Privacy Policy
Last updated: 17 May 2026·Effective date: 17 May 2026
Crew Call Systems (“we”, “us”, “our”) provides an enterprise operations platform for shipowners, captains and maritime crews. This Privacy Policy explains what data we collect through the Crew Call mobile application and the crewcallsystems.com web platform, how we use it, and the choices you have.
If you have any questions about this policy, contact us at support@crewcallsystems.com.
1. Who we are
Crew Call Systems is the data controller for the personal data processed through the Service.
2. Data we collect
We only collect the data we need to operate the Service. Data is grouped into the following categories:
2.1 Account and profile data
- Email address (shipowner accounts)
- Username and PIN (crew accounts)
- Display name and assigned role (operator, captain, owner, etc.)
- Organization and vessel assignment
2.2 Operational content
- Watch shifts, alerts and acknowledgements created by you or directed to you
- Crew records you manage (only visible to authorised personnel inside your organization)
- Notification history and audit logs
2.3 Device and technical data
- Mobile device identifier (Firebase Cloud Messaging registration token or Expo push token), used solely to deliver push notifications
- App version, operating system version, device model
- Crash and diagnostic logs (anonymized where possible)
2.4 Location data
The mobile app may request your precise location, including in the background, only if your role and your shipowner enable this feature. Location data is used to provide operational tracking of crew members on duty (for example, displaying live positions on the vessel map).
- You can disable location access at any time in iOS Settings → Crew Call → Location.
- If location is disabled, operational tracking will not work but the rest of the app remains functional.
We do not sell location data, advertise based on it, or share it with parties outside your organization.
2.5 Camera and microphone
Crew Call does not access the camera, microphone, contacts, calendar, health data or photo library.
3. How we use your data
We use the data described above to:
- Authenticate you and keep your session secure
- Route push notifications to your devices
- Display crew, vessel and operational information to authorised users within your organization
- Maintain audit trails required by IMO and shipowner compliance policies
- Diagnose and fix technical issues
- Communicate with you about the Service (support, security alerts)
We do not use your data for advertising, profiling for third parties, or training third-party AI models.
4. Legal basis (GDPR)
If you are in the European Economic Area, the United Kingdom or another jurisdiction that recognises a similar framework, our legal bases for processing are:
- Contract — to provide the Service you or your employer subscribed to
- Legitimate interest — to secure the Service, prevent abuse, and improve reliability
- Consent — for optional features such as background location tracking; consent can be withdrawn at any time
- Legal obligation — when applicable maritime, accounting or tax regulations require it
5. Sharing and third parties
We work with a small number of trusted infrastructure providers to deliver the Service. They are bound by contract to process data only on our instructions:
- Firebase Cloud Messaging (Google LLC) — delivers push notifications to Android and iOS devices. Only the FCM registration token, notification title and body are sent.
- Apple Push Notification Service (Apple Inc.) — delivers push notifications to iOS devices on Apple’s servers. Used via Firebase.
- Expo (Expo Inc.) — provides over-the-air application updates and push token issuance for development builds.
- Hosting provider — runs the application servers and database in the EU/Türkiye region.
We do not sell personal data and we do not share it with advertisers, data brokers or analytics platforms beyond what is strictly necessary for operating the Service.
We may disclose data when required by law, court order or to protect the safety of users.
6. Data storage and security
- All traffic between your device and our servers is encrypted using TLS 1.2+.
- Authentication uses rotating session cookies with CSRF protection and HttpOnly flags.
- Per-tenant data isolation ensures each shipowner organization only sees its own data.
- Production servers and the database are hosted in the EU/Türkiye region.
- We follow industry best practices for least privilege, audit logging and dependency patching.
No method of transmission or storage is 100% secure; you use the Service at your own risk.
7. Data retention
- Operational records (alerts, watch shifts, audit logs) are kept for the duration of your contract with your organization, plus the period required for IMO compliance.
- Authentication tokens expire automatically and are removed on logout or when a device is unregistered.
- Crash and diagnostic logs are retained for up to 90 days.
- If your organization terminates its contract, your data is deleted or anonymized within 30 days unless legal retention applies.
You may request deletion of your personal account at any time by emailing support@crewcallsystems.com. Note that operational records linked to other crew members or shipowner audit trails may be retained even after individual account deletion.
8. Your rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion (“right to be forgotten”)
- Object to or restrict processing
- Receive a portable copy of your data
- Lodge a complaint with a data protection authority
To exercise any of these rights, contact support@crewcallsystems.com. We will respond within 30 days.
9. Children
Crew Call Systems is intended for professional maritime use. It is not directed to children under 16, and we do not knowingly collect data from minors. If you believe a child has provided us with personal data, please contact us so we can remove it.
10. International transfers
If you access the Service from outside Türkiye/EU, your data may be transferred to and processed in jurisdictions where our infrastructure providers operate. We use standard contractual clauses and equivalent safeguards to protect such transfers.
11. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent change. Material changes will be announced inside the app or via email to your account contact. Continued use of the Service after an update constitutes acceptance of the revised policy.
12. Contact
Crew Call Systems
Email: support@crewcallsystems.com
Website: https://crewcallsystems.com