MY SILVER SERVICE - PRIVACY POLICY

1. CONTROLLER

Brandt Oy Ab (”Brandt” or ”we”) processes personal data of users (hereinafter collectively “Users” or “you”) of the My Silver service (“Service”) in connection with offering the service to Users, for managing customer communication and feedback and for direct marketing purposes.

It is important to us that you know how we use your data. The purpose of this Privacy Policy is to provide you with information on how your personal data is processed.

Please note that this Privacy Policy only applies to the data processing carried out by Brandt as a data controller.

This Privacy Policy may be updated to reflect the changes in data processing practices or otherwise. The current version can be found on our website. We will not make substantial changes to this Privacy Policy or reduce the rights of Users under this Privacy Policy without providing a notice thereof.

2. CONTACT DETAILS

Controller’s contact details:

Brandt Oy AB
Business ID: 0681161-3
Tuupakantie 7 B01740 Vantaa
info@brandt.fi

Person responsible for personal data related questions or requests:

Sami Heinonen
Head of digital transformation
sami.heinonen@brandt.fi

3. COLLECTED PERSONAL DATA

We collect the following information of Users:

We also process certain technical data in connection with the use of the Service. In some cases you or the crew of the vessel may be directly or indirectly identifiable from such technical data. In such cases we shall treat the technical data as personal data.
Please note that the collection of technical data from each vessel must first be separately activated via the ”Activate My Silver data transfer” tab of the vessel chart plotter.

The technical data we collect consists of:

4. COOKIES AND ANALYTICS TOOLS 

We use cookies to improve the usability and functionality of our website. We also use cookies to collect analytics data and to integrate our social media accounts into our website.

A cookie is a small text file saved in the user’s computer. Cookies do not harm your computer.

When visiting the Service you may be asked for your consent for the use of cookies. Users may also choose to set their web browser to refuse cookies, or to alert when cookies are being sent. For example, the following links provide information on how to adjust the cookie settings on some popular browsers:

Safari
Google Chrome
Internet Explorer
Mozilla Firefox

Please note that if cookies are refused, our website may not function in the best possible way.

Google Analytics

Our site uses Google Analytics via Google Tag Manager. More information regarding the privacy of Google Analytics is available on Google Analytics’ Privacy Policy. It is possible to opt-out of Google Analytics with the following browser add-on tool: Google Analytics opt-out add-on.

Google Maps

Our Service uses Google Maps to display vessel location and routes. More information regarding the privacy of Google Maps is available on the Google Privacy Policy.

5. SOURCES OF PERSONAL DATA

We primarily receive the personal data directly from Users in connection with their use of the Service.

Technical data relating to individual vessels and the usage of the Service is collected automatically.

6. THE PURPOSES AND LEGAL GROUNDS FOR PROCESSING OF PERSONAL DATA

Personal data may be used for the following purposes:

Provision of the Service
(Legal ground: performance of a contract)

We process personal data of Users in order to provide the Service to them in accordance with the Terms of Service governing the use of the Service.

Offering the vessel data collection functionalities, including location and route tracking
(Legal ground: consent)

If you choose to activate the vessel data tracking and transfer functionalities from the chart plotter of your vessel, we may process the technical data of the individual vessel (including location and route data) and display them to you in the Service. You can at any time turn this tracking off by changing the settings of your chart plotter.

User communication
(Legal ground: legitimate interests)

Your personal data may also be used for customer service, communication and to manage and maintain your customer relationship. If you contact us with a question of feedback regarding the Service, we will use the given information to respond to questions and solve possible problems and to process your message.

Direct marketing
(Legal ground: consent or legitimate interests)

By ordering our newsletter, or by otherwise clearly indicating that you want to receive direct marketing material, you give us your consent to process your personal data for the purpose of direct marketing, such as information on our products and current offers and events. In certain cases we may also send direct marketing content based on our legitimate interests, based on your previous purchase history with us.

You always have the right to withdraw your consent and to prohibit direct electronic marketing.

Analytics and trend detection
(Legal ground: legitimate interests)

We may also process information about your use of the site and online store for quality improvements and analytics purposes, for example by analyzing browsing trends. When possible, we will do this using only aggregated, non-personally identifiable data.

Cookies
(Legal ground: consent)

We use cookies on our website for the purposes of developing and maintaining our website and products. We also use cookies for online analytics and targeted advertising. You can find more information on cookies and how Brandt processes them on section 4 of this policy.

Compliance
(Legal ground: legal obligations)

We may process certain personal data to enable us to fulfil our obligations under law. This includes data processed for complying with our accounting obligations and providing information to relevant authorities.

Legal grounds for processing

The legal grounds for the processing of your personal data depend on the nature and purpose of processing. The specific legal grounds are elaborated above in connection to each purpose for which we process personal data for.

When processing personal data on the basis of our legitimate interests, we carefully weigh our interests against your right to privacy.

7. STORAGE PERIOD 

We do not store your personal data longer than is legally permitted and necessary for the purposes described above. The storage period depends on the nature of the information and on the purposes of processing. The maximum period may therefore vary per use.

Your user data and the data of any vessels under your user account are permanently deleted when your user account is deleted.

Vessel data is stored for a maximum of two years, after which it is automatically deleted. You can also use the functionalities of the Service to delete the data of an individual vessel at any time.

8. INTERNATIONAL TRANSFERS OF PERSONAL DATA 

Brandt stores your personal data primarily within the European Economic Area.

However, we have service providers in several geographical locations. As such, we and our service providers may transfer your personal data to, or access it in, jurisdictions outside the European Economic Area or outside your domicile.

We will take steps to ensure that personal data receives an adequate level of protection in the jurisdictions in which they are processed. We provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards.

9. THE RECIPIENT GROUPS OF PERSONAL DATA 

We do not share your personal data with third parties outside of Brandt’s organization unless one of the following circumstances applies:

For legal reasons

We may share personal data with third parties outside Brandt’s organization if access to the personal data is reasonably necessary to: (i) comply with applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, identity theft, money laundering, terrorism financing or information security or technical difficulties; or (iii) protect the interests, property or safety of Brandt, other Users or the public as far as in accordance with the law. When possible, we will inform you about such disclosure and processing.

To authorized service providers

We may share personal data to authorized service providers such as the service provider responsible for certain functionalities of the Service. Our agreements with our service providers include commitments requiring our service providers to limit their use of personal data and to comply with the privacy and security standards of this Privacy Policy.

For other legitimate reasons

If Brandt is involved in a merger, acquisition or asset sale, we may transfer your personal data to the third party involved. However, we will continue to ensure the confidentiality of all personal data. We will give notice to all the Users concerned when the personal data are transferred or become subject to a different privacy statement.

With your explicit consent

We may share personal data with third parties outside of Brandt’s organization for other reasons than the ones mentioned above, when we have your explicit consent to do so. You have the right to withdraw such consent at any time by contacting us.

10. YOUR RIGHTS

Right to access

You have the right to access your personal data processed by Brandt. You may contact us to find out what personal data we process and for which purpose we use it.

Right to correct

You have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored corrected or completed. By contacting us or by using the Service functionalities you can update for example your contact information or other information.

Right to deletion

You may ask us to delete your personal data or use the Service functionalities to do so yourself. We will comply with your request unless we have legitimate grounds not to delete the data. Such grounds may relate to, for example, an obligation to keep certain data due to accounting legislation or a requirement to store order information to verify your product warranty.

Right to object and right to restrict processing

You have the right to object the processing of your personal data or profiling, if your data is being processed for direct marketing. You have the right to demand the limitation of your personal data, for example, when the data concerning you is not correct. In addition, in certain special situations you have the right to object to the processing of your personal data on the grounds of a personal special situation.

Right to data portability

You have the right to receive your personal data from us in a structured and commonly used format and to independently transmit data to a third party.

How to use your rights

If you want to use any of the above-mentioned rights, please contact us by using the contact information above. To verify your identity, we may request for additional information.

We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.

Please note that you can also delete and update your user account information and the data of individual vessels by using the functionalities of the Service.

11. DIRECT MARKETING

If you have given your consent to receive direct marketing, for example, by ordering a newsletter, we may send you notices concerning our products, offers and events.

You have the right to withdraw your consent or prohibit us from using personal data for direct marketing, market research or profiling by contacting us through the contact information provided above or by using the unsubscribe option included in all direct marketing messages.

12. INFORMATION SECURITY

We have implemented administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability.

Access to personal data is limited to authorized persons on a need-to-know basis. The personal data is protected with appropriate access controls, user rights and passwords.

Should despite of the security measures, a security breach occur that is likely to have negative effects to the privacy of Users, we will inform the relevant Users and other affected parties, as well as relevant authorities when required by applicable data protection laws, about the breach as soon as possible.

13. LODGING A COMPLAINT

You have the right to lodge a complaint with the supervisory authority, if you consider the processing of personal data by Brandt inconsistent with the applicable data protection laws.

The supervisory authority for data protection in Finland is the Data Protection Ombudsman (tietosuoja.fi).

The supervisory authority for data protection in Sweden is the Swedish Authority for Privacy Protection (https://www.imy.se)

Last updated:

04.02.2022