1. Purpose and scope
This privacy policy (hereinafter the "Policy") describes how GJMP SAS, publisher of the Boatlib platform (hereinafter "Boatlib" or the "Company"), collects, uses, retains and protects the personal data of Users of the Platform, in compliance with Regulation (EU) 2016/679 of 27 April 2016 (hereinafter the "GDPR") and French Act no. 78-17 of 6 January 1978 as amended (hereinafter the "French Data Protection Act").
It applies to all Users of the Platform, whether they are Owners, Providers, Technicians attached to a Provider, or mere visitors. Capitalised terms have the meaning given to them by the Terms of Use (Terms), of which this Policy is a complement.
The Platform is currently in a beta phase. During this phase, all features are made available free of charge. The processing described below reflects the current state of the deployed features; any change will be reflected in an update to this Policy.
2. Identity of the data controller
The controller of the data collected via the Platform is:
- GJMP, a simplified joint-stock company (SAS) with share capital of €42,500;
- Registered office: 549 avenue des Courcettes, 06220 Vallauris, France ;
- SIREN no.: 104 608 823 ;
- SIRET no. (registered office / main establishment): 104 608 823 00019 ;
- RCS: Antibes 104 608 823 ;
- APE/NAF code: 6312Z ;
- Date of registration: 18 mai 2026 ;
- Intra-community VAT no.: FR53104608823 ;
- Represented by its President, Mr Gautier Jean Marcel Philippon;
- Dedicated data-protection contact: contact@boatlib.com.
3. Data protection contact
The appointment of a data protection officer (DPO) is not made mandatory by Article 37 of the GDPR given the nature and volume of the processing carried out by the Company at this stage. An internal GDPR contact has nonetheless been appointed. Any request relating to data protection may be sent to them at contact@boatlib.com or by post to the Company's registered office.
4. Data collected
The Company collects data directly from Users (at registration, while using the Services, and during exchanges with support) and, in some cases, indirectly (technical logs, payment and storage providers).
4.1. Data common to all Users
- Identification data: last name, first name, email address, telephone number;
- Authentication data: login credentials, password (stored in hashed and salted form — the bcrypt algorithm is used);
- Browsing data: IP address, session identifiers, connection logs, browser and device type;
- Messages exchanged via the Platform's internal messaging (conversations linked to Requests and support tickets), including the photographs attached to them;
- History of exchanges with support.
4.2. Additional data specific to the Owner
- Postal address: number, street, address complement, postcode, town, country;
- Information relating to the registered boat(s): technical characteristics, engines, equipment, photographs, home port, geographic coordinates;
- History of Requests and, where applicable, of Quotes, Appointments and Intervention reports linked to those boats;
- Vessel location data: last known position (latitude, longitude, timestamp) and associated navigation data broadcast by the vessel (speed, course, navigational status, destination and arrival time declared by the crew), obtained from an AIS data provider based on the declared MMSI, only when the boat is entrusted to a mandated Fleet manager.
4.3. Additional data specific to the Provider
- Company name and, where applicable, SIRET number and legal form;
- Address and geographic coordinates (latitude / longitude) of the main workshop, entered via the Mapbox geolocation module;
- Service Radius expressed in kilometres and categories of services offered;
- Contact details of the manager and the workshop supervisor (last name, first name, email, telephone);
- Where applicable, professional insurance certificates and qualifications.
4.4. Additional data specific to the Technician
Technicians are created by a Provider from their personal area. As such, the following are collected: last name, first name, email, telephone, specialities, schedule, unavailability, as well as the link to the relevant Provider's Account.
4.5. Payment and billing data
Payments made on the Platform (subscriptions and, where offered, the online payment feature for Interventions) are processed by the payment service provider Stripe Payments Europe Ltd., PCI-DSS certified. Data relating to payment methods (card number, expiry date, security code, bank details) is never collected or stored by the Company: it is processed directly by Stripe, which transmits to the Company a pseudonymised identifier as well as the status of transactions.
For Providers who enable online collection, the gathering of the identity and bank account information required for payouts is carried out directly by Stripe (the "Stripe Connect" service), acting as an authorised payment institution.
Quotes and invoices issued via the Platform by a Provider (the customer's identity and address, the description and amount of the services) are retained for the statutory periods applicable to accounting records. When the Provider has connected their Pennylane account, these documents are also transmitted to that subprocessor for the purposes of their accounting (see Article 6.3).
4.6. Email communications tracking
In order to measure engagement and ensure the proper deliverability of our transactional emails (quote and appointment notifications, reminders, etc.), the Company records clicks on the links contained in those emails: when a recipient clicks a link, it passes through a Boatlib redirect that logs the date of the click and the recipient address before redirecting to the requested page. This processing, based on the Company's legitimate interest (Article 6(1)(f) GDPR) in improving the quality and monitoring of its service, is restricted to internal use (administrator access); security emails (account verification, password reset, single-use access links) are excluded. For quality-control and support purposes, the content of transactional emails sent may also be retained for a maximum of fourteen (14) days, after which it is automatically deleted. You may object to this tracking and exercise your rights at any time (see Articles 8 et seq.).
5. Purposes of processing and legal bases
The purposes actually pursued, their legal basis within the meaning of Article 6 of the GDPR and the associated retention periods are as follows:
- Account management and provision of the Services (matchmaking, Requests, Quotes, Appointments, Intervention reports, document vault, internal mapping (address geocoding)) — performance of the contract (Art. 6.1.b) — for the lifetime of the Account, then archiving limited to 5 years (ordinary statute of limitations);
- Management of subscriptions, payments and billing — performance of the contract (Art. 6.1.b) and legal accounting and tax obligations (Art. 6.1.c) — 10 years for accounting records (Article L. 123-22 of the French Commercial Code);
- Internal messaging (exchanges between Owners, Providers and Technicians in connection with a Request, support tickets with the Company; text messages and attached photographs, stored on OVH object storage) — performance of the contract (Art. 6.1.b) — for the lifetime of the Account; upon deletion of the Account, the messages sent by its holder and their photographs are erased (see Article 6.2);
- Automatic email notifications and reminders (confirmations, payment reminders, document expiry alerts, summaries, reminders of unread messages) — performance of the contract and the Company's legitimate interest in the proper functioning of the service (Art. 6.1.b and 6.1.f) — for the lifetime of the Account;
- Security, technical monitoring and logging (connection logs, application error tracking, monitoring of the Platform's status) — legitimate interest (Art. 6.1.f) — 12 months maximum for logs;
- Database backups — legitimate interest in service continuity (Art. 6.1.f) — 30 rolling days, automatic deletion;
- Prospecting and information about the evolution of the Platform — consent or legitimate interest as the case may be (see Article 11) — 3 years after the last contact;
- AIS position tracking of boats under fleet management (last known position of the vessel and associated navigation data, obtained from an AIS data provider, shown to the mandated Fleet manager and to the Owner in their workspace) — legitimate interest of the Fleet manager under their management mandate (Art. 6.1.f) — only the latest values are kept, overwritten on each update (no history); the Owner may object to the tracking of their vessel at any time (per-boat opt-out, the cached data is then deleted immediately).
Upon expiry of the indicated periods, the data is either deleted or irreversibly anonymised for statistical purposes. It may be retained beyond these periods if required by law or if its retention is necessary for the establishment, exercise or defence of a legal claim, within the limit of the applicable statute of limitations.
6. Data recipients and subprocessing
6.1. Internal access
The data is accessible, within the limits of their duties and under an obligation of confidentiality, to the Company's staff responsible for support, administrative and technical functions.
6.2. Matchmaking between Users
By the very nature of the Platform, certain data is made available to other Users in the context of matchmaking:
- the public information of the Provider profile (name, photograph, service area, service categories) is visible to registered Owners and, where applicable, to visitors using the search engine;
- the Requests submitted by an Owner and the characteristics of the boat concerned are transmitted to the relevant Provider and, where one exists, to the designated Technician;
- the reviews an Owner submits at the end of an Intervention, once this feature is enabled, will be published in association with the relevant Provider's profile;
- the messages and photographs exchanged via the internal messaging are visible to the participants in the conversation (Owner, relevant Provider and, where applicable, designated Technician); they may also be viewed by the Company's administrators for supervision and moderation purposes (see the Terms). Upon deletion of an Account, the messages sent by its holder and their photographs are erased; the conversations remain visible to the other participants, the author then being displayed as "Deleted user".
6.3. Subprocessors and technical partners
The Company uses technical subprocessors that act on its documented instructions and under a subprocessing agreement compliant with Article 28 of the GDPR. As at the date of this version, the subprocessors are:
- OVH SAS (France) — hosting of the Platform and the database, object storage of files (photographs, including those attached to internal messaging messages, document-vault documents, backups) and delivery of transactional emails (SMTP);
- Stripe Payments Europe Ltd. (Ireland) and Stripe, Inc. (United States) — payment processing (subscriptions, online payment of Interventions) and, for Providers who have enabled online collection, payouts via Stripe Connect;
- Pennylane (France) — accounting synchronisation of quotes, invoices and customer records, only for Providers who have voluntarily connected their Pennylane account;
- Mapbox, Inc. (United States) — address geocoding and map display (location of ports, workshops and service areas);
- API Adresse — Base Adresse Nationale (DINUM/IGN) (France) — geocoding of owners' addresses for the internal administration mapping (public service, hosted in France);
- Functional Software, Inc. (« Sentry ») (United States) — monitoring of application errors in production, when this monitoring is enabled. The data transmitted includes technical data (browser and device type, application version, error trace), session identifiers and, for a logged-in user, their account identifier, email address and account type (in order to link an error to an account) — excluding passwords. Session recording ("session replay") is not enabled.
This list is updated with each change to the Platform. Any further details can be obtained at contact@boatlib.com.
6.4. Authorities and authorised third parties
The Company may be required to disclose personal data to administrative or judicial authorities, in response to a legally founded request, or to meet its moderation obligations (DSA regulation).
7. Transfers outside the European Union
Certain subprocessors operate partly outside the European Economic Area. This is the case, to varying degrees, of Stripe (United States), Mapbox (United States) and, when error monitoring is enabled, Sentry (United States). In such cases, the Company frames the transfers in accordance with Chapter V of the GDPR by means of:
- the Standard Contractual Clauses (SCCs) adopted by the European Commission on 4 June 2021;
- where applicable, additional technical measures (encryption at rest and in transit, minimisation of transferred data, pseudonymisation).
The list of transfers and the associated safeguards can be provided on request at contact@boatlib.com.
8. Security and confidentiality
The Company implements appropriate technical and organisational measures to ensure the security, confidentiality and integrity of the data, adapted to the sensitivity of the processing and to the state of the art, in particular:
- encryption of communications (TLS) and storage of passwords in hashed and salted form (bcrypt);
- access control based on authentication, separation of roles and the principle of least privilege;
- segregation of the production, staging and development environments;
- logging of access and sensitive actions;
- daily encrypted backups of the database, retained for thirty (30) days then automatically deleted, and restore tests;
- contractual confidentiality commitments from staff and subprocessors;
- a documented data-breach management procedure, compliant with Article 33 of the GDPR (notification to the CNIL within 72 hours and, where applicable, to the data subjects).
9. Cookies and trackers
The Platform places and reads, on the User's device, certain information in the form of cookies or equivalent technologies.
9.1. Strictly necessary cookies
Cookies strictly necessary for the operation of the Platform (authentication of the logged-in User, security, load balancing) are placed without prior consent, in accordance with the CNIL's guidelines.
9.2. Third-party cookies placed by Stripe
The Stripe payment module (Stripe.js) is loaded on certain pages of the Platform in order to prepare for the later activation of payments. This module may place a third-party cookie for fraud-prevention purposes (in particular a cookie named "m" on the m.stripe.com domain), before any actual payment. In accordance with Article 82 of the French Data Protection Act and the CNIL's position, these cookies are subject to information and to the collection of the User's consent via the consent management banner displayed on the first visit.
9.3. Audience measurement and other trackers
The Platform operates first-party audience measurement, hosted by Boatlib: no third-party tools, no targeted advertising, no social networks, no cross-site tracking. It measures traffic in aggregate — number of visits, pages viewed, time spent and progression through the sign-up journey — for the sole purpose of improving the service and monitoring its use.
The IP address is anonymised (truncated then hashed) before any storage: the full IP address is never retained. The measurement identifier stored on the device has a lifetime limited to 13 months and is not automatically renewed. Measurement data is retained for no more than 24 months. No data is shared with any third party or combined with any other processing.
Aggregate audience measurement falls under the consent exemption provided by the CNIL for audience measurement (strictly limited purpose, for Boatlib's exclusive use, anonymised IP address, no combination of data). Usage statistics for logged-in accounts, accessible only to Boatlib's administration for oversight and service-improvement purposes, rely on the controller's legitimate interest. The User may object at any time via the consent-management module in the footer, or by contacting Boatlib (section 15).
9.4. Consent management
The User may accept, refuse or withdraw at any time their consent to cookies that are not strictly necessary from the consent management module accessible from the footer of the Platform.
10. Rights of data subjects
In accordance with Articles 15 to 22 of the GDPR, each User has the following rights with respect to their data:
- the right of access and the right to obtain a copy of the data;
- the right to rectification of inaccurate or incomplete data;
- the right to erasure (the "right to be forgotten"), under the conditions provided by Article 17 of the GDPR;
- the right to restriction of processing;
- the right to object to processing for reasons relating to their particular situation, as well as to any processing for direct marketing purposes;
- the right to data portability;
- the right to withdraw consent at any time, without this withdrawal affecting the lawfulness of processing carried out previously;
- the right to issue directives regarding the fate of their data after their death (Article 85 of the French Data Protection Act).
These rights may be exercised at contact@boatlib.com or by post to the Company's registered office. In order to ensure the security of the processing, the Company may ask the User to prove their identity. A response is provided within one month of receipt of the request, this period being extendable by two months in the case of a complex request or a large volume, the User then being informed of the reasons for the extension.
The User also has the right to lodge a complaint with the French Data Protection Authority (CNIL) — 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 — or with any other competent supervisory authority.
11. Direct marketing
Users may receive, by electronic means, communications relating to the evolution of the Platform (in particular the announcement of the move to the commercial version and pricing notice) as well as to similar services. Consent is obtained for prospects who have no contractual relationship with the Company. Existing Users may receive, on the basis of the Company's legitimate interest, communications relating to similar services, with the ability to object to each mailing.
Each marketing communication includes an unsubscribe link. The User may also object to any prospecting at contact@boatlib.com.
12. Automated processing and profiling
The Platform may carry out partially automated processing, in particular to suggest to Owners the most relevant Providers based on the location of the Intervention, the Service Radius and the service category. Scheduled processes also send automatic notifications and reminders (payment reminders, document expiry alerts, activity summaries). No decision producing legal effects or significantly affecting the User is taken solely on the basis of automated processing within the meaning of Article 22 of the GDPR.
13. Minors
The Platform is intended exclusively for adults and legal entities. The Company does not knowingly collect data concerning minors. If such collection were brought to the Company's attention, it would delete the data concerned without delay.
14. Amendment of the Policy
This Policy may be amended at any time, in particular to take account of the deployment of new features, regulatory changes, decisions of the supervisory authority or the technical evolution of the Platform. The applicable version is the one in force on the date the data was collected. Users are informed of any substantial change by any appropriate means, at least thirty (30) days before it takes effect.
15. Contact
For any question relating to this Policy or to the processing of their data, the User may contact the Company:
- by email: contact@boatlib.com ;
- by post: GJMP SAS — Référent RGPD, 549 avenue des Courcettes, 06220 Vallauris, France.
— End of document —