At Dataloy Systems AS, we take personal data information obligations seriously.
Together with our Privacy Policy, this document will help you better understand the personal information we collect, why we collect it, how we use personal information and how we protect it. In full compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) which comes into effect May 25, 2018, it also explains the various rights of the data subject, including the right of access and the right to erasure (aka “the right to be forgotten”).
What You Should Know
The GDPR distinguishes between a Data Controller (the legal entity that determines the purpose for which, and the manner in which, any personal data is collected) and a Data Processor (the legal entity responsible for the handling of personal data on behalf of the Data Controller). In cases where Dataloy Systems AS is hosting the systems, and/or provide support on the systems, we act as Data Processor.
How Dataloy Systems Can Help
In keeping with our obligations as a Data Processor, Dataloy Systems promises to:
Keep personal data safe, secure, and private
Process personal data in a manner that ensures appropriate security, using lawful, fair and transparent means
Disclose our sub-processors and responsibly monitor their GDPR compliance
Keep all required compliance records and audit logs
Make available tools to handle data subject requests, such as the right-to-erasure and right-to-access
Provide timely notice of personal data breaches
The Data Processing Addendum
To satisfy the GDPR, each Data Controller must receive “sufficient guarantees” from its Data Processors that they can implement measures (technical and organisational) to meet the requirements of the GDPR. Since there are currently no codes of conduct or certifications upon which Data Controllers can rely, standard contractual clauses and data processing agreements are quickly becoming the norm.
Dataloy Systems’ Data Processing Addendum is available here: Data Processing Agreement If you are an existing Dataloy Systems customer or partner, our Data Processing Addendum amends your Services Agreement as applicable and governs the processing of any personal data which is provided or made available to us.
Sub-Processors
We use the following third-party data processors when providing our service:
Amazon AWS
MailChimp
HubSpot
Chargebee
Atlassian
Stripe
Inline Manual Ltd.
Integration Partners
You also have the option to enable additional Dataloy Systems integrations (either built-in or through our APIs or webhooks). We do NOT directly evaluate or attest to the GDPR qualifications of our integration partners. Each customer is responsible for evaluating any third-party before creating or enabling an integration.
Who Is Dataloy Systems’ Data Protection Officer (DPO)?
The DPO is Bernhard Hafting, Head of Research and Development at Dataloy Systems AS. You can contact him at privacy@dataloy.com.
How Can You Request Access to Your Personal Information?
We recommend you first contact the Data Controller (i.e. the merchant organisation to whom Dataloy Systems is providing the Dataloy Systems AS service).
You may request a full report on the personal information we hold for you by sending an e-mail to privacy@dataloy.com.
In the subject line, please indicate “Request for Personal Information”. In your email, please specify:
Your full name
Whether you are an individual or a representative of a Data Controller
If you are an individual, the name of your Data Controller (i.e. the merchant organization to whom Dataloy Systems is providing the Dataloy Systems Service).
Please note that we will need to share your request with the Data Controller to verify and action it. We will endeavour to fulfil all access requests within 30 days of our receipt.
How Can You Request Deletion of Your Personal Information?
We recommend you first contact the Data Controller (i.e. the merchant organization to whom Dataloy Systems is providing the Dataloy Systems Service).
You may request the deletion of personal information by sending an e-mail to privacy@dataloy.com.
In the subject line, please indicate “Request for Deletion”. In your email, please specify:
Your full name
Whether you are an individual or a representative of a Data Controller
If you are an individual, the name of your Data Controller (i.e. the merchant organization to whom Dataloy Systems is providing the Dataloy Systems Service).
Please note that we will need to share your request with the Data Controller to verify and action it. We will endeavour to fulfil all access requests within 30 days of our receipt.
How Can You Contact Us?
If you have any questions about this document or our Privacy Policy, please contact us directly at privacy@dataloy.com.
EFFECTIVE: May 5th, 2020
Your privacy is critically important to us. This policy describes how we handle your personal information. This document contains legalese, so please bear with us.
We respect your privacy. This policy sets out our privacy practices and explains how we handle the information we collect when you visit and use the Dataloy Systems’ websites, services, and documentation. When you use Dataloy Systems A/S services, you are agreeing to the collection, transfer, manipulation, storage, disclosure, and other uses of your information as set out in this Privacy Policy. Privacy is important, so please read it carefully.
Our key principles around personal information are:
We are thoughtful about the personal information we ask you to provide, and the personal information we collect through the operation of our services.
We store personal information for only as long as we have a reason to keep it.
We aim for full transparency on how we gather, use and share your personal information.
If you have feedback or suggestions on how to make our Privacy Policy better, please email us at privacy@dataloy.com.
At Dataloy Systems A/S we respect and protect the privacy of users of our services, and visitors to our websites (the "Service"). This Privacy Policy ("Policy") explains how we collect and use visitors' and customers' information, particularly personal information, as part of the Service. The information Dataloy Systems A/S collects and uses is limited to the purpose for which customers engage Dataloy Systems A/S and other purposes expressly described in this Policy.
What do we mean by personal information?
In this Policy, "personal information" means information or an information set that identifies or could be used by or on behalf of Dataloy Systems A/S to identify an individual. Except as described in this Policy, Dataloy Systems A/S will not give, sell, rent, or loan any personal information to any third party.
Personal information might include "Usage Data" (depending on the service used). This information is used for auditing purposes (Audit Log). Usage Data helps us understand trends in the usage of the Service so that we can better consider new features or otherwise tailor the Service. In addition to collecting and using Usage Data ourselves, we may share Usage Data with third parties, including our customers, partners, and service providers for various purposes. This includes helping us better understand our customers' needs, improving the Service, as well as for advertising and marketing purposes. We do not share Usage Data with third parties in a way that would enable them to identify you personally.
How do we collect, use, and share your personal information and other information?
Information you provide to us
When you register for the Service, we ask for personal information, such as your name, address, phone number, email address, and for some services, credit card information as well as certain related information like your company name. Dataloy Systems A/S uses a third-party intermediary to manage credit card processing. This intermediary is not permitted to store, retain, or use your billing information for any purpose except for credit card processing on Dataloy Systems A/S' behalf.
Dataloy Systems A/S may use the personal information you provide for operating the Service, tailoring the Service to your needs, billing, identification and authentication, communicating with you about the Service and your use of the Service, sending you marketing materials (subject to your opt-out option), for research purposes, and to generally improve the content and functionality of the Service.
Dataloy Systems A/S has legitimate interests in processing personal data:
Providing marketing materials, templates, and other educational materials that may require an email address to access.
Providing you with access to your account through a registered email address or username.
Emailing you about activity in your account.
Emailing you about ideas or feedback that you have provided to Dataloy Systems A/S.
Contacting you regarding questions you submit or requests you have made.
Displaying public comments, feedback, reviews, and success stories in online public forums. If you object to this display, please email privacy@dataloy.com with your objection.
Providing you with video content and measuring how and where videos are viewed.
Providing you with support content and measuring how and where content is viewed.
Maintaining the security of the Service through log and backup retention.
Logging and analyzing errors that occur while you are using the Service.
Measuring performance of requests that you make to the Service.
Analyzing your usage of the Service.
If you object to this processing of your data, please contact privacy@dataloy.com. If we are unable to honor your objection, we will let you know that we are unable to do so and why.
Dataloy Systems A/S may also share your personal information with its third-party service providers (such as its credit card processors and hosting partners) to provide the necessary hardware, software, networking, storage, and other services we use to operate the Service and maintain a high-quality user experience.
Log files
As is true with most software, Dataloy Systems A/S gathers certain information automatically and stores it in log files. This information includes internet protocol addresses as well as browser, internet service provider, referring/exit pages, operating system, date/time stamp. Occasionally, we may connect personal information to information gathered in our log files, as necessary to improve the Service for individual customers. We take steps to anonymize this data over time. Otherwise, we generally use this information as we would any Usage Data, to analyze trends, administer and maintain the Service, or track usage of various features within the Service.
Cookies
A "cookie" is a small software file stored temporarily on your computer. The main purpose of a cookie is to allow a web server to identify your computer and web browser and then tailor web pages to your preferences. Cookies doesn't include personal information.
You can generally accept or decline the use of cookies through functionality built into your web browser. We obtain consent for placement of non-essential cookies in jurisdictions that require it. To revoke your consent, you should delete the cookies.
If you want to learn more about cookies or how to control or delete them, please visit http://www.aboutcookies.org for detailed guidance. If you require more specific information as to the nature of the cookies utilised in the Service for purposes of fulfilling these obligations, please contact us by email at privacy@dataloy.com.
Web beacons
We may also employ web beacons to help us better manage content in the Service by informing us what content is effective. Web beacons are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of internet users. Unlike cookies, which are stored on a user's computer hard drive, web beacons are embedded invisibly on websites. We tie the information gathered by web beacons to personal information we otherwise collect and use them in our HTML-based emails to learn which emails have been opened by recipients. This allows us to mark in-app notifications as read that you have already received via email and also allows us to gauge the effectiveness of our marketing campaigns as well as to operate and improve the Service. You can opt-out of these emails by following the unsubscribe instructions in the emails.
Credentials
Depending on the Services you use yo may provide us with credentials for your servers or infrastructure. This information is treated specially, and carefully encrypted in a third party service. The third-party does not have access to the information stored in the service.
Other information sharing
In addition to the purposes described above, we disclose personal information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our End User Agreement or Terms of Service or as otherwise required by law.
Links to other services
The Service might contains links / integrations to other services and web applications that are not owned or controlled by Dataloy Systems A/S. Please be aware that we do not determine and we are not responsible for the privacy practices or content of such other sites. We encourage you to be aware when you grant access to, or leave the Service and read the terms of service and privacy statements of other websites and web applications linked to the Service. This Policy applies only to information collected by the Service.
Public forums
The Service (including the Dataloy Systems A/S Websites) offers publicly-accessible blogs, community forums, and ideas portals. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog, community forum, or ideas portal, contact us at privacy@dataloy.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. You may also be asked by third-party ideas portal owners to consent to additional uses of your personal information. Please be aware that consent may allow for the use of your information outside of the Service. Dataloy Systems A/S is not responsible for the privacy practices of third parties where you consent to additional use of your personal information.
Customer testimonials, comments, and reviews
From time to time, we post customer testimonials on the Dataloy Systems A/S Websites which may contain personal information. We obtain the customers' consent to post their names along with their testimonials.
Purposes for using information
We use information about you as mentioned above and for the purposes listed below:
To provide our Services–for example, to set up and maintain your account, host the service, backup and restore the service, or charge you for any of our paid Services;
To further develop and improve our Services–for example by adding new features that we think our users will enjoy.
To monitor and analyze trends and better understand how users interact with our Services, which helps us improve our Services and make them easier to use;
To communicate with you, for example through an email, about offers and promotions offered by Dataloy Systems A/S and others we think will be of interest to you, solicit your feedback, or keep you up to date on Dataloy Systems A/S and our products; and
To personalize your experience using our Services, target our marketing messages to groups of our users (for example, those who have a particular plan with us or have been our user for a certain length of time), and serve relevant advertisements.
Protection of information
Dataloy Systems A/S is committed to ensuring the security of your personal information. We utilize precautions to protect the confidentiality and security of the personal information within the Service, by employing technological, physical and administrative security safeguards, such as firewalls and other security procedures. For example, when you enter sensitive information (such as login credentials), we may encrypt the transmission of that information using transport layer security technology (TLS). These technologies, procedures, and other measures are used in an effort to ensure that your data is safe, secure, and only available to you and to those you authorized to access your data. However, no internet, email, or other electronic transmission is ever fully secure or error-free, so you should take care in deciding what information you send to us in this way.
Choice
If you are a Dataloy Systems A/S customer and would like to opt-out of getting marketing communications from Dataloy Systems A/S, please email us at privacy@dataloy.com or follow the unsubscribe instructions included in each marketing email. Please note that if you are a paying customer, you cannot opt-out of service and system-generated emails. Requests to opt-out of transfers to our third-party vendors will also be considered, but limitations on data sharing may make it difficult or impossible to provide the Service in this manner.
Correcting and updating your information
Customers may update or change the personal information they have provided Dataloy Systems A/S by logging into the Service and providing such additional information where applicable. If you are our customer and would like to gain access to, or request deletion of information we have collected as "data controllers" or as your “data processor,” please contact us at privacy@dataloy.com.
Data retention
Dataloy Systems A/S will retain personal information we process on behalf of our customers for as long as needed to provide Service to our customers, subject to our compliance with this Policy. We may further retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and for legitimate interest uses.
Changes to the Privacy Policy
We may make material changes to this Policy. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of the Service constitutes your agreement to be bound by such changes to this Policy. Your only remedy, if you do not accept the terms of this Policy, is to discontinue use of the Service.
Business transactions
Dataloy Systems A/S may assign or transfer this Policy, your user account, and related information and data including any personal information to any person or entity that acquires all or substantially all of the business, stock or assets of, or is merged with Dataloy Systems A/S
Contact us
If you have questions regarding this Policy or about the privacy practices of Dataloy Systems A/S, please email us at privacy@dataloy.com.
"The vessel you are trying to create already exists" note will be displayed every time an user tries to create a vessel in Modules > Master Data > Vessel Administration > Create new - using a vessel name which is already in use.
After checking if that vessel exists under the Active vessels tab, the user can check under the Deleted tab where the vessel is most likely to be found.
To get that vessel back under Active and be able to use it in VMS just press Undelete, that vessel will then, without warning, be moved back to Active. A delete permanently option is available as well, but deleting a vessel to which historical voyages are linked will cause historical reports to fail.
Our suite of software is growing, and the dependency between the different version numbers can be overwhelming if you e.g. want to upgrade the system.
One release and one release note for the entire suite of products.
- One Version Number
- One Release Note
From Voyage Management System (VMS) version 3.25, you will just have to relate to 1 version number.
The list of products in Dataloy is continuously growing, and it can be overwhelming to keep track of product versions and their dependencies. The Master Release will solve this problem by giving users one version number to keep track of. Every Master Release will contain release notes for all new features for each product going into the release.
With the launch of the new Voyage Prorated Domain in Dataloy Business Intelligence, creating powerful result reports with aggregation and drill-down has become very easy, yet powerful.
To get started, review the short video below which will show you the very basics of creating a starting point for a result report. Once the basics are done, feel free to graph, slice and dice the report any way you prefer.
A laytime calculation can only be performed if minimum one charter party is generated.
The charter party is automatically generated for single cargos.
To create a charter party :
- Go to Booking and Operation
- Choose the vessel/voyage in question
- Go to the cargo list
- Select the booking/cargo in question
- Press the Create CP button
Open the Laytime module.
The system can help our customers to enforce that passwords are not too simple, are not re-used, or have other weaknesses.
Your system administration (typically your superuser) can enable the features that enforce improved password security.
Security measures that can be enforced:
- Mechanisms to ensure that the complexity of the password is high. (Password Complexity: Case sensitivity and prohibit inclusion of the username in the password)
- Ensure that it is not possible to reuse old passwords (Password History)
- Ensure that passwords are long enough (Password Length)
- Ensure that the users are enforced to change their passwords after a configurable time. (Password Age)
Configuring the system:
Create the following properties in General Master Data under "Dataloy Property". (Administrator rights is required to change these settings)
Property Name | Value | Description |
---|---|---|
com.dataloy.password.history | number | Number of passwords before the same password can be reused |
com.dataloy.password.minlength | number | Minimum length (number of characters) of the password |
com.dataloy.password.complexity | true/false | Will check if password contains username |
com.dataloy.password.expire | true/false | Maximum age of the password, forces the user to change her/his password when logging in. Number of days a user can have the same password is stored on the user in User Administration. |
com.dataloy.policy.strict | true/false | When this setting is activated two additional fields will be made available in the "User Administration" module; Password Expires Every, value should be number of days before a password expires. Password Last Changed, the date for when the password was changed. |
Many of our customers are hosting the Voyage Management System (VMS) on their own servers behind a firewall, these are either managed and maintained by their own IT department or an external service provider.
When users want access to their voyage calculations and other features on their phones or outside of the internal network, the systems must be made available from the internet.
How this is done is up to the network administrators, typically the IT department or the external service provider controlling and maintaining the infrastructure.
When doing so, there are some aspects we recommend considering, to ensure that the systems are secured.
Setting up network encryption (SSL)
In case your company does not have an SSL certificate already, Dataloy can assist in setting this up with a "Let's Encrypt" certificate with frequent automatic renewal on a consultancy basis.
We recommend customers that have access to the system through the Internet to use network encryption.
Ensuring password routines are enforcing high quality passwords.
Often we see that the password quality of a system behind a firewall is questionable. Users often have poor passwords that are easy to guess, or brute force.
There are several measures in the system that can help Administrators set up the system to enforce security when it comes to passwords.
- Mechanisms to ensure that the complexity of the password is high. (Password Complexity: Case sensitivity and prohibit inclusion of the username in the password)
- Ensure that it is not possible to reuse old passwords (Password History)
- Ensure that passwords are long enough (Password Length)
- Ensure that the users are enforced to change their passwords after a configurable time. (Password Age)
Press here to read more, and learn how to configure these features.
Making the system available on the internet
How this is done varies a lot from network to network, but for the system to work on your mobile (without using VPN) it must be made available at port 443 (HTTPS) on an external IP/address in your network.
This must be done by the network administrator (IT department, or external service provider) unless you have the VMS hosted by Dataloy.
Note: Two phase authentication is currently not supported, if your company has this as a requirement, you can not utilise the mobile voyage estimator.