Data Protection & Privacy Policy
ELNAV.AI d.o.o.
Last updated: 06.01.2025.
ELNAV.AI is committed to protecting the privacy, dignity, and rights of individuals whose data may be processed during the development, testing, and deployment of our AI-powered maritime safety technologies.
This policy explains how we collect, use, store, and protect personal data in compliance with the General Data Protection Regulation (GDPR) (EU 2016/679) and related frameworks, including the EU AI Act (2024/1689).
1. Scope of This Policy
Scope of This Policy
- Visitors of our website (elnav.ai)
- Participants in our research, pilot programs, or field trials
- Maritime professionals (e.g., crew, pilots, officers) whose voice or image may be processed by our systems
- Clients and partners who engage our services
2. Types of Data We Process
We may process the following categories of personal data:
A. Website & Communications
- Name, email, contact form submissions
- IP address, browser metadata (via cookies)
B. Operational & Research Systems
- Biometric data, such as:
- Voice recordings (processed in real time; not stored)
- Facial landmarks (used to detect fatigue or attention, e.g. eye closure)
- Emotional state indicators (aggregated outputs only)
- System interaction logs (e.g., timestamped events)
- Location or vessel ID (when relevant to testing context)
We do not intentionally collect data that reveals racial or ethnic origin, political opinions, religious beliefs, or other special categories unless explicitly required and legally justified.
3. Lawful Basis for Processing
Processing is conducted under one or more of the following GDPR bases:
| Basis | Description |
|---|---|
| Art. 6(1)(f) | Legitimate interests – ensuring crew safety and system performance. |
| Art. 9(2)(h) | Processing biometric data for safety and occupational risk mitigation. |
| Consent | For research participation or demo recordings, we request explicit informed consent. |
4. Data Minimization and Storage
- We do not store raw audio or video unless required for controlled research with consent.
- Only derived stress indicators, system logs, and metrics are stored.
- Stored data is pseudonymized where possible and retained only:
- For the duration of the project
- Or up to 30 days (for live system testing)
- Or longer only if required for incident investigation, with strict access control
5. Security Measures
We implement both technical and organizational safeguards, including:
- End-to-end encryption (at rest and in transit)
- Role-based access control
- Secure storage (e.g. on-premises servers or GDPR-compliant EU cloud providers)
- Regular vulnerability assessments and access audits
6. Data Subject Rights
You have the right to:
- Access your personal data
- Request rectification or deletion
- Restrict or object to processing
- Withdraw consent (if given)
- File a complaint with your national supervisory authority
To exercise your rights, contact us at info@elnav.ai.
7. Third Parties and International Transfers
- We do not sell or share personal data for commercial use.
- We only work with processors and partners that meet GDPR compliance standards.
- We do not transfer data outside the EU/EEA unless adequate safeguards are in place (e.g., SCCs).
8. Website Cookies
Our website uses cookies only for:
- Basic functionality
- Anonymous visitor analytics (e.g. Matomo or GDPR-compliant Google Analytics)
You can control or delete cookies via your browser settings. A cookie consent banner is presented on first visit.
9. Updates to This Policy
We review this policy at least annually or in response to changes in technology or law.
Contact Us
For privacy-related questions or concerns:
Email: info@elnav.ai
