Privacy Policy

Effective Date: November 24, 2025

At Ocean Ashes, we are committed to protecting your privacy and handling your personal information with the utmost care and respect. This Privacy Policy explains how Ocean Ashes, LLC ("we," "us," or "our") collects, uses, discloses, and safeguards personal information when you visit our website www.oceanashes.com (the "Site"), contact us for services, or engage with our ocean ash scattering and memorial services.

As a small, family-operated business based in Florida, we primarily serve individuals seeking meaningful ways to honor loved ones through eco-friendly ocean burials at sea. We do not sell your personal data, and we limit collection to what is necessary for providing compassionate, high-quality services.

This Policy complies with applicable laws, including the Florida Digital Bill of Rights (effective July 1, 2024), the California Consumer Privacy Act (CCPA), and the General Data Protection Regulation (GDPR) for EU/UK visitors. If you are a resident of another U.S. state with privacy laws (e.g., Virginia, Colorado), similar protections apply where relevant.

By using our Site or services, you consent to the practices described herein. If you do not agree, please do not provide personal information or use our Site.

1. Information We Collect

We collect limited personal information to facilitate bookings, communications, and service delivery. We do not collect sensitive data beyond what is essential for our memorial services.

Personal Information You Provide

Contact Details: Name, email address, phone number, and mailing address (provided via contact forms, booking inquiries, or service registrations).
Service-Related Information: Details about the deceased (e.g., full name, date of birth/death) and preferences for ash scattering ceremonies (e.g., location, date, guest count).
Payment Information: Credit card details, billing address, and transaction history (processed securely via third-party providers; we do not store full card numbers).
Communication Data: Messages, feedback, or inquiries submitted through our Site, email, or phone.

Information Collected Automatically

Usage Data: IP address, browser type, device information, pages visited, time spent on Site, and referral sources (via cookies and analytics tools like Google Analytics).
Location Data: Approximate location for service availability (e.g., Florida coastal areas) based on IP address.

We do not collect biometric data, racial/ethnic origins, health information (beyond basic service needs), or children's data (our services are not directed at individuals under 18; we will delete any such data received accidentally).

2. How We Use Your Information

We use personal information solely for legitimate business purposes, with your consent where required:

To process and fulfill ash scattering bookings, including coordinating vessels, EPA compliance, and certificates.
To communicate with you about services, updates, or follow-ups (e.g., confirmation emails, ceremony reminders).
To process payments and prevent fraud.
To improve our Site and services (e.g., analyzing usage trends anonymously).
To send occasional newsletters or promotional updates (only with opt-in consent; you can unsubscribe anytime).
For legal compliance, such as EPA regulations for burials at sea.

Under GDPR (for EU/UK users), our legal bases include contract performance (for bookings), legitimate interests (for Site improvements), and consent (for marketing).

We retain information only as long as needed: booking records for 7 years (for legal/tax purposes), contact details until you request deletion, and analytics data indefinitely in aggregated form.

3. How We Share Your Information

We do not sell, rent, or trade personal data for profit. Sharing is limited to:

Service Providers: Trusted third parties who assist us, such as:
- Payment processors (e.g., Stripe or PayPal) for transactions.
- Email services (e.g., Mailchimp) for communications.
- Boat charter operators for ceremony execution (bound by confidentiality). These providers are contractually obligated to protect data and use it only for our services.
Legal Requirements: If required by law, subpoena, or government request (e.g., EPA filings for scattering coordinates).
Business Transfers: In the event of a merger or sale, with notice to you.

No data is shared with advertisers or for targeted marketing.

4. Cookies and Tracking Technologies

Our Site uses cookies (small files stored on your device) for functionality and analytics:

Essential Cookies: For Site navigation and booking forms.
Analytics Cookies: To understand user behavior (e.g., Google Analytics; you can opt out via browser settings).
Preferences: To remember choices like language.

You can manage cookies through your browser (e.g., disable in Chrome settings). Disabling may limit Site features. For more, see our Cookie Policy (linked in footer).

We do not use tracking for behavioral advertising.

5. Data Security

We implement reasonable security measures to protect your data, including encryption for payments (SSL/TLS), access controls, and regular audits. However, no online transmission is 100% secure—we cannot guarantee absolute security.

In case of a data breach, we will notify affected individuals and authorities as required by law (e.g., Florida Information Protection Act).

6. Your Privacy Rights

You have control over your data. To exercise rights, contact us (see Section 10). We respond within 45 days (extendable if needed).

Access: Request a copy of your personal data.
Correction: Update inaccurate information.
Deletion: Request removal (subject to legal retention needs).
Opt-Out of Sale/Sharing: We do not sell data, but you can opt out of any future sharing.
Do Not Sell My Info (CCPA): California residents can opt out via the "Do Not Sell or Share My Personal Information" link in our footer.
Limit Sensitive Data Use: Opt out of processing sensitive inferences.
GDPR Rights (EU/UK): Object to processing, data portability, or withdraw consent.
Nondiscrimination: We honor rights without penalty.

For verification, we may request ID. Appeals: Email us; we'll review promptly.

Florida residents: Under the Digital Bill of Rights, you have rights to opt out of voice/facial recognition (not used here) and profile data sales.

7. Children's Privacy

Our Site and services are not for children under 18. We do not knowingly collect data from minors. If we learn of such, we delete it immediately. Parents/guardians can contact us for access/deletion.

8. International Data Transfers

We are U.S.-based and store data in the U.S. For international users (e.g., EU), transfers use Standard Contractual Clauses for GDPR compliance. By using our Site, you consent to U.S. processing.

9. Third-Party Links

Our Site may link to external sites (e.g., payment processors). We are not responsible for their privacy practices—review their policies.

10. Changes to This Policy

We may update this Policy to reflect changes in practices or laws. Significant updates will be posted here with a revised effective date. Continued use constitutes acceptance.

Check periodically for changes.