PRIVACY POLICY
DryDocked Field — iOS & iPadOS App
Apple App Store privacy notice for the DryDocked Field iOS / iPadOS application and the Share Links it issues for owner approvals, insurer-pack delivery and external read-only access.
Document: DryDocked Field — Privacy Policy
Application: DryDocked Field (iOS / iPadOS) · owner-approval, insurer-pack and external-viewer Share Links
Issuing controller: ML Consulting MB · legal entity code 306991112
Version: 1.0
Effective from: 1 June 2026
Last updated: 19 May 2026
Privacy contact: support+drydocked@mlconsulting.lt
Lead supervisory authority: Valstybinė duomenų apsaugos inspekcija (VDAI), Vilnius
Backend data residency: European Union
Distribution: Apple App Store
User profile: Business User (B2B) — marinas, yacht service yards, superyacht specialists, multi-yard operators
Read together with the DryDocked Field Terms and Conditions (Master Terms + Schedule A) published by ML Consulting MB.
AT A GLANCE What you should know in 60 seconds. We do not sell your personal data and we never will. DryDocked Field is offline-first: intake captures, condition photographs, Apple Pencil annotations, voice memos, GPS pin-drops, storm-preparation records and signed Owner Approvals are stored on your iPhone or iPad and synced to our EU-resident backend when connectivity returns. The DryDocked backend is hosted in the European Union. Personal data is encrypted in transit and at rest. We do not run advertising in the App, and we do not embed third-party advertising or tracking SDKs. The App is declared “Data Not Used to Track You” in the App Store. DryDocked Field is sold exclusively under a written Order Form (Direct Channel) — no App Store auto-renewable subscription is offered by default. We never see your payment-card data. Owner Approvals captured on iPad with an Apple Pencil signature and biometric verification are operational acknowledgements, not Qualified or Advanced Electronic Signatures under eIDAS Regulation (EU) 910/2014. Operator Reliability Scores are workspace-internal operational data, computed deterministically from Technician Records and dispute flags, and must not be used as the sole basis for any material decision about a worker. Insurer-aligned templates (BoatUS, Lloyd’s, Pantaenius, Markel, Travelers, Geico, AIG and similar) are layout formats only — the named insurers do not endorse, certify or warrant the App, the templates or any Pack. Location is captured event-based — GPS is stamped only on records you save. Continuous background GPS is not used. AI helpers (on-device CoreML hull-damage classifier, on-device Speech / backend Whisper voice transcription, backend Claude-class insurer-narrative drafts) are a paid opt-in add-on, off by default, never autonomous, raw input always retained, and inputs and outputs are never used to train any third-party model. Share Links for owner approval, insurer-pack delivery and external-viewer access are signed and time-limited; precise vessel-position GPS is excluded by default. You can exercise the full set of EU GDPR rights at any time by writing to support+drydocked@mlconsulting.lt. Our lead supervisory authority is the Lithuanian State Data Protection Inspectorate (VDAI) in Vilnius. DryDocked Field is intended for business users only (B2B).
1. About this Privacy Policy
ML Consulting MB (“ML Consulting”, “we”, “us”, “our”) is the publisher of the DryDocked Field iOS / iPadOS application (the “App”), distributed through the Apple App Store. This Privacy Policy explains what personal data the App and its related surfaces — the owner-approval, insurer-pack and external-viewer Share Links it generates, and the server-emailed Group Quarterly Reports issued at Multi-Yard tier — process when you download, install, sign in to, subscribe to, sign an Owner Approval on iPad, open a Share Link, or otherwise use the App, why we process it, the legal bases on which we rely, with whom we share it, for how long we keep it, and the rights you have under the GDPR and other applicable privacy laws.
This Policy is written to satisfy Articles 12 to 14 of Regulation (EU) 2016/679 (the “GDPR”) and the Lithuanian Law on Legal Protection of Personal Data of the Republic of Lithuania, which implements the GDPR in Lithuania. It is also designed to be consistent with the App Privacy details (the App Store privacy “nutrition label”) and the Privacy Manifest (PrivacyInfo.xcprivacy) published with the DryDocked Field App.
DryDocked Field is premium enterprise software intended for business users (B2B) — marinas, yacht service yards, superyacht specialists, multi-yard operators and the technicians, service coordinators, front-desk staff, captains, brokers, insurers, surveyors and external viewers they invite. Vessel owners interact with the App at intake (Apple Pencil signature) and via Share Links as third parties of the Yard Operator. This Policy should be read together with the DryDocked Field Terms and Conditions (Master Terms + Schedule A) and, where ML Consulting acts as processor, the Master Data Processing Agreement (“Master DPA”) concluded with the Yard Operator.
2. Controller identification
We are the data controller for the processing described as “we act as controller” in section 4 of this Policy. Our identification details are set out below.
Legal name: ML Consulting MB
Legal form: Mažoji bendrija (small partnership) governed by the law of the Republic of Lithuania
Legal entity code: 306991112 (Centre of Registers of the Republic of Lithuania)
Website: https://mlconsulting.lt
Privacy contact: support+drydocked@mlconsulting.lt
ML Consulting MB has not designated a Data Protection Officer because its current processing does not meet the criteria in Article 37(1) GDPR. The privacy contact above handles all data-protection enquiries. If our processing activities change such that a DPO becomes mandatory, we will appoint one and publish their contact details in this Policy.
Our lead supervisory authority for the purposes of the GDPR’s one-stop-shop mechanism (Article 56 GDPR) is the Lithuanian State Data Protection Inspectorate — Valstybinė duomenų apsaugos inspekcija (“VDAI”) — at L. Sapiegos g. 17, LT-10312 Vilnius, Lithuania, telephone +370 5 271 2804, email ada@ada.lt, website vdai.lrv.lt.
3. Scope of this Policy
This Privacy Policy applies to:
the DryDocked Field iOS / iPadOS application published by ML Consulting MB on the Apple App Store;
the browser-accessible Share Links the App generates for owner-approval requests, insurer-pack delivery and external-viewer (broker, surveyor, auditor) read-only access;
the server-emailed Group Quarterly Report PDFs issued at the Multi-Yard tier;
user accounts, Yards (Workspaces), Season Files, subscriptions, trials, onboarding sessions, support channels, billing operations and authentication services that we operate in connection with the App;
the Insurer-Aligned Stand-by Service line where ML Consulting hands-on assists with Pack assembly during storm or claim events;
the App’s landing pages, help articles and documentation hosted on mlconsulting.lt that describe DryDocked Field; and
email, in-application and other communications you exchange with us about the App.
Where Apple Inc. or its subsidiaries, or any other independent third party, processes personal data on its own account in connection with the App — for example, the Apple App Store, Sign in with Apple, APNs push, WeatherKit, iCloud or a payment-card network — that party acts as a separate controller and its own privacy policy applies in addition to this Policy.
4. Our two privacy roles — controller and processor
4.1 We act as controller
We determine the purposes and means of processing for the following categories, which is why this Policy applies to them directly:
account and authentication data we collect to identify you and operate your user account;
device, technical, telemetry and security-event data the App generates during normal use;
communications and support correspondence about the App;
billing and payment data we collect from Direct-Channel Yard Operators (all paid DryDocked Field tiers); and
Insurer-Aligned Stand-by Service engagement records (separate professional-service line).
4.2 We act as processor
DryDocked Field operates on a Yard / Workspace model. The Yard Operator (typically a marina, yacht service yard, superyacht specialist or multi-yard group) uses the App to manage Season Files for vessels it accepts into bailment / dry-dock / storage / refit / service / transport, and to capture intake records, owner approvals, technician records, storm-preparation records, damage discoveries, spring re-commissioning records and the Packs assembled from them. For that Customer Data — including technician personal data, vessel-owner personal data, captain / management contacts, broker contacts, insurer / policy references, Share Link recipient data and biometric-gated audit-log entries within the meaning of Schedule A of the Terms and Conditions — the Yard Operator is the controller and ML Consulting acts as a processor under the Master DPA, which meets the requirements of Article 28 GDPR.
In that role we process Customer Data only on the documented instructions of the Yard Operator, except where we are required to act otherwise by EU or Lithuanian law. If you are a technician, service coordinator, front-desk staff member, vessel owner, captain, broker, insurer, surveyor, external viewer or other individual whose personal data has been uploaded to DryDocked Field by a Yard Operator, that organisation is the controller and you should approach it first with any data-protection request. We will redirect any request we receive on its behalf without undue delay (see section 17.4).
5. Apple App Store and iOS platform context
Because the App is delivered through the Apple App Store and runs on Apple’s iOS / iPadOS platform, several aspects of how your personal data is handled are inherited from Apple’s platform. This section makes the most relevant ones explicit.
5.1 App Privacy details on the App Store
Apple requires every application on the App Store to publish a structured summary of the data it collects (the “App Privacy details”, commonly described as the App Store privacy “nutrition label”). The App Privacy details for DryDocked Field are kept consistent with this Policy. Indicatively, they declare Contact Info (the email addresses of vessel owners, captains, brokers, insurers, surveyors and external viewers you invite, and your own account email), User Content (intake records, photographs, Apple Pencil annotations, voice memos, Owner Approvals, Technician Records, Storm Preparation Records and watermarked Pack PDFs) and, where opted-in, Diagnostics and anonymous Usage Data. Tracking is declared as None.
5.2 App Tracking Transparency
DryDocked Field does not track you across other companies’ applications and websites within the meaning of Apple’s App Tracking Transparency framework. We do not request the App Tracking Transparency permission and we do not use the iOS Identifier for Advertisers (IDFA). The App’s App Store declaration is set to “Data Not Used to Track You”.
5.3 Privacy Manifest
DryDocked Field ships an Apple-required Privacy Manifest (PrivacyInfo.xcprivacy) declaring the data categories the App collects, the reasons for any use of “required reason” iOS APIs and the third-party SDKs the App depends on. The Privacy Manifest is the machine-readable counterpart of this Policy.
5.4 iOS sandbox and Data Protection
On-device application data is held inside the iOS application sandbox and benefits from Apple’s default Data Protection (typically the “Complete Until First User Authentication” class), which encrypts that data at rest using a key derived from your device passcode. Where the App needs to retain a small secret value (for example, a session token), we use Apple’s Keychain Services rather than handling secrets ourselves.
5.5 Sign in with Apple and email magic-link
The App offers Sign in with Apple in line with Apple’s App Store Review Guidelines § 4.8. When you choose this option, Apple supplies us with a stable Apple Account identifier and either your real email address or an Apple-generated relay address (“Hide My Email”). The App also supports email magic-link authentication: you receive a one-time signed link by email, and we never store a password. We never receive your Apple Account password.
5.6 Biometric gates (Face ID / Touch ID) and Apple Pencil Owner Approvals
High-consequence operations — finalising an Owner Approval on iPad, generating a Damage Defence Pack, issuing an Insurer-Aligned Pack, exporting an audit log — can be gated by Face ID / Touch ID through Apple’s LocalAuthentication framework. Biometric data never leaves the device; Apple does not provide us with your biometric template. Owner Approvals are typically captured on an iPad using a PencilKit-rendered Apple Pencil signature stroke plus biometric verification. As clause A5 of Schedule A makes clear, these Owner Approvals are operational acknowledgements only — they are not Qualified Electronic Signatures, Advanced Electronic Signatures or any other formally defined electronic signature under Regulation (EU) 910/2014 (eIDAS), and they do not by themselves form, vary, novate or terminate any underlying contract between the Yard Operator and the vessel owner.
5.7 WeatherKit, ActivityKit Live Activities, APNs and EventKit
DryDocked Field relies on a number of Apple frameworks and platform services, each governed by Apple’s privacy terms in addition to this Policy: WeatherKit (microclimate snapshots attached to intake, technician, storm-preparation and spring re-commissioning records on a best-effort basis, and used for the Storm Mode threshold check); ActivityKit Live Activities (storm-event countdowns, owner-approval pending state and follow-up countdowns surfaced on the Dynamic Island and Lock Screen); APNs (Time-Sensitive push notifications including damage-discovery alerts, storm-watch escalations, owner-approval-pending digests and pack-ready notices); EventKit (optional writes of follow-up events to the Apple Calendar of the relevant authorised user); AVFoundation (camera and audio capture); CoreLocation (event-based GPS stamping); PencilKit (Owner Approval signatures and annotation on iPad); PDFKit (watermarked Pack rendering); Speech (on-device first-pass voice transcription); BGTaskScheduler (background sync); StoreKit 2 (preserved for any future App Store IAP path — currently not the default channel).
5.8 Share Links
The App generates signed, time-limited browser Share Links for three purposes: owner-approval requests (the vessel owner clicks the link and views the intake record before approving on iPad in person — the Share Link itself is read-only); insurer-pack delivery (an insurer or broker views a watermarked Pack PDF); and external-viewer read-only access (a surveyor, classification-society auditor or other third party views a scoped subset of records). Share Links are served by DryDocked’s EU-resident backend, are scoped to records the Yard Operator expressly selects, default to excluding precise vessel-position GPS where exposure could create theft or security risk, expire on a deadline set by the Yard Operator and are revocable at any time. Recipients of a Share Link are processed as Customer Data on behalf of the Yard Operator (we act as processor).
5.9 App Privacy Report
iOS 15.2 and later provide an in-operating-system App Privacy Report (Settings → Privacy & Security → App Privacy Report) that lets you inspect the sensors, data categories and network domains the App has accessed. DryDocked Field is designed so that this report shows the Apple platform domains used by the features above, plus ML Consulting’s EU-resident backend and the AI sub-processor endpoint where the backend AI add-on has been enabled by the Yard Operator (see section 14).
6. Key terms used in this Policy
Personal data — any information relating to an identified or identifiable natural person, as defined in Article 4(1) GDPR.
Processing — any operation performed on personal data, including collection, recording, organisation, storage, use, disclosure and erasure.
Controller — the person who determines the purposes and means of processing.
Processor — a person who processes personal data on behalf of a controller.
Yard Operator / Workspace Owner — the business customer (typically a marina, yacht service yard, superyacht specialist or multi-yard group) that uses DryDocked Field to manage its Yards and vessels under its custody.
Vessel — a boat, yacht, superyacht or other floating asset managed in a Yard.
Season File — a workspace-scoped record of a Vessel’s storage, refit or service period in a Yard.
Customer Data — all data submitted by, or generated for, the Yard Operator through the App or any Share Link issued by it, including Intake Records, Owner Approvals, Technician Records, Storm Preparation Records, Pack PDFs, Operator Reliability Score data, exports and append-only audit logs.
Owner Approval — an operational acknowledgement by a vessel owner (or owner’s representative) of an Intake Record, service scope, damage finding or similar record, typically captured on iPad with an Apple Pencil signature stroke and biometric verification. Owner Approvals are operational acknowledgements only — not Qualified or Advanced Electronic Signatures under eIDAS Regulation (EU) 910/2014 and not a contract.
Operator Reliability Score — a workspace-internal score derived deterministically from cross-Vessel Technician Records, scope-fidelity data and dispute flags. It is not exposed to insurers, brokers, owners or the public.
WeatherKit Snapshot — a time-stamped record of microclimate values sourced from Apple’s WeatherKit service at the moment of capture and attached to an Intake Record, Technician Record, Storm Preparation Record, Spring Re-Commissioning record or Pack for attestation purposes.
Pack — a watermarked PDF generated by the App, including Damage Defence Pack, Owner Dispute Defence Pack, Hurricane / Storm Defence Pack, Spring Re-Commissioning Pack, Insurer-Aligned Pack, Multi-Season Vessel History Pack, Captain / Management Handoff Packet and Group Quarterly Report.
Share Link — a signed, time-limited link generated by the App for owner approval, insurer-pack delivery or external-viewer read-only access.
On-device — data stored or processed locally on the user’s iPhone or iPad inside the iOS application sandbox; it does not leave the device unless this Policy says otherwise.
Backend — DryDocked’s EU-resident server-side service, to which on-device records are synced and from which Share Links, Packs and (where enabled) AI narrative drafts are served.
Sub-processor — a third-party service provider that processes personal data on our behalf or that supports a feature of the App.
EEA — the European Economic Area, comprising the EU Member States, Iceland, Liechtenstein and Norway.
VDAI — Valstybinė duomenų apsaugos inspekcija, the Lithuanian State Data Protection Inspectorate, our lead supervisory authority.
7. Personal data we process
We collect only the data we reasonably need to operate, secure, support and improve the App. The categories below describe what DryDocked Field processes; not every Workspace or user account will involve every category.
Account and authentication data: Name, email address, account identifier, authentication method (Sign in with Apple or email magic-link), Apple-issued relay address where you used “Hide My Email”, Workspace membership, role (yard manager, service coordinator, technician, front-desk staff, captain, broker, external viewer) and permissions. We do not store passwords; magic-link authentication uses one-time signed links.
Device, technical and telemetry data: IP address (typically truncated for analytics), device model and operating-system version, App version, language and timezone, pseudonymised interaction events (screens viewed, features used, capture-duration metrics), crash reports, performance traces and security-relevant events such as failed log-ins and biometric gate attempts.
Communications and support data: The content and metadata of any email, support ticket, in-app help message, demo request, onboarding call note, Insurer-Aligned Stand-by Service correspondence or other correspondence with us, including any attachments you choose to send.
Billing and payment data (Direct Channel — all tiers): Invoicing entity name, registered address, VAT identifier, signatory contact, Order Form record (Plan, term, fees, user / vessel / yard / season limits, add-ons), payment-status data, bank-transfer reference and the last four digits of the payment card where card payment is used. We do not store full payment-card numbers.
Customer Data — Vessel, Season File and operational records: Yards, Season Files, Vessels (with vessel identifiers including HIN, MMSI, IMO, flag, registration), Intake Records, Technician Records, Owner Approvals (with PencilKit signature stroke and biometric-verification metadata), Storm Mode and Storm Preparation Records, damage-discovery captures, spring re-commissioning captures, Pack PDFs and the append-only audit log.
Vessel-owner, captain, broker and insurer personal data: Where the Yard Operator enters or invites a vessel owner, captain, management-company contact, broker or insurer / policy reference: the individual’s name, email or phone number, role, the records they are linked to and (for Share Link recipients) the activity log of when the link was opened. Treated as Customer Data on behalf of the Yard Operator.
Technician and front-desk personal data: Where the Yard Operator invites a technician, service coordinator, front-desk staff member, captain or other worker as an authorised user: the worker’s name, email, role, Workspace identifier, the timestamp of their acknowledgment of the Workspace privacy notice, and the records they capture (including their own user identifier, GPS pin-drops at the moment of capture and any voice memo or photograph in which they are identifiable). See section 11.
Operator Reliability Score data: A workspace-internal score for each authorised technician / coordinator, computed deterministically from cross-Vessel Technician Records, scope-fidelity records and dispute flags. The score is confidential to the Yard Operator and is not exposed to the scored worker’s peers, brokers, insurers, owners or the public (clause A4.2 of Schedule A).
Apple Pencil signatures and biometric-verification metadata: The PencilKit-rendered ink-stroke representation of an Owner Approval signature, captured on iPad; the LocalAuthentication “verified” flag (and the type of authentication used, e.g. Face ID or Touch ID); the timestamp; and the audit-log entry. Apple’s LocalAuthentication framework does not disclose your biometric template to the App.
Camera, microphone and on-device file data: Intake, condition, damage-discovery, storm-preparation and spring re-commissioning photographs (AVFoundation), voice memos (AVFoundation + on-device Speech framework first-pass transcript), PencilKit annotations on iPad. Camera, photo-library, microphone and Speech-recognition access are controlled by the iOS permission prompts and may be revoked at any time in iOS Settings.
Location data (CoreLocation, event-based): GPS coordinates captured at the moment you save an Intake Record, Technician Record, Storm Preparation Record, damage-discovery record or similar (“When In Use” permission). The App does not perform continuous background tracking.
WeatherKit microclimate data: Time-stamped microclimate values (typically temperature, humidity, atmospheric pressure, wind) sourced from Apple’s WeatherKit service at the moment of capture and attached to the relevant record or Pack as a WeatherKit Snapshot. Storm Mode additionally uses WeatherKit to detect severe-weather threshold approaching the yard location. WeatherKit access is governed by Apple’s terms in addition to this Policy.
Apple Calendar (EventKit) integration: Where the Yard Operator enables it, the App writes follow-up events (intake follow-up, spring re-commissioning, Insurer-Aligned Stand-by Service deadlines) to the Apple Calendar of the relevant authorised user. We do not read or transmit your wider Calendar contents.
Notification preferences and tokens: Push-notification cadence toggles (damage-discovery alert, storm-watch escalation, owner-approval-pending digest, spring backlog, pack-ready, sync-conflict, vessel-arriving-today); iOS notification permission state; APNs device push token used by Apple Push Notification service to deliver Time-Sensitive pushes; ActivityKit Live Activity state.
On-device CoreML inference outputs: Where the AI photo-classifier add-on is enabled: the output of the on-device CoreML hull-damage classifier (damage type, severity class, confidence score), stored alongside the raw photo. CoreML inference runs locally on your device.
Backend AI helper inputs and outputs (paid opt-in add-on): Where the Yard Operator has enabled backend AI features: the photograph or audio clip sent for higher-fidelity refinement (backend hull-damage classifier; backend Whisper-class voice transcription) and the structured-text input sent for Claude-class insurer-narrative drafting, plus the generated draft outputs. Raw input is always retained alongside any AI-structured output; see section 14.
Application-generated data: Outputs of the deterministic Capture-to-Pack workflow, the storm-completeness check, the booking / approval state machines, the Operator Reliability Score computation, the audit log, capture-duration telemetry and similar computed values.
7.1 Special categories of personal data
DryDocked Field is not designed to collect special categories of personal data within the meaning of Article 9 GDPR (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data, health data, or data concerning sex life or sexual orientation). You must not upload special-category data to the App unless it is strictly necessary for your lawful use of the App and you have a valid lawful basis under Article 9(2) GDPR. The Yard Operator is responsible for that lawful basis. Biometric authentication (Face ID / Touch ID) is performed by Apple’s LocalAuthentication framework and biometric data never leaves the device; the App stores only the verified / not-verified outcome and the authentication-type metadata.
7.2 What we do not collect
To remove ambiguity, DryDocked Field does not collect:
the contents of your Apple Contacts, the wider Apple Calendar, your photo library beyond images you actively attach, or any HealthKit / HomeKit data;
behavioural-advertising identifiers; we do not run advertising, do not use the IDFA and do not share data with advertising networks;
analytics, attribution or crash-reporting data through any third-party SDK that has not been disclosed in this Policy and in the App’s Privacy Manifest;
continuous background-location data; GPS capture is event-based only and requires only the “When In Use” iOS permission.
8. How we collect personal data
We collect personal data in three ways:
Directly from you — when you create an account, complete a form, install or use the App, capture an Intake, Technician, Storm Preparation, damage-discovery or spring re-commissioning record, sign an Owner Approval on iPad, attach a photograph or voice memo, generate a Pack, issue a Share Link, contact support or subscribe to a communication.
Automatically through your use of the App — when the App generates technical, telemetry, security or computational data (capture-duration metrics, Operator Reliability Score recomputation, Storm Mode threshold detection, append-only audit-log entries) necessary to deliver, secure or improve the service, and when Apple platform services (WeatherKit, APNs, ActivityKit) supply data linked to your action.
From third parties — when Apple supplies us with the result of Sign in with Apple, when a Yard administrator invites you to a Workspace, when a payment provider confirms a payment, when a vessel owner clicks an owner-approval Share Link, or when an authority lawfully provides information in connection with a regulatory matter.
9. Why we process personal data and our legal bases
For each processing activity we rely on a lawful basis under Article 6(1) GDPR. The table below sets them out for the categories of processing covered by this Policy.
Purpose: Provide and operate the App and its Share Link surfaces, including authentication, Yards, Season Files, intake capture, owner approvals, technician records, storm-preparation, damage discovery, spring re-commissioning, Pack assembly, audit history, exports and sync. | Data used: Account and authentication data; device, technical and telemetry data; Customer Data and operational records; technician, vessel-owner, captain, broker and insurer / Share Link recipient personal data (as processor). | Legal basis: Performance of a contract with you (or pre-contractual steps at your request). | GDPR ref.: Art. 6(1)(b)
Purpose: Process payments and manage billing for Direct-Channel Yard Operators (all tiers + add-ons + Insurer-Aligned Stand-by Service); comply with statutory accounting and tax retention. | Data used: Billing and payment data; account data. | Legal basis: Performance of a contract; compliance with a legal obligation under Lithuanian accounting and tax law. | GDPR ref.: Art. 6(1)(b); Art. 6(1)(c)
Purpose: Camera, microphone, photo and on-device Speech features (intake / condition / damage / storm / spring capture and voice memos). | Data used: Camera and microphone input (in memory); captured stills and voice clips (only when you save them); on-device Speech first-pass transcript. | Legal basis: Performance of a contract; consent for camera, microphone, photo-library and Speech-recognition access via the iOS prompts. | GDPR ref.: Art. 6(1)(b); Art. 6(1)(a)
Purpose: Event-based GPS capture on Intake, Technician, Storm Preparation, damage-discovery and spring re-commissioning records. | Data used: Location data captured at the moment of save. | Legal basis: Performance of a contract; consent via the iOS “When In Use” location prompt. | GDPR ref.: Art. 6(1)(b); Art. 6(1)(a)
Purpose: WeatherKit microclimate attestation on records and Packs, and Storm Mode severe-weather threshold detection. | Data used: WeatherKit Snapshot (temperature, humidity, pressure, wind) at moment of capture; Storm Mode threshold-check signals. | Legal basis: Performance of a contract; Apple’s WeatherKit terms apply in addition. | GDPR ref.: Art. 6(1)(b)
Purpose: Apple Pencil owner-approval capture on iPad with biometric verification. | Data used: PencilKit signature stroke; LocalAuthentication verified / not-verified outcome and authentication-type metadata; timestamp; audit-log entry. | Legal basis: Performance of a contract (between the Yard Operator and the vessel owner, supported evidentially by the App). The signature is an operational acknowledgement, not a Qualified or Advanced Electronic Signature under eIDAS. | GDPR ref.: Art. 6(1)(b)
Purpose: APNs Time-Sensitive push notifications, ActivityKit Live Activity countdowns and configurable notification cadence (damage-discovery alert, storm-watch escalation, owner-approval pending, spring backlog, pack-ready, sync conflict, vessel-arriving-today). | Data used: Notification preferences; APNs push token; application-generated alerts; ActivityKit Live Activity state. | Legal basis: Consent (granted via the iOS notification prompt and the App’s Settings). | GDPR ref.: Art. 6(1)(a)
Purpose: Optional EventKit writes of follow-up events to Apple Calendar. | Data used: Calendar event metadata for intake follow-ups, spring re-commissioning deadlines and Insurer-Aligned Stand-by Service milestones. | Legal basis: Consent via the iOS Calendar prompt. | GDPR ref.: Art. 6(1)(a)
Purpose: On-device CoreML hull-damage photo classification (paid add-on). | Data used: Photograph attached to an Intake Record or Damage Discovery; CoreML output stored alongside. | Legal basis: Performance of a contract (consent for the add-on by the Yard Operator); no data leaves the device. | GDPR ref.: Art. 6(1)(b)
Purpose: Backend AI helpers — higher-fidelity hull-damage refinement, Whisper-class voice transcription and Claude-class insurer-narrative drafts (paid opt-in add-on). | Data used: Photograph, audio clip or structured-text inputs; generated draft outputs. | Legal basis: Performance of a contract; consent (Yard Operator add-on enablement). | GDPR ref.: Art. 6(1)(b); Art. 6(1)(a)
Purpose: Compute the workspace-internal Operator Reliability Score for use in operational decisions, with meaningful human review. | Data used: Technician Records, scope-fidelity records, dispute flags within the Yard Operator’s Workspace. | Legal basis: Performance of a contract; legitimate interests of the Yard Operator in operational quality. | GDPR ref.: Art. 6(1)(b); Art. 6(1)(f)
Purpose: Issue, serve and revoke Share Links (owner-approval, insurer-pack, external-viewer); deliver Group Quarterly Report PDFs by email at Multi-Yard tier. | Data used: Recipient contact data; Share Link scope and expiry; activity log; aggregated cross-Yard metrics. | Legal basis: Performance of a contract. | GDPR ref.: Art. 6(1)(b)
Purpose: Secure the App; prevent fraud, abuse, evidence tampering, Share Link forging, signature forgery and unauthorised access. | Data used: Authentication data; device, technical and telemetry data; security-relevant events; append-only audit log; biometric gate state. | Legal basis: Legitimate interests in protecting the integrity, availability and confidentiality of the App and the evidentiary integrity of Packs and Owner Approvals. | GDPR ref.: Art. 6(1)(f)
Purpose: Improve the App; conduct privacy-respecting product analytics (opt-in). | Data used: Pseudonymised telemetry; aggregated usage statistics. | Legal basis: Legitimate interests in understanding how the App is used. Where required, consent. | GDPR ref.: Art. 6(1)(f); Art. 6(1)(a)
Purpose: Provide customer support, the Insurer-Aligned Stand-by Service line and respond to enquiries. | Data used: Communications and support data; account data; Stand-by engagement records. | Legal basis: Performance of a contract; legitimate interests for general or pre-contractual enquiries. | GDPR ref.: Art. 6(1)(b); Art. 6(1)(f)
Purpose: Respond to data-subject requests and operate the GDPR rights workflow. | Data used: All categories relevant to the request. | Legal basis: Compliance with a legal obligation under the GDPR. | GDPR ref.: Art. 6(1)(c); Arts. 12 to 22
Purpose: Send service messages (security, billing, material change notices). | Data used: Account data; communications data. | Legal basis: Performance of a contract. | GDPR ref.: Art. 6(1)(b)
Purpose: Defend or pursue legal claims. | Data used: Data relevant to the claim. | Legal basis: Legitimate interests in establishing, exercising or defending legal claims. | GDPR ref.: Art. 6(1)(f)
Purpose: Comply with legal, regulatory and tax obligations and respond to lawful requests. | Data used: Data required by law (typically account, billing, audit and security logs). | Legal basis: Compliance with a legal obligation. | GDPR ref.: Art. 6(1)(c); Art. 23
Where we rely on legitimate interests under Article 6(1)(f) GDPR, we have carried out and documented a balancing assessment that concluded our interests are not overridden by your fundamental rights and freedoms. Where we rely on consent under Article 6(1)(a) GDPR, you may withdraw it at any time without affecting the lawfulness of processing carried out before the withdrawal — through iOS Settings, the relevant in-app toggle, the unsubscribe link in any marketing email or by writing to us.
10. Offline-first architecture, on-device storage and EU-resident backend
DryDocked Field is offline-first. Intake captures, condition photographs, Apple Pencil annotations, voice memos, GPS pin-drops, Owner Approvals, Technician Records and Storm Preparation Records are written first to on-device storage (SwiftData) inside the iOS application sandbox. Records sync to the DryDocked backend when connectivity returns. If you delete the App, reset your device or fail to maintain a backup before sync, locally-held but unsynced data may be lost.
The backend is hosted in the European Union. Personal data is encrypted in transit (TLS 1.2 or higher) and at rest. Records and files are isolated per Yard / Workspace using row-level security and signed-URL access. Background sync uses Apple’s BGTaskScheduler when iOS schedules it; this is best-effort and depends on device state.
11. Yard Operators, technicians, vessel owners and Share Link recipients
DryDocked Field is operated on a Yard / Workspace model. The Yard Operator’s administrator may invite yard managers, service coordinators, technicians, front-desk staff, captains, brokers and external viewers; configure roles; view activity inside the Workspace; generate Packs; issue Share Links; activate Storm Mode; and configure retention. The administrator is responsible for ensuring that invited users, vessel owners and Share Link recipients receive an appropriate privacy notice and that the organisation has a valid lawful basis for processing the personal data of its workers, vessel owners, captains, brokers, insurers and surveyors.
For these features we act as processor of Customer Data on behalf of the Yard Operator under the Master DPA. Yard Operators must rely on their own privacy notice for the substantive obligation under Articles 13 to 14 GDPR; this Policy applies in addition to that notice in respect of data we process as controller (account, telemetry, support, billing and similar data).
11.1 Technician and front-desk monitoring under Article 88 GDPR
Because technician, service-coordinator and front-desk evidence capture and event-based GPS stamping constitute employee monitoring in many EU jurisdictions, the Yard Operator is responsible — under clause A4 of Schedule A of the Terms and Conditions — for satisfying the worker-monitoring obligations of the country where the worker normally works, including any required works-council, seafarers’, seasonal-worker or collective-bargaining consultation under the law of that EU Member State.
Before granting any worker access, the Yard Operator must provide a privacy notice meeting Articles 13 to 14 GDPR and the national worker-information rules implementing Article 88 GDPR, consult representatives where required, establish and document an appropriate lawful basis under Article 6(1) GDPR, and use monitoring features (event-based GPS pin-drops, photos, voice memos, Operator Reliability Score, audit-log entries) proportionately and only for the legitimate operational purposes described in the worker privacy notice. The App is not designed for, and must not be used for, covert worker surveillance.
11.2 Operator Reliability Score discipline
The Operator Reliability Score is workspace-internal operational data. Under clause A4.2 of Schedule A, the Yard Operator must keep individual scores confidential within the Yard Operator (no exposure to peers, brokers, insurers, owners or the public); must not use the score as the sole basis for any material decision affecting a worker (employment, contractor renewal, disciplinary action) without meaningful human review and an independent assessment; and must not use it in a defamatory, retaliatory, discriminatory, anti-competitive, anti-union or otherwise unlawful manner.
11.3 Vessel owners, captains and brokers
Where the Yard Operator enters a vessel owner, captain, management-company contact or broker into the App, or requests an Owner Approval on iPad, or issues a Share Link to any of them, the Yard Operator is the controller for those data subjects and must comply with Articles 13 to 14 GDPR. Owner Approvals captured in the App are operational acknowledgements only — they are not e-signatures under eIDAS and they do not form an underlying contract.
11.4 Share Link recipients (insurers, surveyors, auditors, external viewers)
Where the Yard Operator issues a Share Link to an insurer, broker, surveyor, classification-society auditor or other external viewer, the Yard Operator is responsible for: limiting the token scope to records the recipient actually needs; setting an appropriate expiry; keeping precise vessel-position GPS coordinates excluded where exposure could create theft or security risk (the App offers this as the default setting); and informing the recipient that the link delivers a read-only operational record only — not a vessel survey, an insurance certificate, a port-state-control document, a court exhibit, a broker recommendation or a notarised contract.
12. Recipients of personal data
We share personal data only with the categories of recipients listed below, and only to the extent necessary for the purpose. We do not sell personal data, and we do not “share” personal data for cross-context behavioural advertising as that term is defined under California law.
Recipient category: Apple Inc. and Apple Distribution International Limited | Purpose: App Store distribution, Sign in with Apple, APNs push delivery, WeatherKit microclimate, ActivityKit Live Activities, iCloud where used, StoreKit 2 (preserved for any future App Store IAP path) and related Apple platform services. | Status: Independent controller for App Store-side and Apple-platform-side processing.
Recipient category: EU-resident backend hosting provider (managed Postgres) | Purpose: Host the DryDocked backend, including encrypted Season File and record storage, signed-URL file storage, row-level security per Workspace, scheduled jobs (storm-watch detection, follow-up digests) and Share Link serving. | Status: Sub-processor under written terms; data hosted in the European Union.
Recipient category: Workflow orchestration provider (server-side cron and event jobs) | Purpose: Run scheduled jobs — storm-watch threshold detection, owner-approval pending digests, vessel-arriving-today reminders, sync-conflict notifications and Group Quarterly Report assembly. | Status: Sub-processor under written terms.
Recipient category: Email-delivery provider | Purpose: Send service messages, magic-link authentication emails, support replies, onboarding communications, owner-approval Share Link emails, insurer-pack Share Link emails and the Group Quarterly Report email at Multi-Yard tier. | Status: Sub-processor under written terms.
Recipient category: Anonymised product-analytics, monitoring and crash-reporting providers | Purpose: Privacy-respecting product analytics, performance monitoring and bug diagnostics; pseudonymised where feasible; opt-in for Diagnostics and Usage Data in the App Privacy details. | Status: Sub-processors under written terms; used only after consent where required.
Recipient category: Payment and invoicing provider (Direct Channel) | Purpose: Process payments, invoices, refunds, taxes and reconciliation for all paid tiers, add-ons and the Insurer-Aligned Stand-by Service line. | Status: Independent controller or sub-processor depending on the provider.
Recipient category: Backend hull-damage classifier provider (paid add-on) | Purpose: Higher-fidelity refinement of the on-device CoreML hull-damage classification, where the Yard Operator has enabled the AI photo classifier add-on. | Status: Sub-processor under written terms; inputs and outputs are not used to train any third-party model.
Recipient category: Voice-transcription provider (backend Whisper-class, paid add-on) | Purpose: Refine on-device first-pass transcripts of intake, damage-discovery, storm and spring voice memos, where the Yard Operator has enabled the AI add-on. | Status: Sub-processor under written terms; inputs and outputs are not used to train any third-party model.
Recipient category: Language-model provider (Anthropic — Claude-class insurer-narrative drafts, paid add-on) | Purpose: Generate insurer-narrative drafts for Damage Defence Packs, Storm Defence Packs and Insurer-Aligned Packs, where the Yard Operator has enabled the AI add-on. Customer-identifying free text is minimised before transmission. AI-drafted narratives carry a “Draft — review before submitting to insurer” watermark until a yard manager finalises. | Status: Sub-processor under written terms; inputs and outputs are not used to train any third-party model.
Recipient category: Professional advisers (lawyers, accountants, auditors, insurers) | Purpose: Legal, tax, audit, insurance and compliance advice on a need-to-know basis. | Status: Independent controllers under their own duties of confidence.
Recipient category: Authorities, courts and regulators | Purpose: Where we are required by law, court order or a binding regulatory request, including the Lithuanian State Data Protection Inspectorate (VDAI) and the Lithuanian State Tax Inspectorate (VMI) where applicable. | Status: Independent controllers acting under their statutory powers.
Recipient category: Successor entity | Purpose: In the context of a merger, acquisition, restructuring or sale of assets, subject to confidentiality safeguards and to the buyer continuing to honour the commitments in this Policy. | Status: Independent controller after the transaction closes.
References in the App to insurer brands — including BoatUS, Lloyd’s, Pantaenius, Markel, Travelers, Geico, AIG and others — are descriptive only and identify the template layout that the App is capable of producing. Such references do not imply sponsorship, endorsement, affiliation, partnership, certification or approval by any of those insurers or by any insurance regulator. None of those insurers is a sub-processor, recipient or party to this Policy by virtue of being named in an Insurer-Aligned Template.
A current list of our sub-processors, together with the country in which each provider operates, is published at mlconsulting.lt/legal/sub-processors and is updated when the list changes. Each sub-processor we engage is bound by a written contract that imposes the data-protection obligations required by Article 28 GDPR (or, where ML Consulting is the controller, equivalent contractual safeguards).
13. International data transfers
ML Consulting MB is established in Lithuania and hosts the DryDocked backend in the European Union. Personal data is encrypted in transit and at rest, and we aim to keep personal data within the European Economic Area by default. Some of our sub-processors and the global infrastructure of Apple Inc. (App Store, APNs, WeatherKit) and of the language-model, voice-transcription and hull-damage-classifier add-on providers may process data in the United States or other regions where they operate.
Where personal data is transferred outside the EEA or the United Kingdom to a country that has not been the subject of an adequacy decision under Article 45 GDPR, we rely on one or more of the safeguards required by Chapter V GDPR, in particular:
European Commission adequacy decisions, including the EU-US Data Privacy Framework where the recipient is certified under it;
the European Commission’s Standard Contractual Clauses (Module Two — controller to processor — and Module Three — processor to sub-processor — as applicable), with the UK International Data Transfer Addendum or the UK International Data Transfer Agreement for transfers from the United Kingdom;
additional technical measures including TLS 1.2 or higher for data in transit and encryption at rest, as well as contractual and organisational measures appropriate to the risk; and
any other lawful transfer mechanism under Articles 46 to 49 GDPR.
14. Automated decision-making, on-device CoreML and backend AI
14.1 No solely-automated decisions with legal or similarly significant effects
We do not subject you to decisions producing legal effects concerning you or similarly significantly affecting you that are based solely on automated processing within the meaning of Article 22 GDPR. Where any aspect of a decision affecting you is informed by automated logic, a human is meaningfully involved in the outcome. The Operator Reliability Score, in particular, must not be used as the sole basis for any material decision about a worker (see section 11.2).
14.2 On-device CoreML
The App may include an on-device CoreML hull-damage photo classifier (paid add-on from the Premium Yacht Service tier upwards). It runs locally on your iPhone or iPad and the photograph is not transmitted to any third-party AI provider as a result of this feature. Outputs are advisory (damage type, severity class, confidence score); below a confidence threshold of 70%, the App surfaces a “needs review” badge and does not auto-publish a classification. You can always override the suggestion before saving.
The App also uses Apple’s on-device Speech framework for a first-pass transcription of voice memos. Speech recognition runs locally and is governed by Apple’s framework and its iOS permission prompt.
14.3 Backend AI add-on — opt-in, never autonomous
The App may include an opt-in, paid backend AI add-on with three components: higher-fidelity hull-damage refinement; Whisper-class voice transcription for longer-form audio; and Claude-class insurer-narrative drafting for Damage Defence Packs, Storm Defence Packs and Insurer-Aligned Packs. The add-on is off by default and is activated only when an admin of the Yard Operator explicitly enables it in Settings.
Where the backend AI add-on is enabled:
AI output is editable text only and requires explicit human confirmation before persistence, export or sending;
raw input (photos, audio, free-text, original CoreML classifications) is always retained alongside any AI-structured output, so you can audit and override;
AI never auto-publishes an Intake Record, Owner Approval, Technician Record, Storm Preparation Record or Pack, never changes Operator Reliability Score state, never changes Pack export state, never changes billing state and never changes audit-log state;
AI-drafted insurer narratives carry a “Draft — review before submitting to insurer” watermark until a yard manager explicitly finalises;
inputs and outputs are not used by ML Consulting or by any sub-processor to train any third-party model;
customer-identifying free text and third-party personal data are minimised before transmission to the sub-processor;
the Yard Operator may disable the add-on at any time in Settings.
14.4 Third-party AI sub-processors
Backend hull-damage refinement, Whisper-class voice transcription and Claude-class insurer-narrative drafting are performed by sub-processors disclosed in section 12 and in our sub-processor list, under written agreements that prohibit the use of inputs or outputs to train any third-party model.
14.5 EU AI Act readiness
We design and operate AI features to be compatible with applicable obligations under Regulation (EU) 2024/1689 (the Artificial Intelligence Act), including transparency, logging and human-oversight requirements appropriate to the risk classification of the relevant feature. None of our current AI features is, or is held out as, a high-risk AI system within the meaning of Annex III of the AI Act.
15. How long we keep personal data
We keep personal data only for as long as we need it for the purpose for which it was collected, or as required by applicable law. The retention periods below are indicative; the actual period for any item of personal data is the longest of the periods that apply to the purposes for which we use it.
Category: Account and authentication data | Retention period: Lifetime of the account; in any case deleted or anonymised within 24 months of complete inactivity, save where statutory retention applies. | Trigger for deletion or anonymisation: Account deletion, 24-month inactivity sweep or end of statutory retention.
Category: On-device application data | Retention period: Held on your device for as long as you keep it; included in iCloud Backup if you have it enabled. Removed by the operating system on App deletion. | Trigger for deletion or anonymisation: You delete the data, the App or your account.
Category: Telemetry, capture-duration and service-operation data | Retention period: Pseudonymised at collection where feasible; retained in identifiable form for a maximum of 13 months; aggregated or anonymised data may be retained indefinitely. | Trigger for deletion or anonymisation: Time-based deletion or aggregation.
Category: Communications, support and Insurer-Aligned Stand-by Service correspondence | Retention period: Up to 24 months from the close of the last related correspondence; longer where the matter relates to a complaint, dispute, regulatory request, insurance-claim event or legal claim, until the matter is resolved plus the applicable limitation period. | Trigger for deletion or anonymisation: Time-based deletion or matter closure.
Category: Billing, accounting and tax records | Retention period: Up to 10 years from the end of the relevant accounting period, in line with the Lithuanian Law on Financial Accounting and the Lithuanian Law on Tax Administration. | Trigger for deletion or anonymisation: Expiry of the statutory retention period.
Category: Customer Data within Workspaces — Season Files, Intake Records, Owner Approvals, Technician Records, Storm Preparation Records, spring re-commissioning records, Operator Reliability Score data, Pack PDFs and append-only audit log (we are processor) | Retention period: Governed by the Master DPA: a 30-day data-export window in read-only mode after termination, followed by deletion or anonymisation within a further 60 days, save for records the Yard Operator is required by law to retain (in particular bailment, dry-dock, insurance-claim and surveyor / classification-society records). | Trigger for deletion or anonymisation: Termination of the customer agreement, plus the period set in the Master DPA.
Category: Owner Approval signature data and biometric-verification metadata | Retention period: Retained alongside the underlying Intake Record or scope record for the period governed by the Master DPA; preserved in the append-only audit log. | Trigger for deletion or anonymisation: End of the Master DPA retention period.
Category: Share Links (owner-approval, insurer-pack, external-viewer) | Retention period: Active until expiry or revocation; activity log retained for up to 12 months from link expiry for audit purposes. | Trigger for deletion or anonymisation: Link expiry, revocation or time-based deletion.
Category: Group Quarterly Report archives | Retention period: Up to 36 months from issue, or longer where required for cross-Yard governance or insurance discussions. | Trigger for deletion or anonymisation: Time-based deletion or end of contract.
Category: Security and platform audit logs | Retention period: Up to 24 months, or longer where necessary for security, fraud-prevention, signature-integrity or legal-claim purposes. | Trigger for deletion or anonymisation: Time-based deletion.
Category: Backups | Retention period: Standard backup-rotation cycles (typically up to 30 days). Backups are not used to restore deleted accounts and are themselves overwritten on the rotation cycle. | Trigger for deletion or anonymisation: Backup-rotation cycle.
16. Security and personal-data breaches
16.1 Article 32 measures
We implement and maintain appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, alteration or disclosure, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk to your rights and freedoms (Article 32 GDPR). For DryDocked Field specifically, these measures include: EU-resident backend hosting with encryption in transit (TLS 1.2 or higher) and at rest; row-level security per Workspace identifier in the database; signed-URL access to evidence files with short time-to-live; optional Face ID / Touch ID biometric gating of high-consequence operations (finalising Owner Approvals, generating Damage Defence Packs, issuing Insurer-Aligned Packs, exporting audit logs); watermarking and audit-trail blocks on every Pack (with the “Draft — review before submitting to insurer” watermark on AI-drafted narratives until finalised); an append-only audit log of capture, edit, status change, snapshot freeze, Pack export, Share Link issuance, signature event and biometric-verification event; and time-limited, scope-restricted Share Links with default GPS exclusion where exposure could create theft or security risk.
16.2 Notification of personal-data breaches
If we become aware of a personal-data breach that is likely to result in a risk to the rights and freedoms of natural persons, we will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours after becoming aware of the breach (Article 33 GDPR). Where the breach is likely to result in a high risk, we will notify the affected data subjects without undue delay (Article 34 GDPR). Where ML Consulting is acting as processor on behalf of a Yard Operator, we will notify the Yard Operator without undue delay in accordance with Article 33(2) GDPR and the Master DPA.
16.3 Reporting a suspected breach to us
If you suspect a security incident or unauthorised access affecting your account, device, Share Link, Owner Approval signature or biometric-verification metadata, please notify us at support+drydocked@mlconsulting.lt without undue delay. Provide as much detail as you can; do not include passwords or other secrets in the email. We prioritise security reports and incidents during an active storm-event capture window.
17. Your rights as a data subject
Subject to the conditions set out in the GDPR, you have the rights below. These rights are not absolute and may be restricted by law.
Right of access (Article 15). Confirm whether we process personal data about you and obtain a copy together with the information set out in Article 15.
Right to rectification (Article 16). Have inaccurate personal data corrected and incomplete data completed.
Right to erasure (Article 17). Have personal data erased where the conditions in Article 17 apply, including where the data is no longer necessary or where you withdraw consent and there is no other legal basis. The App offers an in-app “Delete account” control.
Right to restriction of processing (Article 18). Restrict our processing while we verify the accuracy of contested data, while we deal with an objection or in the other circumstances set out in Article 18.
Right to data portability (Article 20). Where processing is based on consent or contract performance and is carried out by automated means, receive the data you provided in a structured, commonly-used and machine-readable format. The App provides in-app exports and watermarked PDF Packs.
Right to object (Article 21). Object to processing based on legitimate interests on grounds relating to your particular situation, and at any time to direct marketing.
Rights related to automated decision-making (Article 22). Not be subject to a decision based solely on automated processing that produces legal effects or similarly significant effects, and obtain human intervention, express your point of view and contest the decision where the right applies. See section 14, and the specific protection for technicians in section 11.2.
Right to withdraw consent (Article 7(3)). Where we rely on consent, withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
Right to lodge a complaint (Article 77). Complain to our lead supervisory authority — the VDAI in Vilnius — or to the supervisory authority of the EU Member State where you habitually reside, where you work or where the alleged infringement took place. We would, however, appreciate the opportunity to address your concern directly first.
17.1 How to exercise your rights
You can exercise the rights above by sending an email to support+drydocked@mlconsulting.lt with the words “Privacy request — DryDocked Field” in the subject line.
We will respond to verifiable requests without undue delay and in any event within one month of receipt under Article 12(3) GDPR. We may extend that period by up to a further two months for complex or numerous requests, in which case we will inform you of the extension and the reason within the first month. We may need to verify your identity (typically by asking you to authenticate to the relevant account or to provide proof of identity proportionate to the request and the data concerned). The service is free of charge unless your request is manifestly unfounded or excessive (Article 12(5) GDPR).
17.2 Workspace-controlled data
For Customer Data that we process as processor on behalf of a Yard Operator — including data about technicians, vessel owners, captains, brokers, insurer / surveyor / external-viewer Share Link recipients and Operator Reliability Score data — please direct your request to the Yard Operator first; if you cannot identify the Yard Operator, contact us at support+drydocked@mlconsulting.lt and we will redirect your request without undue delay.
18. Regional rights notices
18.1 United Kingdom
If you are in the United Kingdom, the UK General Data Protection Regulation and the UK Data Protection Act 2018 apply to processing within their territorial scope. The rights set out in section 17 apply equivalently. The UK supervisory authority is the Information Commissioner’s Office (ICO).
18.2 Switzerland
If you are in Switzerland, the Swiss Federal Act on Data Protection (revFADP) applies to processing within its territorial scope. The Swiss supervisory authority is the Federal Data Protection and Information Commissioner (FDPIC). Where we transfer data to Switzerland, we apply the Swiss addendum to the Standard Contractual Clauses where required.
18.3 California, United States
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA / CPRA”), gives you the right to (i) know the categories and specific pieces of personal information we collect, (ii) request deletion, (iii) request correction, (iv) limit the use and disclosure of sensitive personal information, and (v) opt out of any “sale” or “sharing” of personal information. We do not sell personal information and we do not “share” personal information for cross-context behavioural advertising. We will not discriminate against you for exercising any of these rights.
18.4 Other US states
Similar rights are available to residents of Colorado, Connecticut, Virginia, Utah, Texas, Florida and other US states with comprehensive privacy laws. To exercise any state-law right, write to support+drydocked@mlconsulting.lt.
18.5 Global Privacy Control
On the App’s landing pages, we honour the Global Privacy Control signal where technically feasible, treating it as an objection to non-essential cookies and a request to opt out of any “sale” or “sharing” of personal information.
19. Children
DryDocked Field is intended for business users (B2B) only and is not designed for use by minors as the contracting party or as a worker. Apple’s App Store age rating reflects the relevant minimum age for the App. If we become aware that we have collected personal data from a child without the appropriate authorisation, we will delete it without undue delay. If you are a parent or guardian and believe your child has provided personal data to us, please contact us at support+drydocked@mlconsulting.lt.
20. Cookies and similar technologies
The DryDocked Field iOS / iPadOS App does not use analytics, advertising, profiling or marketing cookies. The App uses on-device storage (the iOS application sandbox, the Keychain, SwiftData, UserDefaults) to deliver its features. This is not “cookies” within the meaning of the ePrivacy Directive 2002/58/EC and is governed by this Policy rather than by this section.
The Share Link web pages (owner-approval, insurer-pack, external-viewer) and the App’s landing pages on mlconsulting.lt use only strictly-necessary cookies (for example, a signed session cookie to honour the Share Link scope). No analytics or advertising cookies are set.
21. Communications
21.1 Service messages
We send transactional service messages (security alerts, billing notices, magic-link authentication emails, support replies, Insurer-Aligned Stand-by Service event communications, material change notices) on the basis of contract performance under Article 6(1)(b) GDPR. Service messages are not commercial marketing and cannot be opted out of without ceasing to use the App.
21.2 Direct marketing
Where we send commercial marketing emails about DryDocked Field — product updates, launch announcements, educational materials or event invitations — we rely either on (i) your prior consent under Article 6(1)(a) GDPR and Article 13 of the ePrivacy Directive, or (ii) the “soft opt-in” under Article 13(2) of the ePrivacy Directive (existing customer relationship, similar products or services, with a clear opt-out at the point of collection and in every message). You may opt out at any time by clicking the unsubscribe link in any marketing email, by emailing support+drydocked@mlconsulting.lt or by updating your preferences in your account where applicable.
21.3 Operational notifications
APNs Time-Sensitive notifications (damage-discovery alerts, storm-watch escalations, pack-ready notices), ActivityKit Live Activities (storm-event countdowns, owner-approval-pending state) and EventKit calendar writes are operational reminders configured by you in iOS Settings and in the App’s Settings. They are best-effort and depend on Apple’s platform services. The Yard Operator remains responsible for performing the underlying operational action (intake, storm preparation, owner handoff, spring re-commissioning) regardless of the presence or absence of a notification.
22. Changes to this Policy
22.1 Routine updates
We may update this Policy from time to time, for example to reflect new features, regulatory developments, sub-processor changes or operational changes. The latest version is always published on the App’s App Store listing and at mlconsulting.lt/drydocked/privacy.
22.2 Material changes
Where a change is material and adversely affects your rights or expectations, we will give reasonable advance notice — typically at least 30 days, unless a shorter period is required by law — by in-app notice and, where we have your email address, by email. Non-material changes (typographical fixes, clarifications, contact-detail updates, sub-processor list updates) take effect on posting.
22.3 Versioning
Each version of this Policy is dated and archived. The version in force at the time of the relevant processing governs that processing.
23. Contact us
For any question, request or complaint about this Policy or about how we process your personal data, please contact us using the details below.
Controller: ML Consulting MB
Address: Vilnius, Republic of Lithuania
Legal entity code: 306991112
Privacy contact (email): support+drydocked@mlconsulting.lt
Website: https://mlconsulting.lt
Lead supervisory authority: Valstybinė duomenų apsaugos inspekcija (VDAI), L. Sapiegos g. 17, LT-10312 Vilnius, Lithuania · +370 5 271 2804 · ada@ada.lt · vdai.lrv.lt
Document end · Version 1.0 · Effective 1 June 2026 · DryDocked Field — Privacy Policy · © 2026 ML Consulting MB
© 2026. All rights reserved.
