DiveSightDiveSight
← Back to DiveSight

DiveSight Privacy Policy

Effective Date: April 20,2026 Last Updated: June 3, 2026

1. Introduction

DiveSight ("we," "us," or "our") operates the DiveSight mobile application (the "App") and the website at https://divesight.ai (together, the "Service"). We care about your privacy. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over your data.

By using the Service, you agree to the practices described in this Privacy Policy. If you don't agree, please don't use the Service.

Contact: DiveSight, LLC 495 Jackson Street #1210 Oakland, CA 94607 Email: admin@divesight.org

2. Information We Collect

2.1 Information you provide directly

  • Account information: When you sign up, we collect your email address and a display name. If you sign in with Apple or Google, we receive the basic profile information those services provide (email, name).
  • Profile data: Optional details you add to your profile, including certification level, years diving, and preferred regions.
  • Dive logs: Dive records you create, including date, location, depth, duration, buddy name (if entered), notes, and any species you mark as seen.
  • Favorites and custom sites: Dive sites you favorite or add yourself (including any custom coordinates and notes).
  • Support communications: If you contact us by email, we retain those messages.

2.2 Information collected automatically

  • Device and app data: Device model, iOS version, App version, language, time zone, and crash logs.
  • Usage data: Screens viewed, features used, search queries within the app, and timestamps. This helps us improve the App.
  • Approximate location: The country/region the App is used in, derived from IP address on the server side.
  • Precise location (only with your permission): If you grant location permission, we use your precise GPS to power the "Around Me" feature and to pre-fill your current location in new dive logs. Precise location is never stored on our servers — it's used only on-device to filter nearby sites and to populate log entries you choose to save.
  • Subscription and purchase data: If you subscribe to DiveSight Pro, Apple's App Store provides us with a subscription transaction identifier and status. We do not receive or store your payment card information — Apple handles all payments.

2.3 Apple Health (HealthKit)

If you choose to import dives from Apple Health, DiveSight reads your underwater-diving workouts and their depth, water-temperature, and route samples. Imported dives are saved to your DiveSight account, like any dive you log, so they sync across your devices; this Health data is never used for advertising, shared with third parties, or sold. You can decline Health access and still use the app — dives can also be added manually or imported from dive-computer files.

2.4 Information we do NOT collect

  • We do not collect your payment card or bank details (handled entirely by Apple).
  • We do not sell your personal information to advertisers.
  • We do not track you across other apps or websites for advertising purposes.
  • We do not use third-party ad networks inside the App.

3. How We Use Information

We use the information described above to:

  1. Provide core App functionality (show dive sites, run searches, deliver forecasts, save dive logs).
  2. Authenticate you and maintain your account.
  3. Deliver personalized features (your favorites, dive log history, nearby sites).
  4. Process subscriptions and manage Pro access.
  5. Send transactional emails (account confirmations, subscription receipts, password resets).
  6. Send optional push notifications (only if you enable them) about dive conditions for your favorited sites.
  7. Improve the App — analyze usage patterns, diagnose crashes, and prioritize features.
  8. Communicate with you about the Service, including updates to this Privacy Policy.
  9. Enforce our Terms of Use and prevent fraud, abuse, and security incidents.
  10. Comply with legal obligations.

We do not sell your personal data or share your dive logs with third parties for their own purposes. Our forecast models are built primarily on public scientific data and satellite observations; where your contributions help improve them, we use that data only in aggregated or de-identified form.

4. Legal Bases for Processing (for EU/EEA/UK users)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under the following legal bases:

  • Performance of a contract — to provide the Service you signed up for.
  • Legitimate interests — to improve the App, prevent fraud, and secure our infrastructure, where these interests are not overridden by your rights.
  • Consent — for optional features like push notifications and precise location, which you can withdraw at any time.
  • Legal obligation — where we must process data to comply with applicable law.

5. How We Share Information

We share information only in the limited circumstances described below.

5.1 Service providers (processors)

We rely on trusted third-party vendors to operate the Service. Each is contractually bound to protect your data and process it only on our instructions.

VendorPurposeData processed
Google Cloud (Firebase)Authentication, analytics, crash reporting, hostingAccount identifiers, device data, usage events
Google Cloud RunAPI hostingAuthenticated requests, dive log data, favorites
MongoDB AtlasDatabaseAccount data, dive logs, favorites, custom sites
Apple (App Store, StoreKit, WeatherKit, Push Notification service)Payments, weather data, notificationsSubscription status, notification tokens
Sign-in with Apple / GoogleAuthentication (if you choose these)Email, basic profile

5.2 Public ocean-data providers (no personal data shared)

DiveSight pulls environmental data from Copernicus Marine Service, HYCOM, NASA (GOT4.10c tidal model), and Apple WeatherKit. We do not send any personal data to these providers. Queries to these services contain only site coordinates, not user information.

5.3 Legal and safety disclosures

We may disclose information when we believe in good faith that it is necessary to:

  • Comply with a lawful request, court order, or legal process.
  • Enforce our Terms of Use.
  • Protect the rights, property, or safety of DiveSight, our users, or the public.
  • Investigate or prevent fraud, security incidents, or technical issues.

5.4 Business transfers

If DiveSight is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you (by email and/or an in-App notice) before your information becomes subject to a different privacy policy.

5.5 iNaturalist (only if you opt in)

If you turn on sighting sharing, the marine-life observations you choose to share — including their photo, date, and location — are published to iNaturalist, a third-party public citizen-science platform: under your linked iNaturalist account, or, if you have not linked one, under DiveSight's community account credited to you. This sharing is off by default and you control it in Profile → iNaturalist Sync. Locations of sensitive species are automatically obscured. Once published, observations are governed by iNaturalist's own privacy policy.

6. International Data Transfers

DiveSight is operated from the United States. If you use the Service from outside the United States, your information will be transferred to and processed in the United States. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses approved by the European Commission (or the UK equivalent) where applicable.

7. Data Retention

  • Account data: Retained for as long as your account is active.
  • Dive logs and favorites: Retained until you delete them or close your account.
  • Usage and analytics data: Retained in aggregated form; individually identifiable events are deleted after 14 months.
  • Support emails: Retained for up to 3 years for quality and dispute resolution.
  • After account deletion: We delete your personal data within 30 days of a verified deletion request, except where retention is required by law (e.g., financial records related to subscription purchases).

8. Your Rights

Depending on where you live, you may have the following rights over your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — ask us to fix inaccurate or incomplete data.
  • Deletion — ask us to delete your personal data ("right to be forgotten" in the EU).
  • Portability — receive your data in a machine-readable format.
  • Restriction — ask us to pause processing in certain circumstances.
  • Objection — object to processing based on legitimate interests.
  • Withdrawal of consent — withdraw any consent you previously gave.
  • Complaint — lodge a complaint with your local data protection authority.

To exercise these rights, email us at admin@divesight.org from the email address associated with your account, or use the in-App "Delete Account" button under Settings → Account. We respond to verified requests within 30 days.

California residents (CCPA/CPRA)

California residents have additional rights, including the right to know what categories of personal information we collect and disclose, the right to delete, the right to correct, and the right to opt out of the sale or sharing of personal information. We do not sell personal information and do not share it for cross-context behavioral advertising. To exercise your California rights, email admin@divesight.org.

9. Children's Privacy

DiveSight is not directed to children under 13 (or under 16 in the EEA/UK where applicable). We do not knowingly collect personal information from children under these ages. If you believe a child has provided us with personal information, please contact admin@divesight.org and we will promptly delete it.

10. Security

We use industry-standard safeguards to protect your information, including:

  • Encryption in transit (TLS 1.3) for all communications between the App and our servers.
  • Encryption at rest for databases and backups.
  • Access controls and principle-of-least-privilege for internal systems.
  • Regular security reviews of our infrastructure and dependencies.
  • Secure authentication via Firebase Authentication with hashed credentials.

No system is perfectly secure. You are responsible for keeping your device and login credentials safe.

11. Push Notifications

If you enable push notifications, we'll send you updates about dive conditions at your favorited sites (e.g., "Excellent conditions forecast at Molokini tomorrow"). You can disable notifications anytime in iOS Settings → DiveSight → Notifications, or within the App under Settings → Notifications.

12. Location Permissions

DiveSight requests location access only for the "Around Me" feature and for pre-filling dive log entries. You can:

  • Deny location access entirely (the rest of the App works).
  • Grant "While Using the App" access (recommended).
  • Grant precise or approximate location (we only need one).
  • Change these settings anytime in iOS Settings → Privacy & Security → Location Services → DiveSight.

Your precise coordinates are used on-device and, when you save a dive log, stored with that log on our servers. We do not track your location in the background.

13. Analytics and Diagnostics

We use Firebase Analytics and Crashlytics to understand how the App is used and to diagnose crashes. Analytics events are associated with a randomly generated installation identifier — not your name or email. You can opt out of analytics collection in Settings → Privacy within the App.

14. Third-Party Links

The App may contain links to third-party services (e.g., a "Get Directions" button that opens Apple Maps, or links to dive operator websites). This Privacy Policy doesn't apply to those third parties. Please review their privacy policies separately.

15. Actual Conditions; Assumption of Risk

When you use DiveSight's maps, dive site pins, dive site descriptions, marine life data, region and destination information, weather and oceanographic data, tidal predictions, weekly and seasonal forecasts, marine event calendars, and any other content, models, or recommendations made available through the App, you may find that actual conditions in the field differ from what DiveSight shows. Ocean conditions, weather, currents, visibility, tides, marine life presence and behavior, dive site geography, access, and hazards can change rapidly and without notice, and our data may be incomplete, delayed, approximate, or wrong. Always exercise your own independent judgment, consult qualified local dive professionals, follow your training and certifications, and obtain current local conditions before entering the water. You use DiveSight at your own risk. You are responsible at all times for your conduct, your dive planning and execution, and the consequences of your decisions in and around the water.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we'll notify you by:

  • Updating the "Last Updated" date at the top of this page.
  • Sending an email to the address associated with your account (for material changes).
  • Showing an in-App notice the next time you open DiveSight.

Your continued use of the Service after the changes take effect means you accept the updated Privacy Policy.

17. Contact Us

Questions, concerns, or requests about your data?

Contact: DiveSight, LLC 495 Jackson Street #1210 Oakland, CA 94607 Email: admin@divesight.org

For EU/EEA residents, you may also contact your local Data Protection Authority. A list is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en