Privacy

Effective:: 2026.01.20
Updated:: 2026.02.04

TL;DR

We collect as little as practical to run the Site and respond to you. Scheduling and purchases of gift cards, packs, and memberships are handled by Acuity, and payments are processed by Square (their policies apply). We do not sell your personal information. You can request access to, or deletion of, information you have shared directly with us. Depending on where you live, you may have additional privacy rights (including GDPR and certain U.S. state laws).

1) Who we are

This Privacy Policy explains how VT Float Away (“we”, “us”) handles personal information on this website (the “Site”).

For services you schedule or purchase through Acuity (including gift cards, packs, and memberships), Acuity may act as an independent processor/controller for scheduling and order data. Acuity is a Squarespace company. Payment card processing is handled by Square, which may act as an independent processor/controller for payment data. Their privacy policies govern their handling of your information.

2) Information we collect

a) Information you provide directly to us

Messages you send us (email or contact requests) may include your name, email address, phone number, and whatever you include in the message. If you ask about a booking, you may share basic customer support context, such as a date/time, service type, or receipt details.

We do not ask you to send sensitive health information through the Site. If you choose to include it in a message, you do so voluntarily.

b) Scheduling and purchases (Acuity) + payments (Square)

When you schedule a session or purchase a gift card, pack, or membership, you provide information to Acuity, such as contact details, appointment preferences, and purchase details. When you pay, you provide information to Square, such as contact and payment details. We typically receive only the information we need to run the business (for example: your name, contact information, booking time, and purchase status). We do not receive or store your full payment card number.

c) Information collected automatically (site operations)

Like most websites, we and our infrastructure providers may collect limited technical data (such as IP address, device and browser type, operating system, pages requested, timestamps, referrer headers, and basic security and performance logs) to keep the Site reliable, secure, and fast.

3) How we use information

We use personal information to respond to messages and requests, provide customer support, operate the Site (performance, uptime, abuse prevention, and debugging), and run the business (confirm bookings, resolve payment and gift card issues, and recordkeeping).

We do not use your information to build advertising profiles.

4) Cookies and analytics

We aim to keep tracking minimal.

We use Cloudflare Web Analytics to understand aggregate Site usage (for example: page views, referrers, device type, and approximate location such as country/region). Cloudflare Web Analytics is designed to run without analytics cookies or localStorage, and we do not use it to identify you personally.

As of today, our Site does not set analytics cookies. If we add other analytics tools in the future, we will update this policy before they go live.

5) External links

Our Site links to third-party websites (for example, YouTube or ESPN) for optional content. If you click those links, you will be directed to sites governed by their own privacy policies and terms. We do not control and are not responsible for third-party practices.

6) Sharing and disclosures

We do not sell your personal information.

We may share information only with service providers needed to run the Site and business (for example: hosting/CDN, email, Acuity for scheduling and purchases, and Square for payment processing); with legal/compliance when required to comply with law, enforce agreements, or protect rights, safety, and security; or in connection with business transfers (such as a merger, acquisition, or asset sale), in which case we will require continued protection of your data.

Acuity links: Acuity Privacy and Acuity Terms (Acuity is a Squarespace company).

Square links: Square Privacy and Square Terms.

7) Data retention

Messages you send us are retained as long as needed for support and reasonable business recordkeeping. Booking and payment records are retained according to operational needs and legal/accounting requirements (often driven by Acuity, Square, and tax rules). Technical logs are retained for security and performance, typically on a rolling basis.

8) Security

We use reasonable administrative, technical, and organizational safeguards appropriate to the nature of the information. No method of transmission or storage is 100% secure.

9) Your choices and rights

a) Requests (everyone)

You can request access, correction, or deletion of personal information you have provided directly to us by emailing justin@vtfloataway.com.

For information handled by Acuity (scheduling and purchases) or Square (payments), you may need to contact those providers directly or use their tools, depending on the request.

b) EEA/UK (GDPR) rights

If you are in the EEA/UK, you may have rights to access, correct, delete, or port your data; object to or restrict certain processing; withdraw consent where processing is based on consent; and lodge a complaint with your local data protection authority.

Legal bases (GDPR): We process personal data to perform a contract or take steps you request before booking, comply with legal obligations, and pursue legitimate interests like Site security, fraud prevention, and customer support. Where required, we rely on consent.

c) U.S. state privacy laws

Depending on your state (for example: CA, CO, CT, VA, UT, and others), you may have rights to access, delete, or correct personal data, and to opt out of certain uses such as “targeted advertising” or “sale/sharing” as defined by those laws.

We do not sell personal information, and we do not use personal information for targeted advertising. If that changes, we will update this policy and provide required opt-out mechanisms.

10) International transfers

If you access the Site from outside the United States, your information may be processed in the United States or other locations where our providers operate. When required, we rely on appropriate safeguards for cross-border transfers (for example: standard contractual clauses used by providers).

11) Children’s privacy

The Site is not intended for children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will address it.

12) Changes to this policy

We may update this Privacy Policy by posting a new version on this page and updating the “Updated” date.

13) Contact

For questions: justin@vtfloataway.com