PRIVACY POLICY

Oceanking understands and recognizes the importance of protecting individuals’ privacy and
personal data and is committed to respect people’s right to privacy in accordance also with
related laws and regulations. With this Privacy Notice Oceanking defines the ways personal
data is processed during its daily activities and also during your interaction with us, as well as
your rights in relation to your personal data. For any questions or inquiries regarding this
Privacy Notice or the processing of your personal data, please contact us by:

  • Email: privacy@oceanking.gr
  • Post: Oceanking S.A., 31, Bouboulinas str., 18535 Piraeus
  • Phone: +30 2104296774

What personal data does Oceanking collect?

Oceanking only collects personal data of people who are employed by or otherwise connected to our customer or principal entities. This data includes basic information and contact details such as name, phone number, email address, title and position in the related company.

The information is mainly collected either directly from you or from your related company in writing (e-mail correspondence), via telephone, from your interaction with us at our events or professional meetings (business cards) or through the use of our website, including information gathered through analytics tools and cookies.
We do not collect and we do not ask for any sensitive personal data.

Why does Oceanking collect personal data?

Oceanking will collect only basic contact information of individuals as stated above for the following purposes:

  • Managing our customer and principal relations, as part of our sales and marketing activities. That is:
      • Respond to your requests and inquiries
      • Provide you with latest shipping industry/market updates through newsletters
      • Provide you with information about our services and products which we believe may be of interest to you
      • Invite you to corporate events
      • Invite you to surveys
      • Invite you to social networks
  • Providing our services to our customers (who are legal entities)
  • Seeking potential new customers

Collecting personal information of individuals is not our primary purpose and is only limited to the absolutely basic data necessary for conducting our daily communication with co- operating businesses for above purposes.

Oceanking also collects navigational information about your usage of our website so that we can improve its operation, performance and content and personalize your experience in regards to our services and products. For further information please refer to our cookies policy.

What is the legal basis for the processing of personal data?

We, at Oceanking, collect and process your personal data based on legitimate interests in
relation to our business purposes as stated above and In the context of our daily operations.

How long does Oceanking retain personal data?

Your personal data will be retained as long as that data is necessary for the purposes
described in this Privacy Notice. In certain circumstances, we are obliged to keep that data
for longer periods, in order to comply with applicable laws. Oceanking has conducted a
retention policy, which we are committed to apply.

As we update our databases on regular basis, any inaccurate data is corrected or deleted.
Data may also be deleted upon notice.

Who does Oceanking share your personal data with?

Oceanking is the data controller of the data collected and shares these only with business
partners that process personal data as data processors on our behalf. This includes mostly
IT, ERP and service providers who maintain and operate our systems, databases and
website. All data processors acting on our behalf are obliged to comply with this Privacy
Notice.

How is personal data protected?

Oceanking is committed to safeguard your personal data, which may be stored in hardcopy
or electronic form, against any unauthorized access, use, collection, modification, copy and
disclosure.

A number of technical and organizational measures considered necessary for the protection
of your personal data on a reasonable and effective way, are applied, including:

  • Cyber security measures (antimalware, antivirus)
  • Other technical measures including back-up and encryption in databases and email archives
  • Strict password policy
  • Physical access restriction on places were personal data is kept
  • Limited access to databases where personal data is stored
  • Physical access restriction on server rooms (with access codes)
  • Regular personnel training and awareness raising on cyber security, data protection and privacy
  • Internal processes for the safety and protection of personal data, according to our privacy policy

What are your rights in regards to your personal data?

The rights surrounding your personal data, in accordance with EU Regulation GDPR, include:

    • 1. The right to be informed. Individuals have the right to be informed about the collection and use of their personal data.
    • 2. The right of access. Individuals have the right to access their personal data which are processed by our company.
    • 3. The right to rectification. Individuals have the right to request inaccurate personal data to be rectified, or completed if it is incomplete.
    • 4. The right to erasure. Individuals have the right to have personal data erased.
    • 5. The right to restrict processing. Individuals have the right to request the restriction or suppression of their personal data.
    • 6. The right data portability, which allows individuals to obtain and reuse their personal data for their own purposes across different services.
    • 7. The right to object to the processing of their personal data in certain circumstances.
    • 8. The right to complain to the Supervisory Authority.
  • 9. Rights in relation to automated decision making and profiling.

In case you would like to exercise any of your legal rights, please contact us verbally or in
writing. We will respond within one calendar month from receiving your request, unless
the request involves a significant amount of data, in which case we will respond within
three months.

For further details please check our Subject Access Request (SAR) Policy and relevant SAR Form.

What about personal data collected at Oceanking’s offices?

During your visit at our offices, we may collect basic contact information from you (i.e. through your business card) for the purposes as described above.

In case you are granted access to our wi-fi network, cyber security measures are applied (including firewalls) according to our Data Protection Policy for the safekeeping of your personal information as well as our internal networks and systems.

Our company acquires CCTV systems monitoring the offices’ main entrance for site security purposes only.

How can you apply a complaint?

For any complaints concerning how your personal data is processed by our company, please
contact us at the email, phone or mail address provided above.

If you are not satisfied by our response, you can file your complaint to the Hellenic Data
Protection Authority. For further information please visit:

http://www.dpa.gr/portal/page?_pageid=33,211532&_dad=portal&_schema=PORTAL

How often do we update the Privacy Notice?

Oceanking tries to keep all policies up-to-date and performs revisions on a yearly basis, following the needs of the data subjects and the obligations from mandatory laws. The last update of this Privacy Notice was on October 2018. The next update is scheduled by the end of September 2019.

KEEP UP TO DATE WITH OUR LATEST NEWS