Effective: July 13, 2026
1. Scope
This policy applies to CharterOsprey’s website and software service. Charter businesses using CharterOsprey are independent businesses and may provide additional privacy notices for their customers.
2. Information we collect
Captain account data
We collect business name, owner and staff names, email addresses, login credentials, subscription plan, settings, integration configuration, and support communications.
Charter customer data
On behalf of a charter business, we process booking names, contact information, passenger counts, trip details, notes, payment references, gift-card records, quotes, contact submissions, and communication history.
Technical data
We may process IP address, browser and device information, security logs, audit events, and diagnostic data needed to operate and protect the service. Privacy-friendly analytics may collect aggregate page usage without cross-site advertising profiles.
3. How we use information
- Provide booking, scheduling, payment, communication, and operations features.
- Authenticate users, prevent abuse, investigate incidents, and maintain audit history.
- Bill captains for CharterOsprey subscriptions and provide support.
- Improve reliability and understand aggregate product usage.
- Meet legal, tax, accounting, and regulatory obligations.
4. Payments and integrations
Stripe processes payment-card information. CharterOsprey does not store full card numbers. A captain may connect Stripe, Google Calendar, email, SMS, storage, or other providers; their terms also apply. Integration credentials are encrypted where stored by CharterOsprey.
5. Sharing
We share data with service providers only as needed to operate the service, such as hosting, database, email, SMS, security, analytics, and payment vendors. We do not sell personal information or use charter-customer data for third-party advertising.
6. Retention
We retain records while an account is active and as reasonably needed for operations, disputes, security, backups, tax, or legal obligations. Retention may vary by record type and a captain’s instructions.
7. Security
We use tenant isolation, access controls, encryption for sensitive credentials, secure password hashing, signed public links, two-factor authentication options, audit logging, and payment-webhook replay protection. No online service can guarantee absolute security.
8. Your choices
You may ask to access, correct, export, or delete account data, subject to legal and operational exceptions. Charter customers should normally contact the charter business that collected their information; CharterOsprey assists that business with appropriate requests.
9. Children
CharterOsprey is a business service and is not directed to children under 13. Passenger information about minors should be provided only by an authorized adult when needed for a trip.
10. Contact and changes
Questions may be sent to privacy@charterosprey.com. We may update this policy and will change the effective date when we do.