Privacy Policy

Last updated: March 2026

Who we are

DiveDeck is operated by SignalWorks. Our website is divedeck.io.

What we collect

DiveDeck tools are designed to collect as little data as possible. Here is exactly what happens when you use our tools:

In your browser: Your photo is loaded, corrected, and displayed entirely within your browser. The pixels of your original photo never leave your device unless the conditions below are met.

After download (quality-gated uploads): When you tick the terms checkbox and download your corrected image, we silently check whether your image meets our media library quality standards — minimum resolution, valid format, and underwater colour profile. If the image passes, the original and corrected versions are uploaded to our secure cloud storage (Cloudflare R2) along with EXIF metadata extracted from your photo (which may include GPS coordinates, camera make and model, and timestamp).

Session hash: A one-way anonymised hash is derived from your browser session and stored alongside any uploaded image. This hash is used only for deduplication — it cannot be used to identify you.

We do not collect your name, email address, IP address, or any other personally identifiable information.

Cookies and tracking

We do not use advertising cookies, tracking pixels, or third-party analytics scripts. We use Umami Analytics — a privacy-first, cookieless analytics tool that collects only aggregate, anonymous page view data. No personal data is collected, no cookies are set, and there is nothing to opt out of.

How we use your content

By ticking the terms checkbox before downloading, you grant DiveDeck a perpetual, royalty-free licence to use, edit, store, and publish your uploaded media. This is stated clearly at the point of download. We may use quality-gated images in our media library, editorial content, or promotional materials. We do not sell your images to third parties.

Data retention

Uploaded images and associated metadata are retained indefinitely as part of the DiveDeck media library. The anonymised session hash is stored alongside the media for deduplication purposes only.

Your rights

Because we store no personally identifiable information, standard data subject rights (access, deletion, portability) are limited in practice — we have no way to identify which uploads, if any, belong to you. If you have concerns about a specific upload, contact us and we will do our best to assist.

Third-party services

We use the following third-party infrastructure:

Cloudflare R2 — cloud storage for uploaded images. Cloudflare's privacy policy applies to data stored there.

Supabase — database for metadata storage. Supabase's privacy policy applies.

Umami — cookieless, privacy-first analytics. No personal data is shared.

Changes to this policy

We may update this policy from time to time. The date at the top of this page reflects the most recent revision.

Contact

Questions about this policy? Email hello@divedeck.io