Privacy Policy
Last updated: June 6, 2026
dive-tec (“we”, “us”, or “our”) operates the dive-tec.ca website. This policy describes how we collect, use, and protect your personal information.
1. Information We Collect
We may collect the following types of information:
- Account information: name, email address, and password when you create an account.
- Profile information: phone number, emergency contact details, and profile photo you choose to provide.
- Order and payment information: shipping address, order history, and payment details processed securely through Square. We do not store your full credit card number.
- Course enrollment information: certification level, course preferences, and scheduling details.
- Communications: messages you send through our contact form.
- Usage data: pages visited, browser type, and general analytics. See the Cookies & Tracking section below for details.
2. How We Use Your Information
- To create and manage your account.
- To process orders, rentals, and course enrollments.
- To send transactional emails about your orders, bookings, account activity, and password resets.
- To communicate with you about your orders, bookings, and account.
- To improve our website and services through anonymized analytics.
- To comply with legal obligations.
3. Information Sharing
We do not sell or rent your personal information. We may share information with:
- Payment processors: Square processes payments on our behalf.
- Email service providers: we use Amazon Web Services Simple Email Service (AWS SES) to send transactional emails. AWS processes your email address and message content solely for delivery purposes. See the Email Communications section below for details.
- Authentication providers: if you sign in with Google or another third-party provider, we receive basic profile information (name and email) from that provider.
- Legal requirements: we may disclose information if required by law or to protect our rights.
4. Data Security
We use reasonable technical and organizational measures to protect your personal information, including encrypted connections (HTTPS), secure password hashing, and limited access controls.
5. Data Retention
We retain your personal information for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data by contacting us.
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal information we hold about you.
- Request correction of inaccurate information.
- Request deletion of your personal information.
- Withdraw consent for data processing.
To exercise any of these rights, please contact us using the information below.
7. Cookies & Tracking
We use essential cookies for authentication and session management. These are required for the site to function and cannot be disabled.
For website analytics we use Umami, a privacy-focused, self-hosted analytics platform. Umami does not use cookies, does not collect personal information, and does not track users across websites.
We also record specific actions you take on our site (for example, completing a booking, applying a discount code, or submitting the contact form) along with non-identifying details such as the resource ID, amount, currency, and item count. When you are signed in, we attach coarse segment information to your session — role, certification level, account-age band, customer lifecycle stage (new / returning / VIP / lapsed), and language preference — so we can analyse how different groups of customers use the site. We never send your email, name, or IP address. Search queries you submit on our site are recorded so we can understand which products customers are looking for; queries are stored in lowercase and limited to 100 characters.
Session replays. A sample of visitor sessions is recorded as anonymized replays. These capture page navigation, mouse movement, scrolling, and click targets so we can understand how the site is being used. Form inputs are masked by default, and payment fields, password fields, and other sensitive inputs are excluded from recording. Replays are retained for 30 days and are not associated with your account, email, or IP address.
8. Email Communications
We send transactional emails related to your account activity, including:
- Account verification and password reset emails.
- Order confirmations, shipping updates, and receipts.
- Course enrollment confirmations and schedule reminders.
- Rental and booking confirmations.
These emails are sent through Amazon Web Services Simple Email Service (AWS SES), which processes your email address and message content for the purpose of delivery. AWS SES may temporarily store email metadata (sender, recipient, timestamps) for delivery tracking and abuse prevention. AWS processes this data in accordance with the AWS Privacy Notice.
We do not send marketing or promotional emails. All emails are transactional and directly related to your use of our services.
Link tracking. Action links in some transactional emails (booking confirmations, order receipts, course reminders, paperwork requests) pass through a short-lived signed redirect on our domain so we can count which emails get acted on. We record only the template name and (in some cases) the related resource ID; the recipient's email address and identity are not part of the record. Authentication links such as email-verification and password-reset are not wrapped.
9. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites.
10. Changes to This Policy
We may update this policy from time to time. Changes will be posted on this page with an updated date.
11. Contact Us
If you have questions about this privacy policy or your personal data, please contact us.