top of page

Data Security Policy

Data Security Statement for Captainselog.com

Last updated: February 10, 2025

At Captainselog.com ("we," "us," or "our"), we recognize the importance of protecting your sensitive data. This Data Security Statement outlines our commitment to safeguarding your information, including your electronic logbook (eLog) data, and describes how we collect, use, store, and share this data securely.

1. Our Commitment to Data Security

We are dedicated to maintaining the highest standards of data security to protect your personal and sensitive information from unauthorized access, disclosure, alteration, or destruction. We implement a combination of technical, administrative, and physical safeguards to ensure the confidentiality, integrity, and availability of your data.

2. Data Collection and Usage

  • Personal and eLog Data: When you use our services, we collect data that you input or upload, including eLog data, reports, and analytics. This information is essential for providing our services and is treated with strict confidentiality.

  • Aggregate Data: We may generate aggregate data by removing personal identifiers from your information. This anonymized data helps us analyze trends, improve our services, and develop new features without revealing any personal or identifiable information about you or your vessel.

  • Public Data Access: We may access and utilize data that is publicly available through the Department of Fisheries and Oceans Canada (DFO) originating from harvesters. This data is used in compliance with applicable laws and regulations.

3. Data Protection Measures

  • Encryption in Transit and at Rest: All data transmitted between your device and our servers is encrypted using Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocols. Data stored on our servers is encrypted at rest using advanced encryption standards.

  • Secure Authentication: We require strong, unique passwords for account access and support multi-factor authentication (MFA) to add an extra layer of security.

  • Access Control: Access to sensitive data is restricted to authorized personnel who require it to perform their job functions. We follow the principle of least privilege to minimize the risk of unauthorized access.

  • Regular Security Assessments: We conduct regular vulnerability assessments, penetration testing, and security audits to identify and remediate potential security risks.

  • Secure Infrastructure: Our servers are hosted in secure data centers that comply with industry standards such as ISO 27001 and SOC 2. These facilities have robust physical and environmental controls in place.

  • Data Backup and Recovery: We perform regular backups of critical data and have disaster recovery plans to ensure business continuity in the event of unforeseen incidents.

4. Data Sharing and Disclosure

  • Third-Party Service Providers: We may share your data with trusted third-party service providers who assist us in operating our website and providing our services. These parties are contractually obligated to maintain the confidentiality and security of your data.

  • Legal Obligations: We may disclose your data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

  • Aggregate Data Sharing: We may share aggregated, anonymized data with partners, stakeholders, or for research purposes. This data will not contain personal identifiers and cannot be used to trace back to individual users, vessels, or specific locations.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this statement, comply with our legal obligations, resolve disputes, and enforce our agreements. When your data is no longer required, we securely delete or anonymize it.

6. User Rights and Control

  • Access and Correction: You have the right to access and update your personal data at any time through your account settings.

  • Data Deletion: You may request the deletion of your personal data by contacting us. We will process such requests in accordance with applicable laws and our data retention policies.

  • Data Portability: Upon request, we can provide you with a copy of your data in a structured, commonly used, and machine-readable format.

7. User Responsibilities

  • Account Security: You are responsible for keeping your account credentials confidential. Please use a strong, unique password and notify us immediately if you suspect any unauthorized access to your account.

  • Compliance with Laws: You agree to comply with all applicable laws and regulations when using our services.

8. International Data Transfers

Your data is securely stored and processed exclusively within Canada. We strategically select the most geographically advantageous locations within Canada to optimize service performance, reliability, speed, and minimize potential interruptions. We do not transfer or store your data outside of Canada, ensuring compliance with Canadian data protection standards and regulations.

9. Children's Privacy

Our services are not intended for individuals under the age of 13. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.

10. Updates to This Data Security Statement

We may update this Data Security Statement from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new statement on this page with an updated "Last updated" date.

11. Contact Us

If you have any questions, concerns, or comments about this Data Security Statement or our data protection practices, please contact us:

 

 

We are committed to resolving any issues and appreciate your feedback.

Note: SMS consent is not shared with third parties for marketing purposes and is only used for technical assistance or important information related to the Captains elog app. 

bottom of page