Privacy Policy

We, at Windward Ltd., (or “us”, “we” or “our”), put great efforts in making sure that we secure the personally identifiable information related to you (“Personal Information”) and use it properly.

This policy (the “Privacy Policy”) explains our privacy practices for processing Personal Information related to you as a user of our services, solutions and products (the “Services”), or as a visitor to our website available at: https://windward.ai/,or any of its pages (respectively, the “User” and “Site”).

We process Personal Information subject to the terms of this policy.

The summary of this policy will give you a quick and clear view of our practices. Please take the time to read our full policy.

How do we collect the Personal Information? – We collect the Personal Information related to you, directly from you, and thorough the use of “cookies” on our Services and Site. Read more.

The purposes of use of the Personal Information – We collect the Personal Information related to you, for various business purposes as further detailed in ‘The purposes of use of the Personal Information’ section of this Privacy Policy. Read more.

Cookies– We use cookies to make it easier for you to log-in and to facilitate the Services and the Site activities. Read more.

Sharing Personal Information with third parties – We share information with our Vendors as necessary to facilitate our business. We will share information when we change our corporate structure, and we will share the information with our affiliated entities. Read more.

Cross-border transfer – We use cloud based services to store and process data in the European Union and in the United States and will store them at additional sites, at our discretion. These Vendors provide us adequate security and confidentiality commitments. Read more.

How do we secure the Personal Information? – We implement physical, electronic and organizational procedures to secure your Personal Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. Read more.

Aggregated and analytical information – Aggregated data is not identifiable. We use standard analytical tools for legitimate business purposes. Read more.

Your Choice – You may opt-out of our mailing lists and terminate your use of our Site. Termination of our Services is subject to the terms of the Customer’s services agreement with us. Our Services do not respond to Do Not Track (DNT) signals. Read more.

Accessing Personal Information related to you – At any time you can request access to Personal Information related to you. Read more.

Your EU data subject rights – If we process Personal Information related to you when you are in the EU, further terms apply to our processing in relation to your rights as a data subject under EU data protection laws. Read more.

Data retention– We retain different types of Personal Information for different periods, depending on the purposes for processing the information, our legitimate business purposes as well as pursuant to legal requirements. Read more.

Changes to this Privacy Policy – We will update this Privacy Policy from time to time after giving proper notice. Read more.

Contact us – Please contact us here or at our offices located in 2 Hashlosha St., Tel Aviv, Israel.

Overview of our services

Our Services provide our “ Customers”, i.e. entities which engage in contractual relationship for the provision of our Services, whom primarily consist of governmental and corporation entities within the maritime ecosystem, decision supporting data analytics and insights in the maritime trade domain.

As a rule of thumb, the Personal Information we collect is related to our former and current employees, job candidates, and to the extent that our Customers have provided us with personal contact details, rather than corporate business contact information, then such personal contact details as well. As such, the Personal Information we collect primarily used for regulating our employment relationships, recruitment processes and business relationships with our Customers, and vendors and/or suppliers which engage with us for the provision of services, goods or assets (each a “Vendor”).

What type of Personal Information do we process?

You provide most of the Personal Information related to you through the registration and login processes to our Services and through the submission of your details on our Site. Note, that you are not required by law to provide us with any information about you.

1.Personal Information obtained from Users about our Customers and about our Users’ engagement with our Services and Site:

  • Usernames;
  • E-mail addresses;
  • The time and date of the log in; and
  • The Internet Protocol (IP) address used to connect your access device to the Internet;

As part of our Services, our Users may provide us with Personal Information regarding our Customers’ own vessels, which includes but is not limited to the vessel’s beneficial owner, commercial and technical managers, commercial controller, operator, and ISM manager.

Details about the device, operation system and browser used by the User, such as browser type, version, and time zone setting, browser plug-in types and versions, operating system, and platform.

To the extent that a Customer, or anyone on its behalf, has provided us with personal contact details, rather than corporate business contact information (e.g., [email protected]), then the aforementioned information will constitute Personal Information of such User. Please note  that to the extent that contact details provided by the Customer contain corporate business contact information, this would not qualify as Personal Information.

2. Personal Information about our Vendors’ and Customers’ representatives that is required for the provision of our Services or for our business engagement with them, such as: names, e-mail addresses and phone numbers.

In most cases the contact details information that we hold about our Vendors will not constitute Personal Information, whether because our Vendors are not individuals or because the information provided does not contain direct identifiers.

3. Personal Information related to employees and candidates.

As part of our ongoing employment relationship with our employees, we collect Personal Information regarding current and former employees, through our HR systems, as further detailed in our Employees Privacy Notice.

We collect Personal Information from job candidates, who can submit their application for certain available positions through the ‘Careers’ webpage on our Site. For further information please see our Candidates Privacy Notice.

4. Personal information we obtained from third parties data sources:

Such Personal Information comprised of name, identification number, address, vessel ownership data and business contact details and is being provide to our Customer through our Services.

5. We also offer, through the ‘Sign UP’ button on our Site, the opportunity to participate in our events, like webinars, through the ‘Subscribe’ button on our Site the opportunity to subscribe to our news-letters, and through the ‘Contact Us’ form and links to our corporate email address available on the Site, the opportunity to reach out to us. The Personal Information collected by us through these, will only be used for the purpose of evaluating the subject matter of such form and contacting the person who sent it.

The Services and Site are not directed to children under 16 years of age and we do not intentionally or knowingly collect Personal Information on such Users.

How do we collect the Personal Information?

We collect the Personal Information related to you, directly from you, when you log in to our Services, fill in a form on our Site or otherwise contact us through our Site.
We use a third party payment processor to process payments made to us. In connection with the processing of such payments, we will only receive your payment transaction details (for example, your name, the amount paid and the date of payment) and we will not collect your bank account details or credit card number, credit card type and expiration date. This information is stored only with our third party processor, Stripe, whose use of Personal Information related to you is governed by their privacy policy, which may be viewed at:  https://stripe.com/privacy.

Like many sites and services, we use “cookies” (for further information about cookies – see below), and we obtain information on your use of our Site and Services.

Processing Personal Information related to you is necessary in order to enable you to use the Site.

The purposes of use of the Personal Information

We use the Personal Information we collect for all of the following purposes:

  • To provide and improve our Services;
  • To send Service-related updates, notices and announcements;
  • To maintain our Services;
  • To study and analyze the functionality of the Service and Users’ activities;
  • To provide Customer support;
  • To manage our relationships with our employees and job candidates;
  • To Manage business relationships with our Vendors and Customers;
  • To comply with court orders and warrants, and assist law enforcement agencies and to take any action in any legal dispute and proceeding;
  • For our record keeping and protection of our legal rights;
  • For analytics purposes; and
  • To prevent fraud, misappropriation, infringements, identity thefts and any other misuse of the Services;

Subject to your consent, if such is required under applicable law, to send you e-mail or other messages and/or newsletters about us or our products and services, including through one of our service providers. At any time, you can unsubscribe from our mailing list by clicking on the unsubscribe link on the message;

We commit to process Personal Information solely for the purposes described  in  this  Privacy  Policy. To the extent relevant and possible, we will make efforts to maintain the Personal Information accurate, complete and up-to-date.

Cookies

We use cookies and similar tracking technologies to make sure that our Service is continuously improved and meets your needs.

Please view our Cookies and Similar Tracking Technologies Policy for more information on our use of cookies.

Sharing Personal Information with third parties

In certain instances, Windward will share Users’ Personal Information with third parties, such as:

  • Vendors, business partners and our affiliates. We engage trusted third-party companies and individuals to facilitate or provide services on our behalf or to perform Site-related services and analysis for the purpose of providing and operating our Services. Such engagement will be only to the extent necessary and we require that such third parties comply with privacy and data protection
  • We use analytics tools (“Tools”) including “Google Analytics”, “MixPanel” and “Hubspot” to collect information about the use of our Site and    Your  engagement  with these Tools through the Services and Site is governed by the privacy policies of the applicable third party.
  • We would disclose or use Users’ Personal Information to defend or enforce our legal rights and in accordance with any applicable
  • We will  disclose,  share  or  transfer  Users’  Personal  Information  in  connection  with  a merger, acquisition, reorganization or sale of our assets or in the event of

Cross-border transfer

We store and process information in various sites throughout the globe, including on sites operated and maintained by cloud-based service providers. If you are a resident in a jurisdiction where the transfer of your personal information to another jurisdiction requires your consent, then by agreeing to comply with this Privacy Policy, you provide us your express and unambiguous consent to such transfer.

Whenever we transfer Personal Information related to you to third parties based outside of the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer Personal Information related to you to countries that have been deemed to provide an adequate level of protection for Personal Information by the European
  • Where we use certain Vendors, we use specific contracts approved by the European Commission which give Personal Information the same protection it has in the
  • Where we use Vendors based in the US, we transfer Personal Information to them if they have been certified by the EU-US Privacy Shield which requires them to provide similar protection to Personal Information shared between the Europe and the US or any other arrangement which has been approved by the European

How do we secure the Personal Information?

We maintain the confidentiality of Personal Information related to you and we take reasonable steps to ensure that the Information is accurate, complete, current and reliable for its intended use. We take reasonable measures to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction.

We have put in place appropriate physical, electronic and organizational procedures to safeguard and secure Personal Information related to you from loss, misuse, unauthorized access or disclosure, alternation or destruction.

These measures provide sound industry  standard  security.  However,  although  we  make  efforts to protect your privacy, we cannot guarantee that the Services or Site will be immune from cyber-attacks, malicious activities, malfunctions, honest mistakes or other types of abuse and misuse.

Aggregated and analytics information

We may use anonymous, statistical and aggregated data that we derive from the Personal Information related to you, to drive insights, statistics, trends and predictions for our internal use and may share it with our Customers, Vendors and business partners for lawful business purposes.

What are your choices?

At any time,  you may opt-out of our mailing list, or request that the Personal Information related  to you will not be shared with our affiliates, business partners, and Vendors, by contacting us. It may take up to ten (10) business days for your opt-out request to take effect. Please note that certain opt-out requests may require us to terminate your user account, for example, if transferring your personal details to a Vendor is essential to provide the Services.

You can exercise your choices by contacting the privacy team here.

Termination  of  the  Services  is subject to the terms of the Customer’s services agreement with us. We request and collect Personal Information that we need for the purposes described in this Privacy Policy. At any time, you can stop using the Site. Thereafter, we will stop collecting any respective Personal Information related to you.

However, we may store and continue using or making available certain Personal Information related to you. For further information, please read the Data Retention section in this Privacy Policy.

Some web browsers offer a “Do Not Track” (“DNT”) signal. A DNT signal is a HTTP header field indicating your preference for tracking your activities on the Service or through cross-site user tracking. Our Service and Site do not respond to DNT signals.

Accessing Personal Information related to you

If you find that the Personal Information that we keep about you is not accurate, complete or up-to-date, please provide us the necessary information to correct it.

At any time, you can contact us here and request to access the Personal Information  that we keep about you. We will ask you to provide us certain credentials to make sure that you are who you claim to be and to the extent required under applicable law, will make good-faith efforts to locate the Personal Information that you request to access.

If you are eligible for the right of access under applicable law, you can obtain confirmation from us of whether we are processing Personal Information about you, and receive a copy of that data, so that you could:

  • verify its accuracy and the lawfulness of its processing;
  • request the correction, amendment or deletion of the Personal  Information  we  keep about you, if it is inaccurate or if you believe that the processing of the  Personal Information we keep about you is in violation of applicable

We will use judgement and due care to redact from the data which we will make available to you, Personal Information related to others.

Your rights as an EU data subject

Under EU data protection laws, Windward, will be considered a Data Controller as such term is defined therein, with respect to its Services and Site. We base our processing of Personal Information as a Data Controller on the following lawful grounds:

  • All processing of Personal Information related to you which are not based on the lawful grounds indicated below, are based on your
  • We will process Personal Information related to our Customers’ end Users to perform the contract with Customers.
  • We process your Personal Information as a preliminary necessary step prior to initiate an engagement with
  • We will process Personal Information related to you  to  comply  with  a  legal  obligation and to protect your and others’ vital
  • We will rely on our legitimate interests, which we believe are not overridden by your fundamental rights and freedoms, for the following purposes:
    • Communications with you, including direct marketing where you are a Customer’s end-User, or where you make contact with us through our Site and other digital assets;
    • Cyber security;
    • Support, customer relations, service operations;
    • Enhancements  and    improvements to yours and other Customers’ and Customers’ end-Users’ experience with our services;
    • Fraud detection and misuse of our Site and

At any time, you can contact our Data Protection Team here and request to exercise your rights in accordance with the provisions provided by law:

  • You are entitled to access the Personal Information  that  we keep about you. We may  need to ask you to provide  us  certain  credentials  to make sure that you are who you  claim you are. If you find that the Personal Information related to you is not accurate, complete or updated, then please provide us the necessary information to correct
  • You can contact us if you want to withdraw your consent to the processing of Personal Information related to you. Exercising this right will not  affect  the  lawfulness  of processing based on consent before its
  • You are entitled to request to delete or restrict access to Personal Information related to

If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions under the law, you are entitled to request to be informed that third parties that hold Personal Information related to you, in accordance with this Privacy Policy, will act accordingly.

  • You are entitled to request the transfer of Personal Information related to you in accordance with your right to data
  • You are entitled object to the processing of Personal Information related to you for direct marketing
  • You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affecting
  • You have a right to lodge a complaint with a data protection supervisory
  • We do periodical assessments of our data processing and privacy practices, to make sure that we comply with this Privacy Policy, to update the Privacy Policy when needed, and to verify that the Privacy Policy is displayed properly and
  • If you have any concerns about the way we process Personal Information related to you, you are welcome to contact our Privacy Team here or write to us to: Windward Ltd., 2 Hashlosha St., Tel Aviv, Israel,

We will look into your query and make good-faith efforts to resolve any existing or potential dispute with you.

Data retention

We retain different types of Personal Information for different periods, depending on the purposes for processing the information, our legitimate business purposes as well as pursuant  to legal requirements.

We will maintain your contact details, to help us stay in contact with you. At any time before or   after the termination of the Services, you can contact our Privacy Team here and request to delete your contact  details.  Note that we may keep your details without using  them unless necessary, and for the necessary period of time, for legal requirements and proceedings.

We will keep aggregated non-identifiable information without limitation, and to the extent reasonable we will delete or de-identify potentially identifiable Personal Information, when we no longer need to process the information.

In any case, as long as you use the Services, we will keep information about you, unless the law requires us to delete it, or if we decide to remove it at our discretion, according to the terms of this Privacy Policy.

Changes to this Privacy Policy

From time to time, we will need to update this Privacy Policy. If the updates have minor if any consequences, they will  take effect 7 days after we post a notice on the Services’ platform and/or Site, or after we send you the notice through email. Substantial changes will be effective 30 days after we initially posted our notice.

Until the new policy takes effect, you can choose not to accept it and terminate your use of the Service or Site. Continuing to use the Service or Site after the new Privacy Policy takes effect means that you agree to the new Privacy Policy. Note that if we need to adapt the Privacy Policy to legal requirements, the new Privacy Policy will become effective immediately or as required.

Contact Us

To address any questions, comments, or concerns related to this Privacy Policy, please send a detailed message to the Windward privacy team. You can also contact our EU representative or our UK representative.

This Privacy Notice was last updated November 21, 2023