Data Protection & Privacy Policy

ELNAV.AI d.o.o.
Last updated: 06.01.2025.

ELNAV.AI is committed to protecting the privacy, dignity, and rights of individuals whose data may be processed during the development, testing, and deployment of our AI-powered maritime safety technologies.

This policy explains how we collect, use, store, and protect personal data in compliance with the General Data Protection Regulation (GDPR) (EU 2016/679) and related frameworks, including the EU AI Act (2024/1689).

1. Scope of This Policy

Scope of This Policy

Visitors of our website (elnav.ai)
Participants in our research, pilot programs, or field trials
Maritime professionals (e.g., crew, pilots, officers) whose voice or image may be processed by our systems
Clients and partners who engage our services

2. Types of Data We Process

We may process the following categories of personal data:

A. Website & Communications

Name, email, contact form submissions
IP address, browser metadata (via cookies)

B. Operational & Research Systems

Biometric data, such as:
- Voice recordings (processed in real time; not stored)
- Facial landmarks (used to detect fatigue or attention, e.g. eye closure)
- Emotional state indicators (aggregated outputs only)
System interaction logs (e.g., timestamped events)
Location or vessel ID (when relevant to testing context)

We do not intentionally collect data that reveals racial or ethnic origin, political opinions, religious beliefs, or other special categories unless explicitly required and legally justified.

3. Lawful Basis for Processing

Processing is conducted under one or more of the following GDPR bases:

Basis	Description
Art. 6(1)(f)	Legitimate interests – ensuring crew safety and system performance.
Art. 9(2)(h)	Processing biometric data for safety and occupational risk mitigation.
Consent	For research participation or demo recordings, we request explicit informed consent.

4. Data Minimization and Storage

We do not store raw audio or video unless required for controlled research with consent.
Only derived stress indicators, system logs, and metrics are stored.
Stored data is pseudonymized where possible and retained only:
- For the duration of the project
- Or up to 30 days (for live system testing)
- Or longer only if required for incident investigation, with strict access control

5. Security Measures

We implement both technical and organizational safeguards, including:

End-to-end encryption (at rest and in transit)
Role-based access control
Secure storage (e.g. on-premises servers or GDPR-compliant EU cloud providers)
Regular vulnerability assessments and access audits

6. Data Subject Rights

You have the right to:

Access your personal data
Request rectification or deletion
Restrict or object to processing
Withdraw consent (if given)
File a complaint with your national supervisory authority

To exercise your rights, contact us at info@elnav.ai.

7. Third Parties and International Transfers

We do not sell or share personal data for commercial use.
We only work with processors and partners that meet GDPR compliance standards.
We do not transfer data outside the EU/EEA unless adequate safeguards are in place (e.g., SCCs).

We engage carefully selected third-party partners and service providers who process personal data on our behalf in compliance with GDPR. From time to time, we appoint digital marketing agencies to conduct outreach and marketing activities on our behalf. As part of these activities, personal data may be processed in accordance with applicable data protection laws. Our appointed data processors include:

(i)Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here: http://sopro.io. Sopro is registered with the ICO Reg: ZA346877. Their Data Protection Officer can be emailed at: dpo@sopro.io

8. Website Cookies

Our website uses cookies only for:

Basic functionality
Anonymous visitor analytics (e.g. Matomo or GDPR-compliant Google Analytics)
Third-party marketing and outreach services

As part of using the Sopro Plugin for our digital marketing activities, certain cookies are deployed on our website to support its functionality and performance. These cookies are used in compliance with applicable data privacy regulations including GDPR and CCPA.

You can control or delete cookies via your browser settings. A cookie consent banner is presented on first visit.

9. Updates to This Policy

We review this policy at least annually or in response to changes in technology or law.

Contact Us

For privacy-related questions or concerns:

Email: info@elnav.ai

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.