Privacy Policy

Welcome to NextMariner ApS! We appreciate your interest in our platform (www.nextmariner.com) and services. NextMariner's mission is to empower a diverse and skilled maritime workforce, fostering sustainable and profitable partnerships within the maritime industry. We connect maritime individuals (seafarers, aspiring seafarers, students), maritime companies, and maritime schools, enabling them to be more productive and successful.

Central to this mission is our commitment to protecting your privacy and being transparent about the personal data we collect, how we use it, and with whom we share it. We process your data responsibly and in accordance with applicable data protection laws, primarily the General Data Protection Regulation (EU) 2016/679 (GDPR) of 27 April 2016 and India's Digital Personal Data Protection Act, 2023 (DPDPA).

This Privacy Policy applies when you visit our website, register an account, use our services (collectively, the "Services"), or otherwise interact with NextMariner ApS, whether you are a registered user ("User," "Profile") or a visitor ("Visitor"). Users utilize our Services to build professional identities, network, find job or educational opportunities, exchange knowledge and professional insights, view relevant content, learn and develop skills, learn skills, and source maritime talent. Certain content may be visible to Visitors.

The personal information you provide us with is processed confidentially and will only be disclosed for a necessary purpose. However, it is important for you to read these terms and conditions carefully, so you understand why and how we process your personal data. When you register your profile and use services from us, or browse our website from your computer, mobile phone or a mobile app, you consent to your personal information being collected, and you accept the present terms and conditions. If we update them, and you continue to use our services, in so doing you also accept the new terms.

By using our Services, you acknowledge that you have read and understood this Privacy Policy. Where required by law (particularly under GDPR and DPDPA), we will seek your explicit consent for processing your personal data.

For the purposes of GDPR, NextMariner ApS acts as the Data Controller. For the purposes of DPDPA, NextMariner ApS acts as the Data Fiduciary.

Our Contact Details:

NextMariner ApS
Lahnsgade 59, 5000 Odense C, Denmark
Company Registration Number (CVR No.): 44930080

If you have any questions regarding this policy or how we process your personal data, please contact us at support@nextmariner.com.

While we are not currently required to appoint a formal Data Protection Officer (DPO) under GDPR or DPDPA, our team is available to address your privacy concerns.

We collect personal data necessary to provide and improve our Services. "Personal Data" means any information relating to an identified or identifiable natural person (referred to as "Data Subject" under GDPR and "Data Principal" under DPDPA).

3.1. Data You Provide Directly:

• Registration: To create an account, you provide your name, email address, mobile number (optional/required), general location (e.g., city), and create a password. For premium services, payment and billing information (e.g., credit card details processed securely by our payment partners) are required.
• Profile Information: You choose what information to add to your NextMariner ApS profile. This can include education history, work experience, skills, address, city or area, endorsements. You don't have to provide additional information on your profile; however, profile information helps you to get more from our Services, including helping recruiters and business opportunities find you. It's your choice whether to include sensitive information on your profile and to make that sensitive information public.
• Uploading: We collect personal data from you when you provide, or upload it to our Services, such as, skills, certifications, endorsements, photograph, identity/document verifications (e.g., uploading copies of Seaman's Book, Continuous Discharge Certificate (CDC) including vessel names, sign-on/off dates, sailing days), submit a resume or fill out a job application on our Services. You don't have to post or upload personal data; though if you don't, it may limit your ability to grow and engage with your network or utilize our Services. Providing comprehensive profile information helps recruiters, companies, and schools find you and enhances your experience. Please do not post sensitive personal data you do not want to be public or shared according to your profile settings.
• Forms & Surveys: We collect data when you fill out forms (e.g., job applications, contact forms, demographic data requests, salary, mentor request) or respond to surveys.
• Communications: When you contact us via email, phone, contact forms, or communicate through our platform's features, we process the information contained in those communications to respond to your inquiries and provide support.

3.2. Data from Others:

• Partners & Employers/Schools: We may receive personal data about you (e.g., your job title and work email address) from our partners, such as your employer or school when they purchase premium Services for your use, or from applicant tracking systems providing educational or employment data relevant to the maritime sector.
• Public Information: We may collect publicly available information related to your profession (e.g., news articles about accomplishments) and make it available through our Services, subject to your settings.
• Related Companies and Other Services: We receive data about you when you use some of the other services provided by us or our Affiliates, including Microsoft.

3.3. Data from Your Use of Our Services:

• Usage Data: We collect data about how you use our Services, such as pages visited, features used, searches performed, content viewed, and interactions with other users or platform elements.
• Cookies & Similar Technologies: We use cookies and similar technologies (e.g., web beacons, pixels) to operate and personalize the Services, analyse usage, and manage advertising. Please see our separate Cookie Policy for detailed information and choices.
• Device & Location Information: We may receive data from your device, such as IP address, proxy server, operating system, browser type, ISP, device identifiers, and potentially coarse location data (e.g., based on IP address).

As a registrant in the NextMariner community at www.nextmariner.com and associated domains - you can register under different forms of profiles.

Seafarers (Aspiring (AS) and Experienced (ES))

These are our profiles for individuals seeking mentorships, jobs or seeking further maritime education. Also, these are the profiles that may be seeking funding in order to improve their maritime skillset or otherwise personally develop themselves.

Maritime Schools (MS)

These are our profiles for schools for educating and training seafarers and associated trades e.g. within shipping and logistics. The term "schools" is in a broad sense and may also be companies that educate or otherwise carry out training.

Maritime Company (MC)

These are our profiles for companies that supply jobs, primarily in the maritime industry. However, many trades or skills may be extended to land-based services and hence the "Maritime industry" does not only relate to ships, but also to harbors, transport, shipping, equipment suppliers etc.

We use the information we collect to operate our business, deliver and develop the quality of our products and to enhance your experience of interacting with us. We process your personal data for specific purposes and rely on distinct legal bases under GDPR and the principle of specified purpose with consent or legitimate uses under DPDPA.

Note on Consent (DPDPA): For most processing activities involving personal data provided directly by you for using the platform features (profile, Services, organisation or partner info, job searching etc.), DPDPA requires your clear, specific, and informed consent given before or at the time of data collection. We will provide clear notice and request consent for these purposes during registration and feature usage.

We do not sell your personal data. We share it only in the following ways:

• Within the NextMariner ApS Platform: Your profile information is visible to you and to other Users (Individuals, Companies, Schools) according to your privacy settings and the nature of the service (e.g., applying for a mentorship program shares your profile with mentors or contacting an organisation on platform shares your profile with that company). You control the visibility of certain profile elements.
• With Your Consent: We may share your data with third parties when you give us explicit consent to do so (e.g., authorizing a specific company to view detailed verification documents).
• Service Providers (Data Processors): We engage third-party companies and individuals (Data Processors) to perform services on our behalf (e.g., cloud hosting, payment processing, analytics, marketing support, security). External Service providers may deliver systems to help organize our work, services, advice, IT hosting, or marketing. These processors are contractually obligated to process your data only based on our instructions and to implement appropriate security measures. We ensure they meet GDPR and DPDPA requirements. We enter into agreements with companies (data processors) that handle personal data on our behalf to improve the security of your personal data.
• Legal Requirements: We may disclose your data if required by law, subpoena, or other legal process, or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you; (3) investigate and defend ourselves against any third-party claims or allegations; (4) protect the security or integrity of our Service; or (5) exercise or protect the rights and safety of NextMariner ApS, our Users, personnel, or others.
• Change in Control or Sale: We may share your personal data as part of a sale, merger, or change in control, or in preparation for any of these events. Any entity which buys us, or part of our business will have the right to continue to use your data, but only in the manner set out in this Privacy Policy unless you agree otherwise.

NextMariner ApS is based in Denmark (EU). Your personal data may be processed and stored within the European Union (EU) /European Economic Area (EEA). In some cases, this may not be possible, and we may use data processors outside the EU/EEA if they can ensure adequate protection of your personal data.

• Transfers outside EEA: If we transfer personal data to service providers located outside the EEA, we will ensure appropriate safeguards are in place as required by GDPR, such as using Standard Contractual Clauses (SCCs) approved by the European Commission or transferring to countries deemed adequate by the European Commission.
• Transfers involving Indian Residents' Data: If we process personal data of Data Principals residing in India, any transfer of such data outside India will be done in compliance with the DPDPA. Currently, the DPDPA allows transfers to countries unless specifically restricted by the Indian government, provided adequate safeguards are maintained. We will monitor and adhere to any specific rules published by the Indian government regarding cross-border data flows.

We implement appropriate technical and organizational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include access controls, encryption (where appropriate), staff training on data protection, and regular security reviews. We conduct risk assessments of our data processing activities and implemented suitable technical and organizational safeguards to improve data security.

Data Breach Notification: In the event of a personal data breach, we will comply with our notification obligations under both GDPR (notifying the Danish Data Protection Agency and affected individuals where required) and DPDPA (notifying the Data Protection Board of India and affected Data Principals as mandated by the Act).

We retain your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy, including providing you with our Services, maintaining your account, complying with our legal obligations (e.g., bookkeeping records for 5 years under Danish law), resolving disputes, and enforcing our agreements.

• Account Data: We generally retain your profile data as long as your account is active or as needed to provide you Services. You can close your account at any time.
• Job Applications (Internal): If you submit an unsolicited application, our HR department will immediately assess whether your application is relevant and delete your data if no match is found. Unsuccessful applications are typically deleted shortly after the position is filled, unless you consent to longer retention for future opportunities.
• Backup Data: Data may remain in backups for a limited period but will be isolated from production systems and deleted according to our backup schedules.

You have specific rights regarding your personal data under both GDPR and DPDPA. To exercise any of these rights, please contact us via email or mail at the address listed in Section 2. We will respond to your request in accordance with applicable law.

Rights under GDPR (Primarily for EU/EEA Residents):

• Right of Access: Request access to the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure ('Right to be Forgotten'): Request deletion of your data under certain conditions (e.g., data is no longer necessary, consent withdrawn).
• Right to Restriction of Processing: Request limitation of how we process your data under certain circumstances.
• Right to Data Portability: Request your data in a structured, commonly used, machine-readable format, and have it transferred to another controller where technically feasible (applies to data processed based on consent or contract).
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent (withdrawal does not affect lawfulness of processing before withdrawal).

Rights under DPDPA (Primarily for Indian Residents):

• Right to Access Information: Obtain a summary of personal data processed, processing activities, and identities of data fiduciaries/processors with whom data has been shared.
• Right to Correction and Erasure: Request correction, completion, updating, or erasure of your personal data.
• Right of Grievance Redressal: Lodge grievances with us (the Data Fiduciary) via support@nextmariner.com. We will respond according to timelines specified under DPDPA rules. You also have the right to escalate complaints to the Data Protection Board of India once established.
• Right to Withdraw Consent: Withdraw consent at any time. Withdrawal may affect our ability to provide certain Services. We will inform you of consequences upon withdrawal.
• Right to Nominate: (Details pending specific rules) Nominate another individual to exercise rights on your behalf in case of death or incapacity.

Verification: We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

Our Services are generally not intended for individuals under the age of 18, or the age of majority in their jurisdiction if different, unless they are maritime students using the platform with appropriate consent. We do not knowingly collect personal data from children under 18 without verifiable parental consent as required by GDPR and DPDPA. If you believe we have inadvertently collected such information, please contact us immediately at support@nextmariner.com so we can take appropriate steps.

When you visit our website, we use cookies necessary for the website to function. You can read about types of cookies we use, why we use them, and how you can manage your preferences, in our [cookie policy].

We may use automated processes and profiling to match User profiles (Individuals, Mentors, Companies, Schools) based on the information provided (e.g., skills, experience, requirements). This is integral to providing efficient connection services. Where such processing produces legal effects concerning you or similarly significantly affects you (unlikely for basic matching but possible in specific contexts), you may have rights under GDPR to object or request human intervention.

NextMariner ApS wishes to proactively comply to the legal regulations, and we may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you through our Services, or by other means (like email), to provide you the opportunity to review the changes before they become effective. Your continued use of our Services after we publish or send a notice about our changes to this Privacy Policy means that you acknowledge the updated Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices.

• For general privacy inquiries or to exercise your rights: Please contact us at support@nextmariner.com or via mail at the address listed in Section 2.
• Complaints (EU/EEA): If you are unsatisfied with our response or believe we are processing your personal data not in accordance with the law, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet - www.datatilsynet.dk).
• Complaints (India): Under DPDPA, you should first raise your grievance with us (the Data Fiduciary). If you are unsatisfied with the resolution, you have the right to lodge a complaint with the Data Protection Board of India (DPBI) once it is operational.

We generally encourage you to read more about GDPR and DPDPA to stay informed about the rules.