GDPR PRIVACY NOTICE
We care about your privacy. This Privacy Notice explains how we collect and use your personal data. Please read it carefully. If you have any questions about this Privacy Notice, or if you want to enforce your rights, please contact ITCM’s at firstname.lastname@example.org or +30 210 8955650
This section provides a brief summary. To find out more, please use the links on this page.
Intelligence Trade & Consultancy Maritime Inc (hereafter referred to as “ITCM”) is a Shipbroking firm which may from time to time receive your personal data, please click here. The controller of personal data collected through our Website is ITCM. If your personal data is collected offline, then ITCM is also the controller of your personal data. Your personal data may also be shared between ITCM's associated entities as necessary or appropriate. We've put measures in place to keep your personal data safe whichever ITCM entity processes it.
"Personal data" in this Privacy Notice has the same meaning as in the EU General Data Protection Regulation 2016/679/EU (GDPR). Essentially, it means information which is connected to a living individual who can be identified from that information, either by itself or when combined with other data likely to come into our possession. Personal data can include information collected by certain cookies or tracking technologies if it builds up a profile of you.
We collect and use personal data in order to carry out a business which provides legal services. Any other activities and processing which we carry out is to support this primary aim. Our purposes and lawful grounds for processing your personal data vary, depending on our relationship with you and on the activity in question. You can find out more information on this by clicking on the relevant links on the page, please click here. We will never sell your personal data.
We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected and continue to process it and to satisfy any legal, accounting or reporting requirements.
Where applicable we respect your data protection rights, including to request access, rectification, restriction, deletion or "porting" of your data, and to object to our use of your data, including for marketing. We do not make decisions about you based on electronic profiling. You also have the right to complain to the applicable data protection Supervisory Authority (see here, but please contact us first so that we can address your concerns.
The controller of your personal data is Intelligence Trade & Consultancy Maritime Inc(hereafter referred to as “ITCM”)
If your personal data is collected offline, then ITCM is also the controller of your personal data. Your personal data may also be shared between ITCM's associated entities as necessary or appropriate. We've put measures in place to keep your personal data safe whichever ITCM entity processes it.
Our office is as follows.
- Intelligence Trade & Consultancy Maritime Inc, (hereafter referred to as “ITCM”), is the owner of this Website and the data controller of information gathered through it. It operates through the Athens office. ITCM is a company duly incorporated and existing under the Laws of the Republic of the Marshall Islands, which has established an office in Greece pursuant to the provisions of the Greek “Law 89/67” regime as same has been amended and is in force today.
If you have any questions or comments about this Privacy Notice, or if you wish to exercise your rights, please contact us, at any time:
- By email: email@example.com
- By telephone: +30 210 8955650
- Please note that we can only respond to you once we have received your email safely.
- Visitors to our Website. Please click here for more information on what personal data we process and how we use it.
- Client contacts. Please click here for more information on what personal data we process and how we use it.
- Business contacts. Please click here for more information on what personal data we process and how we use it.
- Third parties involved in client matters. Please click here for more information on what personal data we process and how we use it.
- Suppliers and service providers and their personnel. Please click here for more information on what personal data we process and how we use it.
- Visitors to our offices. Please click here for more information on what personal data we process and how we use it.
- Applicants for graduate recruitment opportunities with us. Please click here for our graduate recruitment privacy notice.
- Applicants for other opportunities with us. Please click here for our job applicant privacy notice
COOKIES AND TRACKING TECHNOLOGIES
|Name of Cookie||What does it do?||How long will it last?|
|_ga||Used by Google Analytics to distinguish users||2 years|
|_gat||Used by Google Analytics to distinguish users||24 hours|
|_gid||Used by Google Analytics to throttle request rates. This helps Google to manage how frequently they collect data from a user or Website over a given period||1 minute|
|c3_cc_ACCEPTED||Used by ITCM Website to remember that you have agreed to accept cookies||1 year|
|c3_cc_DENIED||Used by ITCM Website to remember that you have blocked our cookies||1 year|
|ASP.NET_SessionId||Used by ITCM Website to maintain your connection|| |
Expires when you leave the site
If you register to receive our briefings, alerts or event invitations we use tracking technology to collect information about you through such emails in the following ways:
- Opening emails: if you open the email either by downloading images in the email or clicking in a link we log such activity on our database.
- View as web page: If you click on the "view it as a web page" link, a tracking code is passed in the link so that the web page is personalized in the same way as the email.
- Links to web pages: If you click on any web link, we pass a tracking code in the link to the web page which we use to log such activity on our database.
- Unsubscribe: If you click unsubscribe, we will automatically log this information on our database. If you unsubscribe from any email invitation or alert, we will continue to store your personal data on a 'marketing suppression list' in order to make sure that we respect your wishes in the future.
- Event RSVP buttons: In our event invitations and confirmations we provide buttons to allow you to accept, decline, cancel and register (if you are not the original recipient of the email) for that event. Clicking on these buttons will pass a tracking code so we can record your choice in our database to help us manage the event.
We do this to assess whether our emails are useful or interesting to you, and to tailor them accordingly. We also need to track whether you have accepted or rejected an event invitation so that we can administer such events.
The personal data we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) as it may be processed by our service providers wHICH MAY BE located outside of the EEA.
Transfers to third parties
Where appropriate for certain client matters, we may use service providers located outside the EEA. For example, a matter we are advising on may require advice from local brokers or input from local experts. When we transfer personal data to such service providers it will usually be on an ad hoc basis, and in accordance with instructions from our clients.
Where the recipient is located in a country which has not been deemed by the European Commission to have adequate laws in place to protect it, we transfer the personal data using one of the following measures:
- The transfer is necessary for the establishment, exercise of shipbroking transaction; or
- We have the individual's explicit consent; or
- The transfer is necessary for the conclusion or performance of a contract, and we are party to that contract; or
- The transfer is necessary to perform or implement pre-contractual measures; or
Please email us at firstname.lastname@example.org if you would like further information on the specific mechanism used by us when transferring your personal data.
In order to prevent unauthorized access, distortion or disclosure of your personal data we have put in place appropriate physical, technical and organizational measures. Our service providers are required to do the same. Some of our security measures include:
- All data is managed and maintained in our secure data centers, which are accredited with the required security standards.
- We conduct an annual audit of our security controls using a third party accredited security specialist.
- Our database is on an external cloud-based provider which is compliant with all required security standards.
- Laptops and desktops are locked down and kept secure by a documented suite of IT policies, including both our Information Security Policy and Computer Usage Policy. All mobile devices are encrypted.
- We have a full Business Continuity Plan in place and review it annually. It covers the restoration of the firm's business activities.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to keep it safe.
Where you are using our IT services and we have given you (or you have chosen) a password to access certain parts of our Website, you are responsible for keeping this password confidential. Please do not share your password with anyone, except as required within your organization.
We will make any legally-required disclosures of any breach of the security, confidentiality, or integrity of your electronically stored personal data to you either directly or by posting a clear notice on our Website without undue delay.
We only keep your personal data for as long as necessary to fulfil the purposes for which we collected and continue to process it, and to satisfy any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
If you would like more information on our retention of the different aspects of your personal data please contact us at email@example.com.
If you are based in the EEA you have a number of rights under the GDPR. These rights apply to any processing carried out by our group entities and offices in the EEA. Please see more information below on what we will require from you before we can respond to such requests.
- Right to object to direct marketing
You have the right to ask us not to process your personal data for marketing purposes, including profiling (eg. tracking your usage of our Website) to the extent that it is related to direct marketing. Within a reasonable time after receipt and consideration of your objection, we will no longer process your personal data for direct marketing purposes. You can exercise your right to prevent such processing by ticking certain boxes on the forms we use to collect your personal data, or by contacting us at any time.
- Access to Information
The GDPR gives you the right to find out whether we are processing your personal data and, where that is the case, to receive a copy of the personal data we process and information on:
- why we are processing it;
- the categories of personal data we process about you;
- the recipients or categories of recipient to whom the personal data has been or will be disclosed;
- where possible, how long we plan to keep your personal data or the criteria we use to determine that period;
- information on your rights under the GDPR;
- information on where we received your personal data from if we did not receive it directly from you, and
- if we transfer your personal data outside of the EEA, details of the appropriate safeguards we have used to protect your personal data and uphold your personal data protection rights.
We will not charge you for complying with your request and providing you with a first copy. Any further copies may be subject to a reasonable administrative fee. Where your personal data is inseparable from the personal data of others, we reserve the right to redact or withhold it if it will infringe the rights of those third parties. We also reserve the right to withhold your personal data if permitted by relevant provisions in applicable local laws.
- The right to withdraw your consent to the processing of your personal data
If we process your personal data on the grounds of your consent, you have the right to withdraw your consent at any time. This will not affect the legality of our processing of your personal data up until the point at which you withdraw your consent. Please also note that we may still need to process your personal data on other grounds, for example to fulfil a contract with you or as required by law.
- The right to object to the processing of your personal data
You have the right to object to our processing of your personal data if we are using the lawful grounds 'legitimate interest' or that the processing is in the public interest. When we receive your objection we will assess our legal grounds for processing and will stop processing the personal data if we cannot demonstrate compelling legitimate grounds to continue processing the personal data.
- The right to request the restriction of your personal data
You have the right to ask us to restrict our processing of (ie. stop using) your personal data if you think that it is inaccurate, that we are processing it illegally, or that we no longer need it for the purposes for which it was collected. While we consider your request we will stop processing your personal data within a reasonable time from the date we receive your request. We will notify you of our decision and any justifications for continuing to process your personal data as soon as we can.
- The right to request amendment or erasure of your personal data.
You have the right to request the amendment of your personal data at any time if it is inaccurate. If it is incomplete, you have the right to have the information completed, taking into account the purposes of processing. You also have the right to require us to delete your personal data as soon as possible where one of the following applies:
- the personal data is no longer necessary for the purposes for which they were collected or otherwise processed;
- you withdraw your consent to us processing your personal data and we have no other legal grounds for processing it;
- the personal data has been unlawfully processed;
- the personal data must be erased for compliance with a Greece or EU legal obligation on us;
- the personal data relates to a child under 16.
The right to personal data portability
You have the right to receive personal data which you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those personal data to another personal data controller, if we are processing it on the grounds that you have consented to that processing or because it was necessary in order to perform a contract with you, and if we have no other legal bases for processing it. This will not apply to most of our processing of your personal data, but we mention it for completeness.
The right to complain to the Supervisory Authority
If you feel that we have processed your personal data unfairly or unlawfully, you have the right to complain about us to the relevant Supervisory Authority, although please contact us first so that we can put things right.
- In Greece the Supervisory Authority is the Hellenic personal data Protection Authority (HDPA), which can be contacted at firstname.lastname@example.org or on +30 210 647 5600.
How to exercise your rights
You can exercise your rights at any time by contacting us, at privacy@ITCM.gr.
Please include in your email:
- A clear statement on which rights you are seeking to enforce;
- A full description of the information or type of information that you are writing about; and
- Details which will confirm your identity, such as a scan of your passport or driving licence and a recent utility bill.
This is so that we can keep your personal data secure and respond to you as quickly as possible. If you are asking for a large range of personal data we may ask you to be more specific, so that we can manage your request as quickly and efficiently as possible.
No fee usually required
You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Time limit to respond
We aim to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
LINKS TO EXTERNAL FILES AND WEBSITES
Our Website sometimes contains links to external files and websites. The fact that we link to a file or website is not an endorsement, authorization or representation of our affiliation with it. We do not exercise control over third party files or websites.
These other websites may place their own cookies or other files on your computer, collect data or solicit personally identifiable information from you. Other websites follow different rules regarding the use or disclosure of the personally identifiable information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.
OUR POLICY TOWARDS CHILDREN
Our legal and ancillary services and our Website are not aimed at persons under 16. If you are a parent or guardian and you become aware that your child has provided us with personal data without your consent, please contact us.
We do not knowingly collect personal data from children under 16. If we become aware that a child under 16 has provided us with personal data other than for our CSR Projects, we will delete such information from our files.
CHANGES TO THIS PRIVACY NOTICE
Any changes we may make to our Privacy Notice in the future will be posted on this page and, where appropriate and feasible, notified to you by email.
Please check back frequently to see any updates or changes to our Privacy Notice.
Last updated: May 2018