Privacy Policy
Privacy Policiy Seafar:
A. Privacy Policy Website
B. Privacy Policy Seafar Fleet Operations
—
A. Privacy Policy Website
This Privacy Policy explains the processing of your personal data if you visit the website https://www.seafar.eu/ (the “Website”) by Seafar NV, Schaliënstraat 3, 2000 Antwerp, Belgium (“we” or “Seafar”) as controller (Art. 4 (7) GDPR) and your rights under the GDPR.
- Why do we use your personal data?
- Registration & communication
We use your personal data to provide you with the services on our Website, for example when you register, log in, participate in training courses and events or send us messages. For example, if you use the contact form, we process your personal data for the purpose of responding to your inquiry. The same applies if you contact us by other means, such as e-mail, messenger services or telephone. The legal basis is Art. 6 (1) b) GDPR.
Our contact form uses the service “MailChimp”, a newsletter service of our service provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE Suite 5000, Atlanta, GA 30308, USA. MailChimp acts as our processor (Art. 28 GDPR). We have concluded the EU standard contractual clauses approved by the European Commission with MailChimp to provide adequate safeguards in case of transfers to third countries (esp. the USA).
- Log data
When you visit the website, we receive log data sent by your browser (e.g., IP address, previous website visited, time and date, displayed contents, information regarding the browser and operating system). Collecting log data is technically required to enable you to use our website (the legal basis is Art. 6 (1) b) GDPR). The log files are stored for as long as is necessary for the respective purpose, generally no longer than 30 days.
- Cookies
For our use of Cookies see our Cookie Policy.
- Google Analytics
We use Google Analytics with your consent (Art. 6 (1) a GDPR) to better understand your interests and to continuously improve our website. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics allows us to analyse traffic and usage patterns of individual users (without further identifying them) or groups (which webpages you visit, how often you return, how long you stay, etc.). Google acts as a processor (Art. 28 GDPR).
- Google Tag Manager
Google Tag Manager is a tag management system provided by Google that we use on our websites. Google Tag Manager allows us to add code snippets, pixels or similar, to our websites. Google will only process your IP address as a processor (Art. 28 GDPR). Google will not combine your IP address with personal information from other sources. The legal basis is Art. 6 (1) f) GDPR.
- Embedded Content
We use third party providers to embed content on our Website (e.g., videos) with your consent (Art. 6 (1) a GDPR). We embed YouTube videos on our websites. Therefore, Google as the provider of YouTube can access data sent by your browser (e.g., IP address, previous website visited, time and date, displayed contents, information regarding the browser and operating system) and use it for its own purposes.
- Other Purposes for Which We Process Your Personal Data
Furthermore, we process your personal data to:
- meet our legitimate interests (Art. 6 (1) f) GDPR), including the following:
- to complete corporate transactions (e.g., restructuring, asset deals, mergers); and
- to exercise and defend our legal claims.
- comply with our legal obligations, court orders or other binding decisions. The legal basis is Art. 6 (1) c) GDPR.
- with your consent (Art. 6 (1) a) GDPR) for other purposes, such as subscription to a newsletter; in this case, you can revoke your consent at any time.
- Who Will We Share Your Personal Data With?
In addition to the recipients of data mentioned under section 1, we also use other companies to process personal data on our behalf, such as for sending newsletters or for analysis and advertising purposes. Such service providers only process the data on our behalf in accordance with this privacy policy as so-called processors (Art. 28 GDPR).
Furthermore, we transmit personal data to third parties if required by law or necessary to exercise or defend legal claims or if third parties provide certain services for us (e.g., lawyers, tax consultants).
Insofar as we transfer personal data to third countries outside of the EU (including the other member states of the EEA), we ensure an appropriate level of data protection through contractual measures (i.e., Standard Contractual Clauses approved by the European Commission). You have the right to receive copies of these contracts.
- How Long Do We Store Your Personal Data?
Unless a specific retention period is specified in this privacy policy, we will only process your data for as long as is necessary for the respective purposes or for as long as there are legal retention obligations. After the respective processing purpose is fulfilled and the legal retention periods have ended, your data will be routinely deleted.
- Your Rights
You can request information about our processing of personal data and a copy of your stored personal data. If you have provided personal data based on a contract or consent, you have the right to receive this personal data in a commonly used and machine-readable format. In addition, you can also request the deletion, rectification or restriction of the processing of your personal data. You can revoke your consent at any time (with effect for the future).
Information about your Right of Objection under Article 21 of the GDPR
You have the right, for reasons arising from your particular situation to object to the processing of your personal data, that we process based on legitimate interests as described in Section 1 above. If you file an objection, we will, based on the information provided re-evaluate the grounds for the processing and whether they outweigh your interests, rights and freedoms or the processing, e.g., where the processing is necessary to assert, exercise, or defend legal claims or to fulfill a legal obligation, and, if possible, stop further processing and delete your data if this is not the case.
- Contact; Complaint to Supervisory Authority
Please address your questions or concerns in connection with the processing of your personal data to our data protection officer:
Seafar NV
Schaliënstraat 3
2000 Antwerp
Belgium
E-mail: privacy@seafar.eu
Cookie Policy
- Cookies on our Website
Our website at https://www.seafar.eu (the “Website”) uses Cookies to facilitate your visit and to analyse your interaction with it. Cookies also allow us to see how our Website is being used.
This Website is owned and maintained by Seafar NV, Schaliënstraat 3, 2000 Antwerp, Belgium (“we” or “Seafar”).
- What are Cookies?
A cookie is a small text file that is sent to your computer’s hard drive by a website. Each time you return to the same website, your browser retrieves and sends the relevant cookie(s) to the website’s server. In addition, we use similar technologies like pixels and local storage (together: “Cookies”).
- Cookie Acceptance
By clicking “Accept All Cookies” in the cookie notice that appears when you first visit the Website, or by accepting specific categories of cookies in the Cookie Settings, you agree to the placement of cookies on your computer in accordance with the terms of this Cookie Notice.
- How Are Cookies Used?
Cookies used by us or our partners are stored on your computer/device for a maximum period of two years from the date when they were initially installed or if they are subsequently updated, from the date of the update.
- Necessary Cookies
Necessary cookies are essential for the Website to function (esp. to store your cookie preferences). The legal basis is § 25 (2) point (2) TTDSG.
- Analytics Cookies
These Cookies are only placed with your consent (§ 25 (1) 1 TTDSG). Google Analytics places Cookies to analyse your visits to our Website. For more information about Google Analytics see our Privacy Policy.
- Marketing Cookies
These Cookies are only placed with your consent (§ 25 (1) 1 TTDSG). Our advertising partners place Cookies to provide you relevant advertisements. They connect your visits to this Website with other data (e.g., from other websites) to identify you and analyse your interests. Our advertising partner is Google Ireland, Gordon House, Barrow Street, Dublin.
- Embedded Content Cookies
These Cookies are only placed with your consent (§ 25 (1) 1 TTDSG). We use third party providers to embed content on our Website (e.g., videos). These third-party providers place Cookies to remember your preferences and to connect visits to our Website with visits to their service or other websites to provide personalized ads.
- How to Contact Us
If you have any questions in relation to this Cookie Notice you may contact us at: privacy@seafar.eu
—
B. Privacy Policy Seafar Fleet Operations
Date last update: 01/09/2022
Seafar is committed to protecting your privacy at all times. It is our top priority and taken into account in all our business processes. This privacy policy aims to give an overview of the processing of personal data in the context of operating our connected tele driven vessels. ”Personal data” refers to all information relating to an identified or identifiable natural person as defined in Art. 4 (1) GDPR.
- Who is this Privacy Policy addressed to?
In this privacy policy we inform data subjects about how and why personal data is processed by Seafar while operating our connected vessels. Our designated and specially marked connected fleet collect data both on public and private grounds. This data processing is potentially affecting everyone who is in proximity of one of our specifically marked connected vessels.
- Who is responsible for the processing of personal data?
The data controller is:
Seafar NV
Schaliënstraat 3
2000 Antwerp
Belgium
E-mail: privacy@seafar.eu
The contact person for your data protection questions is our data protection officer. You can contact our data protection officer at the above address or by emailing to privacy@seafar.eu.
- Which data is processed and where does it come from?
Seafar is a technology company developing tele driven and automated vessels as well as next generation maritime services. Our vessels are operated by so-called RCC operators who control the vessel remotely from our Remote Control Centers located in our Antwerp headquarters and/or our local offices.
Our vessels are equipped with sensors (i.a. radar, lidar, GPS/location sensors) and cameras on every side of the vessel. These cameras collect a 360°-live stream of video footage which is on average buffered for a duration of under 1 second. The video recordings are used by our RCC operators to participate in waterway traffic in any given operational environment . For this purpose, other vessels, waterway markings, buoys, shoreside infrastructure and other objects in the surroundings of the connected vessel as well as their position and movement in relation to our connected vessels are processed.
Our vessels are also equipped with microphones, providing our RCC operators with audio recordings (e.g. sirens) to hear what is happening in the surrounding of the vessel. We recreate an equal audio environment of a traditional captain located inside a vessel in order to participate safely and legally compliant in waterway traffic in any given operational design domain. Audio Recordings help our RCC operators to recognize the approach of an emergency vessel and to clear the waterway for such vessels or to respond to other waterway users and traffic situations.
Personal Data we process may contain the following personal information, depending on the individual position to and interaction with the connected vessel:
- Behavior and characteristics (e.g. faces) of other waterway users, e.g. vessel captains, passers-by, operational staff and other persons in the proximity of the connected vessels
- Behavior and characteristics (e.g. license numbers) of vessels and other objects in the proximity of the connected vessels
- Acoustic information from the vicinity of the connected vessels
- Additional data from other sensor systems (e.g. GPS position, timestamps)
- For which purposes is the data processed and what is the legal basis for this processing?
Most importantly Seafar is not interested in identifying individuals on the basis of the collected data and none of our systems is configured to do so. However, due to the technical nature of the described processing, we cannot rule out that a natural person might become theoretically identifiable through our processing activities.
Seafar uses its marked connected vessels for research, development, testing and validation of its services on private and public grounds. The connected vessels are equipped with cameras, sensors (i.a. radar, ultrasound, GPS/location sensors) and microphones. The purposes for which Seafar processes personal data may include:
- Ensuring and improving safety and security of our tele driven and automated navigation functions, systems and technologies:
- The main purpose of processing of data is to ensure the safe movement of the connected vessel in waterway traffic.
- Additionally, this serves to continuously ensure quality, improvement and monitoring of our products.
Development, continuous improvement and testing of tele driven and automated navigation functions, systems and technologies (e.g. algorithms for machine learning):
- For our systems to function properly and in compliance with applicable waterway traffic rules as well as to define proper operational environment for our vessels, we study and evaluate the waterways and surroundings in which our vessels are operated.
- This includes for example data regarding applicable speed limits or network availability and reliability.
Fulfilling legal and other obligations or interests in case of incidents and accidents:
- In case our vessels are involved in any incident or accident, we process data in order to determine legal responsibilities and liability as well as for the purposes of accident research and product improvement.
The primary legal basis for the collection, processing and storing of the above-mentioned data by Seafar is the protection of legitimate interests pursuant to Article 6 (1) f) GDPR:
- Our legitimate interests consist of carrying out research, development, validation testing of our tele driven and automated vessels, systems and technologies.
- Most importantly, we want to keep waterway users, vessels and other objects safe and to ensure and improve safety and security of our tele driven and automated navigation functions, systems and technologies in our as well as in their interest.
- In case of incident- or accident management, it is in our and the public’s interest for a safe waterway traffic to process data in order to determine legal responsibilities and liability as well as improving incident and accident research capabilities.
Additionally, we may be obliged to process certain data due to statutory obligations under national or European law. In these cases, the legal basis for the collection, processing and storing of the above-mentioned data is Art. 6 (1)c) GDPR.
- How is the data secured at rest and in transfer?
Seafar secures your data utilizing state-of-the-art technologies, consisting of but not limited to the following security measures which are applied to protect your personal data from misuse or other unauthorized processing:
- The data is transferred via an encrypted way so that exchanged messages cannot be read, modified or manipulated by third parties (hacking).
- Access to personal data is restricted to a limited number of authorized persons for their stated intentions.
- The IT systems for processing the data are technically isolated from other systems to prevent unauthorized access, e.g., through hacking.
- In addition, access to these IT systems is permanently monitored in order to detect and prevent misuse at an early stage.
- Where is the data stored?
The data is stored on servers located in Belgium or if not otherwise possible, on servers located in the European Union. In exceptional cases some personal data may be accessed from third countries (e.g. for support purposes).In these cases, we ensure an appropriate level of data protection through standard data protection clauses approved by the EU Commission (which we can provide you with on request) and other technical or organizational measures.
- With whom will the data be shared?
Seafar treats personal data with care and confidentiality. We only pass data to third parties to the extent described here and within the scope of the purpose limitation under data protection law. Categories of recipients to whom data may be disclosed in the context of this processing are in particular:
- Seafar affiliates: Seafar affiliates run the Remote Control Centers in areas where we offer our service and/or perform connected drives. Our local affiliates also administer local support to the respective fleet as well as local incident and accident reporting and management.
- IT service providers: For technical reasons, we use external IT service providers who provide server infrastructure, IT maintenance tasks or extensive IT solutions (such as cloud services) and software solutions on behalf of Seafar.
- Insurance companies, public authorities and criminal prosecution agencies: We may be obliged to share data related to damages, accidents, public and criminal offenses with insurance companies, public authorities and criminal prosecution agencies if one of our vessels is involved in a traffic accident or similar event.
We do not share, sell, rent, or trade personal data for any promotional purposes. All of these service providers are carefully selected and contractually committed to process data only in accordance with our instructions and the GDPR as well as to ensure the protection of the rights of the data subjects.
- How long is the data stored?
We store the data only for the duration of the aforementioned research, development, testing and safety purposes.
The data collected for the safe operation of the vessel as described in Section 3 above is streamed in real-time (with a buffer of under 1 second) and may be stored for later analysis, research and development purposes as described under Section 4 of this policy in a pseudonymized form or as clear data, in case the data is required for incident- or accident management as described in Section 4 above. In some cases, legal provisions (e.g. our exemption permits for connected operations granted by the respective authorities) or other (legal) obligations and requirements may require us to store the data for a longer period. After this duration, your personal data will be deleted or stored in an anonymized form that cannot be traced back to you.
- What rights do data subjects have?
In the context of the processing of personal data, data subjects are entitled to the following rights under GDPR:
- Right of access: Pursuant to Art. 15 GDPR, data subjects have the right to request information whether their personal data is processed by us. In particular, they may obtain information about the processing purposes, the category of personal data, the categories of recipients to whom the personal data have been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or opposition, the existence of a right to lodge a complaint, the origin of the personal data, unless it was collected by us, and the existence of automated decision-making, including profiling and, if necessary, meaningful information about its details.
- Right to rectification of inaccurate data: Pursuant to Art. 16 GDPR, data subjects have the right to request the correction of incorrect or incomplete personal data stored by us without delay. For video, image and audio data this right can usually only be implemented by deletion.
- Right to erasure: Pursuant to Art. 17 GDPR, data subjects have the right to request the erasure of the personal data stored by us, unless the processing for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for establishing, exercising or defending legal claims is required.
- Right to restriction of processing: Pursuant to Art. 18 GDPR, data subjects have the right to request the restriction of the processing of the personal data, provided that the accuracy of the data is disputed by the data subject, the processing is unlawful and the data subject refuses the erasure of the personal data, we no longer need the data, but the data is required by the data subject to establish, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR.
- Right to data portability: Pursuant to Art. 20 GDPR, data subjects have the right to receive the personal data provided to us in a structured, commonly used and machine-readable format and to request the transmission to another person responsible.
- Right to lodge a complaint to a supervisory authority: Pursuant to Art. 77 GDPR, data subjects have the right to lodge a complaint with the competent data protection supervisory authority, in the EU Member State of the data subject’s habitual residence, place of work or place of the alleged infringement. The data protection supervisory authority, which is responsible for us, is the “Gegevensbeschermingsautoriteit”:
Gegevensbeschermingsautoriteit
Drukpersstraat 35, 1000 Brussel
+32 (0)2 274 48 00
+32 (0)2 274 48 35
www.gegevensbeschermingsautoriteit.be
- Information about your Right of Objection under Article 21 of the GDPR.
You have the right, for reasons arising from your particular situation to object to the processing of your personal data, that we process based on legitimate interests as described in Section 4 above. If you file an objection, we will, based on the information provided re-evaluate the grounds for the processing and whether they outweigh your interests, rights and freedoms or the processing, e.g. where the processing is necessary to assert, exercise, or defend legal claims or to fulfill a legal obligation, and, if possible, stop further processing and delete your data if this is not the case.
If you have any questions regarding your data or if you would like to exercise your rights as a data subject, please do not hesitate to contact us via privacy@seafar.eu.
We may update this Privacy Statement from time to time to comply with business, legal or technical developments. When we update our Privacy Statement, we will take appropriate steps to inform you, depending on the significance of the changes and the legal requirements in this regard.