Seafarr
Back to Seafarr

Seafarr Privacy Policy

Effective date: June 24, 2026 Last updated: June 24, 2026

Seafarr ("Seafarr", "we", "us", "our") is a platform that helps seafarers build and manage their professional profile, store and verify maritime credentials, share their availability with manning agencies and shipping principals, and stay connected with family while at sea. Seafarr is operated by Depzilla Corp., with registered address at Lot 10a Blk 25 Phase 2, Minglanilla Highlands, Tubod, Minglanilla, Cebu 6046, Philippines.

This Privacy Policy explains what personal data we collect through the Seafarr mobile app and website (https://seafarr.net), how we use and share it, how long we keep it, and the rights you have over it.

We are committed to protecting your personal data in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173, "DPA"), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC). Where you are located in, or your data is handled by parties in, the European Economic Area (EEA) or United Kingdom, we also align our practices with the General Data Protection Regulation (GDPR).

By creating an account or using Seafarr, you agree to the practices described in this Policy. Please read it together with our Terms of Service.


1. Who is responsible for your data (our role)

For the personal data you provide to build your seafarer profile, Depzilla Corp. acts as the Personal Information Controller under the DPA (and "controller" under GDPR). Some manning agencies and shipping principals who receive your data with your consent act as independent controllers for their own recruitment purposes once you choose to share with them.

We use service providers ("sub-processors" — see Section 6) who process data on our behalf and under contract.


2. Legal bases for processing

We only process your personal data where we have a lawful basis to do so:

Basis (DPA / GDPR)When we rely on it
ConsentBuilding your profile, processing your documents with AI, sharing your profile with agencies/principals, sharing your location with family, and similar optional features. For sensitive personal information (e.g. health data), we rely on your explicit consent.
Contract / steps before a contractOperating your account, managing your subscription, and enabling crewing-related services (consistent with the Maritime Labour Convention, 2006).
Legal obligationRetaining certain records, responding to lawful requests, and meeting maritime/employment recordkeeping duties.
Legitimate interestsSecuring the platform, preventing fraud and abuse, and diagnosing errors — balanced against your rights.

You can withdraw consent at any time (see Sections 9 and 12). Withdrawal does not affect processing that already took place, and some features may stop working if their underlying consent is withdrawn.


3. Information we collect

We collect the following categories of personal data, almost all of which you provide directly when you register and complete your profile. Most profile fields are optional; you choose how complete to make your profile.

3.1 Identity and profile information

First name, last name, middle name, preferred name, email address, date of birth, gender, civil status, nationality, place of birth, religion (optional), short bio, career goal, English level, current rank and desired rank.

3.2 Contact and address information

Mobile and secondary phone numbers, email and messaging contacts (including WhatsApp), and permanent / present / mailing addresses.

3.3 Family and emergency contacts

Details of family members (name, relationship, date of birth, occupation, contact number) and emergency contacts (name, relationship, phone numbers, address) that you add.

3.4 Sensitive personal information (special category data)

Because of the nature of maritime employment, you may choose to provide:

  • Health/medical data — blood type, height, weight, and allergies.
  • Government identifiers (Philippines) — SSS, PhilHealth, Pag-IBIG, and TIN numbers, and other government ID types/numbers you add.
  • Identity and maritime credential documents — passport, Seaman's Book (SIRB), national/UMID/driver's license, birth certificate, OWWA ID, and maritime certificates (e.g. STCW Certificate of Competency, flag-state endorsements, medical fitness certificate, tanker/ISPS and other training certificates). For each you may store the document number, issue/expiry dates, issuing authority and country, and an uploaded image or scan of the document.

We treat this category with heightened protection and process it only with your explicit consent or as otherwise permitted by law.

3.5 Career history

Sea service records (vessel, rank, company, sign-on/sign-off dates, flag state, tonnage) and education records (degree, school, years, level, completion).

3.6 Location information

When you use Family Link or Welfare Ping, and only when you explicitly tap to share, we collect your current GPS location (latitude, longitude, accuracy) and a place name derived from it. We do not track your location continuously or in the background. Your latest shared location can be viewed by family members you have authorized.

3.7 Account and authentication data

Your email address and a securely hashed password (managed by our authentication provider, Supabase), or, if you choose social sign-in, basic profile information (name, email, profile picture) from Google or Facebook. We also handle session tokens, which are stored securely on your device.

3.8 Subscription and entitlement data

Your plan (e.g. free or pro), subscription status, trial/period dates, and a reference ID from the app store / payment processor. We do not collect or store your card or payment-method details — purchases are processed by Apple App Store, Google Play, and RevenueCat (see Section 6).

3.9 Consent records

A record of the consents you give or withdraw at onboarding and in settings (e.g. terms of service, privacy acknowledgement, agency data sharing, AI processing, community participation, principal data sharing), kept as proof of consent.

3.10 Notifications, ratings and feedback

In-app notifications we generate for you, and any agency/vessel ratings or feedback you submit (which you may submit anonymously).

3.11 Diagnostic and usage data

To keep the app reliable, when an error occurs the app may capture a diagnostic screenshot of the screen at that moment and basic device/app information, which is stored privately for our engineers to investigate. Depending on the screen, such a screenshot could contain information shown on it.

Note: We limit access to these diagnostic captures, use them only to diagnose and fix technical problems, and are improving how we redact personal information shown on sensitive screens.

3.12 Device permissions

The app requests the following device permissions, used only for the stated purpose:

PermissionPurpose
CameraScan and capture your maritime certificates and identity documents, and your profile photo.
Photo library (iOS)Select an existing document image or profile photo.
Location (when in use)Share your current location with family via Family Link / Welfare Ping, only when you tap to share.

You can grant or revoke these permissions at any time in your device settings.


4. How we use your information

We use your personal data to:

  • Create and manage your account and seafarer profile;
  • Store, organize, and help you keep track of your credentials and their expiry dates;
  • Verify your documents and assess profile completeness and job fit (including AI-assisted processing — see Section 5);
  • Let you share your profile, availability, and credentials with manning agencies and shipping principals you choose;
  • Operate Family Link / Welfare Ping so you can share your wellbeing and location with family;
  • Manage your subscription and entitlements;
  • Send you service notifications and respond to your support requests;
  • Keep the platform secure, prevent fraud and abuse, and diagnose and fix technical problems;
  • Comply with legal, regulatory, and maritime recordkeeping obligations.

5. AI-assisted document processing

To help verify your documents and assess job fit, we use Google Vertex AI (Google's enterprise AI service) to perform optical character recognition (OCR), check document authenticity, summarize credentials, and compute fit/career-guidance assessments.

  • What is processed: images and extracted text of the documents you upload (e.g. identity and maritime credential documents, medical fitness certificates), and relevant profile fields used for fit-scoring and career guidance.
  • Where: processing takes place in Google Cloud's Singapore region (asia-southeast1).
  • No training on your data: under Google's enterprise data-processing terms, your data sent to Vertex AI is not used to train Google's foundation models.
  • Your control: AI-assisted processing is governed by your "AI processing" consent, which you can manage in the app. If you withdraw it, related AI features may be unavailable.

6. How we share your information

We do not sell your personal data. We share it only as described below.

6.1 With agencies and shipping principals (your choice)

When you enable it, your profile, credentials, availability, and fit assessments may be shared with manning agencies and shipping principals so they can consider you for crewing opportunities. This is controlled by your consents and settings — including agency data sharing, principal data sharing, profile searchability, and availability visibility. You can change these at any time. Once an agency or principal receives your data, they handle it as an independent controller under their own privacy notice.

6.2 With our service providers (sub-processors)

We use the following providers to operate Seafarr. They process your data on our behalf under contract:

ProviderRoleCategories of dataLocation
SupabaseAuthentication, database, and private file storage (documents, profile photo, diagnostic screenshots)Substantially all account, profile, document, family, location, subscription, and consent dataCloud-hosted
Google Cloud (Cloud Run + Vertex AI)Application backend and AI document/fit processingAuthenticated profile data; uploaded document images and textSingapore (asia-southeast1)
RevenueCat, with Apple App Store / Google PlayIn-app purchase and subscription/entitlement managementAccount identifier and purchase events (no card data held by us)Cloud-hosted
Google / Facebook (OAuth)Optional social sign-inName, email, profile picture (only if you choose social sign-in)Cloud-hosted
CARTO (basemaps)Map tiles for the Family Link / location mapNetwork request metadata (e.g. IP address) and map viewportCloud-hosted CDN
ResendTransactional email (e.g. confirmations)Your email address and message contentCloud-hosted

6.3 For legal and safety reasons

We may disclose personal data where required by law, regulation, legal process, or lawful government request, or to protect the rights, safety, and property of users, the public, or Seafarr.

6.4 Business transfers

If Seafarr is involved in a merger, acquisition, or asset sale, personal data may be transferred as part of that transaction, subject to this Policy.


7. International data transfers

Seafarr's backend and AI processing operate in Singapore (asia-southeast1), and some of our sub-processors (e.g. Supabase, RevenueCat, Resend, CARTO) may process data in other countries. Where we transfer personal data outside the Philippines, we remain accountable for its protection under the DPA and put appropriate safeguards in place, including data-processing agreements with our providers and, for EEA/UK data, recognized transfer mechanisms such as Standard Contractual Clauses.


8. How long we keep your data

We keep your personal data for as long as your account is active and as needed to provide the service. In practice:

  • Profile, credentials, career history, contacts, and consent records are retained for the life of your account and, where applicable, to meet maritime/employment recordkeeping and audit obligations.
  • Documents you upload remain available while relevant to your profile; superseded files for unverified or rejected documents are removed when replaced.
  • Location data retains your latest shared location for the Family Link feature.

When you delete your account (see Section 9), we delete or anonymize your personal data unless we are required to retain certain records by law or for legitimate purposes such as fraud prevention and dispute resolution. We are continuing to formalize per-category retention periods; contact our DPO for the current schedule.


9. Your rights

Under the DPA (and, where applicable, GDPR), you have the right to:

  • Be informed about how your data is processed;
  • Access the personal data we hold about you;
  • Rectify / correct inaccurate or outdated data — you can edit most of this directly in the app;
  • Object to or restrict certain processing, and withdraw consent;
  • Erasure / blocking — request deletion or blocking of your data;
  • Data portability — obtain a copy of your data in a usable format;
  • File a complaint with the National Privacy Commission; and
  • Damages for violations that cause you harm.

Account deletion. You can request deletion of your account from within the app or by emailing support@depzilla.com. Please note that where you are bound by an active seafarer engagement, certain records may need to be retained for the period required by the Maritime Labour Convention, 2006 and applicable law before deletion can be completed.

Access and data export. To request a copy of your personal data, email us at jade.gadiane@depzilla.com or support@depzilla.com and we will provide it in a portable format. We are building self-service export within the app; until that is available, please use the email route.

To exercise any right, contact us at jade.gadiane@depzilla.com. We may need to verify your identity, and we will respond within the timeframes required by law.


10. How we protect your data

We apply organizational and technical safeguards appropriate to the sensitivity of the data, including:

  • Encryption in transit for data moving between the app, our backend, and our providers;
  • Private storage for your documents, accessible only through short-lived, signed links;
  • Identity-based access controls so that you (and parties you authorize) can access only the appropriate data;
  • Secure on-device storage of authentication tokens (device keychain/keystore);
  • Keyless, identity-based access to our AI provider (service-account credentials, no API keys).

No system is perfectly secure, but we work continuously to protect your data and to improve our controls.


11. Children's privacy

Seafarr is intended for working seafarers and is not directed to individuals under 18. We do not knowingly collect personal data from children. If you believe a minor has provided us data, contact us so we can address it.


12. Your consent choices

During onboarding, and at any time in your settings, you can review and change your consents — including agency and principal data sharing, AI processing, community participation, and similar options. Mandatory items (acceptance of the Terms of Service and acknowledgement of this Privacy Notice) are required to use the service. Withdrawing an optional consent will disable the related feature but will not affect processing already carried out.


13. Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the app. Your continued use of Seafarr after an update means you accept the revised Policy.


14. Contact us

For any privacy question, request, or complaint, contact our Data Protection Officer:

You also have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines — https://privacy.gov.ph — if you believe your data privacy rights have been violated.