Skip to main content
Privacy Policy

Your Privacy Matters

We're committed to protecting your personal information and being transparent about how we use it.

Last updated: June 6, 2026

This Privacy Policy describes how CorpNexus LLC, a Wyoming limited liability company doing business as Divolog ("we", "us", or "our"), collects, uses, and shares your personal information when you use our mobile application and website (collectively, the "Services"). By using Divolog, you agree to the collection and use of information in accordance with this policy.

Data Controller and EU / UK Representative

Data Controller

The data controller responsible for your personal data is CorpNexus LLC d/b/a Divolog, 30 N Gould St, Ste R, Sheridan, WY 82801, United States. You can reach us at privacy@divolog.com.

Our EU GDPR Representative

As CorpNexus LLC is established outside the European Economic Area, we have appointed a representative in the EU under Article 27 GDPR: Rickert Rechtsanwaltsgesellschaft mbH (for CorpNexus LLC d/b/a Divolog), Colmantstraße 15, 53115 Bonn, Germany. Email: art-27-rep-corpnexus@rickert.law. Individuals in the EEA may contact our representative on all matters relating to the processing of their personal data.

Our UK GDPR Representative

For the United Kingdom, we have appointed a representative under Article 27 UK GDPR: Rickert Services Ltd UK (for CorpNexus LLC d/b/a Divolog), PO Box 1487, Peterborough, PE1 9XX, United Kingdom. Email: art-27-rep-corpnexus@rickert-services.uk. Individuals in the UK may contact our representative on all matters relating to the processing of their personal data.

Information We Collect

Account Information

When you create an account, we collect your name, email address, and profile photo. If you sign up using Google or Apple, we receive basic profile information from those services.

Dive Logs & Activity

We store your dive logs, certifications, spotted marine life, and other diving-related data you choose to share on the platform.

Location Data

With your permission, we may collect location data to show you nearby events and dive sites. You can disable this in your device settings.

Usage Data

We collect limited technical and diagnostic information needed to keep Divolog reliable and secure, such as device type, app version, crash reports, and error logs. We do not use third-party advertising or behavioral tracking.

How We Use Your Information

Providing Services

We use your information to operate Divolog, including displaying your profile, connecting you with dive clubs, and showing relevant events.

Communications

We may send you service-related emails, event updates, and promotional content. You can opt out of marketing emails anytime.

Improving Our Platform

We use aggregated, diagnostic information to fix bugs, improve stability, and build features for our diving community. We do not profile you for advertising.

Information Sharing

Public Profile

Your display name, profile photo, and public dive logs are visible to other users. You control what information is public in your privacy settings.

Dive Clubs

When you message or join a dive club, the club administrators can see your profile information and communication history.

Third-Party Service Providers

We do not sell your personal information. We share data only with service providers that help us operate Divolog, under data processing agreements: Supabase (database and authentication, EU region), Stripe (payments), Resend (transactional email), Cloudflare (security and content delivery), Sentry (error and performance monitoring, EU region), Google Maps (maps), and Apple and Google (in-app purchases). Where we use AI-assisted moderation or translation, redacted text may be processed by Anthropic and is not used to train its models. For users in the European Economic Area, international transfers are protected by Standard Contractual Clauses. You can request our current list of sub-processors at privacy@divolog.com.

International Data Transfers

Your data is primarily stored in the European Union (Supabase EU region). Some providers, such as Stripe and Resend, are based in the United States but maintain data processing agreements with Standard Contractual Clauses. By using Divolog, you acknowledge that your data may be processed outside your country of residence.

Data Security

Protection Measures

We use industry-standard encryption in transit and at rest, access controls, and ongoing security monitoring to protect your data from unauthorized access. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Data Retention

We keep your personal data for as long as your account is active. After you delete your account, we remove your personal data within 30 days, except where we must keep certain records longer to meet legal, tax, accounting, or security obligations or to resolve disputes. Backups are purged on a rolling basis, normally within 90 days. You can request deletion of your account and associated data at any time.

Your Rights

Access & Correction

You can access, update, or correct your personal information through your account settings at any time.

Data Portability

You can request a copy of your data in a portable format. Contact us at privacy@divolog.com for assistance.

Deletion

You can delete your account and all associated data. Some information may be retained for legal or security purposes.

Objection & Restriction

Where the law allows, you can object to or ask us to restrict certain processing of your personal data, including processing based on our legitimate interests, and you can withdraw any consent you have given at any time without affecting processing that already took place.

Complaints

If you are in the European Economic Area or the United Kingdom, you have the right to lodge a complaint with your local data protection authority. We ask that you contact us first at privacy@divolog.com so we can try to resolve your concern.

Region-Specific Rights

If you are in California, the European Economic Area, the United Kingdom, or a similar jurisdiction, you may have additional rights under laws such as the CCPA and CPRA, the GDPR, and the UK GDPR. We honor these rights regardless of where you live. Contact privacy@divolog.com to exercise them.

Children's Privacy

Age requirements

Divolog is not directed to children under 16. You must be at least 16 years old to create an account. We do not knowingly collect personal data from anyone under 16. If you believe a person under 16 has provided us with personal data, contact privacy@divolog.com and we will delete it.

Marine Life Data: iNaturalist

How we use the iNaturalist API

When you log a dive, Divolog retrieves a list of marine species observed near your dive location from the iNaturalist API (https://api.inaturalist.org). This request sends only the latitude and longitude of the dive site; no personal information, user ID, or account data is shared with iNaturalist. Species data (scientific name, common name, photos, and photographer attribution) is cached locally on your device for 7 days and stored alongside your dive log entries. Photos are licensed by their contributors under Creative Commons licenses and are attributed accordingly in the app. See iNaturalist's Terms (https://www.inaturalist.org/pages/terms) and Privacy Policy (https://www.inaturalist.org/pages/privacy) for more information.

Questions about privacy?

If you have any questions about this Privacy Policy, please contact us.

privacy@divolog.com