Cleanwake Back to site

Privacy Policy

Last updated: 14 June 2026

This Privacy Policy explains how Cleanwake (“we”, “us”) collects, uses and protects personal data when you use our maritime fleet-intelligence platform (the “Service”). We act as a data processor for the vessel and operational data your organisation enters, and as a data controller for the account data we need to run the Service. We comply with the EU General Data Protection Regulation (GDPR).

Who we are

Cleanwake is operated by [legal entity name], registered at [address], [country]. For any privacy question or to exercise your rights, contact us at privacy@cleanwake.com.

What data we collect

  • Account data: name, work email, organisation name, hashed password, role.
  • Operational data you enter: vessels, voyages, noon reports, fuel and emissions data.
  • Technical data: IP address, browser type, and request logs needed for security and reliability.
  • We do not sell personal data and we do not use it for advertising.

Why we use it (legal bases)

  • To provide the Service under our contract with your organisation.
  • To secure accounts and prevent abuse (legitimate interest).
  • To meet legal and regulatory obligations.

Where data is stored

Data is hosted on infrastructure in the EU (eu-west-1). Operational submissions are archived to encrypted object storage for audit purposes. Access is restricted and tenant-isolated, so one organisation can never see another’s data.

Sub-processors

We use a small number of vetted providers to run the Service (cloud hosting, error monitoring, and — where enabled — email delivery). A current list is available on request at the contact address above.

Retention

We keep operational and regulatory records for as long as your organisation’s account is active, and afterwards only as long as required to meet maritime regulatory obligations (e.g. EU MRV / IMO DCS). Account data is deleted on request after the contract ends, subject to those obligations.

Your rights

Under the GDPR you can request access, correction, deletion, restriction, or a copy of your personal data, and you can object to certain processing. To exercise these rights, contact us at the address above. You also have the right to lodge a complaint with your national data protection authority.

Security

We protect data with encryption in transit, hashed passwords, row-level tenant isolation, HTTP security headers and access controls. No system is perfectly secure, but we work to industry standards and patch known issues promptly.

Changes

We may update this policy; material changes will be communicated to account administrators. Continued use after an update constitutes acceptance.

See also our Terms of Service.