Skip to main content
SeaSeatShare

SeaSeatShare

Privacy Policy

Effective date: 9 April 2026|Version 2.0 draft

This Privacy Policy explains how Sea Seat Share (FZE) (“SeaSeatShare,” “we,” “us,” or “our”) collects, uses, discloses, and protects the personal data of users of the Platform at seaseatshare.com and its mobile applications. SeaSeatShare is a free zone establishment registered in the SPARK Free Zone, Sharjah, United Arab Emirates. This policy is drafted to align with UAE Federal Decree Law No. 45 of 2021 on the Protection of Personal Data (the “PDPL”) and with international good practice.

1. Data Controller

Sea Seat Share (FZE) is the controller of your personal data. For any privacy questions or requests, you can contact us at hello@seaseatshare.com.

2. Personal Data We Collect

2.1 Data you provide directly

  • Account data: full name, email address, mobile phone number, password hash.
  • Profile data: profile photo, language preference, country of residence.
  • Booking data: Trips reserved, Seat count, waiver acceptance, dates of travel.
  • Payment data: processed directly by Stripe. We do not store full card numbers. We receive tokenized references and the last four digits of the card for your records.
  • Captain KYC data: Emirates ID (both sides), UAE Maritime License, vessel registration, vessel insurance, passport style photo, bank or Stripe Connect payout details.
  • Communications: messages you send us through support, email, or in app chat.
  • Reviews, ratings, and photos you post about Trips.

2.2 Data collected automatically

  • Device and log data: IP address, device type, operating system, browser, referring URL, timestamps, and crash reports.
  • Usage data: pages viewed, actions taken, search queries, clickstream, and feature interactions.
  • Location data: the departure marina of a Trip, and (with your permission) device location for nearby Trip discovery.
  • Cookies and similar technologies (see Section 8 below).

2.3 Data from third parties

  • Stripe (payment, fraud, and Connect onboarding data).
  • Supabase and our hosting providers (authentication and infrastructure metadata).
  • Google Maps (marina coordinates).
  • Cloudinary (image upload and transformation metadata).

3. Purposes and Legal Bases

We process your personal data for the following purposes, with the corresponding legal bases under the PDPL:

  • To create and manage your account and Captain profile (contract performance).
  • To operate the booking, seat-goal, payment, and payout pipelines (contract performance).
  • To verify Captain identity, maritime qualification, and vessel insurance (legal obligation and legitimate interest in safety).
  • To provide customer support (contract performance).
  • To send transactional emails such as booking confirmations, seat-goal outcomes, and payout notices (contract performance).
  • To send marketing communications where you have consented, with a clear opt out in every message (consent).
  • To detect, prevent, and investigate fraud, abuse, and security incidents (legitimate interest).
  • To comply with legal, tax, and regulatory obligations (legal obligation).
  • To improve the Platform through analytics and product research (legitimate interest).

4. Sharing and Disclosure

We share personal data only in the following circumstances:

  • With Captains, when you reserve a Seat, we share your name and a contact method so the Captain can coordinate departure. We do not share your payment details with the Captain.
  • With Guests, when you operate as a Captain, we share your public profile (name, photo, ratings, vessel details) so Guests can make informed decisions.
  • With service providers acting on our behalf under contractual data protection obligations, including Stripe (payments), Supabase (database, auth, storage), Vercel (hosting), Cloudinary (images), Sentry (error monitoring), Inngest (background jobs), Meilisearch (search), and our email delivery provider.
  • With UAE regulatory, tax, or law enforcement authorities when required by law or to respond to valid legal process.
  • With professional advisors (lawyers, auditors, accountants) under confidentiality obligations.
  • In connection with a corporate transaction such as a merger, acquisition, or asset sale, subject to equivalent protection of your data.

We do not sell your personal data.

5. International Transfers

Some of our service providers operate outside the United Arab Emirates. When personal data is transferred internationally, we rely on the mechanisms permitted by the PDPL, including adequacy decisions, standard contractual clauses, or explicit consent where required. We take reasonable steps to ensure equivalent protection of your data in recipient jurisdictions.

6. Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected and to comply with legal, tax, and accounting obligations. Specifically:

  • Account data: for as long as your account is active, and up to twenty four (24) months after account closure for fraud prevention and dispute handling.
  • Booking and payment records: for at least seven (7) years in line with UAE tax and commercial law requirements.
  • Captain KYC documents: for the duration of the Captain relationship and up to seven (7) years after termination.
  • Marketing preferences: until you withdraw consent.
  • Support communications: up to three (3) years after the last interaction.

7. Your Rights

Under the PDPL and applicable law, you have the following rights regarding your personal data:

  • The right to access the personal data we hold about you.
  • The right to rectify inaccurate or incomplete data.
  • The right to erasure, subject to our legal and contractual retention obligations.
  • The right to restrict or object to certain processing.
  • The right to data portability in a structured, commonly used format.
  • The right to withdraw consent at any time where processing is based on consent.
  • The right to lodge a complaint with the UAE Data Office.

To exercise any of these rights, email hello@seaseatshare.com. We will respond within the period required by applicable law and may need to verify your identity before acting on your request.

8. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Platform, remember your preferences, maintain your login session, measure usage, and improve performance. You can control cookies through your browser settings. Disabling essential cookies may affect Platform functionality. A detailed cookie notice is available on the website footer.

9. Security

We use industry standard measures to protect your personal data, including encryption in transit (TLS), encrypted storage, access controls, row level security on our database, audit logging, and regular review of security practices. No method of transmission or storage is one hundred percent secure, and we cannot guarantee absolute security. If we become aware of a data breach affecting your personal data, we will notify you and the UAE Data Office as required by law.

10. Children

The Platform is not directed at children under eighteen (18) years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

11. Third Party Links

The Platform may contain links to third party websites or services. We are not responsible for the privacy practices of those third parties and recommend reviewing their policies separately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes we will notify users through an in app banner or email at least seven (7) days before the changes take effect. The effective date at the top of this policy indicates the current version.

13. Contact

Sea Seat Share (FZE)

SPARK Free Zone (SRTIP), Block C-C01-101, Sharjah, United Arab Emirates

Email: hello@seaseatshare.com

Phone: +971 52 620 8920

Website: seaseatshare.com