Privacy Policy
This privacy policy (the “Privacy Policy”) covers the service provided by Miles at Sea AS and outlines how and why Miles at Sea collects, stores, and processes the personal data of users and other persons that interact with Miles at Sea, visiting the Miles at Sea website, using Miles at Sea’s service (the “Service”) inclusive affiliated services and other processing of personal data as part of Miles at Sea’s business. The Service includes the free use (“freemium”) and paid use of the Service.
This Privacy Policy applies to any personal use of the Service, either you have established an account with Miles at Sea for using the Service yourself or if you have access to the Service through an account established by your employer or others.
The Privacy Policy also applies to other physical persons Miles at Sea is in contact with or interacts with as part of Miles at Sea’s business, see below for the categories of persons which Miles at Sea process personal data on.
Personal data is any information collected or maintained by Miles at Sea and the Service in your account or otherwise that identifies or could be used to identify a physical person (“Data subject” or “you”).
Processing is any operation or set of operations that are performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
When delivering the Service, Miles at Sea will collect and process personal data about you and your use of the Service. By using the Service, you agree that Miles at Sea can use your personal data in accordance with our Privacy Policy and in accordance with any consents you may have given us. The access to the Service is subject to the Terms of Service accepted prior to accessing the Service (the “Terms”). If the basis for processing personal data is your consent, you may reject such processing by withdrawing your consent, but you will then not be able to use the part of the Service dependent on consent.
You acknowledge and agree that the Service is conducted and provided by Miles at Sea electronically, through the internet, and that Miles at Sea cannot guarantee the security or privacy of any electronic communications in which you participate in transfer on the internet.
If there is any conflict between the terms of the Privacy Policy and the Terms accepted prior to accessing the Service, the Privacy Policy shall prevail.
Miles at Sea is the data controller for the personal data you provide to us through the Service as a personal user and for all other processing as described below where it is not explicitly specified that Miles at Sea is a data processor.
Miles at Sea may collect and then process a variety of personal data depending on how you interact with Miles at Sea and use the Service.
We may receive your personal data directly, for example, by:
Contacting us directly, e.g. using email, chat, phone or contact forms for either request, support, requesting to receive market or product information or other information, providing feedback etc.
Creating an account and using the Service as a user will comprise your contact information and usage data, see below.
Purchasing a product or service
Online surveys, providing feedback or other interaction initiated by in which you participate
Submitting application as a potential employee
Personal data about you which may be part of the information you submit as part of the Service, such as pictures, text etc.
Using our website
In addition to the above, we may receive personal data relating to you from third parties, inclusive by automated means, such as:
From an industry association or employer whoas part of granting you access to the Service throughout a business or organization establish access to the Service for you
Via analytics and statistics by using technology for collecting such information in the Service or on our webpages, such as Google Analytics, such as technical data about the hardware you are using when accessing the Service or website, inclusive of your interaction within the Service and your browser. The data may be collected through the use of cookies and similar technology. For more about using data and the use of cookies, see below.
Personal data about you which may be part of data or information a user of the Service has uploaded to the Service for processing (i.e a referral by another user of the Service)
From a partner selling products throughout the Service
Social Media platforms such as Facebook, LinkedIn, Instagram, and YouTube for collaboration and advertising purposes
We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”).
This Usage Data may include information such as your computer’s or mobile device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access the Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
We may use and store information about your location if you give us permission to do so. We use this data to provide features of our Service, to improve and customise our Service.
You can enable or disable location services when you use our Service at any time by way of your device settings.
We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information. Cookies are files with a small amount of data which may include a unique anonymous identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used, such as beacons, tags and scripts, to collect and track information and to improve and analyse our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
Miles at Sea will process personal data in accordance with this Privacy Policy and in accordance with EU and Norwegian privacy regulation, inclusive of the General Data Protection Regulation (“GDPR”).
Miles at Sea is only collecting and processing personal data, which we have specified, explicit and legitimate purposes for collecting and processing. Miles at Sea is the data controller for the personal data stipulated below.
The retention and deletion of personal data are specified with the specification of the personal data processed below. Generally, Miles at Sea will only retain your personal data for as long as necessary to fulfil the purposes it is collected for, as specified below, including for the purposes of satisfying any legal, accounting or contractual obligations or any reporting or legal requirements.
When your personal data is no longer needed to be retained for any of the purposes stipulated below, we may delete or anonymise the personal data. Anonymised data is data that can no longer be associated with an individual person and may be further used for research and statistical purposes, in which case we may use this information indefinitely without further notice to you. Anonymised data may also be shared with our partners.
The personal data collected and processed by Miles at Sea with the following purposes and legal basis for processing are listed below.
To use the Service, you must register an account with Miles at Sea. Upon such registration of an account, some personal data is required:
Contact details, login information, payment details (if relevant) and other mandatory or voluntary information concerning the Service.
Payment details when purchasing access to the Service, if necessary, for our handling of the payment. This applies when you have a recurring subscription to the Service. If you pay by using a payment provider, we will not have access to your payment information. In such a case you may have to accept the terms of the payment provider. Miles at Sea is not liable or responsible for the use of a payment provider.
Such processing is based on the Terms accepted when subscribing to the Service.
The processing of personal data above is based on GDPR Article 6 (1) item b, i.e. the processing is necessary for the performance of a contract to which you (the access to the Service under the Terms) are a party or in order to take steps at the request of you prior to entering into a contract.
Personal data related to your account will be stored for the latest of the last payment of the Service or two years after the last activity on the account. Prior to deleting the account or deleting any data stored with the account, we will notify you on the contact information you have provided in the account. If your account is deleted, you have to sign up for the Service again.
To operate and deliver the Service and provide you with products and access to certain functions on our websites, Miles at Sea may process personal data, inclusive:
Credentials such as passwords preferred and saved user preferences, security settings, etc. processed in relation to providing the Service and managing your account.
Demographic information such as your geographic location, time zone, preferred language, etc. when providing the Service or when you interact with our webpage.
The device used, usage data and security: how you use the Service, when you accessed the Service, the devices you use for the Service, your IP address, the internet address you accessed our Service from, your internet service provider, etc.
Files uploaded, such as scanned documents, pictures etc., if such files contain personal data, inclusive any personal data in the metadata for the files, inclusive in the title.
Miles at Sea might process the above personal data with regard to customer or user support to diagnose and fix functionality or other problems and issues and to help us understand and improve our products and the Service and other deliverances to you, inclusive other services and/or products, as well as providing more effective customer care and personalised service.
Miles at Sea may process personal data to send notifications or information pertaining to the Service or your account that are necessary to the continued use of our products or the Service, which will normally be information about changes in Service, the Terms, the Privacy Policy etc.
Please note that you may not be able to use some of the functions in the Service if you decline our collection of your personal data.
The legal basis for such processing is GDPR Article 4 (1) item b, i.e. that the processing is necessary for the performance of a contract which you (the access to the Service under the Terms) are party to or in order to take steps at the request of you prior to entering into a contract.
Any personal data stored by using the Service will be stored as long as the account is active, see above.
Miles at Sea will in addition, analyse, transcribe, review, assess etc. data, inclusive any personal data, information, how you interact with and use the Service, for the use of machine learning/artificial intelligence training. The legal basis for processing is GDPR Article 6 (1) item f, as Miles at Sea have a necessary legitimate interest in improving our services and learn from the use of the Service, and we have considered that the users’ privacy does not override this interest.
Miles at Sea may process personal data in order to respond to and follow-up inquiries from persons contacting Miles at Sea, users of our website, potential users of the Service etc. The information processed may be contact information on the person contacting Miles at Sea and information related to the contact.
The legal basis for such processing is Miles at Sea’s legitimate interest in having contact with persons contacting Miles at Sea, and Miles at Sea considers that Miles at Sea’s legitimate interest to process the personal data does not override the privacy of the data subject (GDPR Article 6 (1) item f).
Any personal data related to responding to inquiries will be stored until the reason for the inquiry is fulfilled or until the matter is closed, and there is no reason to believe that there will be follow up matters regarding the inquiry.
Miles at Sea must use personal data to protect the security of our products, users, and the Service.
The legal basis for such processing is Miles at Sea’s legitimate interest in securing the above said, and Miles at Sea considers that Miles at Sea’s legitimate interest to process the personal data does not override the privacy of the data subject in addition to fulfilling our contractual and legal obligations according to the Terms to provide a secure Service (GDPR Article 6 (1) item f).
Any personal data related to security and safety issues will be stored until the reason for the matter for security and safety is closed, and there is no reason to believe that there will be follow up matters regarding the matter.
You will receive promotional communications if you have requested information from us, purchased products or the Service from us or if you provided us with your details when you subscribed to our newsletter and have given your consent or any other forms on our website.
Any personal data related to sales and marketing communications will be stored until your relationship with us has ended by deletion of the account or the account is deleted due to inactivity, see above, or until you have withdrawn your consent or opted out on receiving sales and marketing communication.
We may also process contact information on contact persons when having contact with potential or actual business customers, suppliers and partners.
The legal basis for such processing is Miles at Sea’s legitimate interest in having a contract with potential or actual business customers, suppliers and partners, and Miles at Sea considers that Miles at Sea’s legitimate interest to process the personal data does not override the privacy of the data subject in addition to fulfilling our contractual and legal obligations according to the Terms to provide a secure Service (GDPR Article 6 (1) item f).
Any personal data related to contact with the above will be stored until there is no need for further contact with the customer, supplier, partner etc., because that the contract, potential relationship, or other means of the necessity for contact has ceased.
If you apply to a position with Miles at Sea, we have to process your personal data in order to assess your application.
The legal basis for such processing is Miles at Sea’s legitimate interest in recruiting, and Miles at Sea considers that Miles at Sea’s legitimate interest to process the personal data does not override the privacy of the data subject in addition to fulfilling our contractual and legal obligations according to the Terms to provide a secure Service (GDPR Article 6 (1) item f).
Applications will normally be stored for a maximum of one year after the completion of the application process unless you consent to further storage.
Miles at Sea may also process personal data in order to comply with statutory obligations to which Miles at Sea is subject, and to safeguard own or third parties legitimate interests, e.g. in relation to establishing a legal claim or preventing unauthorised access to or disclosure of personal data.
The legal basis for such processing is necessary for compliance with a legal obligation to which Miles at Sea is subject (GDPR Article 6 (1) item c).
As part of our product and delivery of the Service delivery, Miles at Sea may include the services or products from affiliated partners who are authorised to sell branded products or services on behalf of Miles at Sea. We also use some tools managed by third-party service providers to fulfil the delivery of certain aspects of the Service.
We will never transfer or sell personal data to any third party or otherwise connected to providing the Service and as informed in this policy, providing our business as described above or by other means for the benefit of our customers. We may disclose information to affiliated partners where appropriate to fulfil your request for service delivery, improve our products and the Service.
Miles at Sea may share personal data with companies who provide essential services for delivering our products and the Service to customers. These might include services for:
Information processing, payment processing, credit checks, fulfilling customer orders, delivering products, managing, and enhancing customer data, providing customer service, assessing your interest in our products and the Service, and conducting customer research or satisfaction surveys.
In rare circumstances, we may be compelled, by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence to disclose your personal data.
We may disclose the information if we determine that disclosure is reasonably necessary to enforce the Terms or protect our operations or users.
All processing by such third parties is subject to a data processing agreement, which, among other things, limits such third-parties use of the personal data to the performance of the agreed services. The companies we use to provide the above services are controlled to ensure they comply with privacy regulation, including GDPR and applicable local data privacy and security regulations.
When processing your personal data, inclusive when providing products and operating the Service, Miles at Sea will make all reasonable precautions, including administrative, technical, and physical measures, to safeguard your personal data against unauthorised access, disclosure, alteration, and destruction.
As an individual, you are granted the following rights regarding the processing of your personal data:
You have the right to access the information we have about you at any time, as well as request the personal data we store about you is deleted, modified, or exported for portability reasons.
If the processing is based on your consent, you may also withdraw your consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal). If you have previously consented to receive promotional email communications from us, you can use the unsubscribe function at the bottom of our emails to unsubscribe from our emails at any time. If you have an active account, it will not be possible to opt-out/unsubscribe from basic emails since we need to communicate basic information, where relevant, to users to continue providing the Service.
If you have an account, you can access and modify your personal data which you have provided within the account or instruct us to delete the data by contacting us, see contact information below. If you delete your account, your information and content will be unrecoverable after that time.
If you do not have an account, you can be provided with the personal data we are processing or instruct us to delete the data by contacting us, see contact information below.
If the personal data is necessary for us, such as complying to law, we may withhold personal information until the data is no more necessary or to the extent permitted by law.
You may also instruct us at any time not to process your personal information for marketing purposes.
You have the right to rectify your data, either by amending the data in your account or by contacting us, see contact information below.
If you have provided your consent to your processing of personal data, you may also withdraw your consent at any time in your account or by contacting us on the contact information below.
You may also have the right to object to or restrict the processing of your personal data in accordance with GDPR Article 18.
You may have the right to data portability if your personal data is subject to the requirement under GDPR Article 20.
Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party’s site. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
If you experience anything you think is a violation of the regulations or to exercise your rights, or if you otherwise have any questions regarding our processing of your personal data, we encourage you to contact us.
However, we also notify you that you may raise a complaint to a data protection authority. As a Norwegian company, Miles at Sea is subject to the Norwegian Data Protection Authority (Datatilsynet) as a supervising authority. You may contact your national/state supervisory authority, but Miles at Sea will retain the Norwegian Data Protection Authority as our lead supervisory authority.
You find more information on the Norwegian Data Protection Authority here: www.datatilsynet.no.
As our business grows and our Service and products evolve, this Privacy Policy may change, or other Privacy Policies may be written and posted specifically to address new offerings or to keep pace with data privacy laws.
When changes are substantial, we will first ensure to make you aware of any forthcoming changes by attempting to contact you directly via email or via our user interfaces.