From 25 May 2018, the European Union (‘EU’) General Data Protection Regulation (‘GDPR’) will be in force.
GDPR is designed to protect European citizen’s fundamental rights in relation to the “processing” of their personal data. “Processing” data means any operations performed on personal data such as collecting, recording, storing, adapting or otherwise making the data available.
Under the GDPR, European citizens have a right to be informed about the ways their personal data is processed, with whom it is shared, and what actions they can take in relation to it.
WHO WE ARE
Infinity Shipbrokers is a shipbroker company located in Oslo.
WHAT PERSONAL DATA WILL INFINITY COLLECT FROM YOU?
Infinity will only collect personal data from you which we need in order to carry out our ordinary course of commercial activity.
Infinity employees may have the following personal data on you:
- Email Address(es)
- Phone numbers(s)
- Country of residence
This personal data will be held exclusivley on our internal system and will therefore only be accessible to Infinity employees and IT department.
HOW WILL INFINTY USE THIS PERSONAL DATA?
Your personal data is currently stored by Infinty on its servers in Oslo.
Inifnity will use this personal data to carry out its business activities with customers and suppliers (predominantly shipbrokering activity).
WHO WILL INFINITY SHARE THIS PERSONAL DATA WITH?
Infinity will only share this personal data among its employees.
HOW LONG WILL INFINITY KEEP THIS PERSONAL DATA FOR?
Your personal data will be kept on Infinity’s system for the period of time that you and/or your employer has a business relationship with Infinity.
Your personal data will be deleted if we learn that you have left your employer, your employer ceases to be a supplier and/or customer of ours, or if your employer ceases to exist altogether. If none of these options applies and this personal data has been on our system for over 24 months without being used, it will be deleted.
WHAT RIGHTS DO YOU HAVE?
You have the following rights under the GDPR regarding your personal data:
- that it will be processed lawfully, fairly and in a transparent manner by Infinity.
- that it will be collected for a specific purpose, which means that Infinity:
- will only collect your personal data for specified, explicit, and legitimate purposes; and
- will not process your persona ldata in an incompatible manner with those purposes, except under limited circumstances.
- that it will be kept minimal, which means that Infinity will ensure that your personal data is:
- limited to what is necessary for the purposes of processing.
- that it is accurate, which means that Infinity will ensure that your personal data is: correct and kept up to date;and
- amended or deleted without delay when inaccurate.
- that it is easily accessible, which means that Infinity will be able to provide you with details of the personal data they hold on you in a Word document or by e-mail;
- that it is kept integral and confidential, which means that Infinity keeps your personal data secure through appropriate technical and organisational measures against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Infinity’s IT Department, located in Oslo and Tønsberg, is putting in place measures to ensure the personal data detailed above is protected on their servers. If any personal data were to unfortunately be hacked, Infinity’s IT Department is also currently working towards having the personal data encrypted so that any leak would be unusable by the hacker. If the encryption fails and if the personal data stolen is significant, Infinity will advise you as soon as possible if your personal data is at risk.
WHO CAN YOU SPEAK TO IF YOU HAVE ANY CONCERNS?
If you have any concerns about how Infinity is using your information then initially you should contact the Infinity GDPR Team at firstname.lastname@example.org and if your complaint remains unresolved then you can see our homepage www.infinityshipbrokers.no.