OCEAN PHOTO SERVICE Ltd. (referred to as “Ocean Photo Service”, “our”, “we” or “us”), process personal data in accordance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).
WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA
Ocean Photo Service is responsible for the processing of your personal data. For the purposes of the GDPR, we act as the data controller of your personal data and in certain situations as the data processor.
Our third-party website provider acts as a data processor of your personal data that is collected by visiting this website (i.e. cookies). Ocean Photo Service will ensure that our website provider provides sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the GDPR and ensure the protection of your rights.
We strive to protect your personal data that is collected or provided via this website, or that you provide voluntarily to Interorient, against unlawful or unauthorised processing and against the accidental loss of, or damage. Any personal data collected is done so as seen and may be held by Ocean Photo Service electronically or in hard copies.
PERSONAL DATA THAT WE MAY COLLECT FROM YOU
Below you will find a non-exhaustive list of personal data that we may collect from you by visiting this website or that you provide us voluntarily by phone, e-mail, mail or in person:
- Your contact details
- Personal data that we need in order to fulfil our business relationship with you or the organization that you represent
- Information of job applicants for processing job applications, through our Online Recruitment Process.
- General enquires with regards to our ship management services which may contain personal data
- General enquires from third parties which may contain personal data
- Personal data automatically collected from your device or web browser. More information about these practices is included in the “Cookies” section below.
- Any other personal data that you may provide us voluntarily through this website or by phone, e-mail and mail or in person
The Site may automatically collect information as you browse, such as Internet Service Provider, browser type and version, operating system and device type, average time spent on our site, pages viewed, information accessed, the Internet Protocol (IP) address used to connect your computer to the Internet and other relevant statistics. Such information is sometimes referred to as web analytics.
We may combine this automatically collected information with other information we collect about you. We do this to improve services we offer you, to improve marketing, analytics, and provide site functionality.
- We partner with a third party to either display advertising on our website or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this site in order to provide you advertising based upon your browsing activities and interests.
PURPOSES OF PROCESSING YOUR PERSONAL DATA
Ocean Photo Service may collect and process your personal data for any or all of the following purposes:
- Help enhance content and overall user experience on this website
- Process job applications
- Perform our obligations in the course of or in connection with a contract to which you are a party or in order to take steps at your request prior to entering into a contract
- Provide high quality services for our clients
- Handle business contacts
- Maintain our records
- Respond to general enquiries
- Comply with any applicable law, regulation, code of practice, guideline or rule or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority
- Any other business purposes for which you have provided your personal data
- Any other incidental business purposes related to or in connection with the above
Any personal data collected via this website, or that you provide voluntarily to Ocean Photo Service, is processed only by our authorized personnel and/or agents for the purpose for which they were collected and in accordance with the GDPR.
We may process your personal data for direct marketing purposes. For example, we may send you marketing communications and news concerning Ocean Photo Service’s services, event invitations and our company newsletter.
We respect if you do not want your personal data to be processed for direct marketing purposes and you can always inform us about this as per the section “Contact Us” found below. As soon as you notify us, your personal data will no longer be processed for marketing purposes.
LAWFULNESS OF PROCESSING OF YOUR PERSONAL DATA
We may collect and use personal data in order operate our organization effectively, efficiently and lawfully. Our purposes and legal basis for processing your personal data vary, depending on our relationship with you and on the activity in question.
Ocean Photo Service may process your personal data to the extent that at least one of the following applies:
- you have provided your consent to the processing of your personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which Interorient is subject;
- processing is necessary in order to protect your vital interests or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Ocean Photo Service;
- processing is necessary for the purposes of the legitimate interests pursued by Ocean Photo Service or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.
TRANSFER OF PERSONAL DATA
You may voluntarily provide information via this website or to Ocean Photo Service directly by email, phone, mail or in person. To respond to such enquiries, certain personal data may be passed on to the relevant personnel, department or authorized agency of Ocean Photo Service. By providing your personal data to Ocean Photo Service, you acknowledge and agree that we have the right to share your personal data with any of our personnel and authorized third parties such as our business partners, sub-contractors and/or suppliers.
We may also transfer personal data to a company or organization located outside the European Union (“EU”), to enable us to address your enquiry efficiently and to comply with any applicable laws. Personal data may also be processed by our branch offices located in or outside the EU. Ocean Photo Service will always transfer personal data within or outside the EU in accordance with the provisions of the GDPR.
We may also be obliged to disclose personal data to comply with any applicable law or to protect the property, safety or rights of Ocean Photo Service or others. For this purpose, we may disclose personal data to other organizations for, inter alia, facilitating criminal investigations. Ocean Photo Service may also be obliged to disclose your personal data under applicable laws and regulations or court orders.
PROTECTION OF YOUR PERSONAL DATA
Ocean Photo Service will take appropriate administrative, technical and organisational measures to ensure the appropriate security of personal data. An appropriate level of data security will be deployed for the type of personal data and the data processing being performed. All staff of Ocean Photo Service will be made aware of this policy, as well as our Cyber Security Policy and their duties under the GDPR.
Ocean Photo Service and therefore all staff are required to respect the personal data and privacy of others and will ensure that appropriate protection and security measures are taken against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to all personal data.
Links to third party sites
Under the GDPR, we may only keep your personal data for as long as necessary to fulfil the purposes for which they were collected and continue to process it, and to satisfy any legal, accounting or reporting requirements.
Your personal data may be stored in different locations and for different purposes. As such, personal data which has been deleted from a system because it is no longer needed, may still exist in another system for a different purpose.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
If you would like further information on our Retention Policy, please contact our Data Compliance Officers.
YOUR RIGHTS RELATING TO YOUR PERSONAL DATA
Under the GDPR, you have the right to request: (i) access to your personal data (Art. 15 GDPR); (ii) an electronic copy of your personal data (portability) (Art. 20 GDPR); (iii) correction of your personal data if it is incomplete or inaccurate (Art.16 GDPR); or (iv) objection to processing (Art.21 GDPR), deletion (Art.17 GDPR) or restriction (Art. 18 GDPR) of your personal data in certain circumstances provided by applicable law. These rights are not absolute.
Where we have obtained your consent for the processing of your personal data, you also have the right to withdraw your consent at any time (Art. 7 GDPR).
If you would like to request a copy of your personal data or exercise any of your other rights, please contact us using the contact found below in section “Contact Us”. To process your request effectively, efficiently and securely, please include in your email:
- A clear statement on which rights you are seeking to enforce;
- A full description of the information or type of information that you are writing about; and
- Details that will confirm your identity, such as a scan of your passport or ID card.
Right to Lodge a Complaint
If you feel that we have processed your personal data unfairly or unlawfully, you have the right to lodge a complaint to the relevant Supervisory Authority, but before doing so, we kindly ask you to contact our Data Compliance Officers first so that we can assess and address your concerns. In Cyprus, the Supervisory Authority for personal data protection is the Office of the Commissioner for Personal Data Protection.
You may contact our Data Compliance Officers if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, at the email shown below: