Privacy Policy for Maritime Optima

Active as of 13th of December, 2020

Maritime Optima AS is developing user-friendly and intelligent maritime multi-platform collaboration software for optimizing and managing commercial maritime decisions, based on a subscription model (SaaS). We offer a free subscription and a paid subscription. 

If you wish to register on our websites, subscribe to our newsletters or in our application services, request information, contact us, use our online knowledge base, complete any surveys, or provide content for inclusion on our websites (e.g. blogs or other online forums) we will collect certain data about you. 

The personal data we collect about you may include:

We may receive the information directly from you or from your colleague or corporate contact who registers for a Maritime Optima subscription on your behalf.

1. The personal data we process  

Service administration. We collect personal data in order to administrate your user account, including username, email address, phone number, position and name of the company you work for. Your personal data is stored for the duration your account is active. You may disable your account in the settings of our application service. 

User statistics.
The user statistics we process enable us to provide, develop and improve our services and security features. Our processing of user statistics is based on your consent to use of cookies (information capsules). The data will be stored for two years, unless you withdraw your consent. You may withdraw your consent at any time by disabling cookies in your browser settings. Please consult our cookie policy for more information about the cookies we use on our website and in our application software services. 

Newsletter subscriptions.
Personal data processed in connection with newsletter subscriptions is also based on your consent. You are free to withdraw your consent at any time by unsubscribing to our newsletters, or by contacting us directly at post@maritimeoptima.com.

Customer administration:
If you are a contact person affiliated with a company using our services, we will process your personal data (name and contact information) in order to administer the customer agreement. The information will be stored for five years in accordance with the Norwegian Bookkeeping Act Section 13.  

Information shared while using our services:
The companies that use the Maritime Optima services are responsible for any personal data that they share while using the service. We are solely delivering the service to our customers and process your personal data on behalf of our customers. If you have any questions regarding how the companies that use our services handle your personal data, please consult the companies’ privacy policies or contact the companies’ contact person directly. 

Every company using the Maritime Optima services has a dedicated contact person. The contact person is authorized to handle the account on behalf of the company, including inviting new users to the account, and responding to requests from users. These users are the account owners in your teams. 

If you are a private individual using our services without being affiliated with a company, we are solely responsible for handling any personal data you choose to share while using the service. The information will be stored for the duration you are using our services, or for a longer period if there is a legitimate reason for storing the information (e.g. investigation of possible criminal offences or information needed for civil lawsuits). Please contact us at post@maritimeoptima.com if you have any inquiries. 

Anonymous user data.
We may also use data collected from you in an aggregated, non-identified form of usage statistics for research purposes and to help us make decisions on marketing, product development and business activities and machine learning. This processing is based on your consent to use of cookies (information capsules).

2. Disclosure of personal data to third parties

We will only transfer your personal data to third parties to the extent such disclosure has a legal basis pursuant to applicable data protection laws.

We may use data processors to store, collect or otherwise process personal data. The relationship to such data processors (or sub-processors) is based on EU standard contractual clauses and/or the Privacy Shield Framework. 

Your personal data may be subject to processing outside the EU/EEA. We are only using services from companies handling your data according to EU Privacy Shield certification, Standard Contractual Clauses, Binding Corporate Rules or adequacy decisions from the EU Commission. We may share non-personal data (for example, aggregated or anonymized customer data) for research or to help us to generally improve our system.

Below, we have described our main suppliers and the purpose for user their services to which we may disclose your Personal Data:

Webflow. Maritime Optima AS uses Webflow to host our website and landing pages, for marketing of our product and its feature and for the purpose of providing information about the Application Service and its features and for signing up to our newsletter.

Webflow is owned by Webflow Inc. If they are transferring Personal Data to a Webflow Inc entity outside the EEA area, the transfer is mainly based on Webflow Inc Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses or the Privacy Shield Framework. For more information: https://webflow.com/legal/privacy.

Intercom. Maritime Optima AS is using Intercom.io, for the purpose of handling customer support, customer chat and newsletter to existing users. The transfer of Personal Data to an Intercom.io entity outside the EEA area is mainly based on Intercom.io Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses or the Privacy Shield Framework. For more information: https://www.intercom.com/legal/privacy.

Firebase. Maritime Optima AS is using Firebase for application analytics, improvements, bugfixes, and as our notification service.The transfer of Personal Data to an Firebase entity outside the EEA area is mainly based on Firebase Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses or the Privacy Shield Framework. For more information: https://firebase.google.com/support/privacy.

Stripe. Maritime Optima AS are using Stripe for handling online payments made by credit cards. Stripe is owned by Stripe Inc. The transfer of Personal Data to Stripe Inc. entities outside the EEA area is mainly based on Stripe Incs Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses or the Privacy Shield Framework. For more information about Stripes Inc´s. privacy policy: https://stripe.com/en-no/privacy.

Maritime Optima might also enter into agreements with other software companies to provide complementary services through our product. Maritime Optima’s users and customers will not be obliged to use such 3rd party software providers services. In such case, Maritime Optima will notify our users about the 3rd party Terms of Agreements applicable.

3. Safety measures

The protection of your personal data is a high priority for us. We continuously work to protect personal data and other confidential information. Our security measures include physical, technical and administrative measures. In order to ensure good customer support, selected employees have access to the customers’ projects.

Our employees receive training and guidance on how to handle personal data safely. We have routines and access control to prevent unauthorized disclosure and unauthorized access to your personal data. We also have procedures and measures that prevent personal data loss, as well as loss and destruction of the systems where personal data is stored. We endeavor to process your personal data correctly and safely and that the treatment is protected against harmful software.

All communication between the users and Maritime Optima servers are secured with HTTPS. Login information and all other data is encrypted, and server authenticity is verified. 

Full security depends on up-to-date software and patches; we regularly test our servers with SSLLabs online tools to check that we get an “A” grade, i.e. no known vulnerabilities.

Users logging into Maritime Optima get a unique session authentication key (JWT token). This key ensures that our servers know which user is attempting which operation and is used to enforce access control rules. The key expires after a certain time, after which the user must login again. We store email, IP-addresses and login attempts for diagnostic purposes.

We comply with the requirements for the protection and safeguarding of personal data as provided by the General Data Protection Regulation (GDPR) and Datatilsynet (the Norwegian Data Protection Authority). We ensure that personal data is protected in connection with the transfer of personal data. Any threats to data security are handled efficiently as security and the protection of your personal data is part of the daily work of our business. 

Any breach of security practices will be documented. We have established procedures to detect and deal with breach of security. If a security breach is detected, this will be reported to the management, the risk of privacy breaches is assessed, and if applicable, Datatilsynet (the Norwegian Data Protection Authority) will be notified where necessary. You will also be notified as a user if the breach poses a risk to you and your rights.

4. Your rights as data subject

You can access, correct, or delete your personal data by using your account settings and tools that we offer or you can contact us by sending an e-mail: post@maritimeoptima.com. 

Your Personal Data is processed in accordance with the Norwegian implementation of the General Data Protection Regulation (GDPR) (Regulation 2016/679), which is the Norwegian Personal Data Act of 15 June 2018 no. 38. Hereunder you have, subject to any exemptions provided by the law, the right to:

EU individuals have the right to make a complaint to your national data protection authority. The head authority for Maritime Optima is the Norwegian Data Protection Authority (Datatilsynet).  

5. Changes to the Privacy Policy

Maritime Optima AS may update this Privacy Policy from time to time and the latest version will always be available on our web page https://www.maritimeoptima.com/

In case of a significant change, we will notify you of the change.

6. Contact information

Maritime Optima AS
Address: Bryggegaten 9, 0250 OSLO
Mail: post@maritimeoptima.com
Phone:  + 47 47 01 07 04