Your privacy matters. This policy explains what personal data Marina BMP collects, why, how we protect it, and the rights you have under the EU General Data Protection Regulation (GDPR).
1. Who is responsible for your data
The data controller is Marina BMP, operated by Orgi Dautaj (Albania). For any privacy question or request, contact us at marinaberthmanagerpro@gmail.com.
2. What we collect
Account information
When you create an account we store your name and email address, and your chosen plan. This is the minimal information needed to operate your account.
Marina operational data
Data you enter to run your marina — berths, zones, vessels, customers, reservations and documents — is stored in your own private cloud storage and synced to your devices. We design the platform so that this operational data is not held in a central platform database.
Payment information
We do not see or store your card details. All payments are handled by Paddle, who process and store payment information securely as the Merchant of Record.
Technical data
We use privacy-friendly, cookie-less analytics to understand general usage. We do not build advertising profiles or sell your data.
3. Why we process your data (legal bases)
- Contract — to create and operate your account and provide the service you signed up for.
- Legitimate interests — to keep the service secure, reliable and improving.
- Legal obligation — to meet accounting, tax and regulatory requirements.
- Consent — where you opt in to optional communications (you can withdraw consent at any time).
4. Service providers we use
We rely on a small number of trusted providers who process data on our behalf under data-processing agreements:
- Supabase — authentication and minimal account data, hosted in the European Union.
- Paddle — payment processing and invoicing (Merchant of Record).
- Google — only if you choose to sign in with Google (OAuth).
- Vercel — hosting and delivery of the web application.
5. Where your data is stored
Personal account data is hosted in the European Union. Where any provider processes data outside the EU, they do so under appropriate safeguards recognised by GDPR.
6. How long we keep it
We keep your account data for as long as your account is active. If you close your account or ask us to erase your data, we delete your personal data within 30 days, except where we must retain limited records (for example, invoices) to meet legal obligations.
7. Your rights under GDPR
You have the right to:
- Access the personal data we hold about you;
- Rectify inaccurate or incomplete data;
- Erase your data (“right to be forgotten”);
- Restrict or object to certain processing;
- Port your data to another service in a structured, machine-readable format;
- Withdraw consent at any time where processing is based on consent;
- Lodge a complaint with your local data-protection authority.
To exercise any of these rights, email marinaberthmanagerpro@gmail.com. We will respond within 30 days.
8. Data security
We protect your data with encryption in transit (TLS) and at rest, secure password hashing, optional two-factor authentication, and access controls. No system is perfectly secure, but we take reasonable and appropriate measures to safeguard your information.
9. Cookies
We use only essential cookies needed to keep you signed in and to remember your preferences. We show a cookie notice on your first visit so you can manage your choices. Our analytics are cookie-less.
10. Children
Marina BMP is a business tool not intended for children. We do not knowingly collect data from anyone under 18.
11. Changes to this policy
We may update this Privacy Policy from time to time. The latest version will always be posted here with an updated date.
12. Contact
For any privacy question or to exercise your rights, email marinaberthmanagerpro@gmail.com.