Effective from: 25th of November 2022
Maritime Optima AS is developing different software Application Services for the maritime industry based on subscription models, called software as a service. Maritime Optima AS offers two Application Services; ShipAtlas and ShipIntel.
If you wish to register a user account to our Application Services from our websites, register on campaign landing pages or contact forms, subscribe to our newsletters, request information, contact us, use our online knowledge base hosted by Intercom.com, complete any surveys, or provide content for inclusion on our websites (e.g. blogs or other online forums) we will collect certain data about you.
The personal data we collect about you may include:
Newsletter subscriptions. Personal data processed in connection with newsletter subscriptions is also based on your consent. You are free to withdraw your consent at any time by unsubscribing to our newsletters or application service, or by contacting us directly at email@example.com.
We collect personal data in order to administrate your user account. Your personal data is stored for the duration your account is active. You can delete your account at any time by sending a message to firstname.lastname@example.org.
If you are a private individual using our Application Services without being affiliated with a company, Maritime Optima AS is responsible for handling any personal data you choose to share while using the service. The information will be stored for the duration you are using our services, or for a longer period if there is a legitimate reason for storing the information (e.g. investigation of possible criminal offenses or information needed for civil lawsuits). Please contact us at email@example.com if you have any inquiries.
1. Customer administration
Every company using the Application Services provided by Maritime Optima AS has a dedicated contact person. The contact person is authorized to handle the account on behalf of the company.
In ShipAtlas, an owner can’t invite members to his team.
In ShipIntel, the owner can invite new users to his account, and respond to invite requests from users. These invited users are team members.
If you are a contact person affiliated with a company using our services, we will process your personal data (name and contact information) in order to administer the customer agreement. The information will be stored for five years in accordance with the Norwegian Bookkeeping Act Section 13.
If a company uses the Application Services provided by Maritime Optima AS and wants their employees or partner companies to use the Application Services offered by Maritime Optima AS, the company is responsible for any personal data that the owner or team members share while using the service. Maritime Optima AS is then solely delivering the Application Services to the company and processing their personal data on behalf of the company. If you have any questions regarding how the company that invites you to use the Application services offered by Maritime Optima AS, handles your personal data, please consult the company’s privacy policies or contact the company’s contact person directly.
2. Disclosure of personal data to third parties
We will only disclose your personal data to third parties to the extent such disclosure has a legal basis pursuant to applicable data protection laws.
We may use data processors to store, collect or otherwise process personal data. The relationship to such data processors (or sub-processors) is based on a data processor agreement entered pursuant to GDPR article 28 and to the extent necessary due to any transfer out of EU/EEA, EU standard contractual clauses, and/or another appropriate legal basis in accordance with GDPR chapter V.
Your personal data may be subject to processing outside the EU/EEA. We are only using services from companies handling your data according to Standard Contractual Clauses, Binding Corporate Rules, or adequacy decisions from the EU Commission. We may share non-personal data (for example, aggregated or anonymized customer data) for research or to help us generally improve our system.
Below, we have described our main suppliers and the purpose for using their services to which we may disclose your Personal Data:
Webflow. Maritime Optima AS uses Webflow to host our website and landing pages, for the purpose of marketing the Application Services and their features, providing information about the Application Services and their features, and signing up for our newsletter.
Webflow is owned by Webflow Inc. If they are transferring Personal Data to a Webflow Inc entity outside the EEA area, the transfer is mainly based on Webflow Inc Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses. For more information: https://webflow.com/legal/privacy.
Maritime Optima AS offers users of their Application Services to sign in and log in by using email and to create a private password or by using 3rd parties services offered by Google, Apple, and Microsoft. If you choose to use your email and to create a private password when registering a user account and signing in to the Application Services offered by Maritime Optima AS, you are responsible for not sharing your privately created password with any third party. For data security measures, please read more in clause 3 of this document. By using 3rd parties log in services you agree to their privacy policies:
Microsoft Azure (Azure): The Personal Data we collect from you is stored in our European data processing center. Currently, this data center is operated by Microsoft, which is one of the world’s leading data center operators for cloud services. The Microsoft data centers we are using are placed within the European Union (EU) and/or European Economic Area (EEA). Audio and video data is never transferred to servers outside the EU or EEA. Your Maritime Optima user accounts and data do NOT constitute a Microsoft account.
Intercom. Maritime Optima AS is using Intercom.io, for the purpose of handling customer support, customer chat, and newsletter to existing users. The transfer of Personal Data to an Intercom.io entity outside the EEA area is mainly based on Intercom.io Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses. For more information: https://www.intercom.com/legal/privacy.
Google Analytics and Firebase. Maritime Optima AS is using Firebase and Google Analytics for application analytics, improvements, bugfixes, and as our notification service. The transfer of Personal Data to a Firebase or Google Analytics entity outside the EEA area is mainly based on Firebase and Google's Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses. For more information: https://firebase.google.com/support/privacy and https://support.google.com/analytics/answer/9019185#zippy=%2Cin-this-article.
Maritime Optima AS does not host any payment details from any customer.
In-App purchases. Maritime Optima AS distributes applications in AppStore and Google Play Store and offers in-app purchases handled by Apple Inc and Google Inc. for selected features in the ShipAtlas Application Service. By using payment services provided by Apple Inc and Google Inc, you agree to their privacy policies. Read more about Google Play Store: https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=privacynotice and App Store: https://www.apple.com/legal/applepayments/privacy-notice/
Maritime Optima AS might also enter into agreements with other software companies to provide complementary services through our Application Services. Users and customers of Application Services provided by Maritime Optima AS, will not be obliged to use such 3rd party software provider services. In such a case, Maritime Optima AS will notify our users about the 3rd party Terms of Agreements applicable.
3. Safety measures
The protection of your personal data is a high priority for us. We continuously work to protect personal data and other confidential information. Our security measures include physical, technical, and administrative measures. In order to ensure good customer support, selected employees have access to the customers’ projects.
Our employees receive training and guidance on how to handle personal data safely. We have routines and access control to prevent unauthorized disclosure and unauthorized access to your personal data. We also have procedures and measures that prevent personal data loss, as well as loss and destruction of the systems where personal data is stored. We endeavor to process your personal data correctly and safely and that the treatment is protected against harmful software.
All communication between the users and Maritime Optima AS servers are secured with HTTPS. Login information and all other data are encrypted, and server authenticity is verified.
Full security depends on up-to-date software and patches; we regularly test our servers with SSL Labs online tools to check that we get an “A” grade, i.e. no known vulnerabilities.
Users logging into ShipAtlas or ShipIntel by using email and password, get a unique session authentication key (JWT token). This key ensures that our servers know which user is attempting which operation and is used to enforce access control rules. The key expires after a certain time, after which the user must log in again. We store email, IP addresses, and login attempts for diagnostic purposes.
We comply with the requirements for the protection and safeguarding of personal data as provided by the General Data Protection Regulation (GDPR) and Datatilsynet (the Norwegian Data Protection Authority). We ensure that personal data is protected in connection with the transfer of personal data. Any threats to data security are handled efficiently as security and the protection of your personal data is part of the daily work of our business.
Any breach of security practices will be documented. We have established procedures to detect and deal with breaches of security. If a security breach is detected, this will be reported to the management, the risk of privacy breaches is assessed, and if applicable, Datatilsynet (the Norwegian Data Protection Authority) will be notified where necessary. You will also be notified as a user if the breach poses a risk to you and your rights.
4. Your rights as a data subject
You can access, correct, or delete your personal data by using your account settings and tools that we offer, or you can contact us by sending an e-mail: firstname.lastname@example.org.
Your Personal Data is processed in accordance with the Norwegian implementation of the General Data Protection Regulation (GDPR) (Regulation 2016/679), which is the Norwegian Personal Data Act of 15 June 2018 no. 38. Hereunder you have, subject to any exemptions provided by the law, the right to:
You as the data subject have the right to withdraw your consent at any time by canceling your subscription to the application service.
EU individuals have the right to make a complaint to your national data protection authority. The head authority for Maritime Optima AS is the Norwegian Data Protection Authority (Datatilsynet).
In case of a significant change, we will notify you of the change.
6. Contact information
Maritime Optima AS
Address: Bryggegaten 9, 4.etg, 0250 OSLO
Phone: + 47 22 12 98 00