.png&w=256&q=75){kind=small}
Privacy Policy
How we protect and handle your data
This policy is effective as of January 15, 2025. We will notify you of any material changes by email or through our app.
Welcome to Quiver's Privacy Policy
Quiver Surf Technologies, Inc. is a corporation registered in Delaware, United States of America, serving surfers primarily in the United States. We respect your privacy and are committed to protecting your personal data. This Privacy Policy will inform you as to how we look after your personal data in connection with your access to or use of our websites, apps, products and services (including without limitation Quiver's domains and subdomains, session tracking, forecasts, social features, community platform, and surf analytics) (collectively, the 'Services'). It also tells you about your privacy rights under applicable US privacy laws including the California Consumer Privacy Act (CCPA).
Important Information and Who We Are
Purpose of this Privacy Policy
This Privacy Policy aims to give you information on how we collect and process your personal data under applicable privacy and data security laws through your use of our Services.
Children's Privacy
Our Services are not intended for use by children, meaning individuals under the age of 16, and we do not knowingly collect data relating to children.
Contact Details
If you have any questions about this Privacy Policy or our privacy practices, or would like to contact our Data Protection Officer, you can do so by email at privacy@quiversurf.com or by mail at: Quiver Surf Technologies, 2261 Market Street STE 10852, San Francisco, CA 94114, Attn: Legal
Changes to Privacy Policy
We keep our privacy policy under regular review and make changes from time to time and will take appropriate measures to inform you as required by applicable data protection laws. Your continued use of the Services after any updates to this Privacy Policy take effect will constitute acknowledgement and acceptance of those changes.
Third-Party Links
Our websites and apps may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you and any information collected by them is subject to that third party's own privacy policies.
The Data We Collect About You
Personal information means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:
Standard Identity Data
Description:
includes name, alias, address (including zip code), email, phone number, marital status, date of birth, and gender.
Sources:
Directly or indirectly from you, From third parties
Legal Basis:
Performance of a contract, Necessary for our legitimate interests, Necessary to comply with a legal obligation
Third Parties Disclosed:
Any person with your credentials, Ad and marketing service providers, Data analytics service providers, User support service providers, Governmental authorities
Profile Data
Description:
includes username, password, account type, general location, profile photo, marketing preferences, interests, surf experience, lifestyle information, support communications, feedback, and reviews.
Sources:
Directly or indirectly from you, From third parties
Legal Basis:
Performance of a contract, Necessary for our legitimate interests, Necessary to comply with a legal obligation
Third Parties Disclosed:
Any person with your credentials, Ad and marketing service providers, Data analytics service providers, User support service providers, Governmental authorities
Transaction Data
Description:
includes details of products and services you have purchased from us. We use Stripe, Inc. as our Payment Processor for financial information collection and storage.
Sources:
Directly or indirectly from you, From third parties
Legal Basis:
Performance of a contract, Necessary for our legitimate interests, Necessary to comply with a legal obligation
Third Parties Disclosed:
Any person with your credentials, Payment processors, Collections and financial service providers, Governmental authorities
Technical Data
Description:
includes internet protocol (IP) address, device ID, login data, browser type and version, time zone setting and location, browsing patterns, operating system and platform.
Sources:
Directly or indirectly from you, From third parties
Legal Basis:
Performance of a contract, Necessary for our legitimate interests, Necessary to comply with a legal obligation
Third Parties Disclosed:
Any person with your credentials, Diagnostic service providers, Data analytics service providers, Governmental authorities
Usage Data
Description:
includes information about how you use our Services, length of time spent, frequency of use, photographs, videos, comments, surf session data, and metadata.
Sources:
Directly or indirectly from you, From third parties
Legal Basis:
Performance of a contract, Necessary for our legitimate interests, Necessary to comply with a legal obligation
Third Parties Disclosed:
Any person with your credentials, Ad and marketing service providers
Surf Session Data
Description:
includes session locations, conditions, photos, notes, equipment used, session duration, and other surf-related information you choose to log and share.
Sources:
Directly or indirectly from you
Legal Basis:
Performance of a contract, Necessary for our legitimate interests
Third Parties Disclosed:
Any person with your credentials, Community members (based on privacy settings)
Sensitive Personal Data
Description:
includes precise geolocation when tracking surf sessions and identification documentation for identity verification. This data will only be collected where necessary and with your consent.
Sources:
Directly or indirectly from you, From third parties
Legal Basis:
Performance of a contract, Necessary for our legitimate interests, Consent
Third Parties Disclosed:
Any person with your credentials, Connected device and account providers
Accessibility Notice
We are committed to ensuring digital accessibility for all users. If you experience any difficulty accessing this privacy policy or need it in an alternative format, please contact us at privacy@quiversurf.com or call us at +1 (555) 123-SURF. We will work with you to provide the information in a format that meets your needs.
How Is Your Personal Data Collected?
Direct Interactions
You may give us your Identity Data, Profile Data, Transaction Data by filling in forms or corresponding with us through the Services, by post, phone, email or otherwise. This includes when you create an account, subscribe to services, request marketing, enter competitions, or contact us.
Automated Technologies
As you interact with our Services, we automatically collect Technical and Usage Data about your equipment, browsing actions and patterns through cookies, web beacons, and similar technologies.
Third Parties or Public Sources
We receive personal data from analytics providers (Google), advertising networks, payment processors (Stripe), social media networks (Facebook, Google), and data brokers or aggregators.
Connected Devices/Accounts
With your consent, we collect information from third-party devices and apps you connect to Quiver (such as fitness trackers or smartwatches) to enhance your surf session tracking.
How We Use Your Personal Data
Performance of a Contract
Where we need to perform the contract to which you are a party or to take steps at your request before entering into such a contract. This includes providing core surf community services, session tracking, and account management.
Legitimate Interest
Where it is necessary for our legitimate interests in conducting and managing our business and your interests and fundamental rights do not override those interests. This includes improving our services, analytics, and fraud prevention.
Compliance with Legal Obligation
Where we need to comply with a legal obligation that we are subject to, such as responding to lawful requests from authorities or meeting regulatory requirements.
Marketing Communications
We may use your data for marketing if you have provided express consent, requested information from us, or created an account with us and have not opted out. You can opt out anytime by contacting privacy@quiversurf.com.
Disclosures of Your Personal Data
Internal Third Parties
Other companies in the Quiver group acting as controllers or processors who provide IT and system administration services. We may share your data with employees, contractors or agents to operate and improve our services.
External Third Parties
Service providers including vendors, consultants, data analytics providers, ad networks, research companies, marketing services, fraud prevention, financial services, and professional advisers (lawyers, bankers, auditors, insurers).
Regulators and Authorities
Law enforcement, tax and customs authorities, governmental authorities and other authorized persons required by law or deemed necessary for the best interests of Quiver and user safety.
Advertising Partners
Companies that help us provide advertising to you and customize your experience. These partners may use tracking technologies to collect information about you. See our Third Party Ad Servers section for opt-out information.
Business Transfers
Third parties to whom we may choose to sell, transfer or merge parts of our business or assets. If a change happens to our business, the new owners may use your personal data in the same way as set out in this Privacy Policy.
International Transfers
Global Operations
Quiver operates from various countries around the world, as do our service providers. This means that when you use Quiver, your personal information may be transferred to other countries that have different data protection laws than those where you reside.
Transfer Safeguards
When we transfer personal data outside the UK or EEA, we ensure protection through: (1) Countries with adequate protection levels deemed by the European Commission or UK government; (2) Specific contracts approved by authorities giving personal data the same protection; (3) Organizational and technical safeguards.
Service Provider Locations
Our service providers operate globally: Supabase (EU/US), Google Analytics (global), Vercel (global), and Stripe (global). All transfers comply with applicable data protection laws and this Privacy Policy.
Data Security
Security Measures
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.
Data Breach Procedures
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data Retention
Retention Periods
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
Account Data
We retain your Identity Data as long as any account with us remains in force. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation.
Determining Retention
To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for processing and whether we can achieve those purposes through other means, and applicable legal requirements.
Third Party Ad Servers
Advertising Partners
Our advertising service vendors and other third parties use tracking technologies to serve you advertisements tailored to interests you have shown by using our Services and other sites. These third parties collect non-personally identifiable data including device specifications, geographic location, IP address, pages visited, and other clickstream data.
Tracking Technologies
The use of tracking technologies by third parties is subject to their own privacy policies, not this Privacy Policy. We have no responsibility or liability in connection therewith. You may opt-out of certain tracking by visiting http://optout.networkadvertising.org, using script-blockers, and modifying tracking options in your browser or device.
Advertising Networks
Quiver has partnered with various advertising networks to manage programmatic advertising. These partners implement tracking technologies on Quiver's properties and their privacy policies govern the collection of your data.
Your Legal Rights
General Rights Information
If you are a resident of the United States, please refer to the U.S. Residents section below for specific rights under applicable privacy laws including the California Consumer Privacy Act (CCPA).
Exercising Your Rights
To exercise any of your privacy rights (including data export or account deletion requests), please submit a request to us by visiting our Support Center, emailing us at privacy@quiversurf.com, or writing to us at: Quiver Surf Technologies, 2261 Market Street STE 10852, San Francisco, CA 94114, Attn: Privacy Request.
Identity Verification
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Response Time
We try to respond to all legitimate requests within one month. Occasionally it could take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
PRIVACY RIGHTS FOR U.S. RESIDENTS
This section is adopted to comply with U.S. comprehensive privacy laws, such as the California Consumer Privacy Act (CCPA) and other applicable state privacy laws. Any terms defined in the applicable privacy laws have the same meaning when used in this section.
Sales or Sharing of Personal Information
We may sell or share your digital activity information with third parties for marketing campaigns and usage statistics. This may constitute a 'sale' or 'share' under applicable privacy laws. You may opt-out by enabling Global Privacy Control (GPC) on your browsers or contacting us at privacy@quiversurf.com.
Your Rights and Choices
You have rights to: (1) Request access to specific information and data portability - contact us to request a comprehensive data export; (2) Request deletion of personal information - submit a deletion request for account and data removal; (3) Request correction of inaccurate personal information; (4) Appeal refusal to take action on requests. To exercise these rights, visit our Support Center, email privacy@quiversurf.com, or write to: Quiver Surf Technologies, CCPA Request, 2261 Market Street STE 10852, San Francisco, CA 94114.
Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights under applicable law.
California's 'Shine the Light' Law
California residents with an established business relationship may request information regarding our disclosure of personal information to third parties for direct marketing purposes during the preceding calendar year.
SURF SESSION TRACKING PRIVACY INFORMATION
This section describes how Quiver processes your information when using surf session tracking features.
Surf Session Data Collection
When you track surf sessions, we may collect: GPS location data, session duration, wave count estimates, speed data, photos you choose to upload, equipment information, and other session-related data you provide.
How Sessions Are Displayed
Each tracked surf session will appear in your Quiver account with relevant data such as session time, location, and any photos. Sessions create unique URLs that are publicly available by default so you can share them. Your session data, including name and location, will be accessible through these public links unless you change your privacy settings.
Connected Devices
With your consent, we may collect data from connected devices like fitness trackers or smartwatches to enhance your session tracking experience. Information collected by these third parties is subject to their terms and policies.
Contact Information
If you have any questions or comments about this privacy policy, your choices and rights regarding data use, or wish to exercise your rights (including data export or account deletion requests), please contact us:
Website: https://support.quiversurf.com
Email: privacy@quiversurf.com
Postal Address: Quiver Surf Technologies, 2261 Market Street STE 10852, San Francisco, CA 94114, Attn: Privacy Request