Privacy Policy DEEP Connect

Effective date: November 3, 2025

This Privacy Policy explains how Deep Works ("we", "us") collects, uses, shares, and protects your information when you use DEEP Connect (the "App" and the website, the "Service"). By using the Service, you agree to the practices described here.

1. Information We Collect

Account & Profile

  • Name, email, password (hashed), phone number.
  • Certification level, location (country/city you select), preferences.
  • For operators: business details, contact information, site/operator media.

Usage & Device

  • App interactions, pages viewed, and general diagnostic logs.
  • Device data (model, OS) and approximate IP-derived region (for security and localization).

Location

With your permission, we may access location to show nearby dive sites and improve recommendations. You can disable location in your device settings at any time.

Photos & Media

If you upload photos (e.g., avatars, site galleries, dive logs), we store them in our cloud storage. You control what you upload and can request deletion.

2. How We Use Your Information

  • Provide and improve the Service (bookings, site discovery, profiles, operator tools).
  • Authenticate users and maintain account security.
  • Send transactional emails (welcome letters, password resets) via our email provider.
  • Personalize content, recommendations, and in-app experiences.
  • Comply with legal obligations and enforce terms.

3. Legal Bases (EEA/UK)

  • Contract – to deliver features you request.
  • Legitimate interests – security, analytics, product improvement.
  • Consent – optional features like location, marketing (where applicable).
  • Legal obligation – where we must retain certain records.

4. Sharing & Processors

We do not sell your personal information. We use trusted processors to run the Service:

  • Supabase (database, authentication, storage).
  • Brevo (email delivery for welcome letters and resets).
  • Expo/Push Services (if push notifications are enabled).
  • Other infrastructure and analytics providers necessary to operate the app.

Processors are bound by contracts to protect your data and use it only on our instructions.

5. Data Retention

We keep personal data only as long as needed for the purposes above, then delete or de-identify it unless longer retention is required by law (e.g., fraud prevention, accounting).

6. Security

We use industry-standard safeguards, including encrypted transport (HTTPS), access controls, and secure storage. No system is fully secure; please keep your account credentials safe.

7. International Transfers

Your data may be processed in countries other than your own. Where applicable, we use appropriate safeguards (e.g., SCCs) for cross-border transfers.

8. Your Rights

Depending on your region, you may have rights to access, correct, delete, or port your data, and to object or restrict certain processing. You can exercise rights by contacting us at deepconnect@wearedeepworks.com.

California (CCPA/CPRA)

  • Right to know, delete, correct, and limit use of sensitive data.
  • We do not "sell" or "share" personal information as defined by the CPRA.
  • Submit requests via email: deepconnect@wearedeepworks.com.

9. Cookies & Similar Technologies

We may use cookies and similar technologies on the website to keep you signed in, remember preferences, and perform basic analytics. You can control cookies via your browser settings.

10. Children’s Privacy

DEEP Connect is not directed to children under 13 (or the minimum age in your jurisdiction). If you believe a child has provided us personal data, contact us to request deletion.

11. Changes to This Policy

We may update this policy to reflect changes in the Service or laws. We will post the new version with an updated effective date, and where appropriate, notify you.

12. Contact Us

Deep Works
Email: deepconnect@wearedeepworks.com
Website: wearedeepworks.com

If you need a copy of your data or want us to delete your account, email us with the subject line: “Privacy Request”.