Privacy Notice
Veson Nautical Website Privacy Notice
Latest Update of this Policy: June 25, 2024
Information We Collect:
OUR CONTACT INFORMATION
Veson Nautical LLC
Address: 21 Drydock Avenue, Suite 610W, Boston, MA 02210 USA
Email address: legalnotices@veson.com
Data Protection Officer: VeraSafe, LLC
Click here for our DPO contact details.
GENERAL INFORMATION
Do we collect personal information?
YES. Some categories include identification and contact information, professional or employment-related information, payment information, communications data, and automatically collected data.
Click here to find out which categories of personal information we collect and how we obtain it.
Do we sell (as defined in the CCPA) personal information?
YES. But this is limited to our use of third-party advertising cookies on our Websites. We do not sell or share your personal information directly for financial consideration. Click here for more information on our use of cookies.
Click here for instructions on how to opt out of the use of cookies that constitute a sale of your personal information.
TRACKING
Do we use cookies or similar tracking technologies on our Websites?
YES. Click on the following link to read our Cookie Notice for veson.com (and any Veson Nautical webpage linking to this Cookie Notice) and shipfix.com.
PRIVACY RIGHTS
Can you request a copy of the personal information we have collected about you?
YES. Click here to learn how.
Can you withdraw your consent to our processing of your personal information?
YES. Click here to learn how.
Can you request to have your data deleted?
YES. Click here to learn how.
Can you request not to have your data sold?
YES. Click here to learn how.
SECURITY
Do we protect your personal information?
YES. Click here to learn more about how we protect your personal information.
Have we been audited by a professional third party?
YES. Veson has been audited against the requirements of SOC 2 Type II for its IMOS Platform.
Introduction
Veson Nautical LLC (including all of its affiliated companies) (collectively, “Veson,” “we,” or “us”) takes the privacy of your personal information very seriously and respects your concerns about personal data protection. This Privacy Notice (the “Notice”) applies to visitors of Veson websites and/or users of products and services provided by Veson, the owner and provider of the website(s). This Notice describes what we do with your personal information, how we protect it, and what privacy rights you may have under applicable data protection and privacy laws, such as the European Union General Data Protection Regulation and the UK General Data Protection Regulation (collectively, “GDPR”), and the California Consumer Privacy Act of 2018 (“CCPA”).
What is Covered by this Privacy Notice?
This Privacy Notice applies only to data subjects whose personal information we:
- receive directly through public marketing and informational websites owned or controlled by us, including veson.com, veslink.com, clients.veson.com, auth.oceanbolt.com, milbros.com, jotunprl.com, vesselsvalue.com, and shipfix.com (each, a “Website”);
- collect or receive directly from you or from our clients (“Clients”) for the purpose of providing the services, including any consulting and technical support services, available through our Websites, including the IMOS Platform, Veslink, Veslink Distances calculator, Veson’s Knowledge Base, Veson University, Oceanbolt Data Platform, Q88 platforms and solutions, VesselsValue solutions, and Shipfix products and solutions (each, a “Service”, and collectively, the “Services”); or
- process to promote our Services.
What is not Covered by this Privacy Notice?
Recruitment and Employment Information
This Privacy Notice does not apply to personal information collected when you apply for a job at Veson (our Applicant Privacy Policy is available here), or to the personal information of Veson employees, contractors, directors, or other staff.
Third Party Websites
Our Websites may contain links to other websites that are not Veson Websites. This Privacy Notice does not extend to any third-party websites that can be accessed from one of our Websites, including, but not limited to, any links we may provide, including to social media websites. Your interactions with these third-party websites are governed by the privacy notice of the company providing it.
What Can You Find in this Notice?
This Notice tells you, among other things:
- Our Roles with Respect to Your Personal Information
- Personal Information We Collect and How We Collect It
- How We Use Your Personal Information
- Lawful Bases for Processing Your Personal Information
- How We Share Your Personal Information
- How Long We Keep Your Personal Information
- Your Rights Regarding Your Personal Information
- How to Exercise Your Privacy Rights
- How we Transfer Your Personal Information
- How we Protect Your Personal Information
Our Roles with Respect to Your Personal Information
Within the context of this Privacy Notice, there is personal information that we process for our own purposes and personal information that we process on behalf of our Clients. This means that we do not always have the same degree of decision-making with respect to why and how each piece of personal information will be processed.
Veson acts as a data controller or “business” (as defined in the CCPA) in the following instances:
- when collecting personal information of visitors to the publicly accessible areas of our Websites;
- when processing the personal information of users of our Services, as it pertains to accounts and financial management, billing, Client support services, product development, management and enhancement, providing training on Veson Services, and Client records management; and
- when processing personal information of existing and prospective Client contacts to promote our Services.
In addition to the above, Veson also acts as a data processor or “service provider” (as defined in the CCPA) on behalf of our Clients when they use our Services. Where you give your data to one of our Clients or where we collect your personal information on behalf of a Client pursuant to a service agreement between Veson and that Client, our Client typically acts as the controller or “business” in charge of the processing of your personal information. In these circumstances, the Client’s privacy notice (rather than this Privacy Notice) will apply to the processing of your personal information. If you have a direct relationship with one of our Clients, please contact them to exercise your privacy rights.
Personal Information We Collect and How We Collect It
We collect information about you when you use our Websites and Services. We also receive some information from third-parties, like our Clients or from publicly available sources, such as company websites.
We collect information when you or one of our Clients choose to give it to us or store it in our Services. This includes:
Identifiers and contact information
- Name, email address, street address, postal address, and phone number.
Professional or employment-related information
- Job title, and any entity or company with which you are affiliated.
Business information
- Company name, size, and business type.
Account information
- Username and password.
Communications data
- Any information you provide to us when you contact us, including via phone call or videoconference, which calls we may record for training, quality assurance, and administrative purposes.
- Any information you provide in forums, chatrooms, and wikis on our Websites or in or related to our Services.
Billing and payment information
- Billing address, payment card details, and financial and bank account numbers (for services requiring payment).
Other information
- Information about persons related in some manner to identified vessels.
- Information imported by you from third party applications, including your client lists.
- Information about others, such as when you refer someone else to Veson.
- Any other information voluntarily provided by you when creating a profile for using our Services, such as a profile picture, display name, and location details.
Automatically collected data, when you use Websites or Services, we collect some information automatically. This includes:
- Your activity on the Websites or Services, including statistical usage data derived from the operation of our Services.
- Your internet protocol (IP) address and internet service provider (ISP).
- Your browser type and device ID.
- The files viewed on our sites (e.g., HTML pages, graphics, etc.
- Operating system, date/time stamp, and/or clickstream data.
- Vessel location information, including precise geolocation.
We will not collect additional categories of personal information without informing you.
How We Use Your Personal Information
Where we act as a data controller or business, we may use the personal information we obtain to:
- provide and administer our products and Services, including providing client support, issue credentials, including passwords to allow you to access and operate your account, and respond to requests or inquiries;
- process and fulfill orders including billing and payment processing, and keep you informed about the status of your order;
- communicate about and administer our products, Services, events, programs and promotions (such as by sending alerts, promotional materials, newsletters and other marketing communications);
- allow you to participate in interactive features on our Websites;
- conduct and facilitate surveys, sweepstakes, contests, focus groups and market research initiatives;
- perform data analytics (such as market research, trend analysis, financial analysis and client segmentation);
- engage in ad retargeting and evaluate the effectiveness of our marketing efforts (including through our participation in ad networks);
- administer and register participants in our courses;
- send you marketing and sales-related communications regarding our business which we think may interest you;
- verify your identity, detect, prevent, and respond to fraud, intellectual property infringement, violation of our contracts or agreements, violations of law, misuses of Veson’s Websites or products, and other unlawful activity, and to prevent unauthorized transactions;
- conduct investigations, respond to law enforcement requests, and comply with applicable legal requirements, relevant industry standards, contractual obligations, court orders, and governmental regulations;
- manage our internal business processes, such as accounting, auditing, and managing operations;
- maintain the integrity and security of our Websites, products, features, databases, Services and business and to prevent and to detect any security threats, or other criminal or malicious activity that might compromise your information;
- establish, exercise, or defend legal claims, and protect Veson’s rights or property, or yours or others’ health, safety, welfare, rights, or property; and
- improve and develop our products and Services, troubleshoot technical problems, and improve the quality of the Services.
We may anonymize or aggregate personal information and use it for the purposes described above and for other purposes to the extent permitted by applicable law. We also may use personal information for additional purposes that we disclose at the time of collection. We will obtain your consent for these additional uses to the extent required by applicable law.
Lawful Bases for Processing Your Personal Information
We must have a valid reason to use your personal information. This is called the “lawful basis for processing.”
When we act as a data controller or “business”, the legal basis for processing your personal information, as described above, will be one of the following:
- your consent;
- performance of a contract with you;
- our legitimate business interests; or
- compliance with legal obligations, such as complying with applicable laws, regulations, court orders, or legitimate requests from law enforcement or regulators.
Where we receive your personal information as part of providing our Services to fulfill a contract, we require such personal information to be able to carry out the contract. Without that necessary personal information, we will not be able to provide the Services to you.
Within the scope of this Privacy Notice, we may also process personal information as a processor or service provider based on the instructions of our Clients. To learn about their lawful bases for processing your personal information, please read the privacy notice(s) of our Clients.
How We Share Your Personal Information
We do not sell, share, or otherwise disclose personal information about you except as described in this Privacy Notice, or at the time of collection. We do not share contact information with third parties for their direct marketing purposes unless you affirmatively agree to such disclosure where required by law.
The categories of third parties to which we may disclose your personal information include:
- Infrastructure service providers
- Client management tool providers
- Internet service providers
- Cloud service providers
- Office tool providers
- Payment processing providers
- Client survey providers
- Email communication software providers
- Email security services providers
- Web analytics providers
- Data analysis service providers
- Enterprise open-source solutions providers
- Project management tool providers
- Application hosting service providers
- Marketing assistance service providers
- Email newsletter providers
Veson enters into agreements with our service providers to ensure that they keep your personal information confidential, that they only use it for the specific services provided to Veson, and that they provide your personal information with the same level as protection that we do.
In addition to the above, Veson may also disclose personal information to third parties as follows:
- Other entities within the Veson group of companies on a worldwide basis to perform the processing described in this Privacy Notice;
- Other third parties: (1) where required by applicable law or legal process; (2) to comply with a legitimate legal request made by law enforcement authorities or other government authorities; (3) when we believe disclosure is necessary to prevent physical harm or financial loss; (4) to establish, exercise, or defend our legal rights; (5) to prevent, detect, or investigate suspected fraud or illegal activities; and
- Other third parties when you give your consent to such disclosure.
Veson reserves the right to transfer to relevant third parties any information we have about you in the event of a potential or actual sale or transfer of all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution or liquidation) or other business combination.
We will retain your personal information for as long as necessary to fulfil the purpose for which we collected it and any other permitted linked purpose and in compliance with our data retention policies. For example, we will retain and use your personal information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.
Your personal information may need to be retained in our backup systems and will only be deleted or overwritten at a later time. This may be the case even when you or a supervisory authority has validly asked us to delete your personal information or when we no longer have a legal basis for processing such personal information.
Cookies
A “cookie” is a small file stored on your device that contains information about your device. We may use cookies to provide basic relevant ads, website functionality, authentication (session management), usage analytics (web analytics), to remember your settings, and to generally improve our Websites and Services.
We use session and persistent cookies. Session cookies are deleted when you close your browser. Persistent cookies may remain even after you close your browser, but always have an expiration date. Most of the cookies placed on your device through our Services are first-party cookies which are placed directly by us. Other parties, such as Google, may also set their own (third-party) cookies through our Services. Please refer to the policies of these third parties to learn more about the way in which they collect and process information about you.
If you would prefer not to accept cookies, you can change the setup of your browser to reject all or some cookies. Note, if you reject certain cookies, you may not be able to use all features of our Services. For more information, please visit https://www.aboutcookies.org/.
You may also set your browser to send Do Not Track (“DNT”) or Global Privacy Control (“GPC”) signals. Our Websites are set to respond to DNT and GPC signals received from web browsers.
For more information about our use of cookies, please refer to our Cookie Notices on veson.com (and any Veson Nautical webpage linking to this Cookie Notice) and shipfix.com.
Your Rights Regarding Your Personal Information
You have specific rights regarding your personal information that we collect and process. Please note that you can only exercise these rights with respect to personal information that we process about you when we act as a data controller or as a “business” under the CCPA. To exercise your rights with respect to information processed by us on behalf of one of our Clients, please read the privacy notice of that Client.
In this section, we first describe those rights and then we explain how you can exercise those rights.
Right to Know What Happens to Your Personal Information
This is called the right to be informed. It means that you have the right to obtain from us all information regarding our data processing activities that concern you, such as how we collect and use your personal information, how long we will keep it, and who it will be shared with, among other things.
We are informing you of how we process your personal information with this Notice.
Right to Know What Personal Information Veson Has About You
This is called the right of access. You have the right to obtain from Veson confirmation of whether or not we process personal information concerning you, and, where that is the case, to obtain access to the following information:
- the categories or specific pieces of personal information that Veson has collected from you;
- the categories of sources from which Veson has collected your information;
- our business or commercial purposes for collecting, selling, sharing, or otherwise processing your personal information;
- the categories of third parties with whom Veson shares personal information;
- where possible, the retention period for your personal information or, if not possible, the criteria used to determine the retention period;
- if we conduct automated decision-making, including profiling, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you;
- the specific pieces of personal information we process about you in an easily shareable format;
- if we sold or disclosed your personal information for a business purpose, the categories of personal information and categories of recipients of that personal information for both sale and disclosure;
- if we rely on legitimate interests as a lawful basis to process your personal information, the specific legitimate interests; and
- the appropriate safeguards used to transfer personal information from the EEA or the UK to a third country, if applicable.
Under some circumstances, we may deny your access request. In that event, we will respond to you with the reason for the denial.
Right to Change your Personal Information
This is called the right to rectification. It gives you the right to ask us to correct without undue delay anything that you think is wrong with the personal information we have on file about you, and to complete any incomplete personal information.
If your account settings in the applicable Veson Service you use do not allow you to change the information yourself, please contact us and we will do our best to change the information for you.
Right to Delete Your Personal Information
This is called the right to erasure, right to deletion, or the right to be forgotten. This right means you can ask for your personal information to be deleted.
Sometimes we can delete your information, but other times it is not possible for either technical or legal reasons. If that is the case, we will consider if we can limit how we use it. We will also inform you of our reason for denying your deletion request.
Right to Ask Us to Limit How We Process Your Personal Information
This is called the right to restrict processing. It is the right to ask us to only use or store your personal information for certain purposes. You have this right in certain instances, such as where you believe the data is inaccurate or the processing activity is unlawful.
Right to Ask Us to Stop Using Your Personal Information
This is called the right to object. This is your right to tell us to stop using your personal information. You have this right where we rely on a legitimate interest of ours (or of a third party) as a lawful reason to process your personal information. You may also object at any time to the processing of your personal information for direct marketing purposes.
We will stop processing the relevant personal information unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, or freedoms; or (ii) we need to continue processing your personal information to establish, exercise, or defend a legal claim.
Right to Port or Move Your Personal Information
This is called the right to data portability. It is the right to ask for and receive a portable copy of your personal information that you have given us or that you have generated by using our services, so that you can:
- move it;
- copy it;
- keep it for yourself; or
- transfer it to another organization.
We will provide your personal information in a structured, commonly used, and machine-readable format. When you request this information electronically, we will provide you a copy in electronic format.
Right to Withdraw Your Consent
Where we rely on your consent as the legal basis for processing your personal information, you may withdraw your consent at any time. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
If you have given consent for your details to be shared with a third party and wish to withdraw this consent, please also contact the relevant third party in order to change your preferences.
Your Right to Opt-Out of the Sale and Sharing of Personal Information
We generally do not “sell” or “share” your personal information directly in the conventional sense of the meaning under the CCPA (i.e., for financial consideration). Like many companies, however, we use services that help deliver interest-based advertisements to you and that analyze our website traffic which may lead to the transfer of your personal information to other companies. Nevertheless, to the extent that making personal information (such as online identifiers or browsing activity) available to these companies may be considered a “sale” or “sharing” under the CCPA, you have the right to ask us not to sell or share your personal information that take place via cookies at any time. This is called the right to opt-out, and, if you want to exercise it, you can change the setup of your browser or reject all or some cookies.
Your Right to Opt-In to the Sale of Personal Information
If you have directed us not to sell your personal information, you can opt-in to the sale of your personal information at any time.
Individuals who opt-in to personal information sales may opt-out of future sales at any time.
Your Right to Decide the Fate of Your Personal Information after Death
This right allows you to impose the fate that you wish to reserve your personal information in the event of death.
Your Right to Lodge a Complaint with a Supervisory Authority
If the GDPR applies to our processing of your personal information, you have the right to lodge a complaint with a supervisory authority if you are not satisfied with how we process your personal information.
Specifically, you can lodge a complaint in the Member State of the European Union of your habitual residence, place of work, or the alleged violation of the GDPR.
Limitations on Your Privacy Rights
We may limit or deny requests to exercise your rights where it may violate another person’s rights or as otherwise permitted by applicable law. We do not discriminate against you for exercising your rights with respect to your personal information. If we deny your request, we will tell you why the request was denied. Additionally, if we determine that no exception to deletion applies, we will direct any of our service providers that have received your personal information to delete your personal information from their records as well.
How to Exercise Your Privacy Rights
To make a request, please contact us at legalnotices@veson.com or 21 Drydock Ave., Suite 610W, Boston, MA 02210 and indicate the nature of the request and applicable Veson affiliate, Services or products with which your personal information is associated.
- For California residents, please include “CCPA Request” in the subject line and in the body of your message and identify what your specific request is.
- Subject to limits under California law, California residents may ask us to provide them with (1) a list of certain categories of personal information we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year and (2) the identity of those third parties.
- To obtain this information, please send an email to legalnotices@veson.com with “California Shine the Light Privacy Request” in the subject line and in the body of your message.
We will verify your identity prior to granting any request and may require additional information to do so. If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual, except for requests made by an opt-out preference signal.
We will respond to information access requests within a reasonable timeframe. If we require additional time to provide access to your information, we will acknowledge receipt of your request within a reasonable timeframe and promptly supplement our response within the time period required by applicable law.
How We Transfer Your Personal Information
Personal information we collect may be transferred and stored in other countries, including the United States, which may have less stringent data protection laws than the country in which the information was collected. If we do so, we will transfer the personal information only for the purposes described in this Privacy Notice. To the extent required by applicable law, when we transfer your personal information to recipients in other countries, we will take measures to protect that information, which may include the Standard Contractual Clauses as approved by the European Commission under Article 46.2 of the GDPR.
How We Protect Your Personal Information
Veson maintains administrative, technical and physical safeguards, consistent with legal requirements where the personal information was obtained, designed to protect against unlawful or unauthorized access, destruction or deletion, loss, alteration, or disclosure of the personal information provided to Veson through the products or Websites.
Children
The Website is not directed at or permitted to be used by children under the age of 16, and we do not knowingly collect, sell or share any information of persons under the age of 16.
Data Protection Officer
VeraSafe has been appointed as Veson’s Data Protection Officer (DPO). While you may contact us directly, VeraSafe can also be contacted on matters related to the processing of personal information. VeraSafe’s contact details are:
VeraSafe LLC
100 M Street S.E., Suite 600
Washington, D.C., 20003, USA
Email: experts@verasafe.com
Web: https://www.verasafe.com/about-verasafe/contact-us/
Representative in the European Union
VeraSafe has been appointed as Veson’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, VeraSafe can be contacted in regard to matters related to the processing of personal information. To make such an inquiry, please contact VeraSafe using this contact form or via telephone at: +420 228 881 031.
Alternatively, VeraSafe may be contacted at:
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P, Ireland
Changes to Our Privacy Notice
We reserve the right to change and update this Privacy Notice as we may deem necessary from time to time or as may be required by law. If we make any material changes, we will notify you by email (sent to the email address specified in your account) where required, or by means of a notice on this Website prior to the change becoming effective. You are encouraged to periodically review this page for the latest information on our privacy practices. Your continued use of the Website or a Service after such changes are implemented constitutes your acceptance of the changes.
Additional Information:
Your information is submitted to Veson Nautical LLC, a Delaware limited liability company with its principal place of business at the address below.
Questions regarding this Privacy Notice should be directed to Veson at legalnotices@veson.com or by mail to Veson Nautical LLC at 21 Dry Dock Avenue, Suite 610W, Boston, MA 02210 USA, Attn: Chief Privacy Officer.