Privacy Policy

1. Introduction

pelagiynas ("we," "our," or "us") is committed to protecting the privacy and security of personal information provided by guests and visitors. This Privacy Policy explains how we collect, use, store, and protect your personal data when you book yacht charter services, visit our website, or communicate with our team.

This policy applies to all personal information collected through our website, booking inquiries, charter contracts, and any other interactions with pelagiynas. By using our services or providing your information, you consent to the practices described in this policy.

2. Information We Collect

2.1 Personal Information You Provide

When you book a charter or contact us for information, we collect:

• Full name and contact details (email address, phone number)
• Number of guests and any special requirements
• Dietary restrictions or allergies (for catered charters)
• Emergency contact information
• Payment information (processed through secure third-party processors)
• Any health or mobility considerations relevant to safe charter operations

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

• IP address and general location data
• Browser type and operating system
• Pages visited and time spent on our website
• Referring website or source
• Device information

2.3 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance website functionality, analyze usage patterns, and improve user experience. For detailed information about our cookie practices, please see our Cookie Policy.

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Charter Service Delivery

• Processing and confirming charter bookings
• Communicating about itinerary details, weather updates, or schedule changes
• Preparing vessels and provisioning according to guest preferences
• Ensuring safety compliance and emergency preparedness

3.2 Communication and Customer Service

• Responding to inquiries and providing charter information
• Sending booking confirmations and pre-charter instructions
• Following up after charters to gather feedback
• Addressing questions, concerns, or service issues

3.3 Business Operations

• Maintaining booking records and operational documentation
• Processing payments and managing financial transactions
• Complying with legal and regulatory requirements
• Analyzing service usage to improve charter offerings

3.4 Marketing (With Consent)

With your explicit consent, we may send promotional emails about charter offerings, seasonal opportunities, or company updates. You can opt out of marketing communications at any time using the unsubscribe link in emails or by contacting us directly.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal data based on:

• Contractual Necessity: To fulfill charter booking agreements
• Legitimate Interest: To operate our business, improve services, and ensure safety
• Legal Obligation: To comply with Malaysian maritime regulations and tax requirements
• Consent: For marketing communications and optional data uses

5. Data Sharing and Disclosure

We do not sell personal information to third parties. We may share data in the following limited circumstances:

5.1 Service Providers

We engage trusted third-party service providers for:

• Payment processing (secure payment gateways)
• Email communication services
• Website hosting and analytics
• Catering or provisioning suppliers (when relevant)

These providers are contractually obligated to protect your data and use it only for specified purposes.

5.2 Legal Requirements

We may disclose information if required by Malaysian law, court order, or regulatory authority, including:

• Maritime safety investigations
• Tax or financial audits
• Law enforcement requests
• Protection of legal rights or safety

5.3 Business Transfers

In the event of a business sale, merger, or acquisition, personal data may be transferred to the new entity, with continued protection under this policy or a successor policy.

6. Data Security

We implement appropriate technical and organizational measures to protect personal information:

• Encrypted data transmission (SSL/TLS protocols)
• Secure storage systems with access controls
• Regular security assessments and updates
• Employee training on data protection practices
• Restricted access to personal information on a need-to-know basis

While we take security seriously, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but continually work to maintain robust protections.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy:

• Booking Records: Retained for seven years for financial and legal compliance
• Marketing Data: Retained until you withdraw consent or request deletion
• Website Analytics: Typically retained for 12-24 months
• Communication Logs: Retained for two years for service quality purposes

After retention periods expire, data is securely deleted or anonymized unless legal requirements mandate longer retention.

8. Your Privacy Rights

You have the following rights regarding your personal data:

8.1 Access and Portability

Request a copy of the personal information we hold about you in a commonly used, machine-readable format.

8.2 Rectification

Request correction of inaccurate or incomplete personal data.

8.3 Erasure ("Right to Be Forgotten")

Request deletion of your personal data, subject to legal retention obligations.

8.4 Restriction of Processing

Request temporary suspension of data processing in certain circumstances.

8.5 Object to Processing

Object to processing based on legitimate interests or for marketing purposes.

8.6 Withdraw Consent

Withdraw previously given consent for data processing at any time.

To exercise these rights, contact us at [email protected]. We will respond to requests within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with the Malaysian Personal Data Protection Commissioner.

9. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected data from a child, we will delete it promptly. Parents or guardians who believe we may have collected information about a minor should contact us immediately.

10. International Data Transfers

Personal data is primarily stored and processed in Malaysia. If data is transferred internationally (e.g., to cloud service providers), we ensure appropriate safeguards are in place through standard contractual clauses or equivalent protections recognized under Malaysian and international data protection laws.

11. Third-Party Links

Our website may contain links to third-party websites (e.g., payment processors, social media platforms). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be communicated through our website or via email to registered users. The "Last Updated" date at the top of this policy indicates when it was most recently revised. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact: