Privacy Policy
Effective: 14 May 2026 · Last updated: 01 June 2026
This Privacy Policy explains how CelesteOS ("we", "our", or "us") collects, uses, stores, and protects personal data when you visit celeste7.ai, request pilot access, sign in via third-party identity providers including LinkedIn, or otherwise interact with our services. It is written to comply with the EU General Data Protection Regulation (GDPR), UK GDPR, the California Consumer Privacy Act (CCPA), and the LinkedIn API Terms of Use.
1. Who we are
CelesteOS is a service of Celeste7 LTD, a company registered in England and Wales (company number 16617331; registered office 7 Vindex Close, Lincoln, England, LN1 1AH), operating from Miami, Florida, USA. For all data-protection enquiries, contact: contact@celeste7.ai.
We act as the data controller for any personal data we collect directly through the website, pilot enquiries, and identity-provider sign-ins. Where we process customer vessel data on behalf of a pilot customer, we act as data processor under that customer's instructions and a Data Processing Agreement.
As a UK-established company, Celeste7 LTD is its own representative for UK GDPR purposes. Where we are required to appoint a representative in the European Union under Article 27 of the EU GDPR, we will do so and identify them here.
2. What data we collect
Data you provide directly
- Name, professional role, vessel or company name, and contact email when you request pilot access or contact us.
- Anything you choose to write in messages sent to us, including via the contact form.
Data collected automatically
- IP address, approximate location derived from IP, browser type and version, operating system, referring URL, and pages visited.
- Performance and error telemetry from our hosting provider (Vercel).
Data from third-party identity providers
- If you sign in or authenticate via LinkedIn, we receive the specific fields described in section 3.
3. Data collected via LinkedIn
Where CelesteOS uses LinkedIn's API for authentication, professional-profile retrieval, or related features, we receive only the fields you have authorised via LinkedIn's consent screen. These typically include:
- LinkedIn member ID (an opaque identifier issued by LinkedIn).
- First name, last name, and profile picture URL.
- Primary email address registered with LinkedIn.
- Current professional headline and, where authorised, current position and employer.
We do not request, receive, store, or use:
- Your LinkedIn password or any authentication credentials.
- Your LinkedIn connections list, messages, posts, or feed activity, unless an explicit feature requires it and you have authorised that scope.
- Any LinkedIn data for advertising, retargeting, model training, or resale.
We comply with the LinkedIn API Terms of Use. LinkedIn data is used only for the purpose you authorised, retained only as long as needed for that purpose, and deleted on request.
You can revoke CelesteOS's access to your LinkedIn data at any time at linkedin.com/psettings/permitted-services.
4. Purposes and legal bases (GDPR Art. 6)
| Purpose | Data used | Legal basis |
|---|
| Respond to pilot-access enquiries and other contact | Name, email, role, message content | Legitimate interest (responding to your enquiry); contract steps prior to entering a pilot agreement |
| Authenticate you via LinkedIn (if used) | LinkedIn ID, name, email, profile picture | Performance of a contract (providing the service); your consent given via LinkedIn |
| Operate and secure the website | IP, browser, telemetry | Legitimate interest (security, fraud prevention, service reliability) |
| Improve the product | Aggregated and de-identified analytics | Legitimate interest; data is not used to identify individuals |
| Comply with law | Any of the above, as required | Legal obligation |
We do not sell personal data. We do not use personal data for automated decision-making with legal or similarly significant effects.
5. Storage, security, retention
Where data is stored
Customer and contact data is stored in managed databases hosted on Amazon Web Services (via Supabase) and on Vercel's hosting infrastructure. Both providers operate primary data centres in the United States and the European Union. Backups are retained by these providers under their respective data-protection programmes.
Security measures
- Encryption in transit (TLS 1.2 or higher) for all connections to celeste7.ai and its sub-services.
- Encryption at rest for all stored personal data (AES-256, provided by AWS / Supabase).
- Role-based access control: only the small number of CelesteOS staff with a legitimate operational need can access stored personal data, and all access is logged.
- Append-only, tamper-evident audit ledger and cryptographic receipts (SealMark) for all in-platform actions; sealed records are independently verifiable at verifier.celeste7.ai without an account (see /trust).
- Two-factor authentication required on all administrative accounts.
- Routine dependency vulnerability scanning and patching.
SOC-2 status
CelesteOS is currently in pilot stage. A SOC-2 Type 2 attestation will be pursued once production customer volume warrants the engagement. We will publish the attesting auditor's name and report date here as soon as the audit is in progress. We do not currently hold a SOC-2 attestation and we do not describe ourselves as SOC-2 compliant.
Retention
- Pilot enquiry data: retained for 24 months from last contact, then deleted, unless we have an ongoing business relationship with you.
- LinkedIn-derived profile data: retained for the duration of your active session and for 12 months thereafter, unless you request earlier deletion.
- Telemetry and access logs: retained for 90 days for security investigation, then aggregated or deleted.
- Customer vessel data (under a pilot DPA): retained per the DPA's terms and deleted within 30 days of termination unless the customer requests export first.
6. Sharing and third-party processors
We share personal data only with the following processors, each bound by a written data-processing agreement:
- Vercel Inc. (US / global edge): website hosting and edge delivery.
- Supabase Inc. (EU or US): managed database, authentication, and storage on AWS infrastructure.
- Upstash Inc. (US): cache used for rate limiting and session management.
- OpenAI (US): AI inference, as described below.
- Microsoft Corporation (US / global): the Microsoft Graph API — where you connect your Outlook mailbox, to read and synchronise your mailbox metadata (subjects, senders/recipients, dates and a short preview) so vessel-related correspondence is searchable, and to create email drafts in your own mailbox for you to send. CelesteOS does not send email on your behalf, and accesses only your own connected mailbox — not other mailboxes or organisation-wide files.
- LinkedIn Corporation: only where you authorise LinkedIn-based authentication; LinkedIn's own privacy policy applies to data they retain.
- Google LLC (US): Google Analytics 4 (analytics) and Google Ads (advertising and conversion measurement) — set only with your consent; see section 9.
- Wise Payments Ltd (UK): payment processing, acting as an independent controller of payment and KYC data.
A current, named sub-processor register with locations, terms, and transfer mechanisms is available to pilot customers under the Data Processing Agreement.
AI inference
CelesteOS uses a third-party AI inference provider (OpenAI) for three operations only: semantic search across your own records, document suggestion, and cited-answer generation. Only the minimum text needed for the requested operation is sent. The provider does not train its models on this data, and we have disabled all data-sharing options in our account with the provider (sharing of inputs and outputs, of evaluation and fine-tuning data, and of model feedback). Under the provider's standard terms, API inputs and outputs are retained for up to 30 days for abuse monitoring and then deleted; Zero Data Retention — which would remove that 30-day window — is a separate enterprise control we do not currently hold. We apply data-minimisation to limit what is sent.
We do not sell, rent, or trade personal data to advertisers, data brokers, or third parties for marketing purposes.
We may disclose data where legally required (court order, regulatory request, lawful investigation), or where necessary to protect the rights, safety, or property of CelesteOS, our customers, or the public.
7. International transfers
Database and object storage can be provisioned in the European Union or the United States per customer (EU residency on request). API processing and AI inference currently transit United States infrastructure; an EU-resident backend is on our roadmap. Where personal data is transferred outside the European Economic Area or the United Kingdom, we rely on the European Commission's Standard Contractual Clauses (SCCs) and, for UK transfers, the International Data Transfer Addendum. Our processors (Vercel, Supabase, AWS, Upstash, OpenAI, Microsoft, Google) maintain equivalent safeguards. Documentation is available on written request.
8. Your rights
Under GDPR, UK GDPR, and CCPA you have the following rights, free of charge, exercisable by emailing contact@celeste7.ai:
- Access: obtain a copy of the personal data we hold about you.
- Rectification: correct inaccurate or incomplete data.
- Erasure: request deletion ("right to be forgotten"). We will action this within 30 days unless we have a legal obligation to retain.
- Restriction: request that we limit how we use your data.
- Portability: receive your data in a structured, machine-readable format.
- Objection: object to processing based on legitimate interests.
- Withdraw consent: where processing is consent-based, withdraw it at any time without affecting prior lawful processing.
- Complaint: lodge a complaint with your supervisory authority. For UK residents this is the Information Commissioner's Office (ICO); for EU residents, your national data-protection authority.
For LinkedIn-sourced data specifically: you can also revoke our access to your LinkedIn account at linkedin.com/psettings/permitted-services, which will stop further data transfer from LinkedIn to us.
9. Cookies and tracking
celeste7.ai uses strictly necessary cookies for session management and routing, which are always on. With your consent, we also set non-essential cookies for: Google Analytics 4 (measurement ID G-230QN4JY4P) — first-party analytics cookies such as _ga to understand aggregate website usage; and Google Ads (ID AW-17947526022) — to measure the performance of our advertising, which may set advertising and conversion cookies. Google acts as a processor for this data; online identifiers and IP-derived approximate location are processed and transferred to the United States under the EU Standard Contractual Clauses and the UK Addendum. We do not deploy social-media tracking pixels (Meta Pixel, LinkedIn Insight Tag, TikTok Pixel, etc.).
These non-essential cookies are set only after you accept them in the cookie banner shown on your first visit; if you reject, they are not set — we use Google Consent Mode to enforce this at the source. You can withdraw or change your consent at any time by clearing this site's data in your browser, which restores the banner.
10. Children
CelesteOS is a B2B product for maritime professionals. We do not knowingly collect personal data from anyone under 18 years of age. If we become aware that a minor has provided us personal data, we will delete it promptly.
11. Changes to this policy
We may update this policy to reflect changes in law, technology, or our business. The "Last updated" date at the top of the page reflects the most recent revision. Material changes (those that materially expand the categories of data we collect or the purposes we use it for) will be announced via email to active pilot contacts at least 30 days before they take effect.