Privacy Policy
Effective Date: July 14, 2025
1. Overview
Monferado Yacht Rentals ("we," "us," "our," or "Company") is committed to protecting your privacy and personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.
By using our services, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our services.
2.1 Personal Information
We may collect the following types of personal information:
- Contact Information: Name, email address, phone number, mailing address
- Identification Information: Date of birth, government-issued ID (for age verification and safety purposes)
- Charter Information: Charter dates, guest count, special requests, dietary requirements
- Payment Information: Credit card details, billing address (processed securely through third-party payment processors)
- Emergency Contacts: Names and contact information for emergency situations
- Communication Records: Emails, phone calls, and other communications with us
2.2 Automatically Collected Information
When you visit our website, we automatically collect:
- IP address and device information
- Browser type and version
- Pages visited and time spent on site
- Referring website or source
- Location data (general geographic area)
- Cookies and similar tracking technologies
2.3 Information from Third Parties
We may receive information about you from:
- Social media platforms (if you connect your accounts)
- Travel agencies or booking partners
- Reference checks for charter safety purposes
- Public records for verification purposes
3. How We Use Your Information
3.1 Primary Uses
We use your personal information to:
- Process and manage your yacht charter bookings
- Provide customer service and support
- Communicate about your charter, including confirmations and updates
- Ensure safety and security during charters
- Process payments and manage billing
- Comply with legal and regulatory requirements
3.2 Secondary Uses
With your consent, we may also use your information to:
- Send marketing communications about our services
- Provide personalized recommendations
- Conduct surveys and gather feedback
- Improve our website and services
- Create anonymized analytics and reports
3.3 Legal Basis for Processing (GDPR Compliance)
We process your personal information based on:
- Contract: To fulfill our charter agreements with you
- Legitimate Interest: To improve our services and protect our business
- Consent: For marketing communications and optional services
- Legal Obligation: To comply with maritime safety and tax regulations
4. Information Sharing
4.1 When We Share Information
We may share your personal information in the following circumstances:
- Service Providers: With trusted third parties who assist in our operations (payment processors, booking systems, catering services)
- Legal Requirements: When required by law, court order, or government regulation
- Safety and Security: To protect the safety of our guests, crew, and equipment
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- With Consent: When you explicitly agree to sharing for specific purposes
4.2 Third-Party Service Providers
We work with reputable service providers who are contractually obligated to protect your information:
- Payment processors (Stripe, PayPal)
- Booking and reservation systems
- Email marketing platforms
- Website analytics services
- Cloud hosting providers
- Insurance companies (for coverage purposes)
4.3 We Do Not Sell Personal Information
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
5. Data Security
5.1 Security Measures
We implement comprehensive security measures to protect your personal information:
- SSL encryption for all data transmission
- Secure data storage with encryption at rest
- Regular security audits and vulnerability assessments
- Access controls and employee training
- Secure payment processing through PCI-compliant providers
- Regular backup and disaster recovery procedures
5.2 Data Breach Procedures
In the unlikely event of a data breach affecting your personal information, we will:
- Notify affected individuals within 72 hours when required by law
- Report the breach to relevant authorities as required
- Take immediate steps to contain and remedy the breach
- Provide guidance on protective measures you can take
6. Cookies and Tracking Technologies
6.1 Types of Cookies We Use
- Essential Cookies: Required for website functionality and security
- Performance Cookies: Help us understand how visitors use our website
- Functional Cookies: Remember your preferences and settings
- Marketing Cookies: Used to deliver relevant advertisements (with your consent)
6.2 Managing Cookies
You can control cookies through:
- Our cookie banner and preference center
- Your browser settings
- Third-party opt-out tools
Note that disabling certain cookies may affect website functionality.
6.3 Third-Party Analytics
We use Google Analytics to understand website usage. You can opt out using the Google Analytics Opt-out Browser Add-on.
7. Your Privacy Rights
7.1 General Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information (subject to legal requirements)
- Portability: Request your data in a portable format
- Objection: Object to certain types of processing
- Restriction: Request restriction of processing in certain circumstances
7.2 Canadian Privacy Rights (PIPEDA)
As a Canadian company, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to:
- Know what personal information we collect and how it's used
- Access your personal information
- Request correction of errors
- File a complaint with the Privacy Commissioner of Canada
7.3 European Union Rights (GDPR)
If you're in the EU, you have additional rights under GDPR, including the right to lodge a complaint with your local data protection authority.
7.4 Exercising Your Rights
To exercise any of these rights, please contact us using the information provided in Section 12. We will respond to your request within the timeframes required by applicable law.
8. International Data Transfers
Your personal information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including:
- Standard contractual clauses approved by relevant authorities
- Adequacy decisions by competent authorities
- Other appropriate safeguards as required by law
9. Data Retention
We retain your personal information only as long as necessary for the purposes outlined in this policy:
- Charter Records: 7 years for tax and regulatory compliance
- Marketing Communications: Until you unsubscribe or withdraw consent
- Website Analytics: 26 months (Google Analytics default)
- Payment Information: As required by payment processors and financial regulations
- Safety Records: As required by maritime safety regulations
10. Children's Privacy
Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.
For charter purposes, we may collect information about minors who are guests, but only with proper parental consent and for safety and service delivery purposes.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will:
- Post the updated policy on our website
- Update the "Last Modified" date
- Notify you of material changes via email or website notice
- Obtain your consent for changes that significantly affect your rights
We encourage you to review this policy periodically to stay informed about how we protect your information.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Complaints
If you believe we have not properly addressed your privacy concerns, you may file a complaint with: