Skip to content
Legal

Privacy Policy

Last updated: 6 June 2026

This Privacy Policy explains how ShipSmith (“ShipSmith”, “we”, “us”) handles personal information in connection with the shipsmith.ai website and the ShipSmith AI platform. We act as a data controller for our website visitors and prospects, and as a data processor for the vessel and crew data our customers entrust to the product.

1. Who we are

ShipSmith provides maritime intelligence software and related services. Our registered office is [ShipSmith - registered office address]. For any privacy question, contact us at [email protected].

This policy covers two distinct roles. As a controller, we decide how website and marketing data is processed. As a processor, we handle customer content (such as vessel documents, logs and crew records) only on the documented instructions of the customer, who remains the controller of that data.

2. Information we collect

Information you give us

  • Contact and enquiry details you submit through demo, contact or download forms (name, work email, company, role, fleet size, message).
  • Correspondence and support requests you send to us.
  • Account and billing details for customers who enter a commercial agreement.

Information we collect automatically

  • Basic device and usage data (IP address, browser type, pages viewed, referring page) collected via essential and, where you consent, analytics cookies. See our Cookie Policy.
  • Logs and security telemetry needed to operate and protect the site.

Customer content (processed on behalf of customers)

  • Vessel documents, manuals, SOPs, maintenance and inspection records, and operational messages uploaded to the product.
  • Crew and personnel records used for manning and crew-change workflows.
  • We process this content under our customer agreement and Data Processing Addendum, not for our own purposes.

3. How we use information

  • To respond to enquiries, schedule demos and provide the information you request.
  • To provide, maintain, secure and improve the website and product.
  • To send service messages and, where permitted, relevant product updates (you can opt out at any time).
  • To carry out billing, administration and customer support.
  • To comply with legal obligations and enforce our agreements.

We do not use customer content to train external or third-party AI models, and we do not sell personal information.

4. Legal bases for processing

Where data-protection law (such as the GDPR or comparable regimes) applies, we rely on the following legal bases:

  • Consent - for non-essential cookies and optional marketing.
  • Contract - to take pre-contract steps you request and to deliver services to customers.
  • Legitimate interests - to operate, secure and improve our site and services, balanced against your rights.
  • Legal obligation - to meet tax, accounting and other statutory duties.

5. How we share information

We share personal information only as needed and under appropriate safeguards:

  • Service providers (hosting, infrastructure, email delivery, analytics, payment processing) acting on our instructions under contract.
  • Professional advisers and authorities where required by law or to protect rights and safety.
  • Business transfers - in connection with a merger, acquisition or asset sale, subject to this policy.

We never sell your personal information or share it for third-party advertising.

6. Cookies and similar technologies

We use a small number of cookies and similar technologies. Strictly-necessary cookies are always on; analytics and other non-essential cookies are used only with your consent. You can manage your choices at any time. Full details are in our Cookie Policy.

7. Data security

We use technical and organisational measures appropriate to the risk, including encryption in transit, access controls, role-based permissions, least-privilege practices and monitoring. In the product, customer data stays within the customer’s environment where contracted, and frames from live video diagnostics are sampled, not stored, by default. No method of transmission or storage is completely secure, but we work to protect your information and to notify you of material incidents as required by law.

8. Data retention

We keep personal information only as long as necessary for the purposes described here, to comply with legal obligations, resolve disputes and enforce agreements. Enquiry data is retained for our sales follow-up cycle and then deleted or anonymised. Customer content is retained and deleted according to the customer agreement and the controller’s instructions.

9. International transfers

We and our providers may process information in countries other than your own. Where we transfer personal data across borders, we use appropriate safeguards such as standard contractual clauses or equivalent mechanisms recognised under applicable law.

10. Your rights

Subject to applicable law, you may have the right to access, correct, delete, restrict or object to processing of your personal information, to data portability, and to withdraw consent. To exercise these rights for data we control, contact us at the address below. For customer content we process on a customer’s behalf, please contact the relevant customer (the controller); we will assist them as required.

11. Children’s privacy

Our website and product are intended for businesses and professionals and are not directed to children. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this policy from time to time. We will revise the “Last updated” date and, for material changes, provide additional notice where appropriate.

13. Contact us

Questions or requests about this policy can be sent to [email protected] or by post to [ShipSmith - registered office address].

This document is provided for general information and does not constitute legal advice. Questions? Write to [email protected].