GDPR – Compliance statement

 

EU GDPR (European Union General Data Protection Regulation) came into force on May 25th 2018, and we need your permission to store & continue to maintain your contact information and personal information (as advised in the part Further information) on our servers.

 

UNO Maritime Ltd are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR and the Norwegian “Lov om behandling av personopplysninger (personopplysningsloven)”. UNO Maritime Ltd are dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.

 

 

What is EU GDPR? And how do UNO Maritime Ltd comply?

GDPR is the EU's way of giving individuals, whether they are prospects, customers, subcontractors or employees more overview and control of their own personal data and reduce the power of organizations that collect and use such information for their own gain (own profits). It's not an attempt to prevent or complicate the business, but create more awareness and transparency about how personal information is stored and used.

We have asked your permission to register & store (and/or may request to register & store) the following contact and personal information about you. This is the same information we wish to continue to maintain and use in our day to day business:

 

1.

Title

 

2.

Names: Firstname, Middlename(s) & Surname(s)

  1. Your job title

 

3.

Company

a. Company activity

b. Company size and co-workers

 

4.

Email account:

a. Personal email account(s) (yourname@companyname)

b. Private email address

 

5.

Telephone numbers: Landline(s), Cellphone(s), Fax, IM-services (ex. WhatsApp, Skype, Viber, WeChat, KakaoTalk etc.)

 

6.

Address: Full Company address(es) (including county & country)

 

7.

Usernames (IM services etc.): WhatsApp, Skype, Viber, WeChat, KakaoTalk etc.

 

Who control the data that is given & registered?

UNO Maritime Ltd. is the Data Controller for any data that it holds about you in accordance to EU GDPR and Norwegian Law. UNO Maritime Ltd is obtaining, managing and using the data in accordiance to the European Data Protection Boards “GDPR: Guidelines, Recommendations, Best Practices” as found here

 

How do we use the collected data?
We use cookies and tracking technology to see whether emails are opened or replied to, and whether links are followed. This information helps us to improve the services we offer and to tailor our communications with you.

 

Information Security & Technical and Organisational Measures

UNO Maritime takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures, including:

  • SSL

  • Access Controls

  • Password Policies

  • Encrypted case management system

  • Restriction

  • Authentication.

 

A Summary of your personal rights under EU’s GDPR:

Consent must be given

Businesses can not process personal information about individuals unless each individual has given a specific, informed and clear indication of consent, either through a statement or by a clear "confirmatory action".

 

2. Right to access

The law allows individuals to claim access to their personal information and to know how the information is used by the company after it has been collected. The company shall provide a copy of this personal information, free of cost and in electronic form, if the individual requests this.

 

3. Right to be forgotten

If consumers are no longer customers or if they withdraw consent they have given a company to use their personal information; the consumer has the right to have the information deleted.

 

4. Right to transfer data

Individuals are entitled to transfer information from one service provider to another. Such must be done in a plain and machine-readable format.

 

5. Right to be informed

This covers all types of collections of personal data by companies, and individuals must be informed before collecting information. Consumers must approve that personal data are collected, and consent shall be given actively, not implied.

 

6. Right to correct information

This ensures that individuals can update the information if it is outdated, incomplete or incorrect.

 

7. Right to restricted treatment

Individuals may request that their information not be used in data processing. The information can still be stored but it should not be used.

 

8. Right to oppose treatment

This includes the right to oppose the processing of personal data for use in direct marketing. There is no exception to this rule, and all treatment must be stopped as soon as this request has been received. This right must be communicated clearly to individuals at the beginning of any communication.

 

9. Right to be notified

If there has been data interruption that may have consequences for individuals' information, the person has the right to know this within 72 hours after the burglary was detected.

 

(source: SuperOffice AS)

----

 

 

GDPR Roles and Employees

UNO Maritime Ltd have designated Mr. Lars-Kristian Bjørtomt as our Appointed Person and have appointed a data privacy team to develop and implement our roadmap for complying with the new data protection Regulation. The team are responsible for promoting awareness of the GDPR across the organisation, assessing our GDPR readiness, identifying any gap areas and implementing the new policies, procedures and measures. UNO Maritime Ltd. understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and have involved our employees in our preparation plans. If you have any questions about our preparation for the GDPR, please contact our Appointed Person.

 

To unsubscribe, change your mailing preferences, correct your personal details, request a copy of your personal details, or ask us to delete or stop processing your personal details please, reply to this email or contact Lars-Kristian Bjørtomt on +47 41677067 or at lkb@unomaritime.com