Skip to main contentSkip to navigationSkip to footer

Bay Waters Enterprises, LLC

Privacy Policy

October 15, 2025

Welcome to the Bay Waters Enterprises, LLC's Platform. This Platform is owned and operated by Bay Waters Enterprises, LLC a/k/a StepSure Remodel ("StepSure").

At StepSure, your privacy is of the utmost importance to us. To provide our users with the highest levels of data protection, as well as assurance that we will not misuse your information, StepSure is compliant with the General Data Protection Regulation (GDPR) as stated below.

This Privacy Policy governs the use of the StepSure Platform. When using or accessing the StepSure Platform, you are agreeing to be bound to the terms within this Privacy Policy and the Terms of Service policy. This policy may refer to users as "you" or "user" and may refer to StepSure as "us," "we," or "our." If you do not agree to the terms within this Privacy Policy and the corresponding Terms of Service, do not access or use the StepSure Platform.

Please read this Privacy Policy carefully to understand our policies and practices regarding your personal information and how we will treat it. If you do not agree with the terms of this Privacy Policy, please do not use our Platform and services. Please also read our Terms of Service. Capitalized terms not otherwise defined herein have the meaning assigned to them in the Terms of Service.

INFORMATION COLLECTED AND STORED BY STEPSURE

In order to carry out the services of StepSure and to provide a great user experience, we will collect and store the following information about you:

Personal Information, that may be used to identify you as an individual (Personal Information is any information related to an identified or identifiable natural person):

  • First and Last Name
  • Address
  • Location
  • Email Address
  • Phone Number
  • IP Address
  • Age
  • Gender
  • Business Information (Businesses Only)

Other information that may be linked to your Personal Information, including:

  • Content you post publicly or privately on the Platform
  • Searches conducted through the Platform
  • Preference settings
  • Credit card or other payment information (this is all handled through our payment-processor, Stripe)
  • Stored information or files created or stored on the Platform through your account
  • Content you post to the Platform
  • Any emails you send to StepSure
  • Times of access to Platform

This policy does not apply to the privacy practices of third parties that we do not own or control, including but not limited to any third-party websites, services, applications, online resources to which the Platform may link or otherwise reference (collectively "Third Party Services" or "TPS") that you may access through the Platform. For example, the Platform may utilize the YouTube API as a TPS, and you are agreeing to be bound by the YouTube Terms of Service, Privacy Policy, and API Services Terms of Service when engaging YouTube content and services through the Platform. Our use of information received from Gmail APIs will adhere to Google's Limited Use Requirements. We take no responsibility for the content or privacy practices of any TPS. We encourage you to carefully review the privacy policies of any TPS you access.

You may have the option to register an Account with us using a TPS, and you may connect your Account to a TPS such as Instagram, Facebook, Twitter or YouTube. By authorizing us to access your TPS account, you authorize us to obtain certain information from your TPS account, which may include your name, email address, birthday, work history, education history, current city, shared media, and the names, profile pictures, relationship status, and current cities of your TPS contacts. We only obtain information from your TPS account that you specifically authorize and grant us permission to obtain. Our use of information received via Google Restricted Scopes, such as from Gmail APIs, will adhere to Google's Limited Use Requirements.

StepSure may, from time to time, collect and use external reviews about you and/or your business to share those reviews with other users. These reviews would only come from publicly available online sources and do not necessarily reflect the views of StepSure or its users.

StepSure does not consider personally identifiable information to include information that has been anonymized so that it does not allow a third party to identify a specific individual or household. We collect and use your personally identifiable information to: operate and improve our Platform; provide customer service; perform research and analysis aimed at improving our services, Platform and technology; and display content that is customized to your interests and preferences.

You may always choose not to provide personally identifiable information, but if you so choose, certain parts of the Platform may not be available to you. If you have registered an Account with us, you will have agreed to provide your personally identifiable information in order to access the Platform. This consent provides us with the legal basis we require under applicable law to process your data. You maintain the right to withdraw such consent at any time. If you do not agree to our use of your personal data in line with this Policy, please do not use the Platform.

How We Collect Your Personal Information

StepSure collects personal information from you upon your registration for our services and upon your log-in. We collect any additional information about you when you interact with us electronically, when you access our Platform and when we provide our services to you.

It may not be readily apparent to you when such data is being collected. For instance, when you visit our Platform, your IP address is collected so that we know where to send information you are requesting. An IP address is a number that is used by computers on the network to identify your computer every time you log on to the Internet.

Cookies, Local Storage and Tracking Technologies

We collect information about you using "cookies." Cookies are small data files stored on your hard drive by a Platform. The cookies that we use are for authentication purposes (to facilitate your log-in) and session cookies (to recognize your preferences while navigating through the Platform).

Usually, the information that we collect automatically through cookies is statistical data and cannot be used to identify you as an individual. It helps us to improve our Platform and to deliver a better and more personalized service.

Additionally, there might be third party cookies used on our Platform by third party advertisers, those cookies are not related to your profile, they cannot identify who you are and therefore are not linked to your personal data.

When you first visit our site, we ask you whether you wish us to use cookies. If you choose not to accept them, we shall not use them for your visit except to record that you have not consented to their use for any other purpose. If you choose not to use cookies or you prevent their use through your browser settings, you will not be able to use all the functionality of our site.

We also use local storage, which is an industry-standard technology which allows a website or application to store information locally on your computer or mobile device which allows us to customize your experience and the content you may see.

Why We Collect Your Personal Information

We process your personal information because we have a contractual obligation with you. Once you create an account to use our Platform and Services, and agree to our Terms of Service, a contract is formed between us. In order to carry out our contractual obligations we need to process the information you provide, which also includes personal information. Even if there is no direct contractual obligation between us, we may process your information based on your explicit consent you have provided (to us or a third-party data controller) for the processing of that information.

How We Use Your Personal Information

We will use the personal information collected from you:

  • To administer your account with us and provide you with our Services
  • To respond to your inquiries and deliver notifications and reminder e-mails to you
  • To provide you with information regarding updates and changes to our Platform, our Terms of Service or any services we offer or provide through it
  • To improve our product and services
  • To contact you regarding your order
  • To provide you advertising within the Platform
  • To provide personalized experience for you upon use of our services

Additionally, we may use anonymized information we have collected from you to enable us to display advertisements to our advertisers' target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

Disclosure of Personal Information

We will not disclose your personal information to any third parties, except to other users (i.e., Remodelers) identified in the Terms of Service; however, we reserve the right to disclose information about you to third parties for assistance in improving the StepSure services. Additionally, we may disclose personal and non-personally identifiable information with third party service providers, engaged by us to provide technical support, testing, network security or statistical services. Any such disclosure will be subject to confidentiality obligations.

StepSure may also disclose information about you to third parties where we have a good faith belief that such disclosure is necessary in order to: (i) protect, enforce, or defend the legal rights, privacy, safety, or property of StepSure, our affiliates or their employees, agents and contractors (including enforcement of our agreements and our Terms of Service); (ii) protect the safety, privacy, and security of users of the StepSure employees, owners, or members of the public; (iii) protect against fraud or for risk management purposes; (iv) comply with the law or legal process; or (v) respond to requests from public and government authorities.

StepSure may use third-party payment processors including Paypal, Stripe, Apple Pay and Square for payment transactions. Please visit their platforms for their privacy and Terms of Service/Use policies as all payment transactions are governed by them.

How Long We Keep Your Information

We will keep your personal information for as long as you use our Platform and services. You have the right to request that your personal information is permanently removed from our system and database at any time. We will accommodate such requests within 45 (forty-five) days or less.

You can e-mail such requests for permanent removal to help@stepsureremodel.com.

Right to Access and Control Your Data

We provide you with many choices about the collection, use and sharing of your data, from deleting or correcting data you include in your profile and controlling the visibility of your posts and communication controls. We will provide you with access to your personal information that we store and allow you to:

1) Delete your data - you can request that we erase or delete all or some of your personal data if it is no longer necessary to provide our services to you;

2) Change or correct your data - you have the option to edit some of your personal data through your account. You can also ask us to change, update or fix your data in certain cases, particularly if it is inaccurate;

3) Object to, or limit or restrict, use of data - you can ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., if your personal data is inaccurate or unlawfully held);

4) Right to access and/or take your data - you can ask us for a copy of your personal data and can ask for a copy of personal data you provided in machine readable form;

5) We provide our California consumers with detailed information about the categories of personal information we have collected in the past 12 months.

You may send us an email at help@stepsureremodel.com to request any or all of the above.

Security of Your Personal Information

StepSure is committed to ensuring that the information you provide to us is secure from accidental loss and from unauthorized access, use, alteration and disclosure. We have implemented suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorized access, modification and disclosure.

  • All information you provide to us is stored, if at all, on a secure database with reputable providers;
  • SSL/TLS encryption: Your data is encrypted so it cannot be read by unauthorized parties and authenticating the server's identity;
  • Access controls and authentication for administrative panels: Access to our site and its functions is tightly controlled by ensuring that only verified and appropriately authorized administrators can manage users profiles when necessary, edit content when necessary, or configure system settings when necessary;
  • We restrict access to personal information to employees, contractors and agents who need to know that information in order to operate, develop or improve our services;
  • We do not sell or share your personal information except to carry out the services of StepSure, as detailed in our Terms of Service;
  • We adhere to industry standard data minimization, including the Payment Card Industry Data Security Standard (PCI DSS). This standard strictly limits the retention of cardholder data, prohibiting the storage of sensitive authentication data like the CVV code;
  • We are committed to only collecting and keeping the minimum amount of personal data necessary to provide you with our services.

The safety and security of your information also depends on you. Where we have given you a password for access to certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Platform like message boards. The information you share in public areas may be viewed by any user of the Platform.

International Usage

The Platform is owned by StepSure and may be accessed in the United States and abroad; however it is currently only intended for use within the United States. For data protection purposes, StepSure is the controller and, unless otherwise noted, is also the processor of data. Information collected may be retained, and may be stored, processed, accessed, and used in jurisdictions whose privacy laws may be different and less protective than those of your home jurisdiction.

If you are located outside of the United States, please note that the information you provide to us may be transferred to the United States. By using the Platform, application and/or website, you consent to such transfer. We will take reasonable steps to ensure that your data is treated securely and in accordance with this Policy.

Commercial and Non-Commercial Communication

By providing information to the Platform, such as signing up for an account, you have agreed to receive email communications from us. However, you may unsubscribe from certain communications by notifying StepSure that you no longer wish to receive solicitations or commercial information. StepSure will remove you from the database, where you have the right to request this under the Privacy Policy, Terms of Service, or applicable law, or where StepSure voluntarily decides to grant the request.

Children's Online Privacy Protection Act

The StepSure Platform is directed to adults, over the age of 18. StepSure does not knowingly collect information from anyone under 18 years of age or have any reasonable grounds for believing that persons under the age of 18 are accessing the Platform. If StepSure discovers any inadvertently collected Personal Information of a person under the age of 18, that information will be swiftly deleted from its records. If you believe that StepSure may have any information from a person under age 18, please contact StepSure at: help@stepsureremodel.com.

Your California Privacy Rights

StepSure welcomes residents of the State of California to use its Platform, and complies with the California Business and Professions Code §§ 22575-22579. If you are a California resident, you may request certain information regarding our disclosure of personal information to any third parties for their direct marketing purposes. Please send a written request to Bay Waters Enterprises, LLC, 11461 San Pablo Ave, #218, El Cerrito CA, 94530.

Multi-State Data Privacy Workflow

CALIFORNIA (CCPA/CPRA)

  • Access & Data Portability: Users may download a Personal Data Request Form and submit it to help@stepsureremodel.com. StepSure verifies identity, retrieves data, and provides a secure copy within 45 days. All requests logged internally.
  • Deletion Requests: Users may submit a Data Deletion Form to help@stepsureremodel.com. Verified data is deleted from SiteGround and associated systems within 45 days, with confirmation sent to the user.
  • Opt-Out ('Do Not Sell/Share My Data'): A footer link routes to the opt-out form, submitted to help@stepsureremodel.com. Each opt-out is documented and honored within 15 business days.
  • Timing: All verified California requests will be processed within 45 days.

VIRGINIA (VCDPA)

  • Access & Portability: Users may submit a Virginia Personal Data Request Form to help@stepsureremodel.com. Verified data is provided within 45 days.
  • Deletion Requests: Users may submit a Data Deletion Form; verified data removed and confirmed by email.
  • Opt-Out: Website footer includes 'Do Not Share My Data' link routing to downloadable form.
  • Timing: All Virginia consumer requests handled within 45 days.

NEW YORK (NY SHIELD ACT)

  • Data Security: SSL encryption, firewalls, and restricted admin access secure all user data.
  • Access & Correction: Users may submit a Data Access or Correction Form via help@stepsureremodel.com. Verified requests fulfilled within 45 days.
  • Data Breach Notification: Affected users and the NY Attorney General are to be notified within 45 days of any confirmed breach.

RHODE ISLAND (RI IDENTITY THEFT PROTECTION ACT)

  • Transparency: Privacy Policy discloses data categories, collection purpose, and provides data request form link.
  • Access & Deletion: Users may submit the Rhode Island Data Request Form to help@stepsureremodel.com. verified actions completed within 45 days.
  • Breach Notification: Users and the Rhode Island Attorney General are to be notified within 45 days of a breach.

Changes to Privacy Policy

We reserve the right to make changes to this privacy policy at any time. If we change our privacy policy, we will notify you via email sent to the email address you provide at the time of registration as well as post an updated version of this Privacy Policy on our Platform so that you and other users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. Changes will not apply retroactively and changes addressing new functions for a service or changes made for legal reasons will be effective immediately. If you do not agree to the modified terms, you should discontinue your use of the Platform. Your continued use of the after any such changes constitutes your acceptance of the new Privacy Policy. You should also check back from time to time to ensure you are aware of any changes. Under California Consumer Privacy Act we will be reviewing this Privacy Policy every 12 months.

Contact Information

If you have any questions, comments, complaints, or concerns regarding this Privacy Policy, you can contact us anytime at the following address: Bay Waters Enterprises, LLC, 11461 San Pablo Ave, #218, El Cerrito CA, 94530 and/or help@stepsureremodel.com. We take complaints very seriously and will respond shortly after receiving written notice of your complaint.