Privacy Policy
Last Updated: February 2026
1. Introduction
Welcome to Sailtrax. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our mobile application and related services (collectively, the "Service").
We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union.
By using Sailtrax, you agree to the collection and use of information in accordance with this policy.
2. Data Controller
The data controller responsible for your personal data is:
Nikolas Molinari
Technikerstraße 6/1/11
2340 Mödling, Austria
Email: privacy@sailtrax.io
(For data protection inquiries)
3. Data We Collect
3.1 Personal Data You Provide
When you create an account or use our Service, we collect:
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Name | Account identification and personalization | Consent / Contract |
| Email Address | Account creation, login, and communication | Contract |
| Profile Picture | Account personalization (optional) | Consent |
3.2 Data Collected Automatically
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Access Tokens | Authentication and session management | Contract |
| Subscription Status | Managing your access to premium features | Contract |
3.3 Yacht Instrument Data
Sailtrax collects sailing telemetry data (speed, position, wind, depth, etc.) from the yacht's onboard instruments, not from your personal device. This data is:
- Associated with the yacht, not with individual users
- Used to provide live tracking and voyage history features
- Not classified as personal data under GDPR, as it relates to the vessel rather than an identifiable individual
Your account maintains a reference to which yacht voyages you have access to view, but the voyage data itself is not directly tied to your personal identity.
4. How We Use Your Data
We use your personal data for the following purposes:
Providing the Service – Creating and managing your account, authenticating your identity, and enabling access to live sailing data and voyage history.
Processing Payments – Managing subscriptions and premium feature access through our payment processor.
Communication – Sending service-related notifications (e.g., account verification, subscription confirmations). We do not send marketing emails without your explicit consent.
Legal Compliance – Fulfilling our legal obligations and responding to lawful requests.
5. Legal Basis for Processing
Under GDPR, we process your personal data based on the following legal grounds:
| Legal Basis | When It Applies |
|---|---|
| Consent | When you voluntarily provide your profile picture or opt-in to optional features |
| Contract | When processing is necessary to provide the Service you requested (e.g., account creation, subscription management) |
| Legitimate Interest | For security purposes and fraud prevention |
| Legal Obligation | When required by law (e.g., tax records for transactions) |
6. Data Sharing and Third Parties
We share your personal data only with the following categories of third parties:
6.1 Authentication Services
If you sign in using Google Sign-In or Sign in with Apple, we receive your name, email, and profile picture from the respective provider to create your account.
- Google Privacy Policy: https://policies.google.com/privacy
- Apple Privacy Policy: https://www.apple.com/legal/privacy
6.2 Payment Processor
We use RevenueCat to manage subscriptions and in-app purchases. RevenueCat processes payment information on our behalf. We do not store your credit card details.
- RevenueCat Privacy Policy: https://www.revenuecat.com/privacy
6.3 No Sale of Data
We do not sell, rent, or trade your personal data to third parties for marketing or any other purpose.
7. International Data Transfers
Your personal data is stored on servers located in Austria, European Union. We do not transfer your data outside the EU/EEA.
If this changes in the future, we will ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) and update this policy accordingly.
8. Data Retention
We retain your personal data as follows:
| Data Type | Retention Period |
|---|---|
| Account Data (name, email, profile picture) | Until you request deletion or close your account |
| Access Records (yacht access permissions) | Until you request deletion |
| Payment Records | As required by tax law (typically 7 years) |
Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.
9. Your Rights Under GDPR
As a data subject in the European Union, you have the following rights:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Rectification | Request correction of inaccurate or incomplete data |
| Erasure | Request deletion of your personal data ("right to be forgotten") |
| Restriction | Request limitation of processing in certain circumstances |
| Data Portability | Receive your data in a structured, machine-readable format |
| Objection | Object to processing based on legitimate interests |
| Withdraw Consent | Withdraw consent at any time where processing is based on consent |
How to Exercise Your Rights
To exercise any of these rights, please contact us at:
Email: privacy@sailtrax.io
We will respond to your request within 30 days. If we need more time, we will inform you of the reason and extension period (up to 60 additional days).
Right to Lodge a Complaint
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Austria, this is:
Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Vienna, Austria
Website: https://www.dsb.gv.at
10. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encrypted data transmission (HTTPS/TLS)
- Secure authentication via Keycloak
- Access controls and authentication tokens
- Regular security reviews
However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
11. Children's Privacy
Sailtrax is not intended for use by individuals under the age of 16 years. We do not knowingly collect personal data from children under 16.
If you are a parent or guardian and believe your child has provided us with personal data, please contact us at privacy@sailtrax.io. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.
12. Cookies
The Sailtrax website uses only essential/functional cookies required for the website to operate correctly. We do not use tracking cookies, analytics cookies, or advertising cookies.
For more information, see our Cookie Policy (if applicable).
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you via email or in-app notification for significant changes
- Obtain your consent again if required by law
We encourage you to review this policy periodically.
14. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: privacy@sailtrax.io
Postal Address:
Nikolas Molinari
Technikerstraße 6/1/11
2340 Mödling, Austria
This Privacy Policy is provided in accordance with the General Data Protection Regulation (EU) 2016/679.