Privacy Policy

We respect your privacy and want you to be comfortable with how we use the personal information that you provide to us. For that reason, we are providing you with this privacy policy (“Policy”) that describes how By The Sea, Inc. (“BTS,” “we,” “us,” or “our”) collects and uses personal information. BTS is a series of websites including By-The-Sea.com, EverythingBoats.com, MarinaWizard.com, LowTideHighTide.com, BTSWebWorks.com and CapeTechnical.com.

This Policy is designed to comply with applicable United States privacy laws, including those of California, Virginia, Colorado, Connecticut, and Utah. (To see our California Consumer Privacy Act (CCPA) Privacy Notice, please scroll down.)

APPLICATION

This Policy applies to the BTS proprietary platform (collectively, the “Platform”) as well as all transactions in which BTS collects Personal Information (as defined below) from its customers. Please note, this Policy does not apply to any third party websites (including those that may be linked to our website) or third party solution providers for whom BTS facilitates and/or resells services or solutions. This Policy applies to all Personal Information received by BTS in any format including electronic, paper or verbal.

SCOPE; USAGE

Collection of Personal Information
In this Policy, “Personal Information” means any information that identifies, or could be used to identify, an individual. Your Personal Information includes all information that we receive from you when you register to receive services by or through us, which may include your first and last name, your telephone number, your email address, and other similar registration-related information. We may also collect your IP address and device data, all of which will be considered “Personal Information.”

We may also collect certain information automatically through the use of cookies. Cookies are small files placed on your hard drive that assist us in providing you with a customized browsing experience. We use cookies to provide you with the convenience of not having to reenter information, such as user IDs and passwords, multiple times during your visits to the Platform. Cookies can also be utilized to help us provide you with information targeted to your interests, based upon your prior browsing at the Platform. The “help” section of the toolbar on most browsers will inform you on how to prevent your browser from accepting new cookies, how to have the browser notify you upon the receipt of a new cookie, or how to disable the use of cookies completely. If you configure your browser to decline cookies, then certain features of the Platform may not function correctly and you may be required to re-enter any user IDs and passwords more frequently. If you access the Platform on a mobile device, then depending on the device’s specifications, you may not be able to control tracking technologies through the device’s settings.

From time to time, we may implement Google Analytics to assist us in gathering analytics and statistical data in connection with the Platform. On our behalf, Google processes this information to analyze the usage of the Platform. If you have any questions or concerns with regard to Google Analytics’ privacy practices, you can review their privacy policy at https://policies.google.com/privacy?hl=en

Use / Disclosure of Your Personal Information
We use your Personal Information to provide you with information that you request. If you are a BTS user, then we use your Personal Information as necessary to provide you with or facilitate (as applicable) your use of the Platform (the “Purpose”).

If necessary for our provision or facilitation of the Purpose, we may disclose your Personal Information to third party solution providers with whom we maintain a trusted business relationship (“Third Party Providers”). Microsoft® or Amazon Web Services (AWS) are examples of a Third Party Provider with whom we may share your Personal Information. Each Third Party Provider is required to limit its use of your Personal Information to the purpose for which the information was given to that provider.

If you believe that a Third Party Provider has used your Personal Information in a manner that is contrary to this Policy or the privacy policy of the relevant Third Party Provider, we would like to know about it. Please contact our designated privacy officer (listed below) to notify us of any misuse of your Personal Information by a Third Party Provider. Please note, we cannot and do not take responsibility for the misuse of your Personal Information by a Third Party Provider.

On occasion, we may hire third parties to perform certain functions on our behalf. Examples include removing repetitive information from our customer lists, analyzing data, providing marketing assistance, and providing customer service. These third parties have access to your Personal Information to the extent necessary to permit them to do their jobs, however, they are bound by confidentiality agreements before any information is provided to them, and they are restricted from using the information for other purposes.

We may also disclose your Personal Information if we are required to do so by law or we in good faith believe that such action is necessary to (i) comply with the law or with legal process; (ii) protect and defend our rights and property; (iii) protect against misuse or unauthorized use of the Platform or any of the services, features, or functions of the Platform; or (iv) protect the personal safety or property of our users or the public (among other things, this means that if you provide false information or attempt to pose as someone else, information about you may be disclosed as part of any investigation into your actions).

We may also use your Personal Information in the aggregate to determine our customers' demographics and preferences. In addition, we may use your Personal Information to analyze Platform usage to understand and improve our services, or for investing in or developing new services.

Other than as stated in this Policy (or as expressly permitted by you in writing, if applicable), we will not release your Personal Information to unknown or unaffiliated third parties, and we will not cross-reference your Personal Information with that of any other customer or entity, nor will we share your Personal Information for cross-context behavioral advertising of any sort. Other than your Personal Information being a transferred asset in the event of a sale of our business, we will not sell your Personal Information.

Retention
We retain Personal Information only for as long as necessary for the Purpose. We may retain information longer where required by law or for legitimate business purposes, such as retaining information to document or prove our then-current or prior business relationship with you.

Cross-border Transfers
Our services are operated and/or facilitated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country, or territory other than that of the United States. Your Personal Information may be stored and processed in any country where we have facilities or in which we engage Third Party Providers, and by using our services you consent to the transfer of information to countries outside of the United States, which may have different data protection rules than those of the United States.

Additional Information Relating To Your Personal Information
BTS keeps your Personal Information in an encrypted format while on our servers. When we transmit your Personal Information, we do so in a secure fashion. We will take commercially reasonable steps to protect your information; however, no security system or mechanism is completely foolproof, and we cannot and do not warrant or guarantee that your Personal Information is 100% free from unauthorized access or viewing.

Also, if all or substantially all of our assets are transferred or acquired in a sale or assignment, or in connection with similar corporate transactions, your Personal Information may be one of the transferred assets. It is our practice to seek appropriate protection for information in these types of transactions.

Accuracy & Access
We will take reasonable steps to ensure that your Personal Information is relevant, accurate, complete and current, to its intended use. We provide individuals with reasonable access to Personal Information that they provided to us, as well as the ability to review and correct such information, if applicable.

To protect your privacy and security, we may also implement multi-factor authentication and/or take other reasonable steps to verify your identity before granting access to your Personal Information. To view and change the Personal Information that you provided to us directly, you can also contact our privacy officer as indicated below.

Please note, at times we may need to retain some information about you to satisfy our internal business, legal, and/or security obligations. For that reason, some of your Personal Information may remain archived even if you ask us to delete it.

Security
To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of your Personal Information, we utilize physical, technical, and administrative procedures to safeguard the information we collect.

Among other things, we use Secure Sockets Layer (SSL) encryption when collecting or transferring sensitive data, such as credit card information. SSL encryption is designed to make the information unreadable by anyone but us.

We also use firewalls and restricted access methods to ensure the security of the information we collect. Any of our employees who have been granted physical access to your Personal Information will be made aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been (or will be promptly after their hiring) provided training and instruction on how to do so.

Appeals
If you request that we take action with regard to your Personal Information and we determine, in our discretion, we reject your request or determine that your request cannot be accommodated, you have the right to appeal our decision by contacting our Pfficer listed below. We will respond to appeals within applicable legal timeframes.

Automated Decision Making
We may use automated tools or artificial intelligence-based (AI) solutions to optimize the Platform, provide us with operational analytics for the Platform, or execute certain features or functions of the Platform. We do not use automated tools or AI to make decisions that produce legal or similarly significant effects without appropriate safeguards.

Children’s Privacy
The Platform is not directed to children under 13, and we do not knowingly collect Personal Information from children under the age of 13.

Data Breach Response
In the event of a data breach in which unencrypted Personal Information in our possession or control is accessed in an unauthorized manner, we will provide notifications to all affected persons as required by applicable law.

Contact for Privacy Issues
If you have any questions or comments about this Policy, please direct them to our designated privacy officer contact. BTS’s designated contact for questions related to our website’s privacy is support@by-the-sea.com.

CHANGES TO THIS POLICY

The practices described in this Policy are current as April 2026. We may, at our sole discretion, update this Policy at any time by posting the revised or amended Policy on the Platform. The revised or amended Policy shall be effective upon posting. You are encouraged to refer to this Policy regularly.

California Consumer Privacy Act (CCPA) Privacy Notice
This Privacy Notice applies only to California consumers and supplements the Policy. To the extent that the provisions below contradict the provisions of the Policy above, the provisions below shall govern.

Personal Information We Collect
We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“CCPA Personal Information”). We have collected categories of CCPA Personal Information noted in the Collection of Personal Information (above) within the last twelve (12) months.

Use of CCPA Personal Information
We may use categories of CCPA Personal Information for the business purposes noted in Use / Disclosure of Your Personal Information section, above.

Categories of CCPA Personal Information Disclosed for a Business Purpose
We may disclose the categories of CCPA Personal Information noted in the Use / Disclosure of Your Personal Information section (above) for business purposes related to our provision or facilitation (as applicable) of the Services.

Sources of CCPA Personal Information
The sources of information we collect are listed in the Collection of Personal Information section, above.

Your Rights
You have the right to request that we disclose (i) the categories of CCPA Personal Information we collect about you, (ii) the sources from which we collect CCPA Personal Information, (iii) our business purpose for collecting or using CCPA Personal Information, and (iv) the third parties with whom we share CCPA Personal Information.

You also have the right to request that we delete any CCPA Personal Information about you that we possess. If you request that we delete such information, then we will do so in accordance with applicable legal requirements. You may request that we delete your CCPA Personal Information by contacting our privacy contact. We reserve the right to retain your CCPA Personal Information if we are required to do so to complete a transaction with you or on your behalf, to detect and remediate security incidents, to exercise free speech, and/or to comply with legal obligations. We may also keep the information for internal purposes reasonably aligned with your expectations based on your business relationship with us.

You also have the following additional rights:

• The right to correct incomplete or inaccurate personal information;
• The right to receive a copy of your CCPA Personal Information;
• The right to limit the use and disclosure of sensitive personal information;

You are hereby notified that we may use or rely upon automated decision-making technology (ADMT) in the provision and/or facilitation of our services in the manner described in Use / Disclosure of Your Personal Information, above. To the extent that ADMT is used, you have the following rights:

• The right to opt-out of the use of for significant decisions and extensive profiling;
• The right to find out how the automated system works, including the logic and key factors used to arrive at a decision; and,
• The right to appeal significant decisions made by ADMT.

We will not discriminate against you based on your exercise of any of your CCPA rights.

You can assert these rights only where we receive a verified request from you. In order to verify the request and your identity, we may ask you to verify your identity. Because we only collect limited information about individuals, we may be unable to verify requests to the standard required by the CCPA.