Privacy Policy

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, password (encrypted)
• Tank Data: Tank parameters, measurements, livestock, plants, photos
• Profile Information: Optional profile picture, bio, location
• Payment Information: Billing details (processed securely by Stripe)
• Communications: Messages you send us, support tickets, feedback

1.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent
• Device Information: Browser type, operating system, IP address
• Cookies: See our Cookie Policy

1.3 AI Interaction Data

• Interaction Content: Messages sent to and responses received from AI-powered tools (tank analysis, AI chat assistant, etc.)
• Usage Metadata: Session identifier, IP address, device type, date and time of each interaction
• Moderation Data: Automated security flags applied to interactions

2. How We Use Your Information

We use your information to:

• Provide and improve our services
• Manage your account and subscription
• Send important notifications (tank alerts, reminders, updates)
• Respond to your support requests
• Analyze usage patterns to improve features
• Prevent fraud and ensure security
• AI tool security: Prevent misuse and ensure AI tools are used exclusively within the scope of aquarium keeping. Interaction records are maintained for security, abuse prevention, and legal compliance
• Comply with legal obligations

3. Sharing Your Information

We do NOT sell your personal data. We may share information only in these limited circumstances:

3.1 Service Providers

• Payment Processing: Stripe (for subscriptions)
• Cloud Hosting: Secure servers for data storage
• Email Delivery: Transactional email services
• Analytics: Anonymous usage statistics (no personal data)

3.2 Legal Requirements

We may disclose information if required by law, court order, or to protect our rights.

3.3 Public Profiles

If you choose to make your tanks public, that information will be visible to other users.

4. Data Security

We implement industry-standard security measures:

• 🔒 SSL/TLS encryption for data transmission
• 🔐 Password hashing (bcrypt)
• 🛡️ Regular security audits
• 💾 Daily encrypted backups
• 🔑 Two-factor authentication (optional)

5. Your Privacy Rights

Under GDPR, LGPD, and other privacy laws, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Export your data in a standard format
• Objection: Object to processing of your data
• Restriction: Limit how we use your data

To exercise these rights, contact us at our contact page.

5.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide additional rights:

• Right to Know: Request details about the categories and specific pieces of personal information we have collected about you
• Right to Delete: Request deletion of your personal information, subject to certain legal exceptions
• Right to Opt-Out of Sale: We do NOT sell your personal information to third parties
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit Use of Sensitive Data: Request limitations on how we use sensitive personal information

Categories of information collected: Identifiers (name, email, IP address), internet activity (browsing history, interactions with AI tools), and geolocation data (derived from IP address).

AI interaction logging: Records of your interactions with our AI tools are maintained for security and legal compliance (legitimate business purposes). These records are retained for 210 days and are not sold to third parties.

To exercise your CCPA/CPRA rights, contact us at our contact page or email privacy@tanklogbook.com. We will verify your identity before processing your request.

6. Data Retention

We retain your data as long as your account is active or as needed to provide services.

• Active Accounts: Data retained indefinitely
• Deleted Accounts: Data deleted within 30 days
• Backups: Removed from backups within 90 days
• AI Interactions: Records of AI tool usage are retained for 210 days (7 months) for security and legal compliance purposes. After this period, they are automatically deleted
• Account Deletion: When you delete your account, your personal data in AI interaction records will be anonymized (name and email removed), but technical metadata (IP, timestamps, interaction content) will be retained for the remaining legal retention period
• Legal Requirements: Some data may be retained longer for legal compliance

7. Children's Privacy

TankLogbook is not intended for users under 13 years of age (or 16 in the EU). We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us.

8. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place (Standard Contractual Clauses, adequacy decisions).

9. Cookies and Tracking

We use cookies to improve your experience. For details, see our Cookie Policy.

10. Changes to This Policy

We may update this policy periodically. We'll notify you of significant changes via email or a prominent notice on our site. Continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights, contact us: