Privacy Policy

 

1.      General provisions

The Privacy Policy regarding personal data protection explains how personal data are processed and provides information on the data subject’s rights in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council 2016/679 of 27 April 2016 On the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter - GDPR).

The goal of the Privacy Policy is to provide information about the purpose and scope of processing, protection and processing term of personal data to the visitors of the website during collection and the processing of the user’s data.

Controller information: SIA “NAUTICA”, Reg.No.40103191687, Registered Address: Vizbuļu street 14, Zvejniekciems, Saulkrastu pag., Saulkrastu nov., LV-2161 (hereinafter referred to as the – Skippercheck).

Contact information: telephone: 371 26033818, e-mail address: info@skippercheck.net.

2. The legal basis of processing of personal data, purpose and personal data categories of Skippercheck.

Skippercheck collects personal data for particular, clear and legitimate purpose and will not conduct their further processing in a form not compatible with the listed purposes.

2.1. Legal basis: data subject’s consent[1] is used for the following purposes:

·         Send an invitation to user in order for user to create an account on Skippercheck. Processed personal data: e-mail address.

 

·         Creation of the registered user’s account on Skippercheck in order to store information about the user and provide access to Skippercheck services. Processed personal data: first name, last name, e-mail address.

 

·         Sending information to user about special offers of Skippercheck, campaigns, news. Processed personal data: e-mail address.

 

·         Provision of answers to the client’s questions, suggestions or comments, as well as provision of efficient client and technical support on the website. Processed personal data: name, surname, e-mail address or telephone number.

 

·         Creation of sea time CV with information user provides in order to share it with others. Processed personal data:  ID number, full name, phone number, e-mail address, secondary e-mail address, postal address, date of birth, gender, passport No., citizenship, profile image, information about experience (sailors rank, Endorsement licence, VHF Licence, endorsements, skills, courses, miles and marinas visited), other personal information user provides.

 

·         Provide opportunity to send an invitation to the friend of the user to join Skippercheck. Personal data processed: full name, e-mail address of the users’ friend, other personal data user provides.

 

2.2. Legal basis: signing or performance of the contract[2] is used for the following purposes:

·         To allow user to place an order and to purchase Skippercheck Endorsement and Skippercheck Basic VHF Radio Operator online courses at Skippercheck. Preparation of the order of the courses, confirmation of the purchase, sending of a notice regarding the order to the e-mail address. Processed personal data: name, surname, e-mail address.

 

·         Performance of payments related to the purchase. Processed personal data:  the payment information -  the payer’s data, bank account number, date, amount, payment date.

 

·         Preparation of Skippercheck Endrorsement certificate. Personal data processed: name, surname, date of birth, certificate number, citizenship, date of exam, first assign date, refresh date, licence information, information about sailed nautical miles.

 

·         Preparation of Skippercheck Basic VHF Radio Operator online course certificate. Personal data processed: name, surname, date of birth, certificate number, citizenship, date of exam, first assign date, refresh date, licence information, information about sailed nautical miles.

 

·         Send physical certificate cards of Skippercheck Endrorsement and Skippercheck Basic VHF Radio Operator online course to users’ postal address. Personal data processed: name, surname, postal address.

 

 

2.3. Legal basis: performance of a legal obligation[3] is used for the following purposes:

 

·         Provision of answers to consumer complaints or provision of answers and handling of personal data in compliance with requests contained in the data subject’s submission. Processed personal data: name, surname, address and other contact information, personal data presented in the submission.

2.4. Legal basis: legitimate interests[4] is used for the following purposes:

·         Provision of access to a registered user’s account, as well as provision of the client’s access to the user’s account if a password is forgotten. Processed personal data:  e-mail address.

 

·         Provision of efficient client and technical support if there are problems related to the use of the website. Processed personal data: name, surname, e-mail address or telephone number.

3.  Recipients of Personal data

Skippercheck does not provide access to its data base for unauthorised persons and protects the personal information submitted by the user.

User acknowledges that personal data that user submits for publication through our website or crewing services may be available, via the internet, around the world. Skippercheck cannot prevent the use (or misuse) of such personal data by others.

Personal data may be submitted to other persons only:

·         to ensure operation of the website of Skippercheck and functioning of the service (for example, providers of the service of maintenance of the website, server hosting, accounting services and IT system maintenance);

 

·         personal data processors which maintain the information systems of Skippercheck as an outsourced service. Skippercheck may transfer personal data to other entities, for example, courier service providers - Venipack, the post organisation if this is related to performance of the order made on the website of the e-store of Skippercheck and its delivery;

 

·         personal data processors who help to provide the services offered by Skippercheck, such as payment processor Stripe.

 

·         Skippercheck is obliged to transfer data to state authorities when an inquiry of the authority is received in cases defined by the laws and regulations.

 

·         Users personal data available in the user profile and the CV of the user are available to any other person user decides to share this information with.

4. Personal data storage

Personal data are stored and processed according to the defined personal data processing objectives and personal data processing legal basis as long as Skippercheck has at least one of the below criteria:

·         certain legal obligation to store the data for a particular term according to laws and regulations;

·         personal data are needed for the legitimate interests of Skippercheck;

·         it is necessary to perform contractual obligations, as well as a certain term following performance of the contract;

·         there is a valid data subject’s consent for the relevant personal data processing;

·         the personal data specified in the application for exercising a data subject’s rights, the application and the answer of Skippercheck to it will be stored for five years as from the date of provision of the answer of Skippercheck for the purpose of maintaining evidence of exercising of the data subject’s rights.

Personal data are not processed and stored outside the European Union/ European Economic Area (EU/EEA), in the particular case, user data are stored in servers located in the Republic of Latvia.

5. Personal data security

Skippercheck ensures that your personal data are stored and protected against unauthorised access, disclosure, use, modification or destroying. Skippercheck provides and continuously improves protection measures to prevent unauthorised access to personal data, unintentional loss, the risks of data leakage, disclosure or destroying.

Skippercheck has implemented technical and organisational measures which are suitable for data protection needs, for example, secure anti-virus software is used, only certified software is applied, training of all the employees involved in personal data processing is performed, periodic back-up of the server is checked, security of passwords is ensured; passwords of users are regularly changed, regular software updates are installed.

Skippercheck employees who process personal data ensure compliance with the confidentiality obligation.

 

6. Rights of the data subject and their restrictions

Depending on the legal basis for which personal data are processed, the user has the below listed rights. However, the GDPR or the law may also define restrictions of exercising these rights and each application for exercising the rights will be individually evaluated.

·         Right to access one’s personal data. Skippercheck will provide a confirmation to the client whether Skippercheck processes personal data about the user and will issue the collection of all the processed data, as well as additional information regarding personal data processing in conformity with GDPR.

 

·         Right to request correction or updating of inaccurate personal data. Skippercheck asks to submit modifications on the registered user’s profile if these modifications refer to the name, surname, contact or other personal data to ensure correct personal data processing.

 

·         Right to request to restrict (suspend) personal data processing. Processing is restricted for a period during which the request for correction of personal data or the request of objection is being reviewed. In other cases, the user should ask Skippercheck to restrict personal data processing by specifying a particular reason.

 

·         Right to object against the personal data processing. The user has the right to object against a particular personal data processing process in cases when Skippercheck performs processing in the interest of Skippercheck or based on the legitimate interest.

 

·         Right to request deletion of own personal data. Skippercheck will review if there is the basis provided by GDPR for deletion of personal data and will notify the adopted decision.

 

·         Right to withdraw the consent. If personal data processing is performed based on a consent, the client may withdraw it. Skippercheck will provide as convenient as possible withdrawal of the consent by introducing appropriate tools for withdrawal of the consent (for example, for deleting a registered user’s profile).

7. Exercising of a data subject’s rights

By sending any inquiry regarding user as data subject rights, the user submits his/ her personal data to Skippercheck. In this case, the objective of personal data processing is to adopt a decision and to provide an answer to the user regarding this inquiry.

The user may exercise the above rights of a data subject by submitting an application in any of the below ways:

·         a written application with a personal signature addressed to the address of Skippercheck stated in the present Privacy Policy;

·         an application signed with a secure electronic signature, addressed to Skippercheck and sent to the e-mail address: info@skippercheck.net.

In order for Skippercheck to send an answer by substance to the user’s e-mail address, the submission singed by the secure electronic signature should contain a reference to the user’s e-mail address to which an answer should be sent.

Each application for exercising the right will be reviewed as soon as possible, however, latest within one month. In emergency situations this term can be extended by two months and relevant information will be provided in this case.

The user as a data subject has the right to lodge a complaint with a supervisory authority. If any questions arise regarding the personal data processing, the user should contact Skippercheck by sending a message to the e-mail address:
info@skippercheck.net.

If the received answer does not satisfy the user, the user has the right to lodge a complaint with the Data State Inspectorate: Elijas iela 17, Riga, Latvia, LV-1050.

8. Amendments of the Privacy Policy

We can modify the Privacy Policy at any time and without an advance notice. Amendments enter into force following their publication on the website.

Last amendments were made to the Privacy Policy on December 22, 2023.



[1] Article 6.1a of the GDPR

[2] Article 6.1b of the GDPR

[3] Article 6.1c of the GDPR

[4] Article 6.1f of the GDPR