When you place an order or contact us, we collect information such as:
Name
Email address
Phone number
Shipping or pickup address
Payment information (processed securely through Square)
Order details and preferences
IP address (hashed for privacy) - We use a one-way cryptographic hash of your IP address to recognize returning visitors and improve your experience. Your actual IP address is never stored.
How We Use Your Information
We use your information to:
Process and fulfill your orders
Communicate with you about your orders
Provide customer service and support
Improve our products and services
Recognize returning visitors to provide a more personalized experience (using hashed IP addresses)
Data Protection & Sharing
Your data is never shared with third parties and stays with our company.
We do not sell, rent, or share your personal information with any third parties for marketing purposes. Your information is used solely for order processing and customer service.
Payment information is processed securely through Square and is not stored on our servers.
Your Rights
You have the right to:
Request access to your personal information
Request correction of inaccurate information
Request deletion of your personal information
To request removal of your data, please email us at cbcharters37@gmail.com. We will respond within 3 business days to help with your request.
Data Security
We implement appropriate security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure.
Cookies & Tracking
Our website uses cookies and similar tracking technologies to enhance your experience, analyze site usage, and assist with our marketing efforts. We respect your privacy and provide you with control over non-essential cookies.
Types of Cookies We Use
Necessary Cookies
These cookies are essential for the website to function properly. They cannot be disabled as they are required for core functionality such as session management, security, and shopping cart operations.
Analytics Cookies
We use Matomo analytics (self-hosted, privacy-focused) to understand how visitors interact with our website. This helps us improve our services and user experience. Analytics cookies can be disabled through our cookie consent banner.
Functional Cookies
These cookies enable enhanced functionality and personalization, such as remembering your preferences, chat history, and returning visitor information. Functional cookies can be disabled through our cookie consent banner.
Marketing Cookies
Currently, we do not use marketing cookies. If we implement marketing cookies in the future, they will be used to deliver relevant advertisements and track campaign performance. Marketing cookies can be disabled through our cookie consent banner.
What We Track Even With "Reject All"
Even if you choose "Reject All" cookies, we still use minimal required cookies and data collection for essential website functionality and legal compliance. This is transparent and necessary for the site to operate securely.
Required Data Collection (Cannot Be Disabled):
Session Cookies: Required for shopping cart, checkout process, and user authentication. These are temporary and deleted when you close your browser.
Security Cookies: CSRF protection tokens and fraud prevention measures to protect your account and transactions.
Hashed IP Address: We use a one-way cryptographic hash (SHA-256) of your IP address to recognize returning visitors. Your actual IP address is never stored, and the hash cannot be reversed to identify you.
Server Logs: Standard web server logs containing IP address, timestamp, and pages accessed. These are kept for security and legal compliance (typically 30-90 days).
Order Data: When you place an order, we collect and store your order information, shipping address, and payment details (processed securely through Square). This is required for order fulfillment and legal/tax compliance.
Chat Data: If you use our live chat feature, we store your conversation history to provide customer service continuity.
What We DON'T Track With "Reject All": Analytics cookies, functional cookies (preferences, personalization), marketing cookies, third-party tracking pixels, or cross-site tracking.
Data Security & Storage
We take data security seriously and implement industry-standard measures to protect your information:
Encryption in Transit: All data is encrypted using HTTPS/TLS when transmitted between your browser and our servers.
Secure Storage: Data is stored in Supabase (PostgreSQL database) with Row Level Security (RLS) policies to prevent unauthorized access.
IP Hashing: IP addresses are hashed using SHA-256 (one-way cryptographic hash) before storage. This means we cannot reverse the hash to identify your actual IP address.
No Third-Party Sharing: We do not sell, rent, or share your personal data with third parties except our payment processor (Square) for order processing, and only the minimum data necessary.
Access Controls: Only authorized CB Charters team members have access to customer data, and access is logged and monitored.
Data Retention
Order Data: Retained for 7 years for legal, tax, and accounting compliance.
Chat Conversations: Retained for 90 days, then automatically deleted.
Visitor Data (Hashed IP): Retained for 1 year, then automatically deleted.
Server Logs: Retained for 30-90 days for security monitoring, then automatically deleted.
How We Use Your Data (With Consent)
When you consent to analytics, functional, or marketing cookies, we use the data to:
Analytics: Improve site performance, identify popular products, fix bugs, and understand user behavior to enhance your experience.
Functional: Remember your preferences, chat history, and returning visitor information to provide a personalized experience.
Personalization: Show relevant products, improve user experience, and provide tailored recommendations.
Optimization: A/B testing for better UX, performance monitoring, and error tracking (with your consent).
Your Rights
You have the right to:
Access Your Data: Request a copy of all personal data we have about you (GDPR right to data portability).
Delete Your Data: Request deletion of your personal data (except data we're legally required to keep). Email us at cbcharters37@gmail.com and we'll respond within 3 business days.
Withdraw Consent: Change your cookie preferences at any time through our cookie settings page.
Opt-Out: Opt-out of analytics tracking even after consenting (we respect your choice immediately).
Managing Your Cookie Preferences
You can manage your cookie preferences at any time by clicking the "Cookie Settings" link in our cookie consent banner or by clicking . You can also control cookies through your browser settings, though this may affect website functionality.
Note for EU/EEA visitors: If you are located in the European Union, European Economic Area, or other regions with cookie consent requirements, we will request your explicit consent before setting non-essential cookies. You can withdraw your consent at any time.
Note for California residents: Under the California Consumer Privacy Act (CCPA), you have the right to opt-out of the sale of personal information. We do not sell personal information, but you can still manage your cookie preferences as described above.
Children's Privacy
Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13.
Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
Contact Us
If you have questions about this privacy policy or wish to exercise your rights, please contact us at cbcharters37@gmail.com or call (978) 283-0197.
