Terms and conditions

Introduction

1. A person’s privacy is important to SIA “Ultramarin”. The purpose of this Policy is to provide information on personal data processing intentions, legal basis, extent, protection and processing term in the time of acquiring the data, as well as following good practice and protecting the reputation of Company.

Data Controller and contact information

2. The Data Controller is - SIA “Ultramarin” (hereinafter referred to as – Company), Registration number: 40103185820, Legal address: 76, Gustava Zemgala Gatve, 16th Floor, "EUROPA" business centre, Riga, LV-1039, Republic of Latvia. Contact information: +371 67383938, [email protected].

Policy scope and legal basis

3. This Policy is applied to ensure the privacy and personal data protection in regard to physical persons – seafarers, hereafter referred to as – Clients, and other natural persons related to the Client, whose data has been transferred or made known to the Company.

4. This Policy applies to the protection of identifiable physical persons with regard to the processing of personal data and to the free movement of such data in accordance with General Data Protection Regulation No 2016/679 of European Union, the data protection normative acts of Republic of Latvia and rules of this Policy.

5. This Policy applies to the Company, all branches and employees of the Company, as well as all contractors, partners and other people and companies, cooperating with the Company.

6. This Policy concerns data processing regardless of the form and/or environment that the Client has submitted their personal data in and in what electronic systems or physical form of the Company they are processed in.

7. This Policy will be reviewed periodically, but not later than every 3 (three) years. The Company reserves the right to modify and update this Policy at any time. Changes to this Policy will come into effect immediately upon such changes being approved by the Company Board.

Personal data

8. A list of categories of personal data that can be processed with the Client’s consent and other legal bases of data processing is established in the Company’s data processing record that is available in person in the Company’s office.

Purposes of processing personal data

9. The Company processes the Client’s personal data for the following purposes:

  • providing services, including but not limited to the Client’s identification, the identification of the position and qualification, determining work experience, employing on Latvian and foreign ships, the preparation and execution of the contract of employment (CoE), finalising visas, airline tickets, and other travel documents, confirming health status, administrating settlements, drawing up professional documents, arranging necessary documents and formalities of the flag state, port and border control needs, settling insurance formalities;
  • business planning and analytics – statistics and business analysis, planning and accounting, increasing efficiency, ensuring data quality, preparing reports, risk management activities;
  • provision of information to any government administration of the Republic of Latvia or foreign and operational subjects in the events and amount set in external normative acts;
  • other specific purposes of which the Client is informed at the moment that Client submits the relevant data to the Company.

Legal bases for processing personal data

10. The Company processes personal data according to the following legal bases:

  • The Client has given consent to the processing of personal data for one or more specific purposes;
  • Processing is necessary for the performance of a contract or in order to take steps prior to entering into a contract;
  • Processing is necessary for compliance with a legal obligation to which the Company is subject;
  • Processing is necessary to protect vital interests of the Client or another natural person;
  • Processing is necessary for legitimate interests pursued by the Company or by a third party, except where such interests are overridden by the Client’s rights.

11. The legitimate interests of the Company are:

  • Commercial activity, verification of identity, qualification and work experience before signing a CoE;
  • Provision of CoE commitments and preservation of submitted data;
  • Analysis and improvement of the Company’s database;
  • Account administration, motivation, and segmentation for service efficiency;
  • Service provision, progress notification, fraud prevention, business analytics, accounting, administration, legal protection.

Personal data processing and protection

12. The Company processes and protects personal data using modern technologies and available resources considering privacy risks.

13. The Company may transfer Client data to shipowners and/or their authorized management companies based on the Client’s consent.

14. The Company may authorize partners to perform services such as visa processing, training, documentation etc. Partners are considered Data Processors.

  • 15. The cooperation partners of the Company (in the status of data processors) will provide the fulfillment of requirements for the procession and protection of personal data according to the Company’s requirements and legislation, and will not use the personal data for other purposes other than the obligations on behalf of the Company.

Personal data recipient categories

16. The Company does not disclose personal data to third parties, except in the following cases:

  • To Latvian/foreign shipowners or representatives with the Client’s consent for potential CoE;
  • To the flag state's maritime Administration for documentation;
  • To travel-related entities for travel arrangements;
  • To port agents for embarkation/disembarkation and medical assistance in ports;
  • To insurance companies in case of incidents during the contract;
  • To law enforcement or authorities as required by law.

Transferring data outside EU/EEZ

17. Data may be transferred outside the EU/EEZ only when:

  • The Client has explicitly consented after being informed of risks;
  • The transfer is necessary to perform a contract with the shipowner or pre-contractual steps;
  • The transfer is required to protect vital interests where the Client is unable to give consent.

Data storage duration

18. Data is stored while:

  • The Client has consented, but no longer than 10 years after last CoE unless required otherwise;
  • Legitimate interests of the Company or Client exist as per law;
  • The Company has a legal obligation to retain data.
  • 19. After the reasons for retention expire, data is deleted permanently.

Client’s rights

20. The Client may access their data via ultramarin.crewinspector.com.

21. The Client may request access, correction, deletion, limitation of processing, or data portability, unless restricted by law.

22. Requests may be submitted:

  • In writing at the Company’s office with ID;
  • By e-mail signed with secure e-signature to [email protected];
  • Through the self-service site ultramarin.crewinspector.com.

23. The Company verifies identity, evaluates the request and acts in accordance with law.

24. The Company responds within 30 days by the Client’s preferred method. Two requests per year are free, additional ones cost €10 each.

25. The Client may contact the Company’s Data Protection Officer at [email protected]. All complaints are confidential. Response within 30 days.

26. The Company ensures legal compliance and resolves complaints. If unresolved, the Client may contact the Data State Inspectorate of Latvia.

Client’s consent and withdrawal

27. Consent is given via ultramarin.crewinspector.com or the service application form.

28. Consent may be withdrawn at any time via the site or in person.

29. Withdrawal does not affect processing carried out while consent was valid.

30. Withdrawal does not stop processing based on other legal grounds.

Communication

31. The Company contacts the Client using the provided contact information.