Privacy Policy

1. Introduction

Guidecall respects your privacy and is committed to protecting your personal data. This Privacy Policy informs you as to how we look after your personal data when you visit our website, use our application, or utilize our services, and tells you about your privacy rights. You must be at least 18 years old to create an account or use any of our services. We do not knowingly collect personal data from anyone under 18.

2. The Data We Collect About You

We may collect, use, store, and transfer different kinds of personal data about you, including:

• Identity Data: First name, last name, username, profile images, and (for Guides) legal business name.
• Contact Data: Email address, telephone numbers, and billing or business addresses.
• Financial Data: Securely tokenized payment details handled natively by our PCI-compliant payment processor. Guidecall does not directly store credit card numbers or bank account credentials.
• Transaction Data: Details about payments to and from you, including booking history, refunds, credits, payouts, tips, and disputes.
• Location Data: Geolocation coordinates and reverse-geocoded place labels, used to match Guides with Clients, render nearby-results rows, and display meetup locations.
• Uploaded Documents & Images: Guides upload credential documents (government photo ID, USCG captain's license, insurance certificate, boat registration, state fishing-guide license, federal permits, vessel photographs, profile images). Customers may upload profile images. Credential documents are visible only to Guidecall admins for compliance review; profile images are public.
• Communications: Messages exchanged with the other party in a booking thread, notes attached to bookings, and your interactions with our customer support.
• Notification Preferences: Your per-category email and SMS opt-in selections, and your SMS consent status.
• Reviews & Ratings: Star ratings and written reviews you submit after sessions. Reviews are public on the Guide's profile and include your first name and profile image unless you have enabled anonymous mode for that session at booking time.

3. Third-Party Service Providers

We rely on the following third-party processors to operate the platform. Each provider receives only the data needed to perform its function and is bound by its own privacy and security obligations.

• Clerk — user authentication, sign-in/sign-up, and session management. Receives your email and any sign-in provider tokens.
• Payment processor — card processing for customer payments. Receives payment-card details (tokenized in the browser; we never see raw card numbers) and transaction metadata.
• Payout & tax processing — to deliver Guide payouts and meet tax-reporting obligations, we and our banking and payment providers collect Guide identity and payout information (legal name, address, taxpayer identification, and bank-account details).
• Twilio — SMS notification delivery. Receives your phone number and the body of each notification we send. We have explicitly pledged to Twilio and the underlying carriers that mobile information will not be shared with third parties for marketing or promotional purposes.
• Daily.co — video and audio call hosting for Scheduled Calls and On-Call sessions. Receives a unique room ID per session and produces a cloud recording of the call (see Section 6 below).
• UploadThing — secure file storage for credential documents, profile images, and vessel photos.
• Geocoding provider — geocoding addresses into latitude/longitude and reverse-geocoding map pins into place labels for the search experience.
• Vercel — application hosting and edge delivery.
• Supabase / PostgreSQL — primary database hosting.

4. SMS & Mobile Communications

Guidecall utilizes Twilio to transmit critical account alerts, secure messages, booking updates, trip reminders, and payout notifications via SMS.We explicitly pledge that your mobile number will NEVER be sold, shared, or distributed to third-party affiliates for marketing or promotional purposes. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.

Mobile information collected internally (your verified phone number and per-category opt-in selections) is used solely to deliver the platform notifications you explicitly requested via the checkboxes in your account settings. All SMS data handling complies with CTIA messaging principles and 10DLC carrier requirements. You may opt out at any time by replying STOP to any message we send or by toggling SMS off in your Dashboard Settings.

5. Video Calls & Cloud Recording

Scheduled Calls and On-Call sessions take place inside private 2-participant video rooms hosted by Daily.co. All call sessions are recorded to the cloud. Recordings are retained for dispute resolution, refund review, and platform integrity. Recordings are visible only to Guidecall admins for review purposes and to the call participants themselves on request. By joining a call, both parties consent to being recorded.

6. Public Profile, Listings & Reviews

Certain information you provide is intentionally public so the marketplace can function:

• Guide profiles (business name, captain name, bio, profile picture, target species, fishing techniques, vessel photos and details, pricing, availability, meetup region) are public.
• Trip listings (title, description, price, duration, days of week, season, target species, photos) are public.
• Customer reviews are public on the reviewed Guide's profile. By default a review includes your first name and profile image. You may submit a review anonymously at the time of writing it — anonymous reviews omit your name and image.
• Per-product approval status (whether a Guide is approved for In-Person Trips, Scheduled Calls, or On-Call) determines which sections of a profile are publicly visible.

7. Cookies & Session Tracking

We use session cookies via our authentication provider (Clerk) to keep you signed in. We use lightweight first-party local-storage flags to remember UI preferences (calendar view, recent searches, autoscroll position). We do not use third-party advertising cookies. We do not currently use cross-site tracking pixels.

8. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we use your personal data to:

• Perform the contract connecting Guides and Clients (matching, booking, communication).
• Process customer payments and deliver Guide payouts.
• Send transactional notifications (email and SMS based on your opt-in preferences).
• Verify Guide credentials and maintain compliance with marine, fishing, and federal licensing requirements.
• Investigate and resolve refund disputes, payout reversals, and customer-safety reports.
• Manage our relationship with you and provide customer support.
• Detect, prevent, and address fraud, abuse, and security incidents.

9. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. We limit access to your personal data to those employees, agents, contractors, and processors who have a strict business need to know. Credential documents are stored in segregated, access-controlled buckets and are visible only to Guidecall admins.

10. Data Retention

We retain personal data only as long as necessary to provide the service and to satisfy our legal, tax, accounting, and dispute-resolution obligations. Specifically:

• Account data is retained for the lifetime of your account. Upon account deletion (see Section 12), we anonymize your name, email, and phone within seven (7) days.
• Transaction and payout records are retained for at least seven (7) years to comply with IRS retention rules, the card networks' and our payment processor's dispute and chargeback windows, and applicable state tax law. Personally identifying fields on those records are anonymized following account deletion; the underlying financial record remains.
• Call recordings are retained for at least ninety (90) days after the session ends, longer if a refund ticket or dispute is opened.
• Credential documents are retained for as long as the Guide's account is active. Expired credentials are retained for an additional one (1) year after expiry for audit purposes.
• SMS opt-in / opt-out logs are retained indefinitely for carrier-compliance and audit purposes.

11. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Right of Access — request a copy of the personal data we hold about you.
• Right of Correction — ask us to correct inaccurate or incomplete data. You can update most fields yourself from Account Settings.
• Right of Deletion — request anonymization of your name, email, and phone (see Section 12). Logged-in users can self-initiate from Account Settings; guests can use guidecall.app/privacy/delete.
• Right to Withdraw Consent — for SMS, reply STOP or untoggle SMS categories in Account Settings. For email, use the unsubscribe link or toggle email categories in Account Settings.
• Right to Lodge a Complaint — you may complain to your local data-protection authority.

12. Account Deletion

Logged-in users may request deletion from Account Settings. Guests and former users may use guidecall.app/privacy/delete. We will anonymize your name, email, and phone within seven (7) days of confirmation. Past booking, payment, and refund records remain in our systems in anonymized form to satisfy our obligations under federal, state, tax, and payment-network rules (including IRS retention and payment-network dispute-history requirements).

13. Children's Privacy

Guidecall is intended for users 18 years of age or older. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal information, please contact us at the email below and we will delete it.

14. Contact Us

For privacy questions, data-access requests, or to report a concern, contact us at admin@guidecall.app.