Privacy & Data Processing
Last updated: June 2026. This notice covers how personal data is processed when Spudding is used to support drilling logistics operations.
1. Controller and processor
Spudding processes personal data on behalf of the drilling operator (your employer or the entity that has contracted Spudding for a project). The operator is the data controller under GDPR Art. 4(7); Spudding acts as a data processor under Art. 4(8) and Art. 28.
This means the operator determines the purposes and means of processing. Spudding acts only on the operator's documented instructions and may not use your data for its own purposes beyond operating and improving the platform.
Spudding ApS— contact: privacy@spudding.app
2. Categories of personal data
- Platform account data — name, email address, and profile information provided via Clerk (our authentication provider) when you sign in.
- Personnel / crew records — data the operator enters to manage offshore crew: name, date of birth, nationality, passport and visa details, work permit details, job title, department, and current location status.
- Special-category data (Art. 9) — medical certificate status and dates, and medical fitness status. This data is entered and controlled by the operator in connection with their employment and offshore safety obligations.
- Supplier contact details — names and contact information for supplier personnel entered by the operator.
- Communications metadata — logs of in-platform notifications and email dispatch events (recipient, timestamp, delivery status). Message bodies are not stored beyond operational necessity.
- AI assistant conversation content— messages sent to and received from the Spudding AI assistant within your operator's workspace.
3. Purposes and lawful basis
All processing is carried out to enable the operator to run their drilling-logistics operations. The lawful basis is determined by the controller (the operator), typically:
- Performance of the operator's contractwith the platform, and the operator's legitimate interests in managing their offshore workforce and cargo operations (Art. 6(1)(b) and (f)).
- Special-category data(medical, passport) is processed under the controller's employment and safety obligations, as determined by the controller (Art. 9(2)(b) and/or (h)).
4. Retention
- Personnel and operational records— retained for the period determined by the operator's own retention policy. The operator can export or erase individual records using in-platform tooling.
- AI assistant messages — default retention is 90 days; operators may configure a shorter window in their tenant settings.
- Communications click-logs — 90 days.
- Audit logs — 1 year active, up to 7 years archived to satisfy legal and regulatory obligations; personal identifiers are pseudonymised on erasure of the underlying record.
5. Your rights (Art. 15–21 GDPR)
Because the operator is the data controller, subject access requests, rectification requests, erasure requests, and objections should be directed to your operator's admin, not to Spudding directly. Operators fulfil these requests using in-platform tooling: individual records can be exported as structured JSON and personal identifiers can be erased while keeping the anonymised operational row.
If you hold a platform account (Clerk login), you may also request erasure of your account data via privacy@spudding.app.
6. Subprocessors and international transfers
Spudding engages the following categories of subprocessors:
- Authentication — Clerk (US); handles sign-in and user identity.
- Hosting and edge compute — Vercel (US-based CDN; EU edge nodes used where available).
- Database — Neon (PostgreSQL, EU West region).
- Error monitoring — Sentry (EU Germany endpoint,
de.sentry.io). - Product analytics — PostHog (EU endpoint,
eu.posthog.com). - AI inference — Anthropic and/or other LLM providers (US-based). Requests are routed via a gateway; inference providers are subject to their own data handling terms.
- Audio transcription — OpenAI Whisper (US); processes voice-message audio when transcription is used.
- Document OCR — Mistral AI (EU, France); processes supplier and operational document content for extraction.
- Transactional email — Resend; handles email addresses and notification content.
- Real-time messaging — Ably; carries live event payloads between the server and your browser.
- Background job processing — Inngest; processes job payloads containing operational data.
Where subprocessors are located outside the EEA, transfers are made under applicable safeguards (standard contractual clauses or adequacy decisions). Data-processing agreements with our subprocessors are being formalised; contact privacy@spudding.app for the current register.
7. Contact and right to complain
For privacy queries or to exercise rights over your platform account data, contact our privacy team at privacy@spudding.app.
You have the right to lodge a complaint with a supervisory authority. If you are based in the EU/EEA, this is typically the data protection authority in your country of residence or the authority where Spudding is established.
Cookies Policy