Privacy policy

WatchKeeper exists to help sailors keep a calm record of their passages and share status with shore crew. We collect only what we need to deliver that service. We do not sell your data. We do not run ads. We do not track you across the web.

This page explains the details in full. If anything is unclear, write to hello@watchkeeper.me.

WatchKeeper is operated by Watchkeeper Technology Inc., a British Columbia corporation. For the purposes of GDPR and PIPEDA we are the data controller for the personal information described below.

When you use WatchKeeper, we process the following:

• Account data: name, email address, password hash (we never store the password itself), preferences, and the timestamps of account events.
• Vessel data: vessel name, type, dimensions, and other particulars you enter.
• Passage data: log entries you record — positions, course, speed, wind, watch state, notes, photos — together with any files you upload (GPX tracks, attachments).
• Crew + emergency contacts: names, contact methods, and roles for people you add to your vessel roster.
• Billing data: subscription state, customer identifier, last-4 of the payment method (held by our processor, Stripe). We never see or store your full card number.
• Diagnostic data: error reports (Sentry), aggregate performance traces, and minimal server logs sufficient to operate the service.

• Deliver the WatchKeeper service: serve the app, queue and replay your offline writes, generate shore briefs, deliver email and SMS to recipients you list.
• Bill you accurately for the tier you chose.
• Send transactional emails (password resets, billing receipts, shore brief deliveries).
• Diagnose problems, improve reliability, and protect against abuse.

We do not use your data to train any machine-learning model. We do not sell your data. We do not share it with advertisers.

WatchKeeper’s primary database is hosted with Supabase in the ap-northeast-1 (Tokyo) region. File uploads are stored in Supabase Storage in the same region. Email delivery is operated by Resend. SMS delivery (for Bluewater-tier subscribers) is operated by Twilio. Payments are processed by Stripe. AI shore-brief generation is performed by Anthropic (Claude) and, as a fallback, by OpenAI; both providers process the brief inputs only to produce the brief output and do not retain them for training.

The third parties that process your data on Watchkeeper’s behalf are listed in full on our sub-processors page. For each, we name the purpose, the categories of data they access, the region they operate in, and a link to their own privacy policy. We update that page whenever a sub-processor is added or removed.

Where required by GDPR Article 28, we have data processing agreements (DPAs) in place with each sub-processor that handles personal data on our behalf.

You control who sees your passage data. Shore briefs go to the email and phone recipients you explicitly add to your vessel’s emergency-contact list. Public passage share links are opt-in per passage and can be revoked at any time.

We share data with the third-party service providers listed above only to the extent necessary to operate WatchKeeper. We do not share your data with any other party except as required by law.

Under GDPR (EU/UK), CCPA (California), and similar regimes elsewhere, you have the right to access, correct, port, or delete your personal data. To make a request, email privacy@watchkeeper.me from the address on your account. We aim to respond within 30 days, in line with GDPR Article 12. Automated self-service exports are available from Settings → Privacy → Download my data.

You can export your data (GPX, KML, CSV) at any time from inside the app. You can delete your account at any time from Settings → Account → Danger Zone. Deletion is a soft-delete with a 30-day grace window, after which all personal data is permanently removed from primary storage. Aggregate, non-identifying diagnostic data may be retained for service reliability purposes.

If you are in a jurisdiction that grants statutory data-protection rights (GDPR, CCPA, etc.), you may at any time request: access, correction, deletion, restriction of processing, or data portability. Email hello@watchkeeper.me and we will respond within 30 days.

We use first-party cookies strictly necessary to keep you signed in and to remember your interface preferences. We do not use third-party advertising cookies. We do not track you across other sites.

WatchKeeper is intended for use by adults responsible for vessel operations. We do not knowingly collect data from people under 16. If you believe a minor has created an account, contact us and we will delete the account.

We may update this policy as the service evolves. Material changes will be announced by email to active subscribers and reflected in the “Effective” date at the top of this page. Continued use of WatchKeeper after a material change constitutes acceptance of the updated policy.

Questions, requests, complaints: hello@watchkeeper.me.