Privacy Policy

This Privacy Policy describes how Agulhas, LLC (“Agulhas,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when you visit agulhasllc.com, use TankerTime.ai, or interact with any of our related services, including text messages we send (together, the “Services”). Agulhas, LLC is a Wyoming limited liability company.

By using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Services.

1. Information We Collect

1.1 Information you provide

When you create or administer a TankerTime account, we may collect your name, email address, phone number, employee number, job classification, pilot qualifications, seniority information, home base assignment, and any other information you or your employer provides through the platform. If you contact us by email, we collect the contents of your message and any attachments.

1.2 Information generated through use

As you use TankerTime, the platform generates and stores operational data including schedule records, duty-status history, bid submissions, bid awards, open-time postings, coverage assignments, travel-day calculations, expense report data, and audit logs of actions taken within the system.

1.3 Biometric information

We do not collect biometric identifiers or biometric information (as defined under the Illinois Biometric Information Privacy Act or similar state laws), such as fingerprints, facial geometry, voiceprints, or retina scans. TankerTime does not use biometric-based authentication or identification.

1.4 Information collected automatically

When you access the Services, our hosting provider (Vercel) and error-tracking service (Sentry) may automatically collect technical information such as IP addresses, browser type, device identifiers, operating system, pages viewed, and timestamps. We configure Sentry to scrub personally identifiable information from error reports.

1.5 Information for SMS messaging

If you opt in to receive text message notifications from TankerTime, we collect your mobile phone number and carrier information to deliver those messages. We use Twilio as our messaging service provider.

2. How We Use Information

We use the information we collect to:

Provide and operate the Services, including scheduling, bidding, coverage, and expense-report features. Communicate with you about your account, schedule changes, bid status, coverage requests, and other operational matters — by email, in-app notification, or text message (if you have opted in). Authenticate users and enforce role-based access controls. Maintain audit logs for compliance and dispute resolution. Monitor, diagnose, and fix technical issues. Comply with legal obligations, including obligations under the applicable collective bargaining agreement. Improve and develop the Services.

We do not use your information for behavioral advertising, profiling, or marketing to third parties. We do not sell your personal information.

3. Text Message (SMS/MMS) Communications

TankerTime may send you text messages related to your scheduling and operational duties, including schedule change alerts, bid notifications, coverage requests, sick-call alerts, and travel-day reminders. These messages are sent via Twilio.

By opting in to text messages, you consent to receive recurring automated text messages from Agulhas, LLC at the mobile number you provide. Consent is not a condition of purchasing any goods or services. Message frequency varies based on your schedule activity but you may receive up to approximately 20 messages per week during peak periods.

Message and data rates may apply. Your carrier’s standard messaging rates apply to any messages you send or receive.

We will not share your phone number or any information collected through our SMS program with third parties for their marketing purposes. Information collected through the SMS program is used solely to deliver the operational messages described above and to administer the messaging service.

To stop receiving text messages, reply STOP to any message. You will receive a single confirmation message and no further texts will be sent. For help, reply HELPor contact us at sales@agulhasllc.com or (307) 363-6746.

Supported carriers include but are not limited to AT&T, T-Mobile, Verizon, and Sprint. Service may not be available on all carriers. We are not responsible for delayed or undelivered messages due to carrier issues.

4. How We Share Information

We do not sell, rent, or trade your personal information. We may share information in the following limited circumstances:

With your employer.TankerTime is a workplace scheduling tool. Your employer’s authorized schedulers and administrators can view and manage schedule, bid, qualification, and roster data within the platform as part of normal operations.

Service providers. We use third-party service providers to help operate the Services. Each receives only the categories of information necessary to perform its service and is contractually obligated to use that information solely for the purposes described:

Supabase— database hosting and authentication. Receives account identifiers, credentials, and operational data in order to store and retrieve Customer Data.

Vercel— web hosting and infrastructure. Receives IP addresses, browser type, access timestamps, and other technical information necessary to serve the website and monitor platform performance.

Twilio— SMS messaging. Receives mobile phone numbers and message content for the sole purpose of delivering operational text messages.

Resend— transactional email delivery. Receives email addresses and message content for the sole purpose of delivering account and operational emails.

Sentry— error tracking and system reliability. Receives error logs, user-agent strings, and session identifiers for the sole purpose of diagnosing system errors. We configure Sentry to scrub personally identifiable information from error reports.

Stripe— payment processing. Receives billing and payment information as necessary to process subscription payments.

We do not authorize any of the above providers to use Customer Data or Personal Information to train artificial-intelligence or machine-learning models, to build behavioral-advertising or cross-context profiles, or to share it with further parties for those parties’ own purposes. Each provider’s use of information it holds for its own internal operational purposes (for example, to operate and improve its own service) is governed by its own agreement and privacy policy.

Legal requirements. We may disclose information when required by law, subpoena, court order, or governmental request, or when we believe disclosure is necessary to protect the rights, property, or safety of Agulhas, our users, or others.

Business transfers. If Agulhas is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Data Security

We implement safeguards that we believe are reasonable for a business of our size and the nature of the data we handle. These include encrypted data transmission (TLS/SSL), row-level security policies on our database, role-based access controls, session timeouts, and audit logging of administrative actions. We review our security controls at least annually and address identified vulnerabilities on a documented timeline. We maintain cyber liability and professional liability insurance policies to help ensure we can respond effectively to security incidents.

We have established an incident response process that includes engagement of qualified forensic investigators, legal counsel, and breach response specialists in the event of a confirmed or suspected security incident. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

6. Data Breach Notification

In the event of a security breach that results in the unauthorized access, acquisition, or disclosure of your personal information, we will investigate the incident promptly with the assistance of qualified forensic and legal professionals. We maintain cyber liability insurance that covers breach response costs, including forensic investigation, legal counsel, notification services, credit monitoring, and crisis management.

We will notify affected individuals and, where required, applicable regulatory authorities in accordance with the timelines and procedures mandated by applicable law, including the California Consumer Privacy Act, the California Civil Code § 1798.82 data breach notification statute, and any other applicable state or federal notification requirements. Notification will include a description of the incident, the types of information involved, the steps we are taking in response, and guidance on steps you can take to protect yourself.

7. Data Retention

We retain your account and operational data for as long as your account is active or as needed to provide the Services, comply with legal obligations (including record-keeping requirements under applicable collective bargaining agreements), resolve disputes, and enforce our agreements. Audit log data is retained for a minimum of three (3) years. When data is no longer needed, it is deleted or de-identified in the ordinary course.

8. Your Rights and Choices

8.1 Account information

You may update certain account information through the TankerTime platform or by contacting your employer’s system administrator. Because TankerTime is an employer-administered system, some data changes that turn on operational records the Organization controls (such as roster assignments, seniority determinations, or disciplinary records) may need to be coordinated with your employer. Requests to access or correct your personal identifiers (name, email address, phone number, employee number) are processed by Agulhas directly and do not require employer approval.

8.2 Text messages

You may opt out of text messages at any time by replying STOP. You may also contact us at sales@agulhasllc.com to request removal from our messaging list.

8.3 Email communications

Transactional emails related to your account and schedule are part of the service and cannot be opted out of while your account is active. If you have questions about the emails you receive, contact us.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA”). These include:

Right to know. You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.

Right to delete. You have the right to request deletion of your personal information, subject to certain exceptions (for example, where we need the data to fulfill a contract, comply with a legal obligation, or maintain audit records).

Right to correct. You have the right to request correction of inaccurate personal information.

Right to opt out of sale or sharing. We do not sell your personal information and do not share it for cross-context behavioral advertising.

Right to non-discrimination. We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at sales@agulhasllc.com or (307) 363-6746. We will verify your identity before processing your request and will respond within 45 days of receipt, extendable by an additional 45 days for good cause with notice to you. We will not charge a fee to process a request unless it is manifestly unfounded or excessive. We will not discriminate against you for exercising your CCPA rights.

Requests to access or delete your personal identifiers (name, email address, phone number, employee number) are processed by Agulhas directly. For requests that turn on operational data the Organization controls (such as roster assignments, seniority determinations, or disciplinary records), we may need to coordinate with the Organization’s administrator; we will still respond to you within the statutory timeframe and will not treat the Organization as a gatekeeper of your statutory rights.

Categories of personal information collected. In the preceding twelve months, we have collected the following categories of personal information about California residents (as defined under the CCPA/CPRA):

Identifiers— name, email address, phone number, employee number, account identifier, IP address.

Commercial information— bid submissions, bid awards, open-time postings, schedule and coverage assignments, expense-report data, and subscription/billing records.

Professional or employment information— job classification, pilot qualifications, seniority information, home base assignment.

Internet or other electronic activity information — log data, device information, browser type, pages viewed, access timestamps.

We do not collect the following CCPA/CPRA-enumerated categories: biometric information, precise geolocation, sensory (audio, electronic, visual, thermal, olfactory) information, or inferences drawn from the above categories to create a profile. We collect the categories listed above for the business purposes described in Section 2.

Sensitive personal information.We do not intentionally collect sensitive personal information as defined under the California Privacy Rights Act, including government identifiers (such as Social Security, driver’s license, passport), financial account numbers, precise geolocation, racial/ethnic origin, religious or philosophical beliefs, union membership status, genetic data, health or medical data, sex-life or sexual-orientation information, or biometric information used to identify a person. If you provide such information incidentally in the course of support or dispute resolution, we will limit our use of it to the purpose for which you provided it and will not use it for profiling, marketing, or other secondary purposes. You have the right to request that we limit our use of sensitive personal information.

10. Cookies and Tracking Technologies

TankerTime uses essential cookies for authentication and session management. We do not use third-party advertising cookies or behavioral tracking technologies. Vercel may set infrastructure cookies necessary for security and performance. Sentry may use cookies or local storage for error tracking. We do not honor “Do Not Track” browser signals because there is no industry-standard implementation, but our practices already limit tracking to essential operational purposes.

11. Children’s Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from children under 16. If we learn we have collected information from a child under 16, we will delete it promptly.

12. International Visitors

The Services are operated from the United States and intended for use within the United States. If you access the Services from outside the United States, your information will be transferred to, stored, and processed in the United States.

13. Third-Party Links

The Services may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party site you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you by email or through the Services. Your continued use of the Services after changes take effect constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:

Agulhas, LLC
Sheridan, WY
Email: sales@agulhasllc.com
Phone: (307) 363-6746