Sealogical

Privacy Notice

 

1. Introduction

Sealogical (“We”; “Us”) is committed to protecting your personal information and this Privacy Policy tells you how we collect your personal data, how we store it, how we use it, and how we keep it safe.

We shall only use your information in line with all the applicable data protection laws. We are committed to ensuring that your information is secure, so your information will be held in a secure environment, and access to it will be restricted according to the “need to know” principle. To prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and protect the information we collect online.

2. Definitions

“consent”

means the consent of the data subject which must be a freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify their agreement to the processing of personal data relating to them;

“controller”

means the natural or legal person or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data. For the purposes of this Policy, the Company is the data controller of all personal data relating to data subject, e.g. staff, customers, business contacts etc. used in our business for our commercial purposes;

“processor”

means the natural or legal person or organisation which processes personal data on behalf of a data controller;

“subject”

means a living, identified, or identifiable natural person about whom the Company holds personal data;

“EEA”

means the European Economic Area, consisting of all EU Member States, Iceland, Liechtenstein, and Norway;

“personal data”

means any information relating to a data subject who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that data subject;

“personal data breach”

means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed;

“processing”

means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

“special category personal data”

means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual life, sexual orientation, biometric, or genetic data.

3. The Rights of Data Subjects

The following key rights are applicable to data subjects:

3.1 The right to be informed;
3.2 the right of access;
3.3 the right to rectification;
3.4 The right to have your data erased;
3.5 the right to restrict processing;
3.6 the right to data portability;
3.7 the right to object;

If you wish to exercise any of these rights, please contact the Data Protection Officer on info@sealogical.com

4. Specified, Explicit, and Legitimate Purposes

4.1 The Company collects and processes the personal data set out in this Privacy Notice. This includes:

  1. personal data collected directly from data subjects and
  2. personal data obtained from third parties

4.2 The Company only collects, processes, and holds personal data for the specific purposes set out in this Privacy Notice (or for other purposes expressly permitted by the GDPR)

4.3 Data subjects must be kept informed at all times of the purpose or purposes for which the Company uses their personal data. Please refer to Part 15 for more information on keeping data subjects informed.

5. Adequate, Relevant, and Limited Data Processing

5.1 The Company will only collect and process personal data for and to the extent necessary for the specific purpose or purposes of which data subjects have been informed (or will be informed).

5.2 Employees, agents, contractors, or other parties working on behalf of the Company may collect personal data only to the extent required for the performance of their job duties and only in accordance with this Privacy Notice.

5.3 Employees, agents, contractors, or other parties working on behalf of the Company may process personal data only when the performance of their job duties requires it. Personal data held by the Company cannot be processed for any unrelated reasons.

6. Accuracy of Data and Keeping Data Up-to-Date

6.1 The accuracy of personal data will be assumed to be accurate when collected or provided by the user. If we are advised that any personal data is inaccurate or out-of-date, all reasonable steps will be taken without delay to amend or erase that data, as appropriate.

7. Data Retention

7.1 The Company shall not keep personal data for any longer than is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed.

7.2 When personal data is no longer required, all reasonable steps will be taken to erase or otherwise dispose of it without delay.

8. Data Subject Access

8.1 Data subjects may make subject access requests (“SARs”) at any time to find out more about the personal data which the Company holds about them, what it is doing with that personal data, and why.

9. Personal Data Collected, Held, and Processed

We process the personal data of subscribers, crew and other users added by the client or crew. We may collect, store and use the following personal information about you:

  • Information that you provide to us when enquiring about our services
  • Information that you provide to us when entering into a contract
  • Information that you provide to us to when subscribing to our e-newsletter
  • Information you provide directly or indirectly when recruited to work on board subscribed yachts
  • Information you choose to give us when seeking to work on board our managed yachts
  • Any other information you provide to us, including business cards

The data you provide to us may include:

  • Name, address, country
  • Telephone number
  • Email address
  • Passport
  • Date of birth
  • Nationality
  • Information about your role
  • Work experience
  • Payroll information
  • Individuals you nominate as next of kin
  • Health information where it is relevant to the service we provide

We also collect information from your computer and about your visits to and use of this website. This includes collecting unique online identifiers such as IP addresses, which are numbers that uniquely identify a specific computer or other device on the internet.