Privacy Policy

Below is detailed information on how Crewings.me (hereinafter – "Platform", "Site", "we" or "us"), operated by CrewingsMe LTD (legal address: 85 Great Portland Street, London, W1W 7LT, UK), processes and protects users' personal data. Our goal is to ensure transparency regarding the collection, use, and protection of personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and other applicable regulations.

General Provisions

1. Purpose of the document
   This Privacy Policy is intended to explain to users what data we collect, how and for what purposes we process it, as well as how we ensure the security and protection of the collected information.
2. Scope
   The Policy applies to all services and pages located under the domain crewings.me, as well as any interaction with data within the Platform, including mobile versions, applications, and integrations with third-party services (if any).
3. Responsibility for third-party actions
   The Platform may feature profiles and vacancies from various maritime companies, including crewing and others (e.g., training centers, document processing companies, etc.). Crewings.me is not responsible for the actions, offers, content, and decisions of these companies. Each employer, crewing company, or partner bears independent responsibility for data processing and the information they provide.
4. Processing principles
   We adhere to the following key principles when working with personal data:
   • Lawfulness, fairness, and transparency
   • Purpose limitation (processing only for specific stated purposes)
   • Data minimization (collecting only necessary data)
   • Accuracy (updating data as needed)
   • Storage limitation (retaining data no longer than necessary)
   • Integrity and confidentiality (applying appropriate security measures)

1. Data Collection and Use

1.1 Collected Data

We may collect and process the following categories of personal data:

• Registration data
  • First and last name
  • Email address
  • Phone number
  • Password (stored in encrypted form)
• Professional information
  • Data about previous work experience and tenure (including positions, companies, dates of employment)
  • List of certificates, titles, and qualifications
  • Level of foreign language proficiency
  • CV and other data specified in the profile
• Document data
  • Seaman’s passport (numbers, validity period, issuing country)
  • Maritime certificates and their copies (degree, competency certificates, etc.)
  • Documents related to work permits (if necessary)
• Technical data
  • IP address, browser information, operating system, device settings
  • Cookies and similar technologies
  • Data about site interaction (date and time of visit, viewed pages, clicks)

1.2 Processing Purposes

1. Providing access to the service
   • User registration and authorization
   • Ensuring personal account functionality
2. Matching relevant vacancies
   • Creating job recommendations based on user-provided data
   • Automatic selection of vacancies according to qualifications and work experience
3. Communication with employers / crewing companies
   • Transferring user data to potential employers with user consent
   • Organizing correspondence and notifications (email, SMS, internal messaging system)
4. Improving service quality
   • Analyzing user experience on the site (to improve interface and functionality)
   • Collecting statistics for management decisions (e.g., popularity of sections, search query statistics)
5. Compliance with legal requirements
   • Fulfilling tax, labor, and other legal requirements
   • Preventing fraud, complying with compliance measures

1.3 Legal Grounds

• User consent
  We process certain categories of data based on your explicit and informed consent, which you can withdraw at any time.
• Contract performance
  If you register and use the Platform’s services, we need to process your data to provide you with services according to the user agreement.
• Legitimate interests of the company
  We may process data to develop our services, maintain security, and comply with internal rules. We always assess the impact on your rights and freedoms.
• Compliance with legal obligations
  Certain data is processed to fulfill legal requirements, regulations, and court orders.

2. User Rights (GDPR)

2.1 Main Rights

Under GDPR, you have several rights regarding your personal data:

1. Right of access
   You can request a copy of your personal data and information about its processing.
2. Right to rectification
   You have the right to ask us to correct inaccurate or incomplete data.
3. Right to erasure
   Also known as the "right to be forgotten." You can request deletion of your data if there are no longer lawful grounds for processing.
4. Right to restriction of processing
   You can request temporary suspension of data processing in certain cases.
5. Right to data portability
   You can request to transfer your data to another controller in a structured and commonly used format (e.g., CSV).
6. Right to object
   You have the right to object at any time to the processing of your personal data based on our legitimate interests, provided there are no overriding legitimate grounds for continuing such processing.

2.2 Exercising Rights

• Request via personal account
  Your profile may have a special form or section where you can submit a request for data correction or deletion.
• Contacting the company’s DPO
  You can send a written request to our Data Protection Officer (DPO) by email: dpo@crewings.me.
• Response time
  We strive to respond to any requests within 30 days of receipt. If an extension is necessary, we will notify you separately.

3. Data Security

3.1 Technical Measures

1. Encryption
   Data transmitted between your device and our servers is protected using HTTPS (TLS) protocol. Critical data (e.g., passwords) is stored in encrypted form.
2. Secure storage
   Access to databases is restricted; special access control systems and firewalls are used.
3. Regular backups
   We regularly create backups to restore data in case of technical failure.
4. Security monitoring
   We use intrusion detection systems, antivirus software, and maintain activity logs for timely incident response.

3.2 Organizational Measures

1. Restricted employee access
   Only employees who need access to personal data to perform their job duties have such access.
2. Staff training
   We regularly conduct training and briefings on personal data protection and cybersecurity.
3. Internal security policies
   Internal regulations have been developed and implemented to establish procedures for data collection, processing, and storage.
4. Regular audits
   We periodically conduct internal and external audits to verify GDPR compliance and ensure security.

4. Data Transfer

4.1 Internal Transfer

• Within the company
  Your data may be transferred between different divisions of CrewingsMe LTD only to the extent necessary to achieve the stated processing purposes.

4.2 External Transfer

1. To crewing companies
   We may transfer your data (CV, contact details, work experience, etc.) directly to crewing companies if you responded to their vacancy or gave explicit consent for the transfer.
2. To data processing partners
   In some cases, we engage external service providers (e.g., hosting providers, analytics systems, payment systems). We sign confidentiality agreements with them and ensure they comply with GDPR standards.
3. To government authorities
   We may disclose data upon official request from government authorities (e.g., law enforcement) when there are lawful grounds.

5. Data Retention

5.1 Retention Periods

1. Active accounts
   Data is retained for the entire period the user uses the account.
2. Inactive accounts
   If a user has been inactive for 12 months, we may delete or archive their account and personal data unless there are other legal grounds for further storage.
3. Financial data
   Transaction or account data (if any) is stored for at least 7 years in accordance with accounting and tax legislation.

5.2 Data Deletion

• At user request
  If a user requests deletion of their data and we have no legal grounds for further processing, the data will be deleted.
• After retention period expires
  We delete or anonymize data after the established retention periods.
• If legal grounds are lost
  If the grounds for data processing are lost, we cease processing and delete the data.

6. Cookies and Tracking

6.1 Types of Cookies

• Essential
  Cookies without which the site cannot function (e.g., session identifier).
• Analytical
  Help understand how users interact with the site, allowing improvement of design and functionality.
• Functional
  Remember your preferences (e.g., interface language).
• Marketing
  Used to show targeted advertising and evaluate advertising campaign effectiveness (applied only with your consent if required by law).

6.2 Managing Cookies

1. Browser settings
   Users can delete or block cookies at any time via their browser settings. However, disabling essential cookies may cause some site functions to work incorrectly.
2. Site control panel
   We may provide a special notification or banner where you can choose which cookies are allowed and which are not.
3. Opting out of non-essential cookies
   You always have the right to refuse analytical or marketing cookies via settings or appropriate browser plugins.

7. Contacts and Requests

7.1 Data Protection Officer (DPO)

• Email (General GDPR inquiries): dpo@crewings.me
• Email (ICO UK related inquiries): uk-ico@crewings.me
• Address: 85 Great Portland Street, London, W1W 7LT, UK

7.2 Supervisory Authorities

• Information Commissioner’s Office (ICO) in the UK, if you believe we violate GDPR or other data protection laws. Our company is registered with ICO as curriculum vitae service.
• If applicable, you may also contact local consumer protection and personal data authorities.

8. Limitation of Liability

1. For company actions
   Crewings.me acts as a platform allowing crewing companies and other maritime organizations (training centers, document companies, etc.) to post job offers and information about work, services, or products. Crewings.me is not responsible for the actions of such companies. Each employer, partner, or other legal entity bears independent responsibility for their business practices, posted information, data processing, and compliance with legal norms.
2. Information accuracy
   We do not guarantee the accuracy or timeliness of information posted by companies and users on the Platform. Users independently assess and verify the provided information and the consequences of interacting with third parties.
3. Links to third-party resources
   The Platform may contain links to third-party websites. We do not control and are not responsible for the content and privacy policies of such resources.
4. User responsibility
   Users are solely responsible for the accuracy and completeness of the data they provide. Posting false or misleading information may lead to account restriction or blocking.

GDPR Compliance

Policy Updates

Last updated: 25.04.2025

We reserve the right to make changes to this Privacy Policy at any time. If changes are significant, we will notify users by posting a prominent notice on the Site or sending an email to the address provided during registration. Continued use of the Site after changes take effect will be considered acceptance of the new version of the Privacy Policy.

Final Provisions

• This Privacy Policy is drafted in accordance with GDPR requirements and other applicable legal acts.
• In case of questions or disputes regarding interpretation or application of this Policy, parties should seek resolution through negotiations.
• By using the Crewings.me Platform, you confirm that you have read and agree with the terms set forth in this Privacy Policy.

If you have any questions about any of the points listed, you can contact us by email at dpo@crewings.me.

CrewingsMe LTD
Address: 85 Great Portland Street, London, W1W 7LT, UK