crewings me
legal

Privacy Policy

Rules for processing personal data in accordance with GDPR

Privacy Policy

Below is detailed information on how Crewings.me (hereinafter referred to as the "Platform", "Site", "we", or "us"), managed by CrewingsMe LTD (legal address: 85 Great Portland Street, London, W1W 7LT, UK), processes and protects users' personal data. Our goal is to ensure transparency regarding the collection, use, and protection of personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and other applicable regulations.

General Provisions

  1. Purpose of the Document This Privacy Policy is intended to explain to users what data we collect, how and for what purposes we process it, and how we ensure the security and protection of the collected information.
  2. Scope of Application The Policy applies to all services and pages located in the domain crewings.me, as well as any interaction with data within the Platform, including mobile versions, applications, and integrations with third-party services (if any).
  3. Responsibility for Third-Party Actions The Platform may feature profiles and job vacancies from various maritime companies, including crewing agencies and others (e.g., training centers, document processing companies, etc.). Crewings.me is not responsible for the actions, offers, content, and decisions of these companies. Each employer, crewing company, or partner is independently responsible for data processing and the information they provide.
  4. Processing Principles We adhere to the following fundamental principles when working with personal data:
    • Lawfulness, fairness, and transparency
    • Purpose limitation (processing only for specific, stated purposes)
    • Data minimization (collecting only necessary data)
    • Accuracy (data is updated as necessary)
    • Storage limitation (retaining data no longer than necessary)
    • Integrity and confidentiality (applying appropriate security measures)

1. Collection and Use of Data

1.1 Collected Data

We may collect and process the following categories of personal data:

  • Registration Data
    • First and last name
    • Email address
    • Phone number
    • Password (stored in encrypted form)
  • Professional Information
    • Data on previous work experience and tenure (including positions, companies, work dates)
    • List of certificates, titles, and qualifications
    • Level of proficiency in foreign languages
    • Resume (CV) and other data specified in the profile
  • Document Data
    • Seafarer’s passport (numbers, expiration date, country of issue)
    • Maritime certificates and their copies (degree, competency certificates, etc.)
    • Documents related to work permits (if necessary)
  • Technical Data
    • IP address, information about the browser, operating system, device settings
    • Cookies and similar technologies
    • Data on website interaction (date and time of visit, pages viewed, clicks)

1.2 Purposes of Processing

  1. Providing Access to the Service
    • User registration and authorization
    • Ensuring the functionality of the personal account
  2. Matching Relevant Job Vacancies
    • Compiling job recommendations based on user-provided data
    • Automatic matching of job vacancies according to qualifications and work experience
  3. Communication with Employers / Crewing Companies
    • Transmitting user data to potential employers with the user’s consent
    • Organizing correspondence and notifications (email, SMS, internal messaging system)
  4. Improving Service Quality
    • Analyzing user experience on the site (to improve interface and functionality)
    • Collecting statistics for management decision-making (e.g., popularity of sections, search query statistics)
  5. Compliance with Legal Requirements
    • Meeting tax, labor, and other legal requirements
    • Preventing fraud, ensuring compliance measures

1.3 Legal Grounds

  • User Consent We process certain categories of data based on your explicit and informed consent, which you can withdraw at any time.
  • Contract Performance If you register and use the services of the Platform, we need to process your data to provide you with services according to the user agreement.
  • Legitimate Interests of the Company We may process data for the development of our services, maintaining security, and compliance with internal rules. In doing so, we always assess the impact on your rights and freedoms.
  • Compliance with Legal Obligations Certain data is processed to fulfill legal requirements, regulations, and court orders.

2. User Rights (GDPR)

2.1 Basic Rights

In accordance with GDPR, you have a number of rights regarding your personal data:

  1. Right of Access You can request a copy of your personal data and information about its processing.
  2. Right to Rectification You have the right to ask us to correct inaccurate or incomplete data.
  3. Right to Erasure Also known as the "right to be forgotten." You can request the deletion of your data if there are no longer legal grounds for its processing.
  4. Right to Restrict Processing You can request the temporary suspension of the processing of your data in certain cases.
  5. Right to Data Portability You can request to transfer your data to another operator in a structured and commonly used format (e.g., CSV).
  6. Right to Object You have the right to object at any time to the processing of your personal data based on our legitimate interests, provided that there are no compelling legitimate grounds for continuing such processing.

2.2 Exercising Rights

  • Request through Personal Account Your profile may have a special form or section where you can submit a request for data correction or deletion.
  • Contacting the Company’s DPO You can send a written request to our Data Protection Officer (DPO) via email: [email protected].
  • Response Time We strive to respond to any requests within 30 days of receipt. If an extension of this period is necessary, we will notify you separately.

3. Data Security

3.1 Technical Measures

  1. Encryption Data transmitted between your device and our servers is protected using HTTPS (TLS) protocol. Critical data (e.g., passwords) is stored in encrypted form.
  2. Secure Storage Access to databases is restricted; special access control systems and firewalls are used.
  3. Regular Backups We regularly create backups to restore data in case of technical failure.
  4. Security Monitoring We use intrusion detection systems, antivirus programs, and maintain activity logs for timely response to incidents.

3.2 Organizational Measures

  1. Limited Employee Access Access to personal data is granted only to those employees who need it to perform their job duties.
  2. Employee Training We regularly conduct training and briefings on personal data protection and cybersecurity.
  3. Internal Security Policies Internal regulations have been developed and implemented to establish the procedure for data collection, processing, and storage.
  4. Regular Audits We periodically conduct internal and external audits to verify compliance with GDPR standards and ensure security.

4. Data Transfer

4.1 Internal Transfer

  • Within the Company Your data may be transferred between various departments of CrewingsMe LTD only to the extent necessary to achieve the stated processing purposes.

4.2 External Transfer

  1. To Crewing Companies We may transfer your data (resume, contact details, work experience, etc.) directly to crewing companies if you have applied for their vacancy or given explicit consent for the transfer.
  2. To Data Processing Partners In some cases, we engage external service providers (e.g., hosting providers, analytics systems, payment systems). We enter into confidentiality agreements with them and ensure that they comply with GDPR standards.
  3. To Government Authorities We may disclose data upon official request from government authorities (e.g., law enforcement) when there are legal grounds.

5. Data Storage

5.1 Storage Periods

  1. Active Accounts Data is stored for the entire period of account usage by the user.
  2. Inactive Accounts If a user has not been active for 12 months, we may delete or archive their account and personal data if there are no other legal grounds for further storage.
  3. Financial Data Transaction or account data (if any) is stored for at least 7 years in accordance with accounting and tax legislation.

5.2 Data Deletion

  • At User’s Request If a user requests us to delete their data and we have no legal grounds for further processing, the data will be deleted.
  • Upon Expiration of Storage Period We delete or anonymize data upon the expiration of established periods.
  • When There Are No Legal Grounds If the grounds for data processing are lost, we cease processing and delete the data.

6. Cookies and Tracking

6.1 Types of Cookies

  • Essential Cookies without which the website cannot function (e.g., session identifier).
  • Analytical Help understand how users interact with the site, allowing for improvements in design and functionality.
  • Functional Remember your preferences (e.g., interface language).
  • Marketing Used for displaying targeted advertising and evaluating the effectiveness of advertising campaigns (applied only with your consent if required by law).

6.2 Managing Cookies

  1. Browser Settings Users can delete or block cookies at any time through their browser settings. However, disabling essential cookies may lead to some site functions not working correctly.
  2. Site Control Panel We may provide a special notice or banner where you can choose which cookies are allowed and which are not.
  3. Opting Out of Non-Essential Cookies You always have the right to opt out of using analytical or marketing cookies through settings or relevant browser plugins.

7. Contacts and Inquiries

7.1 Data Protection Officer (DPO)

7.2 Supervisory Authorities

  • Information Commissioner’s Office (ICO) in the UK, if you believe we are violating GDPR or other data protection laws. Our company is registered with ICO as a curriculum vitae service.
  • Where appropriate jurisdiction exists, you may also contact local authorities for the protection of consumer and personal data rights.

Limitation of Liability

  1. For Company ActionsCrewings.me acts as a platform allowing crewing companies and other maritime organizations (training centers, document companies, etc.) to post job offers and information about work, services, or products. Crewings.me is not responsible for the actions of such companies. Each employer, partner, or other legal entity is independently responsible for its business practices, posted information, data processing, and compliance with legal norms.
  2. Relevance of Information We do not guarantee the accuracy or relevance of the information posted by companies and users on the Platform. The user independently evaluates and verifies the provided information, as well as the consequences of interacting with third parties.
  3. Links to Third-Party Resources The Platform may contain links to third-party websites. We do not control and are not responsible for the content and privacy policies of such resources.
  4. User Responsibility The user is solely responsible for the accuracy and completeness of the data they provide. Posting false or misleading information may lead to account restrictions or blocking.

GDPR Compliance

GDPR compliance

GDPR Obligations

  1. Data Protection Impact Assessment (DPIA)
    • Conduct regular risk assessments
    • Document all data processing processes
    • Implement measures to minimize risks
  2. Breach Notification
    • Commit to notifying about breaches within 72 hours
    • Maintain a security incident log
    • Have a clear breach response plan
  3. International Transfers
    • Use Standard Contractual Clauses (SCC)
    • Verify that data recipients meet GDPR requirements
    • Document all international transfers
  4. Record of Processing Activities
    • Maintain detailed records of all data processing activities
    • Regularly update documentation
    • Provide access to supervisory authorities upon request
    • Registered with ICO UK as a curriculum vitae service.
  5. ICO UK Certification
    • ICO Registration Number: ZB891804
    • Valid from: April 23, 2025
    • Valid until: April 22, 2026
    • Registration Category: Tier 1

Additional Guarantees

  • Appointed a qualified DPO with experience in the maritime industry
  • Regular staff training on GDPR
  • Annual external compliance audit

Policy Updates

Last updated: April 25, 2025

We reserve the right to make changes to this Privacy Policy at any time. If the changes are significant, we will notify users by posting a prominent notice on the Site or sending a message to the email provided during registration. Continued use of the Site after the changes take effect will be considered as acceptance of the new version of the Privacy Policy.

Final Provisions

  • This Privacy Policy has been drafted in accordance with the requirements of GDPR and other applicable legal acts.
  • In case of questions or disputes regarding the interpretation or application of this Policy, the parties should seek to resolve them through negotiations.
  • By using the Platform Crewings.me, you confirm that you are familiar with and agree to the terms outlined in this Privacy Policy.

If you have any questions regarding any of the points mentioned, you can contact us via email at [email protected].

CrewingsMe LTDAddress: 85 Great Portland Street, London, W1W 7LT, UK

Disclaimer

Legal information about limitation of liability

Terms of Use

Rules and conditions for using the Crewings.me platform