Conautic is committed to the protection of your personal data. Conautic collects, uses, discloses and retains your personal data in accordance with the Personal Data Protection Act 2012 (PDPA), the European GDPR Act, and our own employment procedures.
The purpose of this Data Protection policy is to regulate how Conautic collects, uses, discloses and retains your personal data relating to your employment on board inland river vessels. We developed this Policy as part of our on-going commitment to the protection of your personal data.
For a summary of our privacy commitment to you, including the type of personal data we collect, how we collect it, how to access, correct or update your personal data, or what to do if you have a complaint about the treatment of your personal data, please refer to our privacy statement available on our website at www.conautic.com or by contacting us by sending an e-mail to cma@conautic.com.
Objectives
The objectives of this Policy are to:
- Provide a set of privacy and personal data protection standards that govern our procedures and protect the privacy of your personal data.
- Demonstrate our on-going commitment to protecting your privacy and addressing any privacy concerns that you might have.
- Describe the ways in which we collect, use, disclose and retain your personal data.
- Ensure that we comply with the PDPA.
- Facilitate our compliance with any further developments in the protection of personal data.
Personal Data Protection Act 2012 (PDPA)
Below, we provide guidance as to how to collect, use, disclose and retain your personal data in accordance with the PDPA and how we administer the Policy.
Consent Obligation (PDPA section 13 to 17)
Consent required
Conautic shall not collect, use, or disclose your personal data unless:
- You give, or are deemed to give, consent to the collection, use or disclosure of your personal data, in view of your employment with Conautic or
- The collection, use or disclosure of your personal data without your consent is required or authorized under the PDPA or other written law.
Provision of consent
- Conautic Maritime Inc. shall not, as a condition of providing employment services on board inland river vessels to you, require you to consent to the collection, use or disclosure of your personal data beyond what is reasonable to provide the employment services to you.
- Conautic shall not obtain or attempt to obtain your consent for collecting, using or disclosing personal data by providing false or misleading information with respect to the collection, use or disclosure of your personal data or use deceptive or misleading practices.
Deemed consent
- You are deemed to consent to the collection, use or disclosure of your personal data for a purpose if:
- You voluntarily provide your personal data to Conautic for the purpose, albeit without expressly providing your consent; and
- It is reasonable that you would voluntarily provide the data.
- If you give, or deemed to give, consent to the disclosure of your personal data by Conautic to another organization, for a purpose, then you are deemed to consent to the collection, use or disclosure of your personal data for that particular purpose by such other organization.
Withdrawal of consent
- On providing reasonable notice to Conautic, you may at any time withdraw any consent given or deemed to be given, in respect of Conautic’s collection, use or disclosure of your personal data for any purpose.
- You may submit the withdrawal of consent via e-mail to cma@conautic.com. On receipt of such notice, Conautic shall inform you of the consequences of withdrawing your consent.
- If you withdraw your consent, then Conautic shall cease collecting, using or disclosing your personal data.
Purpose Limitation Obligation (PDPA section 18)
Limitation of purpose
Conautic may collect, use or disclose your personal data only for the following purposes:
- all purposes relating to employment on board an inland river vessel; and
- where you have been informed in accordance with clause 4.2. of this policy, to the extent applicable.
Notification of purpose
Conautic shall provide you with the following information whenever we seek to obtain your consent to the collection, use or disclosure of your personal data, except under circumstances where your consent is deemed or is not required:
- The purpose for the collection, use or disclosure of your personal data, on or before collecting your personal data;
- Any other purpose for the use or disclosure of your personal data of which you have not been informed under clause 4.2.1. of this policy, before the use or disclosure of your personal data for that purpose; and
- On request by you, the contact details of the Conautic Data Protection Officer (DPO) who can answer your questions about the collection, use or disclosure of your personal data.
Access and Correction obligation (PDPA section 21 and 22)
Access to your personal data
On your request, and subject to the restrictions set forth in the PDPA, Conautic shall as soon as reasonably possible, provide you with:
- Your personal data that is in Conautic’s possession or control; and
- Information about the ways in which your personal data has or may have been used or disclosed by Conautic within a year before the date of your request.
Correction of your personal data
You may request Conautic to correct an error or omission in your personal data that is under Conautic’s control or possession. Conautic shall:
- Correct your personal data as soon as practicable; and
- Inform you that the data has been corrected accordingly.
Accuracy Obligation (PDPA section 23)
Conautic shall make reasonable efforts to accurately record your personal data as given by you and make reasonable efforts to ensure that your personal data is accurate and complete.
Protection Obligation (PDPA section 24)
Conautic shall protect personal data in its possession or control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or any other similar risks.
Retention Limitation Obligation (PDPA section 25)
Conautic shall cease to retain documents containing your personal data, or remove the means by which your personal data can be associated with you, as soon as it is reasonable to assume that:
- The purpose for which your personal data was collected is no longer being served by retention of your personal data;
- Retention is no longer necessary for legal or business purposes.
Transfer Limitation Obligation (PDPA section 26)
Conautic shall not transfer your personal data outside of the Netherlands except in accordance with the requirements of the PDPA.
Openness Obligation (PDPA section 11 and 12)
Conautic is transparent about how it uses personal data. The purpose for the collection, use or disclosure of your personal data, on or before collecting your personal data is solely for the purpose of your employment on board inland river vessels.
Do Not Call Provisions
Conautic shall not send any marketing messages and other product information messages.
Complaints handling procedure
- Should you be unsatisfied with our treatment of your personal data or you believe there has been a breach of this policy, please contact Conautic’s Data Protection Officer (details in clause 16 below) and clearly set out the nature of your concern in writing only.
- Your complaint will be reviewed, and you will be provided with a written response within one month.
Compliance with this Policy
- Conautic implements this policy through the use of proper procedures and staff training to ensure compliance with this policy.
- We ensure that all employees and any representatives who deal with personal data are aware of the standards of this policy.
- Conautic requires that all employees and any representatives with access to personal data maintain confidentiality concerning that personal data.
- Our procedures for handling personal data are developed to implement the standards of this policy. Conautic trains its employees in the proper conduct of those procedures.
Review of Conautic’s data protection policy
Conautic ensures that this policy remains current and continues to fulfill its objectives, so it will be reviewed periodically.
Data Protection Officer (DPO)
For further information about this policy or if you would like to contact Conautic’s Data Protection officer regarding a concern you might have please send an e-mail to:
cma@conautic.com attn.: Conautic Data Protection Officer.