TL;DR
We collect as little as practical to run the Site and respond to you. Bookings, payments, and gift cards are processed by Square (their policies apply). We do not sell your personal information. You can request access to, or deletion of, information you have shared directly with us. Depending on where you live, you may have additional privacy rights (including GDPR and certain U.S. state laws).
This Privacy Policy explains how VT Float Away (“we”, “us”) handles personal information on this website (the “Site”).
For services you book, pay for, or redeem through Square, Square may act as an independent processor/controller for parts of that transaction. Their privacy policy governs their handling of your information.
Messages you send us (email or contact requests) may include your name, email address, phone number, and whatever you include in the message. If you ask about a booking, you may share basic customer support context, such as a date/time, service type, or receipt details.
We do not ask you to send sensitive health information through the Site. If you choose to include it in a message, you do so voluntarily.
When you book or buy a gift card, you provide information to Square, such as contact details and payment details. We typically receive only the information we need to run the business (for example: your name, contact information, booking time, and purchase status). We do not receive or store your full payment card number.
Like most websites, we and our infrastructure providers may collect limited technical data (such as IP address, device and browser type, operating system, pages requested, timestamps, referrer headers, and basic security and performance logs) to keep the Site reliable, secure, and fast.
We use personal information to respond to messages and requests, provide customer support, operate the Site (performance, uptime, abuse prevention, and debugging), and run the business (confirm bookings, resolve payment and gift card issues, and recordkeeping).
We do not use your information to build advertising profiles.
We aim to keep tracking minimal.
We use Cloudflare Web Analytics to understand aggregate Site usage (for example: page views, referrers, device type, and approximate location such as country/region). Cloudflare Web Analytics is designed to run without analytics cookies or localStorage, and we do not use it to identify you personally.
As of today, our Site does not set analytics cookies. If we add other analytics tools in the future, we will update this policy before they go live.
We do not sell your personal information.
We may share information only with service providers needed to run the Site and business (for example: hosting/CDN, email, and Square for bookings, payments, and gift cards); with legal/compliance when required to comply with law, enforce agreements, or protect rights, safety, and security; or in connection with business transfers (such as a merger, acquisition, or asset sale), in which case we will require continued protection of your data.
Square links: Square Privacy and Square Terms.
Messages you send us are retained as long as needed for support and reasonable business recordkeeping. Booking and payment records are retained according to operational needs and legal/accounting requirements (often driven by Square and tax rules). Technical logs are retained for security and performance, typically on a rolling basis.
We use reasonable administrative, technical, and organizational safeguards appropriate to the nature of the information. No method of transmission or storage is 100% secure.
You can request access, correction, or deletion of personal information you have provided directly to us by emailing justin@vtfloataway.com.
For information handled by Square (payments, gift cards, and booking platform data), you may need to contact Square directly or use Square’s tools, depending on the request.
If you are in the EEA/UK, you may have rights to access, correct, delete, or port your data; object to or restrict certain processing; withdraw consent where processing is based on consent; and lodge a complaint with your local data protection authority.
Legal bases (GDPR): We process personal data to perform a contract or take steps you request before booking, comply with legal obligations, and pursue legitimate interests like Site security, fraud prevention, and customer support. Where required, we rely on consent (for example: certain analytics).
Depending on your state (for example: CA, CO, CT, VA, UT, and others), you may have rights to access, delete, or correct personal data, and to opt out of certain uses such as “targeted advertising” or “sale/sharing” as defined by those laws.
We do not sell personal information, and we do not use personal information for targeted advertising in the usual sense. If that changes, we will update this policy and provide required opt-out mechanisms.
If you access the Site from outside the United States, your information may be processed in the United States or other locations where our providers operate. When required, we rely on appropriate safeguards for cross-border transfers (for example: standard contractual clauses used by providers).
The Site is not intended for children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will address it.
We may update this Privacy Policy by posting a new version on this page and updating the “Last updated” date.
For questions: justin@vtfloataway.com
