Privacy Policy
On this page
1. Who We Are
DiveLink is a trading name of Dylan Joseph Royle, a sole trader based in the United Kingdom.
For the purposes of UK data protection law, DiveLink is the data controller of personal data collected through the Platform.
If you have any questions about this Privacy Policy or your data, you may contact:
Email: divelinkltd@gmail.com
2. Scope of This Policy
This Privacy Policy explains how we collect, use, store, and protect personal data when you use the DiveLink website and services (“the Platform”).
By using the Platform, you agree to the collection and use of information in accordance with this Policy.
3. Personal Data We Collect
We may collect and process the following categories of personal data:
- Full name
- Email address
- Hometown/location (as voluntarily provided)
- Profile photograph
- Certifications and supporting documentation uploaded by users
- Messages exchanged between users via the Platform
- Basic server logs and technical data generated automatically by hosting providers (such as security and system integrity logs)
- We do not collect precise GPS location data.
- We do not knowingly collect data from individuals under the age of 18.
4. How We Use Your Personal Data
We process personal data for the following purposes:
- To create and manage user accounts
- To enable divers and operators to connect
- To display user profiles and uploaded certifications
- To provide messaging functionality
- To send essential account-related communications (e.g., email confirmations)
- To maintain platform functionality, integrity, and security
- We do not sell personal data.
- We do not use personal data for advertising purposes.
- We do not conduct automated decision-making or profiling.
5. Lawful Basis for Processing
Under UK GDPR, we rely on the following lawful bases:
Processing is necessary to provide access to the Platform and its core functionality.
Processing is necessary to operate, maintain, and secure the Platform, provided such interests are not overridden by your rights.
Where processing is required to comply with applicable law.
Account-related emails are sent as part of delivering the service and are not marketing communications.
6. Data Storage and Hosting
- Personal data is stored using trusted third-party infrastructure providers, including Supabase and Vercel.
- Data is hosted within the European Union (EU-West region, Ireland).
- We take reasonable technical and organisational measures to protect personal data. However, no method of transmission over the internet or electronic storage is completely secure.
7. Data Retention
We retain personal data:
- For as long as your account remains active
- For a limited period after account deletion where necessary for legal, regulatory, or security purposes
You may request deletion of your account at any time by contacting us.
9. Your Data Protection Rights
Under UK GDPR, you have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request erasure of your personal data
- Restrict processing
- Object to processing
- Request data portability
To exercise your rights, contact: divelinkltd@gmail.com
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the United Kingdom.
11. International Transfers
Personal data is hosted within the European Union.
Where data may be accessed from outside the UK or EU, appropriate safeguards are implemented in accordance with UK GDPR.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in the Platform or legal requirements.
The most current version will always be available on the Platform.