Privacy Policy

Privacy Policy Information

1. Introduction

Vessel Flag (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our yacht and vessel registration services, visit our website at vesselflag.com, or otherwise interact with us.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access our services.

2. Controller Information

Company Name: Vessel Flag
Website: https://vesselflag.com
Contact Email: info@vesselflag.com
Registered Office: Solec 79A/20 00-402 Warsaw PL

For any privacy-related inquiries or to exercise your data protection rights, please contact us using the details above.

3. Information We Collect

3.1 Personal Information You Provide to Us

When you use our yacht registration services, we collect the following categories of personal information:

Identity Information:

  • Full legal name (first, middle, last)
  • Date of birth
  • Place of birth
  • Nationality and citizenship information
  • Gender
  • Passport or government-issued ID details
  • Signature

Contact Information:

  • Residential address
  • Mailing address (if different)
  • Email address(es)
  • Telephone number(s) (mobile and landline)
  • Emergency contact information

Financial Information:

  • Bank account details for payment processing
  • Credit/debit card information
  • Billing address
  • Payment history and transaction records
  • Tax identification numbers where required

Vessel-Related Information:

  • Vessel name, type, and specifications
  • Hull identification number (HIN)
  • Previous registration details
  • Purchase documentation and proof of ownership
  • Survey reports and inspection certificates
  • Insurance information
  • Intended use and operational area of the vessel

Documentation:

  • Copies of identification documents
  • Proof of address documents
  • Corporate documents (for company registrations)
  • Power of attorney documents
  • Maritime qualification certificates

3.2 Information We Collect Automatically

When you visit our website or use our services, we automatically collect:

Technical Information:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Time zone settings
  • Referring website addresses
  • Pages viewed and time spent on pages
  • Clickstream data

Usage Information:

  • How you interact with our website
  • Features you use
  • Files you download
  • Search queries
  • Application progress and status

3.3 Information from Third Parties

We may receive information about you from:

  • Maritime authorities and flag state registries
  • Payment processors and financial institutions
  • Survey companies and marine inspectors
  • Insurance providers
  • Legal representatives or agents acting on your behalf
  • Background check and verification services
  • Credit reference agencies (where applicable)

Note: We only receive third-party information when you have authorized such sharing or where legally required.

4. How We Collect Your Information

We collect information through various channels:

  • Direct Interactions: When you fill out registration forms, contact us via email or phone, submit documentation, or create an account on our website
  • Automated Technologies: Through cookies and similar tracking technologies on our website
  • Third-Party Sources: From the parties listed in Section 3.3 above
  • Public Sources: From publicly available maritime registries and databases when verifying vessel information

5. How We Use Your Information

We process your personal data for the following purposes:

5.1 Contractual Necessity

To provide yacht registration services including:

  • Processing your vessel registration application
  • Communicating with maritime authorities on your behalf
  • Issuing registration certificates and documentation
  • Managing renewals and updates to your registration
  • Providing ongoing administrative support
  • Facilitating flag state compliance
  • Processing vessel surveys and inspections

5.2 Legal Obligations

To comply with legal and regulatory requirements:

  • Verifying your identity and preventing fraud
  • Conducting due diligence and background checks
  • Reporting to maritime authorities and flag states
  • Maintaining records as required by maritime law
  • Complying with tax obligations
  • Responding to law enforcement requests
  • Meeting international maritime conventions and regulations

5.3 Legitimate Interests

For our legitimate business interests:

  • Processing and managing payments
  • Providing customer support and responding to inquiries
  • Sending service-related notifications and updates
  • Improving our services and website functionality
  • Conducting internal analysis and market research
  • Managing and protecting our business and website security
  • Enforcing our terms and conditions
  • Preventing and detecting fraud or security threats

5.4 Consent-Based Processing

With your explicit consent:

  • Sending marketing communications and newsletters
  • Sharing promotional materials about additional services
  • Contacting you for feedback and surveys
  • Using your testimonials or case studies (anonymized or with permission)

You may withdraw your consent at any time by contacting us or using the unsubscribe link in our communications.

6. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data based on:

  • Contract Performance: Processing necessary to fulfill our registration services contract with you
  • Legal Obligation: Processing required to comply with maritime law and regulations
  • Legitimate Interests: Processing necessary for our business operations, provided your rights don’t override these interests
  • Consent: Where you’ve provided explicit permission for specific processing activities

7. Data Sharing and Disclosure

We share your personal information only in the following circumstances:

7.1 Maritime Authorities

We share necessary information with:

  • Flag state registry authorities
  • Port state control authorities
  • Classification societies
  • Maritime safety and security agencies

This is essential for vessel registration and compliance with maritime law.

7.2 Service Providers

We engage third-party companies to perform services including:

  • Payment processing
  • Document management and storage
  • IT infrastructure and website hosting
  • Email and communication platforms
  • Surveying and inspection services
  • Legal and professional advisors

These providers are contractually bound to protect your information and use it only for specified purposes.

7.3 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes or government requests
  • Enforce our agreements and terms
  • Protect the rights, property, or safety of Vessel Flag, our clients, or others
  • Investigate or prevent fraud or security issues
  • Respond to claims of illegal activity

7.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the successor entity, subject to the same privacy protections.

7.5 With Your Consent

We may share your information with other parties when you have provided explicit consent.

Important: We will never sell your personal data to third parties for marketing purposes.

8. International Data Transfers

As an international yacht registration service, your personal information may be transferred to and processed in countries outside your country of residence, including countries that may not have the same data protection laws.

When we transfer personal data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by relevant authorities
  • Binding corporate rules
  • Other legally compliant transfer mechanisms

By using our services, you acknowledge and consent to such international transfers.

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

Specific Retention Periods:

  • Active Registration Records: Duration of registration plus 7 years
  • Financial Records: 7 years from the date of transaction
  • Identity Verification Documents: Duration of business relationship plus 5 years
  • Communication Records: 3 years from last contact
  • Marketing Consent Records: Until consent is withdrawn, then 2 years
  • Website Analytics: 26 months

After retention periods expire, we securely delete or anonymize your personal information. Some information may be retained longer if required by maritime authorities or applicable law.

10. Your Rights and Choices

Depending on your jurisdiction, you have the following rights regarding your personal information:

10.1 Access and Portability

  • Right to Access: Request copies of your personal data we hold
  • Right to Data Portability: Receive your data in a structured, commonly used format and transfer it to another controller

10.2 Correction and Deletion

  • Right to Rectification: Correct inaccurate or incomplete personal information
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements)

10.3 Processing Restrictions

  • Right to Restrict Processing: Request limitation on how we use your data
  • Right to Object: Object to processing based on legitimate interests or for direct marketing

10.4 Withdrawal of Consent

  • For processing based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal.

10.5 Automated Decision-Making

  • We do not use automated decision-making or profiling that produces legal effects or similarly significant impacts on you.

10.6 How to Exercise Your Rights

  • To exercise any of these rights, please:

    1. Contact us at info@vesselflag.com
    2. Provide proof of identity (we may request government-issued ID)
    3. Specify which right(s) you wish to exercise and what information is involved

    We will respond to your request within 30 days (or as required by applicable law). In complex cases, we may extend this period and will notify you of any delay.

    Important: For security purposes, we may require proof of identity before processing requests. Please redact sensitive information like passport photos, document numbers, and national ID numbers when submitting copies.

11. Data Security

  • We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

    Technical Measures:

    • Encryption of data in transit (SSL/TLS certificates)
    • Encryption of sensitive data at rest
    • Secure server infrastructure with firewalls
    • Regular security assessments and penetration testing
    • Multi-factor authentication for staff access
    • Automated backup systems

    Organizational Measures:

    • Staff training on data protection and confidentiality
    • Strict access controls and need-to-know basis
    • Confidentiality agreements with employees and contractors
    • Incident response and data breach procedures
    • Regular policy reviews and updates
    • Vendor security assessments

    Physical Measures:

    • Secure document storage facilities
    • Restricted access to offices and data centers
    • Secure disposal of physical documents

    While we take reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to improve our protection measures.

12. Cookies and Tracking Technologies

12.1 What Are Cookies

  • Cookies are small text files placed on your device when you visit our website. They help us provide you with a better experience and understand how our site is used.

12.2 Types of Cookies We Use

  • Strictly Necessary Cookies: These cookies are essential for website functionality and cannot be disabled:

    • Session management
    • Security and authentication
    • Load balancing

    Functional Cookies: These enhance functionality and personalization:

    • Language preferences
    • User interface settings
    • Remembering your login details

    Analytics Cookies: These help us understand website usage:

    • Google Analytics (anonymized IP addresses)
    • Page visit statistics
    • User journey tracking
    • Performance monitoring

    Marketing Cookies: With your consent, these cookies enable:

    • Targeted advertising
    • Social media integration
    • Campaign effectiveness measurement

12.3 Managing Cookies

  • You can control cookies through your browser settings:

    • Block all cookies
    • Block third-party cookies only
    • Delete cookies after each session
    • Receive notification before cookies are placed

    Please note that disabling certain cookies may impact website functionality.

    To opt out of Google Analytics: Google Analytics Opt-out Browser Add-on

13. Third-Party Links

  • Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

    This Privacy Policy applies solely to information collected through our services.

14. Children's Privacy

  • Our services are not intended for individuals under the age of 18, and we do not knowingly collect personal information from children. Vessel registration requires legal capacity to contract.

    If you believe we have inadvertently collected information from a minor, please contact us immediately at info@vesselflag.com, and we will promptly delete such information.

15. Marketing Communications

With your consent, we may send you:

  • Newsletters and service updates
  • Information about additional services
  • Industry news and insights
  • Special offers and promotions

How to Opt Out:

  • Click the “unsubscribe” link in any marketing email
  • Contact us at info@vesselflag.com
  • Update your preferences in your account settings

Please note that even if you opt out of marketing, we will still send essential service-related communications about your registration.

16. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the “Last Updated” date at the top of this policy
  • Notify you via email or prominent notice on our website
  • Request your consent if required by law

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.

17. Complaints and Supervisory Authority

If you have concerns about how we handle your personal information, please contact us first. We will investigate and respond to your concerns within 15 working days.

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority:

For EEA Residents: Contact your national Data Protection Authority. A list is available at: https://edpb.europa.eu/about-edpb/board/members_en

For UK Residents: Information Commissioner’s Office (ICO)
Website: https://ico.org.uk/make-a-complaint/

18. Special Categories of Personal Data

We do not intentionally collect special categories of personal data (such as racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data) unless:

  • Required by maritime law or regulations
  • You have provided explicit consent
  • Processing is necessary for legal claims

If we process such data, we apply enhanced security measures and stricter access controls.

19. Contact Us

If you have questions, concerns, or feedback about this Privacy Policy or our privacy practices, please contact us:

Vessel Flag
Email: info@vesselflag.com
Website: https://vesselflag.com
Solec 79A/20 00-402 Warsaw PL
+48 604 519 097

We value your privacy and are committed to addressing any concerns promptly and transparently.

Acknowledgment: By using Vessel Flag’s services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.