other Users: Your public profile and photos are visible to other users
• For Business Transfers: In connection with a merger, acquisition, or sale of assets
• For Legal Reasons: To comply with applicable laws, regulations, or legal processes
• With Your Consent: When you have given us permission to share

5.1 Affiliate Partners

We may use affiliate links to third-party services (such as hotels and accommodation providers). When you click these links, those third parties may collect information about you according to their own privacy policies. We encourage you to read their privacy policies before providing any personal information.

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using SSL/TLS
• Secure storage of passwords using industry-standard hashing
• Regular security assessments and updates
• Limited access to personal information by employees

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request that we correct inaccurate or incomplete information
• Deletion: Request that we delete your personal information
• Portability: Request a copy of your data in a machine-readable format
• Opt-out: Unsubscribe from marketing communications at any time

To exercise these rights, please contact us at privacy@surfspotter.app

8. Cookies and Tracking

We use cookies and similar tracking technologies to collect and store information about your interactions with our Service. You can control cookies through your browser settings, but disabling cookies may limit some features of our Service.

Types of cookies we use:

• Essential: Required for the Service to function properly
• Analytics: Help us understand how users interact with our Service
• Preferences: Remember your settings and preferences
• Marketing: Used to deliver relevant advertisements

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will delete it immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have data protection laws that differ from your country. By using our Service, you consent to the transfer of your information to these countries.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy or our data practices, please contact us: