1. Who we are

MyFloat provides support, service, parts, consumables, membership access, and related portal tools for float pod operators.

For the purposes of data protection law, MyFloat is the data controller for the personal information covered by this policy.

If you have any questions about this policy or how we handle personal information, please contact us using the details above.

2. Who this policy applies to

This policy applies to personal information relating to:

• website visitors;
• portal users;
• membership applicants and members;
• customers and prospective customers;
• business contacts;
• support request submitters;
• people attending remote sessions or booking services with us;
• people who contact us about parts, consumables, servicing, support, or general enquiries.

This policy does not apply to information that has been fully anonymised so that it can no longer identify any person.

3. The information we may collect

Identity and contact information

• name;
• business name;
• job title or role;
• email address;
• telephone number;
• billing address;
• service address;
• country and location details.

Account and membership information

• portal login details;
• account status;
• membership status;
• membership plan details;
• support access permissions;
• account preferences.

Order, payment and transaction information

• order details;
• invoices;
• payment status;
• transaction references;
• subscription details.

We do not store full card details ourselves. Payments may be processed by third-party payment providers such as Stripe.

Enquiry and support information

• messages you send us;
• support tickets;
• fault descriptions;
• uploaded files, photos, videos, or documents;
• service notes;
• correspondence history;
• records of support actions taken.

Service, system and operational information

Where relevant to the services we provide, we may collect or receive information relating to your float pod systems, site setup, service history, parts history, configuration details, and technical issues.

This may include, where available and relevant:

• pod identification details;
• service and maintenance records;
• parts replacement history;
• fault logs;
• diagnostics;
• device or controller status information;
• usage-related operational information;
• remotely submitted readings or status data.

We will only collect this type of information where it is relevant to providing support, servicing, membership tools, diagnostics, record-keeping, or related services.

Website, portal and device usage information

• IP address;
• browser type;
• device information;
• pages visited;
• date and time access logs;
• referral data;
• cookie and analytics data.

Marketing and communication preferences

• whether you have opted in or out of certain communications;
• your communication preferences.

4. How we collect information

We may collect personal information:

• directly from you when you contact us;
• when you create an account or apply for membership;
• when you submit a support request;
• when you place an order or make a payment;
• when you use the website or portal;
• when you communicate with us by email, forms, or other channels we make available;
• from service records, technical interactions, or diagnostics linked to the services we provide;
• from payment providers and service providers where relevant to your transaction or account;
• from cookies and analytics tools on the website or portal.

5. How we use personal information

To provide our services

We use information to:

• create and manage accounts;
• process membership applications and memberships;
• provide support services;
• respond to enquiries;
• supply products, parts and consumables;
• administer orders, subscriptions, and payments;
• provide service visits, remote support, and technical guidance;
• maintain support and service records.

To operate and improve the portal and support systems

We use information to:

• manage access to portal features;
• maintain support history and service records;
• help diagnose technical problems;
• monitor system performance and service delivery;
• develop and improve our portal, tools, and support processes.

To communicate with you

We use information to:

• send service-related updates;
• respond to support requests and enquiries;
• notify you about account, payment, or membership matters;
• send important operational or contractual communications.

For business administration and protection

We use information to:

• manage our business operations;
• maintain records;
• prevent misuse, fraud, or unauthorised access;
• enforce our terms;
• defend or bring legal claims where necessary;
• comply with legal and regulatory obligations.

For analytics and service improvement

We may use information to understand how the website, portal, membership services, and support processes are used so that we can improve them.

Where possible, we will use aggregated or anonymised information for analytics and reporting.

6. Our lawful bases for using personal information

Under UK data protection law, we must have a lawful basis for processing personal information. Depending on the situation, we rely on one or more of the following:

Contract

Where we need to process personal information:

• to provide the services you have requested;
• to manage your account or membership;
• to fulfil an order;
• to provide support, service visits, parts, subscriptions, or related services;
• to take steps at your request before entering into a contract.

Legitimate interests

Where it is reasonably necessary for us to run and improve MyFloat, provided those interests are not overridden by your rights and interests. This may include:

• managing and improving our services, portal, and internal systems;
• fraud prevention and detection;
• security monitoring;
• sending service and operational communications;
• maintaining records for business management;
• training and quality assurance.

Legal obligation

Where we need to process personal information to comply with a legal or regulatory requirement.

Consent

Where we have asked for and received your consent, for example for certain marketing communications. You can withdraw consent at any time.

7. Marketing communications

We may contact you with service-related updates, notices about your account, and information about products and services relevant to your account with us.

We will not send you unsolicited marketing. Where we rely on consent for marketing, you can withdraw that consent at any time by contacting us or using the unsubscribe option in any marketing email.

8. Sharing personal information

We do not sell personal information. We may share personal information with:

Service providers and processors

Third parties who help us deliver our services, including:

• payment processing providers (such as Stripe);
• email and communication service providers;
• cloud infrastructure and hosting providers;
• analytics and monitoring tools;
• shipping and logistics providers (for consumables and parts orders).

These providers only process personal information on our instructions and are subject to appropriate data processing agreements.

Professional advisers

Lawyers, accountants, and other professional advisers where necessary for our business operations or legal matters.

Legal and regulatory requirements

Where required to do so by law, by a court, regulator, or other legal authority.

Business transfers

In the event of a sale, merger, acquisition, or restructuring of our business, personal information may be transferred as part of that transaction. We will notify you if this occurs in a way that affects your information.

9. International transfers

Some of our service providers may be based outside the UK or European Economic Area. Where this is the case, we ensure that any transfer of personal information is subject to appropriate safeguards, such as standard contractual clauses or equivalent protections under applicable data protection law.

10. Data retention

We retain personal information for as long as reasonably necessary for the purposes set out in this policy, including:

• for as long as you hold an account or membership with us;
• for as long as is necessary to provide services or fulfil obligations to you;
• to comply with legal, tax, or regulatory obligations;
• to resolve disputes or enforce agreements;
• for legitimate business record-keeping purposes.

When personal information is no longer required, we delete or anonymise it securely.

11. Your rights

Under UK data protection law, you may have the right to:

• Access — request a copy of the personal information we hold about you;
• Rectification — request correction of inaccurate or incomplete information;
• Erasure — request deletion of your personal information in certain circumstances;
• Restriction — request that we restrict processing of your information in certain circumstances;
• Portability — receive your personal information in a structured, commonly used format in certain circumstances;
• Objection — object to processing based on legitimate interests or for direct marketing;
• Withdraw consent — where processing is based on consent, you may withdraw it at any time.

These rights are not absolute and may be subject to exemptions. To exercise any of your rights, please contact us using the details in section 1.

We will respond to requests within one month. If your request is complex, we may extend this by a further two months and will let you know.

We will not charge a fee for responding to requests unless they are manifestly unfounded or excessive.

12. Cookies

Our website and portal use cookies and similar technologies. Cookies are small files stored on your device that help us provide and improve our services.

We use cookies for purposes including:

• keeping you logged in to your portal account;
• remembering your preferences;
• security and fraud prevention;
• understanding how the website and portal are used.

You can control or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the website or portal.

Our website may use third-party analytics tools. Where such tools are used, data collected is used in accordance with the relevant provider's privacy policy.

13. Automated decision-making and profiling

We do not make solely automated decisions that have legal or similarly significant effects on individuals.

We may use automated tools to assist with processes such as spam detection, fraud prevention, and support ticket triage. Any significant outcome remains subject to human review.

14. AI and automated tools

We may use AI-assisted tools to support internal operations, such as drafting support responses, summarising service notes, or processing service report information. Where personal information is processed using such tools, we take steps to ensure appropriate safeguards are in place.

We do not use personal information to train AI models without appropriate consent or a lawful basis.

15. Security

We take reasonable technical and organisational measures designed to protect personal information against unauthorised access, misuse, loss, alteration, or disclosure.

However, no system can be guaranteed to be completely secure, and you provide information at your own risk.

16. Third-party links and services

Our website or portal may contain links to third-party websites, tools, or services. Those third parties operate under their own terms and privacy notices, and we are not responsible for their privacy practices.

17. Children

MyFloat's services are intended for business and adult users. We do not knowingly collect personal information from children.

18. Complaints

If you have concerns about how we handle personal information, please contact us first and we will try to resolve the issue.

You also have the right to complain to the Information Commissioner's Office (ICO) in the UK:

• Website: ico.org.uk
• Phone: 0303 123 1113

19. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our services, systems, providers, or legal requirements.

The latest version will always be posted on the relevant website or portal, with the updated effective date shown at the top.