Legal

Privacy Policy

Last updated: March 1, 2026

Embera takes privacy seriously. We built this platform for operators who handle sensitive crew data, and we hold ourselves to the same standards we expect from our customers. This Privacy Policy explains what we collect, how we use it, and the rights you have over your data.

Information We Collect

We collect information you provide directly — your name, email, company, phone number, and any details you enter when creating an account or contacting us.

When you use the platform, we collect operational data you upload (crew rosters, certifications, schedules, time entries) and metadata about how you use the service (pages visited, features used, session duration).

We also collect device and connection information automatically, including IP address, browser type, operating system, and access times.

How We Use Your Information

We use your information to operate, maintain, and improve the Embera platform. This includes providing customer support, processing payments, sending operational notifications, and detecting fraud or abuse.

We do not sell your data. We do not use your operational data to train AI models without your explicit, written permission. Your data belongs to you — always.

SMS & Mobile Messaging

If you provide your mobile phone number and opt in, Embera may send you SMS text messages related to your account, crew operations, scheduling, dispatch alerts, and demo or support requests. Message frequency varies based on your activity.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Mobile opt-in data and consent are never sold, rented, or shared with any third party. We only share phone numbers with the messaging service providers (such as our SMS gateway) strictly to deliver the messages you have requested.

Message and data rates may apply. You can opt out of text messages at any time by replying STOP, and reply HELP for assistance. See our Terms of Use for full messaging terms.

Data Security

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). We maintain SOC 2 Type II compliance, conduct regular third-party security audits, and follow industry best practices for access control, monitoring, and incident response.

Data Retention

We retain your account data for as long as your account is active. After cancellation, we keep backups for 90 days, then permanently delete all your data. You can request earlier deletion at any time.

Your Rights

You have the right to access, correct, export, and delete your personal information. You can do most of this directly from your account settings. For anything else, email privacy@embera.co.

If you're in the EU, UK, or California, you have additional rights under GDPR and CCPA. We honor all lawful data subject requests within 30 days.

Third-Party Services

Embera uses trusted third-party services for hosting, payment processing, email delivery, and analytics. All vendors are vetted for security and privacy compliance. A full list of sub-processors is available on request.

Children's Privacy

Embera is not intended for use by anyone under 16. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We'll notify you of material changes by email or through the platform. Continued use after changes constitutes acceptance.

Contact

Questions about privacy? Email privacy@embera.co.