Privacy Policy for Maritime Optima

Active as of 20th of July 2021

Maritime Optima AS is developing user-friendly and intelligent maritime collaboration software for optimizing and managing commercial maritime decisions, based on a subscription model (SaaS). Maritime Optima AS offers a free subscription and a paid subscription. 

If you wish to register on our websites, subscribe to our newsletters or register to our application services, request information, contact us, use our online knowledge base, complete any surveys, or provide content for inclusion on our websites (e.g. blogs or other online forums) we will collect certain data about you.

The personal data we collect about you may include:

Newsletter subscriptions. Personal data processed in connection with newsletter subscriptions is also based on your consent. You are free to withdraw your consent at any time by unsubscribing to our newsletters or application service, or by contacting us directly at post@maritimeoptima.com.
User statistics. The user statistics we process enable us to provide, develop and improve our services and security features. Our processing of user statistics is based on your consent to use of cookies (information capsules). The data will be stored for two years, unless you withdraw your consent. You may withdraw your consent at any time by disabling cookies in your browser settings, unsubscribing to the newsletter or the application service. Please consult our cookie policy for more information about the cookies we use on our website and in our application software services.

Anonymous user data. We may also use data collected from you in an aggregated, non-identified form of usage statistics for research purposes and to help us make decisions on marketing, product development and business activities and machine learning. This processing is based on your consent to use cookies (information capsules).

We collect personal data in order to administrate your user account. Your personal data is stored for the duration your account is active. You can delete your account any time by sending a message to post@maritimeoptima.co.

If you are a private individual using our services without being affiliated with a company, Maritime Optima AS are responsible for handling any personal data you choose to share while using the service. The information will be stored for the duration you are using our services, or for a longer period if there is a legitimate reason for storing the information (e.g. investigation of possible criminal offences or information needed for civil lawsuits). Please contact us at post@maritimeoptima.com, if you have any inquiries. 

1. Customer administration  

Every company using the Maritime Optima services has a dedicated contact person. The contact person is authorized to handle the account on behalf of the company, including inviting new users to the account, and responding to requests from users. These users are the account owners.

If you are a contact person affiliated with a company using our services, we will process your personal data (name and contact information) in order to administer the customer agreement. The information will be stored for five years in accordance with the Norwegian Bookkeeping Act Section 13.  

If a company uses the Maritime Optima services and want their employees to use the Maritime Optima service, they are responsible for any personal data that they share while using the service. Maritime Optima AS are then solely delivering the service to the company and process your personal data on behalf of the company. If you have any questions regarding how the company that invites you to use our services handle your personal data, please consult the companies’ privacy policies or contact the companies’ contact person directly. 

2. Disclosure of personal data to third parties

We will only disclose your personal data to third parties to the extent such disclosure has a legal basis pursuant to applicable data protection laws.
We may use data processors to store, collect or otherwise process personal data. The relationship to such data processors (or sub-processors) is based on a data processor agreement entered pursuant to GDPR article 28 and to the extent necessary due to any transfer out of EU/EEA, EU standard contractual clauses and/or other appropriate legal basis in accordance with GDPR chapter V.

Your personal data may be subject to processing outside the EU/EEA. We are only using services from companies handling your data according to Standard Contractual Clauses, Binding Corporate Rules or adequacy decisions from the EU Commission. We may share non-personal data (for example, aggregated or anonymized customer data) for research or to help us to generally improve our system.

Below, we have described our main suppliers and the purpose for user their services to which we may disclose your Personal Data:

Webflow. Maritime Optima AS uses Webflow to host our website and landing pages, for marketing of our service and its features, for the purpose of providing information about the Application Service and its features and for signing up to our newsletter.
Webflow is owned by Webflow Inc. If they are transferring Personal Data to a Webflow Inc entity outside the EEA area, the transfer is mainly based on Webflow Inc Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses. For more information: https://webflow.com/legal/privacy
Microsoft Azure (Azure): The Personal Data we collect from you is stored in our European data processing center. Currently this data center is operated by Microsoft, which is one of the world’s leading data center operators for cloud services. The Microsoft data centers we use are placed within the European Union (EU) and/or European Economic Area (EEA). Audio and video data is never transferred to servers outside the EU or EEA. Your Maritime Optima user accounts and data do NOT constitute a Microsoft account.
 
Intercom. Maritime Optima AS is using Intercom.io, for the purpose of handling customer support, customer chat and newsletter to existing users. The transfer of Personal Data to an Intercom.io entity outside the EEA area is mainly based on Intercom.io Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses or the. For more information: https://www.intercom.com/legal/privacy
Google Analytics and Firebase. Maritime Optima AS is using Firebase and Google Analytics for application analytics, improvements, bugfixes, and as our notification service. The transfer of Personal Data to a Firebase entity outside the EEA area is mainly based on Firebase Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses or the. For more information: https://firebase.google.com/support/privacy
Stripe. Maritime Optima AS are using Stripe for handling online payments made by credit cards. Stripe is owned by Stripe Inc. The transfer of Personal Data to Stripe Inc. entities outside the EEA area is mainly based on Stripe Inc. Binding Corporate Rules. If not applicable, the transfer is based on EU standard contractual clauses or the. For more information about Stripes Inc´s. privacy policy: https://stripe.com/en-no/privacy
Maritime Optima might also enter into agreements with other software companies to provide complementary services through our product. Maritime Optima’s users and customers will not be obliged to use such 3rd party software providers services. In such case, Maritime Optima will notify our users about the 3rd party Terms of Agreements applicable. 

3. Safety measures

The protection of your personal data is a high priority for us. We continuously work to protect personal data and other confidential information. Our security measures include physical, technical and administrative measures. In order to ensure good customer support, selected employees have access to the customers’ projects.

Our employees receive training and guidance on how to handle personal data safely. We have routines and access control to prevent unauthorized disclosure and unauthorized access to your personal data. We also have procedures and measures that prevent personal data loss, as well as loss and destruction of the systems where personal data is stored. We endeavor to process your personal data correctly and safely and that the treatment is protected against harmful software.

All communication between the users and Maritime Optima servers are secured with HTTPS. Login information and all other data is encrypted, and server authenticity is verified. 

Full security depends on up-to-date software and patches; we regularly test our servers with SSL Labs online tools to check that we get an “A” grade, i.e. no known vulnerabilities.

Users logging into Maritime Optima get a unique session authentication key (JWT token). This key ensures that our servers know which user is attempting which operation and is used to enforce access control rules. The key expires after a certain time, after which the user must login again. We store email, IP-addresses and login attempts for diagnostic purposes.

We comply with the requirements for the protection and safeguarding of personal data as provided by the General Data Protection Regulation (GDPR) and Datatilsynet (the Norwegian Data Protection Authority). We ensure that personal data is protected in connection with the transfer of personal data. Any threats to data security are handled efficiently as security and the protection of your personal data is part of the daily work of our business. 

Any breach of security practices will be documented. We have established procedures to detect and deal with breach of security. If a security breach is detected, this will be reported to the management, the risk of privacy breaches is assessed, and if applicable, Datatilsynet (the Norwegian Data Protection Authority) will be notified where necessary. You will also be notified as a user if the breach poses a risk to you and your rights.

4. Your rights as data subject

You can access, correct, or delete your personal data by using your account settings and tools that we offer, or you can contact us by sending an e-mail: post@maritimeoptima.com

Your Personal Data is processed in accordance with the Norwegian implementation of the General Data Protection Regulation (GDPR) (Regulation 2016/679), which is the Norwegian Personal Data Act of 15 June 2018 no. 38. Hereunder you have, subject to any exemptions provided by the law, the right to:

You as the data subject have the right to withdraw your consent at any time by cancelling your subscription to the application service.

EU individuals have the right to make a complaint to your national data protection authority. The head authority for Maritime Optima is the Norwegian Data Protection Authority (Datatilsynet).

5. Changes to the Privacy Policy

Maritime Optima AS may update this Privacy Policy from time to time and the latest version will always be available on our web page https://www.maritimeoptima.com/

In case of a significant change, we will notify you of the change.

6. Contact information

Maritime Optima AS
Address: Bryggegaten 9, 0250 OSLO
Mail: post@maritimeoptima.com
Phone:  + 47 47 01 07 04
By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Cookie Policy for more information.