Privacy Policy

Last updated: May 10, 2026

1. Introduction

Daydream Development Inc., the owner and operator of Slip Boss ("we," "our," or "us"), is committed to protecting privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our marina management platform and related services (the "Service").

This Privacy Policy applies to two categories of people:

  • Customers — marinas, marina operators, and the individual account holders and staff who use the Service to operate their business; and
  • End Customers — boat owners, renters, booking customers, and other individuals whose personal information is uploaded to the Service by our Customers.

For End Customers' personal information uploaded by a Customer (such as boat-owner contact details, insurance certificates, registration documents, and rental agreements), the Customer is the controller of that information and is responsible for collecting it lawfully and providing privacy notices to those individuals. We process that information as the Customer's service provider in accordance with our Terms of Service. If you are an End Customer with questions about how a marina uses your personal information, please contact that marina directly.

2. Information We Collect

2.1 Information You Provide About Your Account

  • Account information (name, email address, hashed password, language preference, time zone);
  • Marina information (business name, address, logo, branding);
  • Billing and payment information (processed by Stripe, Inc. — full card numbers are not stored on our systems);
  • Staff names and PIN codes used to gate access-controlled features inside your account;
  • Communications with our support team.

2.2 Information You Upload About End Customers and Your Operations

  • Boat-owner and customer records (name, contact details, address);
  • Boat information (registration, hull identification, specifications, photos);
  • Uploaded documents, which may include insurance certificates, boat registration documents, rental and slip agreements, signed contracts, and other files you choose to attach;
  • Booking, rental, point-of-sale, and account transaction records;
  • Signature metadata for documents signed through the Service, including the IP address and user-agent of the signer and the time of signing.

2.3 Information Automatically Collected

  • Usage data and application logs;
  • IP address and device information;
  • Browser type and version;
  • Cookies and similar technologies (see Section 8).

3. How We Use Information

  • Provide, maintain, secure, and improve the Service;
  • Authenticate users and protect against fraud and abuse;
  • Process payments and transactions;
  • Send administrative, transactional, and service-related communications;
  • Provide customer support;
  • Generate aggregated, de-identified analytics about how the Service is used;
  • Comply with legal obligations and respond to lawful requests.

4. How We Share Information

We do not sell, rent, or trade personal information. We share information in the following circumstances:

  • With sub-processors and service providers that help us operate the Service (see Section 5);
  • With third-party integrations you choose to enable (for example, QuickBooks Online for accounting sync — only data you authorize is transmitted);
  • With your consent or at your direction;
  • To comply with legal obligations, lawful requests, or enforceable governmental requests;
  • To enforce our Terms of Service or protect the rights, property, or safety of Daydream Development Inc., our users, or others;
  • In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, in which case the acquirer will be bound by this Privacy Policy in respect of the transferred information.

5. Sub-Processors and Third-Party Services

We rely on the following third-party providers to deliver the Service. Each operates under its own privacy policy and applies its own security controls.

  • Stripe, Inc. — payment processing, subscription billing, and (where enabled) marina payouts via Stripe Connect.
  • Hetzner Online GmbH — application and database hosting.
  • Cloudflare, Inc. — content delivery, edge serving of our website and application, and encrypted off-site storage of database backups via Cloudflare R2.
  • Resend (Resend, Inc.) — transactional email delivery (account verification, password resets, document delivery, PIN codes, and similar messages).
  • EmailOctopus — marketing email list for product updates (Customers only; unsubscribe at any time).
  • Intuit Inc. (QuickBooks Online) — optional accounting integration that you may authorize on a per-account basis.

We may update this list from time to time. The current list above is intended to be comprehensive of sub-processors that receive personal information.

6. International Data Transfers

Daydream Development Inc. is incorporated in Canada with its business address in Ontario. Our sub-processors may store or process information outside Canada, including in the European Union and the United States. By using the Service, you understand that information may be transferred to, stored in, or processed in jurisdictions that may not have data-protection laws equivalent to those in your jurisdiction. We rely on contractual safeguards with our sub-processors as required by applicable law.

7. Data Security

We implement administrative, technical, and physical safeguards that we believe are reasonable for the size and nature of our Service. These currently include:

  • Encryption of data in transit using HTTPS/TLS;
  • Industry-standard password hashing for account credentials (Argon2id);
  • Logical isolation of each Customer's data (multi-tenant separation);
  • Access controls limiting which personnel can access production systems;
  • Encrypted off-site backups of databases;
  • Payment data handled by Stripe, a PCI-DSS Level 1 service provider — full card numbers do not touch our systems.

No system is completely secure. Despite our safeguards, we cannot guarantee that personal information will never be lost, accessed without authorization, altered, or destroyed. You should not upload to the Service any information that you cannot afford to have lost, exposed, or accessed by unauthorized parties, and you should maintain your own backups or exports of information that is material to your operations. As described in our Terms of Service, you are responsible for keeping your account credentials confidential and for managing access by your staff and other authorized users.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Service, remember your preferences, keep you signed in, and measure how the Service is used. Most browsers let you control cookies through your settings, but disabling them may break essential features such as login.

9. Data Retention

We retain personal information for as long as your account is active and as needed to provide the Service. After termination of your account, we will delete or anonymize Customer Data within a reasonable period — typically within ninety (90) days — except where we are required to retain it longer to comply with legal obligations, resolve disputes, prevent fraud, or enforce our agreements. Encrypted backups may persist for the duration of our standard backup-retention window (currently seven (7) days) after deletion from production systems.

10. Your Privacy Rights

Depending on where you live, you may have rights under applicable privacy laws including Canada's Personal Information Protection and Electronic Documents Act ("PIPEDA"), Quebec's Act Respecting the Protection of Personal Information in the Private Sector, the EU General Data Protection Regulation ("GDPR"), and the California Consumer Privacy Act ("CCPA"). These rights may include:

  • Access to your personal information;
  • Correction of inaccurate or incomplete information;
  • Deletion of your personal information;
  • Restriction of, or objection to, certain processing;
  • Withdrawal of consent (where processing is based on consent);
  • Data portability;
  • The right to lodge a complaint with a privacy regulator.

To exercise these rights with respect to your account information, contact us at privacy@slipboss.com. If you are an End Customer whose personal information was uploaded by a marina, please direct your request to that marina; we will support them in responding.

11. Children's Privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information directly from children under 16. If we become aware that we have collected such information without a lawful basis, we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through an in-app notice. Your continued use of the Service after the revised policy takes effect constitutes your acceptance of it.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Daydream Development Inc.

Privacy inquiries: privacy@slipboss.com

Security incidents: security@slipboss.com

General inquiries: info@slipboss.com