GDPR PRIVACY POLICY
This notice constitutes our privacy policy for SARDELIS SHIPPING AGENCY. Here we describe the
practices we follow to respect the privacy of all physical persons’ private information as per the
EU GDPR regulation which came into force from 25th of May 2018.
In this notice, personal information means data of any form (electronic, printed or verbal) which
relates to an individual and which identifies that individual, either directly or indirectly, such
as name, surname, passport copies or National ID Nr copies, personal email address, phone number,
home address, medical information, certificates of Competency for mariners, medical certificates or
other information as described by the GDPR Regulation relevant clauses.
SARDELIS SHIPPING AGENCY operates throughout all Greek Ports and terminals. SARDELIS SHIPPING
AGENCY as data controller (herein after referred as “SARDELIS SHIPPING AGENCY” or “Data
Controller”) hereby informs individuals connected with our activities that it processes personal
data provided by them directly or through their employers, supervisors or management officials.
WHO WE ARE
SARDELIS SHIPPING AGENCY is a shipping agency company based in Preveza, Greece. SARDELIS SHIPPING
AGENCY exists to offer full general agency services to ship owners, ship managers, charterers and
ship brokers subject to the party involved in the appointing of our company. The broad range of
services we offer extends from full agency services, to crew changes, medical assistance to crews
etc. (see full list of offered services in our website).
INFORMATION WE MAY COLLECT FROM
INDIVIDUALS DIRECTLY
During the conduct of our agency services, and subject to the orders we receive from Masters /
Owners or generally our principals, we may be called to conduct: operational email exchanges, crew
changes, VISA issuance formalities for crewmembers, escorting mariners to medical services and
transmitting medical reports to ship owners / crew managers for confirming the fitness of mariners
to work, entry of various kinds of 3rd-party service providers to the ports’ ISPS areas. The
information you give us for successfully attending the above operations may include name, surname,
passport copies or National ID Nr copies , personal email address,
phone number, home address, medical information, certificates of Competency for mariners, medical
certificates.
INFORMATION WE RECEIVE FROM OTHER SOURCES
During the conduct of our agency services, and subject to the orders we receive from Masters /
Owners or generally our principals, we are called to communicate various forms towards State
Authorities (Port Authorities, Customs Office, ISPS officers of Ports, Police Authorities) subject
to our National Regulations concerning matters of National Safety. Therefore, we are processing and
transmitting crew lists, passenger lists, and personal details of third party providers to all
relevant authorities as per regulations in force. We are collecting these information or lists
through your employers / ship owners / crew managers / ships Masters.
DISCLOSURE OF YOUR INFORMATION
We may share your personal information with: The Data Controller’s staff deputed to the processing
of personal data (including, but not limited to): Employees of the Company, ISPS officers of the
Ports that vessels are calling for our services, Greek Embassies, Consulates, ship owners’ manning
agents, Police Authorities, Port State control authorities, Customs Authorities, selected
third-parties including business partners, suppliers and sub-contractors for the performance of any
contract we enter into with them or you, providing you have given the necessary consent. We don’t
sell any of your information to anyone, and we never will.
We may disclose your personal information to third parties: to fulfill the obligation provided by
the law, regulations, protocols and national and EU legislation; to implement laws required by
public Authorities; to allow the defense in court if such occurs for any reason whatsoever.
HOW DO WE RESPOND TO LEGAL REQUESTS?
We access, preserve and share your information with regulators, law
enforcement or others in the following circumstances:
1. In response to a legal request, where we believe in good faith that the law requires us
to do so. We can also respond to legal requests where we believe in good faith that the response is
required by law in that jurisdiction, affects individuals in that jurisdiction, and is consistent
with internationally recognized standards.
2. When we believe in good faith it is necessary to: detect, prevent and address
fraud, or other harmful or illegal activity; to protect ourselves (including our rights, property
or services), you or others, including as part of investigations or regulatory inquiries; or to
prevent death or imminent bodily harm.
WHERE WE STORE YOUR DATA
The data that we collect from you will be stored in a destination inside the
European Economic Area (“EEA”) and will not be transferred outside the EEA unless
we have your explicit consent to such transfer and storage. In any event, your data will only ever
be transferred to organizations where an approved code of practice from the competent DPA in
relation to data protection is adopted.
In any case, if personal data will be transferred to countries that do not provide the same level
of protection, or in any case an adequate level of protection, SARDELIS SHIPPING AGENCY will ensure
that it will enter into specific contractual obligations according to the applicable data
protection legislation (including the execution of the Standard Contractual Clauses as approved by
the European Commission) with each service provider, unless we can rely on any other legal basis
for the transfer of personal data.
We will take all steps reasonably necessary to ensure that your data is treated securely and in
accordance with this privacy policy.
SECURITY
SARDELIS SHIPPING AGENCY works to protect the confidentiality and security of information it
obtains in the course of its business. Access to such information is limited and policies and
procedures are in place, designed to safeguard the information from loss, misuse and improper
disclosure.
We use strong encryption, both when your information is moving to or from our email address and
also whilst your information is held by us. Once we have received your information, we will use
strict procedures and security features to try to prevent unauthorized access.
DATA RETENTION POLICY
SARDELIS SHIPPING AGENCY stores personal data for the time necessary to achieve the purposes for
which data are collected and further processed, including any retention period required under the
applicable legislation (e.g. retention of accounting documentation) and subject to any applicable
laws, for a maximum of 5 years from the storage of the personal data.
YOUR RIGHTS
Under the General Data Protection Regulation, you have the right to access, rectify, report, limit
and erase your data. You can exercise those rights by contacting us at
COMPLAINTS
In the event that you wish to make a complaint about how your personal data is
being processed by SARDELIS SHIPPING AGENCY or its partners and affiliates, you have the right to
complain to sardelis.agency@gmail.com.
CONTACTS
If you have any questions concerning this privacy policy and data protection, please contact
SARDELIS SHIPPING AGENCY at sardelis.agency@gmail.com.
Date of Last Revision: 19.12.2018.
