DivePlannerPro

Privacy Policy

Last updated: March 2026

Carbon Intelligence SAS ("we", "us", "our") operates the DivePlanner Pro platform (https://diveplannerpro.com). This privacy policy explains how we collect, use, store, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable French data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

  • Carbon Intelligence SAS
  • 29 rue Dussoubs, 75002 Paris, France
  • SIRET: 101 251 155 000 12
  • Email: contact@carbonintelligence.green
  • Phone: +33 7 68 74 86 40

2. Personal Data We Collect

We collect the following categories of personal data depending on your use of the platform:

Account data

Name, email address, phone number, password (hashed), profile photo, and dive certifications when you create an account.

Diving data

Certification level, diving experience, medical fitness declarations, and waiver signatures when you book diving trips.

Payment data

Payment transactions are processed by Stripe. We do not store your credit card numbers. We retain transaction references, amounts, and payment status.

Usage data

IP address, browser type, pages visited, and interaction patterns collected automatically for security and service improvement purposes.

Cookies

Authentication session cookies managed by Supabase Auth. These are strictly necessary for the service to function and do not track you for advertising purposes.

3. Purposes of Processing

We process your personal data for the following purposes:

  • Account management: creating and maintaining your user account, authenticating your identity.
  • Booking management: processing dive trip reservations, managing participant lists, verifying certifications.
  • Payment processing: handling payments via Stripe, issuing receipts, managing refunds.
  • Communication: sending booking confirmations, trip reminders, and essential service notifications via email.
  • Security: protecting the platform against unauthorized access, fraud, and abuse.
  • Service improvement: analyzing usage patterns to improve the platform experience.

4. Legal Basis for Processing

We process your data on the following legal bases:

  • Performance of a contract: processing necessary to provide the services you have requested (account management, bookings, payments).
  • Consent: for optional data processing such as marketing communications. You may withdraw your consent at any time.
  • Legitimate interest: for security monitoring, fraud prevention, and service improvement, balanced against your rights and freedoms.

5. Third-Party Processors

We use the following third-party service providers to operate the platform. Each processor handles your data in accordance with their own privacy policy and our data processing agreements:

SupabaseDatabase hosting, user authentication, and file storage. Data is stored in the EU (eu-west-2 region).
StripeSecure payment processing for online transactions. Stripe is PCI DSS Level 1 certified.
ResendTransactional email delivery (booking confirmations, notifications).
GoogleOptional OAuth authentication ("Sign in with Google"). Only used if you choose this login method.

6. Cookies and Session Management

DivePlanner Pro uses only strictly necessary cookies for authentication and session management. We do not use advertising cookies, analytics trackers, or third-party tracking cookies. The authentication cookies are set by Supabase Auth and are required for the platform to function correctly.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. If you request account deletion, we will delete your personal data within 30 days, except where we are required to retain certain data for legal, tax, or regulatory compliance purposes (typically up to 5 years for financial records as required by French law).

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: obtain a copy of the personal data we hold about you.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure: request deletion of your personal data ("right to be forgotten").
  • Right to data portability: receive your data in a structured, machine-readable format.
  • Right to object: object to processing based on legitimate interest.
  • Right to restriction: request that we limit the processing of your data.

To exercise any of these rights, please contact us at contact@carbonintelligence.green. We will respond to your request within 30 days.

9. International Data Transfers

Your data is primarily stored within the European Union (Supabase eu-west-2 region). Some third-party processors (Stripe, Resend, Google) may transfer data outside the EU. In such cases, appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

10. Supervisory Authority

If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the French data protection authority:

CNIL (Commission Nationale de l'Informatique et des LibertΓ©s)

3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07

https://www.cnil.fr

11. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact

For any questions or concerns about this privacy policy or our data processing practices, please contact us at:

contact@carbonintelligence.green
← DivePlanner Pro