Staging notice

Privacy notice (staging)

This page is a staging transparency notice for the CertaMaris application in non-production and early-deployment contexts. It is not a finished production privacy policy, not legal advice, and not a claim of GDPR, CCPA, SOC 2, HIPAA, or any other privacy or security certification.

What this application may process

High-level categories only — environment-specific processing depends on configuration and operator practice.

  • Account identifiers — email addresses and role assignments for authenticated operators and authorized client users.
  • Operational engagement data — organization, vessel/facility, and workflow records (assessments, evidence metadata, gaps, plans, QA, reports) entered by authorized users.
  • Audit and security events — login, access, and workflow actions recorded for tenancy isolation and operational accountability.
  • Public lead inquiries — name, contact details, and message content submitted via the public contact form (stored as internal lead records).
  • Uploaded files — evidence and document files supplied by authorized users, subject to application file-handling controls in the deployment.

How staging environments typically handle data

Descriptive of product design; not a guarantee for every deployment.

  • Access is intended for authenticated users under role-based permissions and organization tenancy boundaries.
  • Synthetic seed datasets used for demos are fixtures and must not be presented as real customer personal data.
  • Operators of a given environment control database location, backups, retention, and who receives credentials—those operational choices are not finalized on this public page.
  • Public marketing pages do not embed production secrets or claim third-party privacy seals.

What this notice does not do

  • Does not establish data subject rights procedures for every jurisdiction.
  • Does not list a production Data Protection Officer or formal controller details.
  • Does not assert cookie consent frameworks or ad-tech tracking policies (this product surface is operational software, not an advertising platform).
  • Does not certify that a particular deployment has completed a privacy impact assessment.
  • Does not replace customer contract terms, DPAs, or counsel-reviewed policies.

Contact about privacy questions

For product or staging inquiries only.

Use the contact form for product questions. Submitting a message does not create a client engagement or attorney–client relationship. For authorized system access, sign in.

Legal and regulatory boundary

CertaMaris provides compliance operations tooling and structured workflows. Content in this application is not legal advice and does not create an attorney–client relationship. Consult qualified counsel and the controlling official text for legal conclusions.

This application does not predict, guarantee, or represent U.S. Coast Guard approval, inspection outcomes, or enforcement results. Generated plans and reports are work products pending required review and release.

Traceability links (regulation → applicability → assessment → evidence → gap → risk → corrective action → plan → QA → report) document operational relationships. A complete chain is not a certification of regulatory compliance.