Data Protection

GDPR Compliance

ShipyardPro is committed to protecting the privacy and data rights of all users, including those in the European Union.

Last updated: February 1, 2026

Our Commitment to GDPR

The General Data Protection Regulation (GDPR) is the EU's comprehensive data protection law that governs how personal data of EU citizens is collected, processed, and stored. ShipyardPro fully supports GDPR requirements and has implemented comprehensive measures to ensure compliance.

Data Protection Principles

We adhere to all six GDPR data protection principles:

Lawfulness & Transparency

We process data lawfully, fairly, and transparently. You always know what data we collect and why.

Purpose Limitation

Data is collected for specified, explicit, and legitimate purposes only.

Data Minimization

We only collect data that is adequate, relevant, and necessary for the stated purpose.

Accuracy

We take reasonable steps to keep personal data accurate and up to date.

Storage Limitation

Personal data is kept only as long as necessary for the purposes for which it was collected.

Integrity & Confidentiality

Data is processed securely with appropriate technical and organizational measures.

Your Rights Under GDPR

As an EU data subject, you have the following rights:

  • Right of Access (Art. 15) — Obtain confirmation of whether we process your data and request a copy
  • Right to Rectification (Art. 16) — Have inaccurate personal data corrected without delay
  • Right to Erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing (Art. 18) — Limit the processing of your data under certain conditions
  • Right to Data Portability (Art. 20) — Receive your data in a structured, machine-readable format
  • Right to Object (Art. 21) — Object to processing based on legitimate interests or direct marketing
  • Right Regarding Automated Decisions (Art. 22) — Not be subject to decisions based solely on automated processing

Data Processing Agreements

We enter into Data Processing Agreements (DPAs) with all enterprise customers that require them. Our standard DPA covers the scope of processing, sub-processors, security measures, breach notification procedures, and data subject rights assistance.

International Data Transfers

When data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place through Standard Contractual Clauses (SCCs) approved by the European Commission. We do not transfer data to countries without adequate protection unless proper safeguards exist.

Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, in accordance with Article 33 of the GDPR. Affected data subjects will be notified without undue delay when the breach poses a high risk to their rights and freedoms.

Data Protection Officer

ShipyardPro has appointed a Data Protection Officer (DPO) who oversees our data protection strategy and compliance. You can reach our DPO at dpo@shipyardpro.com.

Exercising Your Rights

To exercise any of your GDPR rights, please submit a request to privacy@shipyardpro.com. We will respond to your request within 30 days. You may also lodge a complaint with your local supervisory authority if you believe your rights have been violated.