OceanlinkX - Privacy Policy

2. WHAT WE COLLECT

2.1 Account data (only if you sign in)

• Email address

• Password (stored as an argon2 hash; we never see the plaintext)

• Display name (optional)

• Subscription / addon status

• Role (user / staff / admin) for support purposes

2.2 Router data (only if you enable the Remote Access addon)

• Serial number of your MikroTik router

• Router name and model (set by you)

• Hotspot users list (name, profile, traffic counters) collected on

the router and pushed to our server on a schedule you control

• Active session list (user, MAC, IP address, bytes in/out)

• Network interface counters

Stored on our server for up to 30 days (daily snapshots) and up

to 6 months (monthly snapshots).

2.3 Device data

• Platform (iOS / Android), app version, system language

• Crash logs and basic diagnostics (no personal content)

2.4 Data we do NOT collect

• Your location (GPS / Wi-Fi / cell)

• Contacts, photos, files, calendar

• Browsing history outside the app

• Advertising IDs

• Audio, video, or biometric data

3. HOW WE USE DATA

• Authenticate you and protect your account

• Sync router state between your devices via our cloud

• Process subscriptions (via Apple App Store, Google Play, or Paddle)

• Send transactional emails (password reset, receipts)

• Fix bugs and improve the Service

• Comply with legal obligations

We do NOT sell your data. We do NOT use it for advertising.

We do NOT share it with third-party data brokers.

4. WHEN WE SHARE DATA

• Payment processors (Apple, Google, Paddle, Stripe) — only the

minimum needed to process your subscription

• Cloud infrastructure providers who host our backend

• Legal authorities when required by valid court order

5. WHERE DATA IS STORED

Our servers are located in the European Union. Local app data is

stored on your device only and never leaves it unless you enable

Remote Access.

6. HOW LONG WE KEEP DATA

• Active account: as long as you use the Service

• Router daily snapshots: 30 days, rolling

• Router monthly snapshots: last 6 months

• Deleted account: all personal data removed within 30 days

• Backups: up to 90 days then permanently purged

• Audit logs (required by law): up to 12 months

7. YOUR RIGHTS

You have the right to:

• Access — get a copy of your data

• Rectify — correct inaccurate data

• Erase — delete your account and all associated data

• Portability — export your data in a machine-readable format

• Object — opt out of certain processing

• Withdraw consent — at any time

To exercise any right, email support@senymaritime.com. We respond

within 30 days.

If you are in the EU/UK you have the right to lodge a complaint with

your national data protection authority.

8. CHILDREN

OceanlinkX is a network administration tool intended for users aged

18 and over. We do not knowingly collect data from anyone under 18.

If you believe we have, contact us and we will delete it.

9. SECURITY

• All data in transit is encrypted with TLS 1.2+

• Passwords are hashed (argon2)

• Access tokens expire and can be revoked

• We use the principle of least privilege for staff access

No system is perfectly secure. If we discover a breach affecting

your data we will notify you within 72 hours.

10. LEGAL BASIS FOR PROCESSING (GDPR Article 6)

We process your personal data on the following legal bases:

• Contract (Art. 6(1)(b)): account creation, authentication,
subscription delivery, router state sync
• Legitimate interest (Art. 6(1)(f)): fraud prevention, security
monitoring, service improvement, basic diagnostics
• Legal obligation (Art. 6(1)(c)): tax records, anti-fraud reporting,
responding to lawful requests
• Consent (Art. 6(1)(a)): marketing emails (if you opt in)
— you can withdraw consent at any time

11. INTERNATIONAL TRANSFERS

All servers are located in the European Union. We do not transfer
personal data outside the EU/EEA. Payment processors (Apple, Google,
Paddle) may process billing data in their own jurisdictions under
Standard Contractual Clauses approved by the European Commission.

12. AUTOMATED DECISION-MAKING

We do not make automated decisions that produce legal or
similarly significant effects on you. Subscription gating
(e.g. Remote Access access) is rule-based, not profiling.

13. DATA CONTROLLER

The data controller for OceanlinkX is:
Seny Maritime LLC (Seny Maritime EOOD)

UIC/EIK: 208587893 | VAT No.: BG208587893

Registered address: District 52-38, Village Cherkovo, Karnobat Municipality, Burgas Region, 8478,

Bulgaria

T. +359 88 491 7316

privacy@senymaritime.com

14. CHANGES TO THIS POLICY

We may update this Policy. Material changes will be announced in

the app and by email at least 30 days in advance. The "Last updated"

date at the top will always reflect the current version.

15. CONTACT

Privacy questions: privacy@senymaritime.com

General support: support@senymaritime.com

OceanlinkX -

Privacy Policy

11. Contact information

© 2026 Seny Maritime. All rights reserved.

20. Language / Translation (Informational Only)

Contacts:

Support:

SENY MARITIME