Logo Mask

Privacy Policy

Introduction

Schoeller Holdings and its affiliates (referred to as “we”, “our”, “us”, or “SH”) recognise and respect the rights and privacy of individuals. This includes our applicants, current and former employees, suppliers, passengers on board the vessels we manage, and our customers.

 

This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in Horizon Shipping Agencies. This policy is not applicable to any information collected offline or via channels other than this website.

 

It describes how we collect, handle, and process your personal data, and how, in doing so, we comply with our legal obligations. We consider privacy to be important and are committed to protecting and safeguarding your personal data privacy rights. The use of the word “processing” in this Notice is intended to include such actions as collecting, handling, using, storing and protecting your personal data.

Legal framework

Please read our cookie policy carefully which is included in our privacy and cookie policy here.

Copyright Notice

This Notice is written to comply with the applicable data protection legislation which includes, but is not limited to, the European Union General Data Protection Regulation (GDPR).

The company responsible for your personal Data (Data Controller)

Name: CSM

Phone: +357 25843100

Email: shipmanagement@csmcy.com

Address: Columbia House, 21 Spyrou Kyprianou Avenue, 4042 Limassol, Cyprus

Data Protection Officer

Name: Mr Andreas Andreou

Phone: +357 25843100

Email: CSMDPO@csmcy.com

Address:  Columbia House, 21 Spyrou Kyprianou Avenue, 4042 Limassol, Cyprus

How do we use personal data?

We may process personal data as part of our services. Such processing may include, but is not limited to, employment contracts, anti-money-laundering, risk management, claims handling, document processing, marketing, procurement, and newbuilding supervision.

Employees

In order to consider you for employment, or employ you, we need to process certain information about you. We only ask for or collect details that help us provide what is required as part of your application process or employment. For example, we need information such as your name, age, contact details, education details, employment history, emergency contacts, next of kin, immigration status, passport size photos, passport copies, overalls size, bank account details, utility bills and other relevant information required for the purposes of your employment or that you may choose to share with us. Where appropriate, and in accordance with local laws and requirements, we may also collect information of a more sensitive nature, such as diversity information, information related to your health, union membership, or details of any criminal convictions.

 

We use processors who are third parties who provide elements of services for us. We have contracts in place with our processors. This means they cannot do anything with your personal data unless we have instructed them to do it. They will not share your personal data with any organisation apart from us. They shall keep it securely, for the period we instruct.

 

For certain seafarers, for handling job applications, we shall use a third-party provider tool. This tool will be utilised by us to improve recruitment experience, efficiency and productivity.

 

Where such processing occurs, relevant privacy information shall be provided at the point of collection of personal data.

 

To enable shore employees to conduct our business, they have been provided with access to one another’s contact information including name, position, telephone number, work address, work e-mail address, and photograph (should you choose to provide one).

 

Employees should be aware that photographs and videos are taken on our premises and during events we organise; selections of such material may be used for company marketing purposes (for example on our website or in promotional leaflets or posters) and their image or parts of their image may appear in the material or the background of said material.

 

Training and maintaining proficient and qualified employees is of great importance to us and as such, various training regimes and campaigns are in place both on-board and ashore. To this end we use several training systems provided and maintained by third-party providers. These may also include automated survey service suppliers, for feedback purposes not only to improve training but other aspects of employment such as our management system or work practices.

 

Insurance plays an important role in our operations and is prominent in relation to the vessels we manage and the Office. We undertake claims handling for a large number of vessels which includes individual seafarer illness and injury, protection and indemnity claims involving cargo, shippers, and receivers, and hull and machinery claims involving the structure of the vessel. Similarly, we undertake claims handling for Employees who are insured under the Company policies. In all these claims, and particularly with medical claims, we process personal data which may be provided to the relevant insurer. We operate an open reporting policy. In the interests of maintaining confidentiality and impartiality the open reporting platform and service is provided by a third-party provider.

Customers

To enable us to communicate with you and to ensure that we meet certain legal requirements such as KYC (know your customer) and AML (anti-money-laundering), we need to have certain details of yours or details of individual contacts at your organisation (such as their names, telephone numbers and e-mail addresses).

 

We ensure that our marketing communications to you are relevant and timely.

Website Users

We collect a limited amount of personal data in order to improve your experience when using our website.

 

This includes information such as the frequency with which you access our website, and the times that our website is most popular.

Emergency Contacts

As part of due diligence and in order to protect the vital interests of our Data Subjects, we will under certain circumstances collect emergency contact details. 

Processing related to Schoeller Holdings Events

Please be aware that photographs will be taken during SH events which might be used for SH’s social media channels and Website/Publications. If you do not wish to be photographed please contact us.

The legal bases we use for lawful processing

In order to conduct business and fulfil our legal, regulatory, and contractual obligations, we need to perform legitimate and fundamental processing activities. These are:

 

  1. Establishing contracts
  2. Maintaining contracts
  3. Provision of all contracted services
  4. Invoicing: remittance, payments, and collections
  5. Non-promotional communications
  6. Marketing and other promotional communications
  7. Risk management contract review
  8. Response to Subject Requests
  9. Performance measurement
  10. IT and telecommunication support services
  11. Business Continuity and Contingency Planning
  12. Legal and regulatory obligations
  13. Responding to enquiries, requests, and complaints
  14. Employment processing
  15. Workforce planning
  16. Training and certifications
  17. Emergency communications
  18. Interacting with other organisations, industry groups, and professional associations
  19. Internal ethics reporting, security, and investigations

Who will access or receive the personal data?

We need to share the personal information we process with individuals themselves and also with other organisations. The list below contains a description of the types of organisations with which we may need to share some of the personal information we process.

 

  1. Agents and brokers
  2. Business associates, other professional bodies, and advisers
  3. Central and local government
  4. Claimants, beneficiaries, assignees, and payees
  5. Claims investigators
  6. Complainants, and enquirers
  7. Courts and tribunals
  8. Credit reference, debt collection, and tracing agencies
  9. Current, past, and prospective employers
  10. Customers
  11. Debt collection and tracing agencies
  12. Education and examining bodies
  13. Employment and recruitment agencies
  14. Family, associates, and representatives of the person whose personal data we are processing
  15. Financial organisations and advisers
  16. Healthcare professionals, social and welfare organisations
  17. Insurance providers
  18. Law enforcement and prosecuting authorities
  19. Learning management system providers
  20. Ombudsman and other regulatory authorities
  21. Open reporting system providers
  22. Other affiliated companies
  23. Pension schemes
  24. Police forces
  25. Private investigators
  26. Professional advisers
  27. Share Administrators
  28. Suppliers and services providers
  29. Survey and research organisations
  30. Training system and software providers
  31. Unions, trade associations, professional bodies, and employer associations

The countries where personal data will be stored, processed and/or transferred

Your personal data we collect may be stored and processed in the EU or any other country in which we or associated third parties maintain facilities. In case we need to transfer your personal data, we will take all reasonable measures to safeguard the transfer of your personal data to third parties in a manner that complies with the applicable data protection laws.

How long will the personal data be retained?

Retention of specific records may be necessary for one or more of the following reasons:

 

  1. Fulfilling statutory or other regulatory requirements
  2. Evidencing events/agreements in case of disputes
  3. Operational needs
  4. Historical and statistical purposes

 

Where we collect personal data for which we subsequently have no use for any business purpose we will then review and may destroy such personal data at our discretion.

 

The right to withdraw consent

In situations where we request and receive your consent to perform processing, we are also obliged to stop such processing if you decide to withdraw your consent. Withdrawing consent is as straightforward as giving consent. Withdrawing consent cannot be back-dated so it has no effect on processing already performed during the period of consent.

The right to access, change, delete, restrict, object, request a copy

Under certain circumstances you have rights regarding your personal data. These are:

 

  1. Access to a copy of your personal data
  2. Object to processing of your personal data
  3. Stop receiving direct marketing material
  4. Object to decisions being taken by automated means
  5. Have inaccurate personal data rectified, blocked, erased or destroyed
  6. Lodge a complaint with the relevant data protection authority
  7. Claim compensation for damages caused by a breach of the GDPR

 

If you are an employee, and wish to exercise any of these rights, please follow the relevant Company procedure. If you are not an employee, please contact Schoeller Holdings directly.

What happens if the personal data is not collected?

Your personal data is required for communication and setting up a contractual agreement to provide employment, products, and services. Without this data we will not be able to communicate with you or enter into a contractual agreement with you. This includes both business and employment contracts.

 

We need personal data to:

  1. Enable consensual bilateral communications
  2. Engage in pre-contractual activities
  3. Honour contractual obligations
  4. Be able to employ people

 

Without this personal data, we will not be able to perform these primary activities.

 

Automated decision making

We do not use automated decision making.