Privacy Policy

1. Who we are

Sentinel Dive provides Android and Web applications for dive logging, dive planning, cloud sync, equipment tracking, certification records, hydration tracking, and dive analysis. For privacy questions, account deletion requests, or data requests, use the contact form in Section 14.

2. Data we collect

The data we collect depends on the features you use. It may include account details such as email address, display name, password verifier, email verification status, and session tokens. It may also include dive logs, imported dive-computer data, depth samples, gas mixes, dive events, trips, equipment, cylinders, buddies, dive centers, dive professionals, dive sites, GPS coordinates you save, photos, certification and insurance records, uploaded certification files, OCR text, briefing plans, hydration records, post-dive interview answers, notification preferences, and app settings.

If you complete your diver profile, Sentinel Dive may process personal and health-adjacent information used for safety and planning calculations, such as date of birth, biological sex, height, weight, fitness level, smoking status, PFO status, DCS history, emergency contact details, and notes you choose to enter.

3. Android Application

The Android application is designed to work offline first. It stores your records locally on the device and syncs them to the backend only when you configure and use cloud sync. The local app database is encrypted at rest with SQLCipher. The database passphrase is generated on first install and stored using AndroidKeyStore-backed encrypted preferences.

Android permissions are used for app features: Bluetooth and USB access connect to supported dive computers; location is used for Bluetooth scanning on older Android versions and for dive site tagging or marine condition lookups when you use those features; notifications are used for reminders and alerts; storage access on older Android versions supports map tile caching and file handling.

4. Backend and cloud sync

When you create or connect a cloud account, Sentinel Dive sends selected app data to the backend so your records can be backed up and synchronized between Android and Web. Syncable data includes dives, trips, equipment, cylinders, buddies, dive centers, dive professionals, personal dive sites, diver profile, risk settings, certification records, certification file metadata, dive photo metadata, briefing plans, post-dive interviews, and daily hydration records.

The backend stores passwords as hashes and refresh tokens as server-side records. Selected sensitive fields are encrypted at rest before database storage, including profile contact and emergency contact fields, certification and insurance identifiers, buddy contact fields, dive center contact fields, and dive professional contact fields. Encryption uses AES-256-GCM with server-managed keys. Some operational fields remain plaintext when needed for sync, search, sorting, validation, or app logic.

5. How we use data

We use your data to provide the features you request: account access, email verification, cloud sync, backup and recovery, dive import, logbook display, maps and dive site memory, personalized risk calculations, hydration calculations, surface interval calculations, equipment service reminders, certification expiry tracking, post-dive debriefing, and AI assisted analysis where enabled.

6. AI features

Sentinel Dive includes optional AI features for dive search, coaching, debriefing, and analysis. AI prompts may include the dive, profile, equipment, briefing, or debriefing context needed to answer your request. On Android, some AI requests can be sent directly to Google Gemini using the API key configured in the app. On the Web, AI requests are handled by the backend and sent to the configured AI provider. AI output is informational and must not be treated as medical, emergency, or professional diving advice.

When you use AI features, prompt context may include health and fitness-related dive data and user-generated content (for example dive notes or debriefing text) needed to answer your request. AI features are optional and not required for core app functionality.

7. Sharing and service providers

We do not sell your personal data. We share data only as needed to run Sentinel Dive, provide requested features, comply with law, or protect the service. Service providers may include hosting and database providers, email delivery providers, map or geocoding services, marine/weather data providers, and AI providers used by optional AI features.

If you choose to share content through community features, shared dive sites, public contributions, exports, or your device's native share sheet, that content may be visible to the recipients or audience you select.

8. Security

We use technical safeguards including HTTPS for production traffic, Android certificate pinning for production sync, encrypted Android local storage, encrypted Android token storage, backend password hashing, refresh token rotation, route-level rate limits, CORS restrictions, security headers, upload validation, path traversal checks, and server-side encryption for selected sensitive fields.

9. Retention and deletion

We keep account and cloud data while your account is active or as needed to provide the service, resolve issues, maintain security, comply with legal obligations, or protect the service. You can delete local Android data from the app. If your account is connected to cloud sync, the Android app offers a "Delete everywhere" flow when the backend is reachable.

The backend supports account deletion and data purge flows. Account deletion removes private account data and anonymizes the account record. Some community contributions may remain in anonymized form where needed to preserve public community content. You can also request deletion via the contact form in Section 14.

10. Your choices and rights

You can choose not to create a cloud account and use Android local-only features. You can review, edit, or delete many records inside the app. Depending on your location, you may have rights to request access, correction, deletion, portability, restriction, or objection regarding your personal data. Contact us to submit a request.

11. Children

Sentinel Dive is not directed to children and is intended for users who are old enough to participate in scuba diving activities and manage their own diving records.

12. Safety and medical disclaimer

Sentinel Dive is a dive logging and planning tool designed to support diving activity. It is not a substitute for professional diving training, medical evaluation, a certified dive computer, emergency services, or the guidance of a certified dive professional or diving medicine physician.

Calculations and recommendations, including decompression ceilings, surface risk scores, nitrogen tissue loading, oxygen toxicity estimates, ascent analysis, hydration guidance, AI-generated text, and surface interval advice, are estimates only. They may be inaccurate, incomplete, delayed, or unsuitable for your condition, environment, equipment, or dive profile.

Do not rely solely on Sentinel Dive for decompression decisions, ascent planning, gas planning, emergency response, rescue decisions, fitness-to-dive evaluation, medical clearance, diagnosis of decompression sickness, or treatment decisions. Always dive within your training and certification limits, use appropriate diving equipment, follow your dive computer and established procedures, and seek qualified medical help for suspected diving injuries.

Environmental conditions, thermal stress, workload, hydration, medication, fatigue, altitude exposure, repetitive dives, individual physiology, and equipment issues can affect diving safety beyond what software can predict. When in doubt, dive conservatively or do not dive.

Scientific references, open-source attributions, and map data notices are listed on the Acknowledgements page.

13. Changes to this policy

We may update this policy when the application, backend, or legal requirements change. The effective date at the top identifies the current version.

14. Contact support

Send privacy or data requests using this form. We use anti-spam controls and may rate limit repeated submissions.