Privacy Policy

This Privacy Policy applies to the mobile application Cambusa (the "App"), developed and operated by Mare Blu Sailing SNC di Khylko Andriy e Dariia ("Mare Blu", "we", "us", or "our"), with registered office at Sanremo (IM), Via Feraldi 3, CAP 18038, Italy.

P. IVA / VAT No.: 01797970082

Cambusa is designed to assist yacht crews, boat owners, and other users with meal planning, grocery management, and shopping list organization.

This Privacy Policy is compliant with:

• the EU General Data Protection Regulation (EU) 2016/679 ("GDPR");
• applicable Italian privacy laws, including Legislative Decree No. 196/2003 as amended.

By using the App, you acknowledge that you have read and understood this Privacy Policy.

The data controller responsible for processing personal data under this Privacy Policy is:

We collect and process only the personal data necessary to operate and improve the App.

a) Contact Information

We may process:

• email address,
• support communications,
• feedback messages.

This information is processed only when voluntarily provided by the user, for example when contacting support.

b) Subscription and Transaction Information

If you purchase premium features through an app store, we may receive:

• subscription status,
• transaction confirmation,
• product type,
• purchase date.

All payments are processed by third-party app store providers (Apple App Store, Google Play, Amazon Appstore, Samsung Galaxy Store). We do not collect or store payment card or banking information.

c) Technical and Diagnostic Information

The App may process limited technical information such as:

• device model,
• operating system version,
• app version,
• crash reports,
• diagnostic information.

Used for app stability, debugging, performance improvement, and security monitoring.

d) Usage Analytics

If analytics tools are enabled, the App may process anonymous or aggregated usage information (sessions, features accessed, general statistics) to improve the App. Where required by law, this is based on user consent.

e) User-Generated Content

Meal plans, grocery lists, notes, and provisioning information are stored locally on the user's device only. We do not access, transmit, or store this content on our servers unless a future feature clearly states otherwise.

f) No Special Categories of Data

The App is not intended to collect health data, biometric data, precise geolocation data, or other special categories under GDPR.

We process personal data only for legitimate and specific purposes:

• Directly from users — information voluntarily provided, including support requests or feedback.
• Automatically through the App — limited technical and analytics information via device systems or analytics tools.
• Third-party platforms — limited subscription or transactional confirmations from app store providers for purchase validation.

The App may use trusted third-party providers for technical operation, analytics, subscription validation, or app distribution:

We do not sell personal data to third parties. Only limited information necessary for operation of the App may be shared with service providers.

Some third-party providers may process limited technical or analytics data outside the EEA, including in the United States. Where international transfers occur, we rely on Standard Contractual Clauses approved by the European Commission and contractual protections implemented by service providers.

We aim to minimize international transfers and limit processed data to what is necessary. Users may contact us for further information.

a) Local Storage

User-generated content is stored locally on the user's device. Deleting the App generally removes locally stored data. Users are responsible for their own backups unless explicitly provided within the App.

b) Subscription Information

Subscription and purchase records are retained by app store providers according to their own policies and legal obligations.

c) Technical and Analytics Data

Retained only for as long as reasonably necessary for operational, security, debugging, or legal purposes.

The App does not use automated decision-making or profiling that produces legal or similarly significant effects on users.

We implement reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or disclosure, including:

• encrypted communications where applicable;
• limited access to systems and data;
• use of trusted service providers;
• monitoring of service integrity and security.

No system can guarantee absolute security; users acknowledge that use of digital services involves inherent risks.

The App is not intended for children under the age of 14. We do not knowingly collect personal data from children under 14. If we become aware that such data has been collected unlawfully, we will take reasonable steps to delete it.

Under GDPR and applicable law, users may have the right to:

• access their personal data;
• request correction of inaccurate data;
• request deletion of personal data;
• restrict processing;
• object to processing;
• withdraw consent where processing is based on consent;
• lodge a complaint with a competent supervisory authority.

Where technically feasible, users may also request portability of personal data. Submit requests to: privacy@mareblusailing.it

Users in the EU may lodge complaints with their local supervisory authority. In Italy, the competent authority is the Garante per la protezione dei dati personali.

We may update this Privacy Policy from time to time. Updated versions will be published within the App or through related distribution channels. If material changes affect how personal data is processed, we may provide additional notice or request consent where required.

For questions regarding this Privacy Policy or personal data processing, contact: