Privacy Policy

Effective April 25, 2026

This Privacy Policy explains what information Boat Guru (“we”, “us”) — operated by Samuel Henderson, a sole proprietor in Virginia — collects when you use the Service, and what we do with it.

1. Information we collect

You give us

• Account information: email address and a hashed password.
• Chat content: the messages you send and the AI responses, including any photos you upload for diagnosis.
• Boat profiles (Pro/Max): hull and engine specifications you choose to save (manufacturer, model, year, HP, HIN, notes).
• Payment information: handled by Stripe. We never see or store your full credit card number — Stripe gives us only a customer ID and last-4 / expiry for display purposes.

We collect automatically

• Usage: message counts, model selections, feature usage, error logs.
• Technical: IP address, browser, device type, approximate geolocation derived from IP (used for rate-limiting and abuse prevention).
• Cookies and local storage: a session cookie for authentication, plus minimal local storage for UI preferences (theme, input draft).

2. How we use your information

• To provide, maintain, and improve the Service.
• To generate AI responses by sending your messages (and your saved boat profile, if any) to our AI model providers.
• To process payments and manage your subscription.
• To send transactional email (receipts, payment failures).
• To enforce our Terms, detect abuse, prevent fraud, and meet legal obligations.
• With your separate consent: to send occasional product updates. You can unsubscribe at any time.

We do not sell your personal information. We do not use your chat content to train third-party AI models.

3. Service providers we share data with

Operating the Service requires sharing limited information with infrastructure providers who act as our processors:

• Vercel — application hosting, AI Gateway routing.
• Anthropic— large language model provider (Claude). Your messages and any photos are sent to Anthropic to generate responses. Anthropic's API does not train its models on submitted content.
• Neon — managed PostgreSQL database (account, chat history, boat profiles).
• Vercel Blob — file storage for photos you upload.
• Upstash — Redis cache used for resumable streams.
• Stripe — payments and customer billing portal.

We may also disclose information when required by law, to enforce our Terms, or to protect the rights, property, or safety of users or the public.

4. International transfers

We are based in the United States, and the providers listed above primarily process data in the United States. If you access the Service from outside the U.S., you consent to your information being transferred to and processed in the U.S.

5. Data retention

• Account data: retained while your account is active and for up to 90 days after deletion to allow account recovery and to satisfy legal obligations.
• Chat history: retained per your plan (Free: 30 days; Pro/Max: indefinite, or until you delete it). You can delete individual chats or all chats from the sidebar.
• Billing records: retained as required by tax and accounting law (typically up to seven years).
• Logs and aggregated usage: retained up to 12 months for security and product improvement.

6. Your rights

You can:

• Access the chat content and boat profiles tied to your account.
• Delete chats individually or all at once.
• Request deletion of your account and the data associated with it by emailing support@boatguru.ai. We will action verified requests within 30 days.
• Export a copy of your account data on request (same email above).
• Manage or cancel your subscription through the customer portal.

California residents have specific rights under the CCPA, and EU/UK residents have rights under GDPR/UK GDPR (including access, rectification, erasure, portability, objection, and the right to lodge a complaint with your supervisory authority). Contact us to exercise these rights.

7. Security

We use industry-standard measures to protect your information, including encryption in transit (HTTPS), encrypted database storage, and limited employee access. No system is perfectly secure; you use the Service at your own risk.

8. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, contact us and we will delete it.

9. Changes to this Policy

We may update this Policy from time to time. We will post the updated Policy with a new effective date and, for material changes, notify you by email or in-product notice.

10. Contact

Questions or requests? Email support@boatguru.ai.

See also our Terms of Service and Disclaimer.