GDPR Compliance

Varuna Sentinels B.V. — Effective Date: 1st January 2025

Varuna Sentinels B.V. (“Varuna Sentinels”, “we”, “us”, or “our”) is committed to protecting personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This page explains how we process, store, and protect your personal data.

1. Data Controller

Varuna Sentinels B.V., registered in the Netherlands, is the data controller for personal data processed through https://www.varuna-sentinels.com/ and its associated platforms (IHM Maintenance, ESG Reporting, VSMPS, LCA Portal, CBT Training). For data protection enquiries, contact us at info@varuna-sentinels.com.

2. Personal Data We Collect

We collect and process the following categories of personal data:

  • Identity data: Name, job title, company name
  • Contact data: Email address, telephone number, business address
  • Account data: Login credentials, user preferences, platform usage history
  • Technical data: IP address, browser type, device information, cookies
  • Usage data: Information about how you interact with our platforms and services

3. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds under Article 6 of GDPR:

  • Contract performance: Processing necessary to fulfil our service agreements (e.g., providing IHM Maintenance, ESG Reporting, or VSMPS platform access)
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services, analytics, and marketing
  • Consent: Where you have given explicit consent, such as for marketing communications or non-essential cookies
  • Legal obligation: Processing required to comply with applicable laws and regulations

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain our maritime compliance platforms and services
  • Manage your user account and authenticate access
  • Communicate with you regarding service updates, webinars, and events
  • Improve our platforms through analytics and user feedback
  • Comply with legal and regulatory obligations, including EU Ship Recycling Regulation and Hong Kong Convention requirements

5. Data Sharing and Transfers

We may share your personal data with:

  • Service providers: Cloud hosting (AWS), analytics, and email services that process data on our behalf under data processing agreements
  • Regulatory bodies: Where required by law or regulation
  • Business partners: Classification societies and maritime authorities, only as necessary for compliance services

Where data is transferred outside the European Economic Area (EEA), we ensure adequate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Account data is retained for the duration of your service agreement plus any statutory retention period. Marketing data is retained until you withdraw your consent.

7. Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of your personal data (Article 15)
  • Right to rectification: Request correction of inaccurate data (Article 16)
  • Right to erasure: Request deletion of your data (“right to be forgotten”) (Article 17)
  • Right to restrict processing: Request limitation of processing (Article 18)
  • Right to data portability: Receive your data in a machine-readable format (Article 20)
  • Right to object: Object to processing based on legitimate interests or direct marketing (Article 21)
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent (Article 7)

To exercise any of these rights, contact us at info@varuna-sentinels.com. We will respond within 30 days as required by GDPR.

8. Data Security

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest, access controls, regular security audits, and employee training. Our platforms use HTTPS encryption, and access is controlled through authenticated, role-based permissions.

9. Cookies

We use cookies and similar technologies as described in our Cookie Policy. You can manage your cookie preferences through our cookie consent banner or your browser settings.

10. Changes to This Policy

We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated effective date. We encourage you to review this page periodically.

11. Contact & Complaints

If you have questions about our data processing practices or wish to make a complaint, contact us at:

Varuna Sentinels B.V.
Email: info@varuna-sentinels.com
Website: www.varuna-sentinels.com

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.