This Privacy Notice aims to inform and assure you that Prevention at Sea Ltd (hereby refer to as “Company” or “we”) handles your Personal Data (as defined below) with respect to your personality and your rights and in accordance with Regulation (2016/679 (EU) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “Regulation”).
This Notice addresses all natural persons which wish to contract with us or to establish a business relationship, Clients, directors, shareholders, secretaries of legal entities, authorized signatories, employees and/or members of another legal entity and/or natural persons who have a business relationship with Prevention at Sea Ltd.
“Personal Data” means any information about you, that could identify you directly or indirectly, such as the personal information described in paragraph 2 below.
“Processing” means any operation or set of operations which is performed on Personal Data, by automated means or otherwise, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
We ask you to read this Privacy Notice carefully as it contains important information on who we are, how and why we collect, store, use and share your Personal Data, your rights in relation to your Personal Data and on how to contact us and the supervisory authorities in the event that you have a complaint.
1. Who we are?
Prevention at Sea Ltd
52, Arch. Makariou III, Ave. 6017, Larnaca, Cyprus
Tel.: +357 24819800
Fax: +357 24819881
Data Protection Officer (DPO):
Address: 52, Arch. Makariou III, Ave. 6017, Larnaca, Cyprus
Telephone: +357 24819800
Fax: +357 24819881
2. Our sources of collecting Personal Data and the Personal Data we process.
We process Personal Data that you provide to us in the course of our services as maritime technology and marine risk firm. For this purpose, we process and collect Personal Data that we receive from you and/or other affiliated with Prevention at Sea Companies, and/ or recruiters, or third parties authorised or instructed by you. We may also collect and process Personal Data from databases and/or sources that are publicly accessible, such as the Registrar of Companies and the Official Receiver, the press, the media and/or third parties in order to enable us to comply with our regulatory obligations. We process Personal Data that we collect lawfully and that we are permitted to process.
Information we collect
The Personal Data we collect from our Clients mainly include the following: Name, Surname, Contact Details, such as Address, Phone number and Email address, your Nationality.
Please note that the data we collect vary among the different services we provide, as for example:
In the context of providing our monitoring programme, we may collect various information regarding the schedule of the employees or people on the ship.
3. The purpose for processing your Personal Data and the legal ground of this processing.
We collect and process Personal Data in full compliance with the provisions of the Regulation as well as the national legislation.
In the paragraphs below (3.1 to 3.4) there is a more detailed analysis of the purposes and the legal ground of the processing.
3.1 For the performance of a contract (Article 6 (1) (b))
The processing of Personal Data is necessary in order for us to be able to provide our services to you in accordance with our engagement letter/contract and/or to fulfill your orders and/or to provide you with related services. Moreover, we might need to process your personal data when examining your application or during the negotiations before signing a contract.
The purposes of the processing are adjusted according to the nature of the service provided.
3.2 For the purposes of the legitimate interests pursued by us or by a third party (Article 6 (1) (f))
Except for the above case, either we or third parties, process your Personal Data when necessary, except if your fundamental rights and freedoms override the below interests. Below are some examples:
- in court proceedings and/or to claim our legal claims.
- in the context of the operation and security of the IT sector of the company.
- in the context of preventing and clarifying criminal offenses.
3.3 Due to your consent (Article 6 (1) (a))
If you give your consent on the processing of your Personal Data for specific purposes, such as for direct marketing purposes, the legal ground for the processing of your Personal Data is your express consent.
Please note that you may at any time withdraw your consent. The validity of this revocation will concern the future. Furthermore, it should be noted that the above also applies if you gave us your consent before 25 May 2018.
3.4 For compliance with a legal obligation (Article 6 (1) (e))
Prevention at Sea Ltd is subject to various legal obligations, such as the obligations arising from the Prevention and suppression of money Laundering and terrorist financing Law of 2007 (Law 188(I)/2007), the Income Tax Law 2002 (Law 118(I)/2002) and the tax legislation in general.
4. Who we share your data with?
Within Prevention at Sea Ltd
In the course of the company’s operation, the relevant employees responsible for the performance of our contractual and legal obligations receive the necessary data.
Outside Prevention at Sea Ltd
Under Article 28 of the Regulation, we have the right to designate a processor. In such a case, it is likely that the processor will receive your Personal Data for the above purposes. For example, we might designate as processors, consultancy companies such as accountants or law firms, as well as companies that provide organizing and filing services or licensed service providers.
Furthermore, Prevention at Sea Ltd is legally obliged to transfer your Personal Data to various government authorities and/or services, as for example: auditors, Social Insurance Services and Tax Office.
It is possible for us to share your Personal Data to other people/companies/organisations, other than the above, in the course of the provisions of our services to you or if you have given us your express consent for such transfer.
5. How long your Personal Data will be kept for?
For existing clients
We will hold your Personal Data during our contractual relationship. After the termination of our contractual relationship, we hold your Personal Data for up to 6 years, or the period required by the applicable taxation law, or according to the relevant directive of the Commissioner of Personal Data and/or other applicable law.
For potential clients
We will hold your Personal Data during our negotiations prior to the conclusion of the contract, to the extent that it is necessary. In case of rejection of your application or withdrawal of your application, we will hold your Personal Data for 6 months, or according to the relevant directive of the Commissioner of Personal Data and/or other applicable law.
6. Transfer of your Personal Data outside the EEA or to an international organization
Your personal data is transmitted to third countries (countries outside the European Economic Area- EEA), only when necessary to fulfill our obligations or your orders, e.g. external serves might be located in third countries.
In any case, the processors in third countries are obliged to apply the Regulation as well as any company within the EU.
7. Keeping your Personal Data secure?
We have appropriate security measures in place to prevent Personal Data from being accidentally lost or used or accessed in an unauthorised way. We limit access to your Personal Data to those who have a genuine business need to have access to it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
8. Your rights
You have a number of important rights, under the Regulation. Specifically:
(a) right to access your Personal Data (Article 15): meaning you might receive information and/or copy of the Personal Data we hold free of charge.
- right to rectification (Article 16): you might ask us to correct any mistakes in your information which we hold.
- right to erasure (“right to be forgotten”) (Article 17): you might ask us to erase the Personal Data concerning you.
However, we reserve the right to deny the erasure, if the processing is necessary for compliance with a legal obligation, for reasons of public interests or for the establishment, exercise or defense of legal claims.
- right to restriction of processing (Article 18): you might require us to restrict our processing of your Personal Data if you contest the accuracy of your Personal Data, the lawfulness of the processing, or you have objected to processing (according to article 21, see below) and you wait for our reply whether we have legitimate grounds which override yours.
- right to data portability (Article 20): you have the right to request and receive the Personal Data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to a third party under certain circumstances.
- right to object (Article 21): you have the right to object at any time to processing of Personal Data concerning you which is based on performance of a task carried out in the public interest or for the purposes of the legitimate interest pursued by us or third parties (article 6 (1) (e) and (f) of the Regulation).
You also have the right to object at any time to processing of Personal Data concering you for direct marketing, in the extent it concerns direct marketing.
In case you exercise this right, we shall no longer process your Personal Data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claim.
- right to withdraw your consent: you reserve the right to withdraw your consent at any time. However, the withdrawal of the consent does not affect the lawfulness of the processing based on consent before its withdrawal.
If you wish to exercise any of the above rights or to ask any questions or clarifications, please do not hesitate to contact our Data Protection Officer at email@example.com
If you like to exercise any of those rights, please:
- email or write to us or our Data Protection Officer
- let us have enough information to indentify you
- let us have proof of your identity and address
- let us know the information to which your request relates.
Please note that if you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the end of the email newsletter. It may take up to five days for this to take place.
9. How to complain?
We hope that our Company and specifically our Data Protection Officer can resolve any query or concern you raise about our use of your information.
However, the Regulation also gives you right to logde a complaint with the supervisory authority, the Commissioner of Personal Data Protection. For more information concerning the process of filing a complain please visit the website www.dataprotection.gov.cy/) or via e-mail at firstname.lastname@example.org .
10. Are you obliged to provide us with your Personal Data?
You are required to provide your Personal Data to the extent that it is necessary to conclude, perform or terminate the engagement letter and/or contract between us and to fulfill your mandates.
Furthermore, we are obliged by the anti-money laundering legislation to collect and hold your Personal Data before concluding our contract, according to the “know your client” principle. In case you refuse to give us your Personal Data, we will not be able to provide and/or continue to provide our services to you.
11. Automated individual decision-making
As a rule, Prevention at Sea Ltd does not make automated decisions. If we make use of automated decision-making, you will be properly informed if this is necessary on the basis of the relevant legislation.
12. Is your data used for profiling?
‘Profiling’ means any form of automated processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, personal preferences, interests, reliability, behaviour, location or movements.
Prevention at Sea Ltd does not use your Personal Data for profiling.
13. Changes in this privacy notice
This Privacy Notice was published on 08/06/18 and last updated on 08/06/18
We may change this privacy notice from time to time and in such case we will inform you via email. We also ask you to periodically visit our website for any updates of this privacy notice.
Please contact us or our Data Protection Officer, if you have any questions about this privacy notice or the information we hold about you at email@example.com