MTM Data Protection Policy

1. Policy brief & purpose

Our Company Data Protection Policy refers to our commitment to treat information of employees, customers, stakeholders and other interested parties with the utmost care and confidentiality.

With this policy, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights. It also summarizes the rights which the data subject has, including the right to request information.

This Data Protection Policy is in compliance with Regulation (EU) 2016/679 containing the General Data Protection Regulation (the “GDPR” or “Regulations”) and any amendments made to this Regulation hereafter.

2. Scope

This policy refers to all parties (employees, job candidates, customers, suppliers etc.) who provide any amount of information to us.

3. Who is covered under the Data Protection Policy?

Employees of our company and its subsidiaries must follow this policy. Contractors, consultants, partners and any other external entity are also covered. Generally, our policy refers to anyone we collaborate with or acts on our behalf and may need occasional access to data.

4. The information we collect

As part of our Operations, we need to obtain and process information. The information we collect depends on your association or interaction with MTM. Our Company collects this information in a transparent way and only with the full cooperation and knowledge of interested parties. Examples of such association or interaction amongst others could be in the form of a ship owner client, seafarer in our employment, a seafarer applicant, an office employee, an applicant for office employment, existing approved vendors or service providers as well as prospective vendors or service providers. Some key examples amongst others, of the information collected are;

  • Your identity – This includes for individuals, your date of birth, Passport details, National Identity details, contact details, bank details, professional and academic qualifications and similar details of your family. For a Company, it includes financial, organizational, contact and service details.
  • Your interaction with us – For example a note of a call you make to one of our offices, an email or letter you send us or other records of any contact you have with us.
  • Your preferences – This would include products and / or services provided by MTM or other organizations engaged by MTM whilst conducting our business.
  • Information from other organizations - These include business directories, employment websites, employment agencies, credit reference agencies or individuals we believe you have authorized to provide your personal details on your behalf.

5. Ways we collect your personal information

The information collected includes any offline or online data that makes a person identifiable such as names, addresses, usernames and passwords, digital footprints, photographs, social security numbers, financial data etc.

We may collect such information when you;

  • Apply to MTM for a job on board a vessel or in the office.
  • Require to be processed for approval as a vendor or service provider.
  • As an existing vendor, service provider, seafarer or employee require to update your personal details.
  • Visit our web site or sites.
  • Enquire about our services.
    In the process of delivering our services, we may use or share your information with your prior consent as follows;
  • Process your regulatory compliance with requirements for joining or leaving from a vessel.
  • Process your travel arrangements to and from a vessel.
  • Process your local employment requirements for employees ashore.
  • Process travel arrangements for employees ashore.
  • Respond to demands from Government Agencies or Law Enforcement Authorities.
  • Enable us to process invoices and payments.
  • Respond to enquiries and requests from you or people you have authorized.
  • Inform you about circulars, safety alerts and general updates which are required for the efficient execution of the Company’s business.
  • Perform market analysis.
  • Conduct market research and customer satisfaction surveys to improve our service, develop new products or processes.

6. Ways we protect your personal information:

Once this information is available to us, the following rules will apply.
Our data will be:

  • Accurate and kept up-to-date.
  • Collected fairly and for lawful purposes only.
  • Processed by the company within its legal and moral boundaries.
  • Protected against any unauthorized or illegal access by internal or external parties.

Our data will not be:

  • Communicated informally.
  • Stored for more than two years from the time a data subject is made inactive in the Company’s system.
  • Distributed to any party other than the ones agreed upon by the data’s owner.

7. Rights of the Data subject;

In addition to ways of handling the data the company has direct obligations towards people to whom the data belongs. Specifically, we must:

  • Let people know which of their data is collected.
  • Inform people about how we’ll process their data.
  • Inform people about who has access to their information.
  • Have provisions in cases of lost, corrupted or compromised data.
  • Allow people to request that we modify, erase, reduce or correct data contained in our databases without undue delay.

8. Monitor and respond

To exercise data protection, we’re committed to:

  • Assigning a dedicated Data Protection Officer who has full authority to implement this Policy and Procedures, restrict and monitor access to sensitive data and respond to the legitimate queries by the data subjects or Authorities.
  • Develop transparent data collection procedures.
  • Train employees in online privacy and security measures.
  • Build secure networks to protect online data from cyberattacks.
  • Establish clear procedures for reporting privacy breaches or data misuse.
  • Include contract clauses or communicate statements on how we handle data.
  • Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorization etc.).

Our data protection provisions will appear on our website.

9. Disciplinary Consequences

All principles described in this policy must be strictly followed. A breach of data protection guidelines will invoke disciplinary and possibly legal action.

 
 
 

Designed & Developed by ORIGINHAK