“Personal Data” is information that can be used to identify you, directly or indirectly, alone or together with other information.
Sensario is the controller for any processing of your Personal Data as a user the Sensar SmartBoat One service (hereinafter «Sensar Service»). As controller, Sensario is responsible for defining the purposes for processing your personal data and for complying with current data protection legislation. The address and contact details to Sensario can be found at the end of the policy document.
1. INFORMATION SENSARIO COLLECTS
When you sign up for and use the Sensar Service Sensario collects the following types of information:
1.1 Account information:
When you sign up for the Sensar Service some information is required to create an account, including:
first and last name
date of birth
vessel registry no.
You may also choose to voluntarily provide Sensario with other types of information, such as a profile photo etc.
1.2 Payment information:
When you subscribe to the Sensar Service, you provide or the payment service provider, provide your payment card number or other relevant financial information.
1.3 Usage and device information
The SmartBoat One main unit collects data measuring a variety of metrics such as:
date and time of use
information from sensors such as;
air and water thermometers
GPS location data
relevant emergency data in case of emergency situations.
Some of these metrics/data will not be considered Personal Data covered by the GDPR. However, when Sensario collects and uses data from sensors part of the SmartBoat One system that is regarded as Personal data, the legal basis for processing such data is the Terms of Service contract where processing such data is necessary to perform our Services, cf. GDPR Art. 6 (1) (b).
1.4 Analytics and advertising services provided by others
Sensario works with the following partners to gather analytical data and deliver advertising services:
Google Analytics – Disable Google Analytics data collection here
Sensario collects anonymized information about visitors to sensarmarine.no using the Google Analytics tool. Anonymized means that the information cannot be traced back to the individual user. All user stats are merged into a group and are not processed individually. The purpose of this is to compile statistics that are used to improve and further develop the content of the web pages and improve the user experience.
By subscribing to the newsletter, you provide information such as name and email. This information is not stored until you confirm your subscription through e-mail from Hubspot (The Newsletter Platform). It will be possible to check for what kind of info you receive in the confirmation.
Hotjar – You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of the website and Hotjar’s use of tracking cookies on other websites by following this opt-out link.
Read more about the relevant third party service providers’ routines for handling personal data by following the links in the list of names.
Cookies give Sensario insight into the visitors’ usage patterns, as well as how many visitors have visited the site. Cookies are categorized as Personal Data under the GDPR, even though the data is anonymous.
Service development: Cookies help Sensario keep track of the use of the digital services. Sensario uses this information to improve the services. Sensario receives information about which websites are visited the most, if the user comes from a link outside the website, if they click on, and how long the users (anonymized) stay on the website. Sensario also monitors how far the user scrolls down the page, and where the user points and clicks.
Marketing Targeting: Using cookies, Sensario can also collect generic information that can be used to create marketing campaign audiences. This information is not descriptive enough to identify individuals.
The legal basis for processing your Personal Data as described in this section is GDPR Art. 6 (1) (f), which allows Sensario to process information that is necessary to safeguard a legitimate interest that weighs heavier than that of the individual’s privacy. The legitimate interest is to get services on the website to work.
2. HOW SENSARIO USES INFORMATION
Sensario uses the information collected for the following purposes:
2.1 Administer your account and provide the Sensar Service
Sensario uses the information collected to create and manage your account, as well as deliver the Sensar Service.
The legal basis for processing your Personal Data as described in this section is that it is necessary for the performance of the services and to fulfil obligations in accordance with the Terms and Conditions, cf. GDPR Art. 6 (1) (b).
In order to provide the Sensar Service, Sensario uses payment information, mentioned in section 1.2, to complete your transactions. Your account information is used for order management and billing.
The legal basis for processing your Personal Data as described in this section is that it is necessary for the performance of the Sensar Service and to fulfil obligations in accordance with the Terms and Conditions, cf. GDPR Art. 6 (1) (b).
2.3 Communication with the user
Sensario uses your information when you send service notifications or feedback, in order to respond to your inquiries and provide you with customer service. Sensario may also use your information to promote new features or products.
When you communicate with Sensario or sign up for promotional materials, the legal basis for the processing of such data is legitimate interest, cf. GDPR Art. 6 (1) (f), and Sensario’s legitimate interest is to provide you with promotional messages. Where Sensario is required under applicable local law to obtain your consent for sending you marketing information, the legal basis is your consent, GDPR Art. 6(1) (a).
3. HOW SENSARIO SHARES INFORMATION
Sensario only shares your personal information in the following circumstances:
3.1 For legal reasons or to prevent harm
Sensario may preserve or disclose information about you to comply with law, regulations, government/law enforcement investigation, to assert legal rights, defend against legal claims or other legal requirements. Sensario may also disclose information to assist in the prevention or detection of crime or to protect the safety of any person.
When Sensario investigates suspected illegal or wrongful activity, processing of Personal Data is done on the legal basis of legitimate interest, GDPR Art. 6 (1) (f), and the legitimate interest is to ensure compliance with legal requirements and law enforcement requests and for public safety purposes.
If Sensario becomes involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control, Sensario may transfer your information.
When Sensario processes or shares Personal Data in the event of an actual or contemplated sale, processing such data is in Sensario’s legitimate interest in offering, maintaining, providing, and improving the services, GDPR Art. 6 (1) (f).
3.2 With reliable third parties
Sensario may choose to commercialize the Personal Data obtained through the Sensar Service. Sensario may therefore share Personal Data with reliable and approved third parties who may process users Personal Data, with the relevant third parties having controller responsibility. Sensario will still ensure the safety and privacy of such data while it is inside the company.
When Sensario discloses Personal Data to the mentioned third parties, Sensario does this on based on your acceptance of the Terms of Service Contract, GDPR Art. 6 (1) (b).
4. YOUR RIGHTS AND HOW TO EXERCISE THEM
Sensario takes steps to keep your Personal Data accurate and up to date. To exercise the rights to your Personal Data, please contact Sensario at the address listed below. Sensario will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.
If you reside in the EU/EEA, you have the following rights:
Right of access to your Personal Data (GDPR Art. 15): You have the right to ask for confirmation on whether Sensario is processing your Personal Data, and access to the Personal Data and related information on that processing (e.g., the purposes of the processing, or the categories of Personal Data involved).
Right to correction (GDPR Art. 16): You have the right to have your Personal Data corrected, as permitted by law.
Right to erasure (GDPR Art. 17): You have the right to ask for the deletion your Personal Data, as permitted by law. This right may be exercised among other things: (i) when your Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed; (ii) when you withdraw consent on which processing is based according to GDPR Art. 6 (1) (a) or Art. 9 (2) (a) and where there is no other legal ground for processing; (iii) when you object to processing pursuant to GDPR Art. 21 (1) and there are no overriding legitimate grounds for the processing, or when you object to the processing pursuant to GDPR Art. 21 (2); or, (iv) when your Personal Data has been unlawfully processed.
Right to restriction of processing (GDPR Art. 18): You have the right to request the limiting of the processing under limited circumstances.
Right to data portability (GDPR Art. 20): You have the right to receive the Personal Data that you have provided to Sensario, in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including having it transmitted directly, where technically feasible.
Right to object (GDPR Art. 21): You have the right to object to the processing of your Personal Data, as permitted by law. This right is limited to processing based on GDPR Art. 6 (1) (e) or (f), and includes profiling based on those provisions, and processing for direct marketing purposes. After which, Sensario will no longer process your Personal Data unless it can be demonstrated compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
5. HOW SENSARIO PROTECT YOUR INFORMATION
Sensario works hard to protect your personal information from unauthorized access, disclosure or destruction. As with all technology companies, although Sensario takes steps to secure your information, Sensario does not promise, and you should not expect, that your personal information will always remain secure.
Sensario regularly monitors the Sensar Service for possible vulnerabilities and attacks and regularly review the information collection, storage and processing practices to update Sensario’s physical, technical and organizational security measures.
Sensario may suspend your use of all or part of the services without notice if there is reason to suspect any breach of security. If you believe that your account or information is no longer secure, please notify Sensario immediately.
6. HOW LONG SENSARIO RETAINS YOUR INFORMATION
Sensario keeps your personal information only as long as it is needed for legitimate business purposes or for providing the Sensar Service, and as permitted by applicable law.
In practice, Sensario delets or anonymize your information upon deletion of your account (following a safety retention window of three months), unless:
it must be kept to comply with applicable law
there is an issue, claim or dispute requiring Sensario to keep the relevant information until it is resolved; or
it is necessary to keep the information for Sensario’s legitimate business interests, such as fraud prevention and enhancing users’ safety and security. For example, information may need to be kept to prevent a user who was banned for unsafe behavior or security incidents from opening a new account.
7. CROSS-BORDER DATA TRANSFERS
Sharing of information laid out in Section 6 sometimes involves cross-border data transfers, for instance to the United States of America and other jurisdictions, or vice versa. As an example, where the service allows for users to be located in the European Economic Area (“EEA”), their personal information is transferred to countries outside of the EEA. Sensario uses standard contract clauses approved by the European Commission or other suitable safeguard to permit data transfers from the EEA to other countries. Standard contractual clauses are commitments between companies transferring personal data, binding them to protect the privacy and security of your data.
9. HOW TO CONTACT SENSARIO
In case of questions about the processing of your Personal Data please contact Sensario at firstname.lastname@example.org
You are encouraged to contact Sensario directly if you have concerns regarding the processing of Personal Data. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority if you consider that the processing of Personal Data relating to you infringes applicable data protection laws.