Privacy Policy

Last updated: July 1, 2026

1. Introduction

DraftTally LLC ("we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy explains what information we collect, how we use it, how we store and protect it, and your rights regarding your personal data. This policy applies to all users of the DraftTally platform, including users in the European Economic Area (EEA) and other jurisdictions with data protection regulations.

2. Information We Collect

Account Information

When you register, we collect your full name, email address, company name, and a hashed version of your password. If you subscribe to a paid plan, payment details are collected and processed by Stripe, Inc. We do not store full credit card numbers.

Survey Data

We store the barge draft survey data you create, including draft readings, tank soundings, barge dimensions, cargo calculations, client information, and any notes or attachments you add to surveys.

Usage Analytics

We collect anonymized usage data to improve the Service, including pages visited, features used, session duration, browser type, and device information. We do not sell or share this data with third parties for advertising purposes.

Automatically Collected Information

When you access the Service, we automatically collect your IP address, browser type, operating system, referring URLs, and access timestamps for security and operational purposes.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process transactions and manage your subscription
  • To send transactional emails (account verification, password resets, billing receipts)
  • To provide customer support
  • To detect, prevent, and address security issues or fraud
  • To generate anonymized, aggregated analytics for product improvement
  • To comply with legal obligations

4. Data Storage and Security

Your data is stored on Amazon Web Services (AWS) infrastructure in the United States. All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.2 or higher. We implement industry-standard security measures including role-based access controls, audit logging, and regular security reviews.

While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

5. Data Retention

We retain your account information and survey data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required by law to retain it for a longer period. Anonymized and aggregated data that cannot identify you may be retained indefinitely for analytical purposes.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Right to Data Portability: Request an export of your data in a machine-readable format (JSON or CSV).
  • Right to Restrict Processing: Request that we limit the processing of your data in certain circumstances.
  • Right to Object: Object to the processing of your data for certain purposes.

To exercise any of these rights, contact us at privacy@drafttally.app. We will respond within 30 days.

7. Cookies

We use cookies and similar technologies for authentication and session management. These are essential cookies required for the Service to function. We do not use third-party advertising or tracking cookies. You may disable cookies in your browser settings, but doing so may prevent you from using certain features of the Service.

8. Third-Party Services

We use the following third-party services to operate the platform:

  • Amazon Web Services (AWS): Cloud infrastructure, data storage, and authentication services.
  • Stripe, Inc.: Payment processing for subscriptions. Stripe's privacy policy governs their handling of payment data.

We require all third-party service providers to maintain appropriate security measures and to process personal data only as instructed by us and in compliance with applicable data protection laws.

9. International Data Transfers

If you are accessing the Service from outside the United States, your data will be transferred to and processed in the United States. We rely on standard contractual clauses and other appropriate safeguards to ensure your data is protected in accordance with applicable data protection laws, including the GDPR.

10. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@drafttally.app.