Privacy Notice

We are committed to compliance with all relevant EU and Member State laws in respect of personal data and the protection of the “rights and freedoms” of individuals whose information the Cyprus Shipping Chamber (hereinafter referred to as “the Chamber”) collects and processes in accordance with the latest data protection legislation. We therefore, give particular emphasis on your privacy! This Privacy Notice is to inform you about what personal data we may hold about you, what we do with it and how we deal with it.

For any questions about this Privacy Notice, or if you want to enforce your rights, please contact Mr. Sophoclis N. Constantinou, Legal Officer on +357 25 360717 or at gdpr@csc-cy.org

 

This is our Executive Summary. For more information, please use the tabs below.

The Cyprus Shipping Chamber is the trade association of the Shipping Industry in Cyprus. The main purpose of the Chamber is to promote the interests of Cyprus Shipping and further the reputation of the Cyprus Flag, whilst promoting and protecting the interests of its Members both nationally and internationally. The Chamber is the Controller of personal data collected through online or offline means. Your personal data and the way they are processed are safeguarded through various security measures.

Our Privacy Notice uses terms which are defined and have the same meaning as in the EU General Data Protection Regulation 2016/679/EU (GDPR).

We collect and use personal data in order operate our organization lawfully, effectively and efficiently and thus, be able to offer high quality services and a constant source of up-to-date legislative, technical and commercial shipping information and advice. Any additional activities that may require further processing are carried out as an ancillary task in support to and towards enhancing this primary aim. Our purposes and legal basis for processing your personal data vary, depending on our relationship with you and on the activity in question. We will never process your personal data, if our interests are overridden by your interests or fundamental rights.

We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected and continue to process it, and to satisfy any legal and/or corporate governance obligations or practice.

We fully respect your data protection Rights, which includes a right to access, rectification, restriction, deletion or "portability" of your data, and the right to object to our use of your personal data. You also have the right to complain to the competent Data Protection Authority, but before doing so, we kindly ask you to contact us first so that we can assess and address your concerns. For more information with regard to Your Rights, please use the corresponding tab below.

 

Who we are

 

The Cyprus Shipping Chamber is the Controller of your personal data.

The Cyprus Shipping Chamber is the trade association of the Shipping Industry in Cyprus. Having witnessed considerable growth since its establishment on 26 January 1989, with originally seventeen Founding Members, the Chamber today comprises all the major shipowning, Shipmanagement, chartering and shipping related companies based in Cyprus, thus making it one of the largest national shipping associations in the world.

The main purpose of the Chamber is to promote the interests of Cyprus Shipping and further the reputation of the Cyprus Flag, whilst promoting and protecting the interests of its Members both nationally and internationally.

At a local level, the Chamber since its formation has become an influential body in local maritime affairs and today no policy decisions concerning shipping matters are taken by the Cyprus Government without consulting the Chamber. Furthermore, the Chamber through the years has established a close co-operation with many private sector organisations.

At an international level, in 1990, the Chamber was elected Member of the International Shipping Federation (ISF), which looks after the employment interests of shipowners on an international basis.  In 1993 it was admitted to the membership of the International Chamber of Shipping (ICS), which is the international association of national shipping associations and in 1995, the Chamber became Member of the Baltic and International Maritime Council (BIMCO).  In 2005, the Chamber became a Member of the European Community Shipowners’ Associations (ECSA). Moreover, the Chamber regularly participates as technical adviser to the Cyprus Government in many international meetings of the International Maritime Organisation (IMO), the International Labour Organisation (ILO) and the European Union (EU).

Through its active participation in both local and international organisations, the Chamber offers its Members high quality services, consisting of useful and up to date shipping information as well as promoting their interests both nationally and internationally.

Some of the services also offered by the Chamber are the Monthly Members’ Meetings, held through the year, where invited speakers give short presentations on a variety of shipping related subjects. Further, the distribution of a Monthly Newsletter keeps Members also fully informed on the work and activities of the Chamber and other shipping related issues.  In addition, Circulars are forwarded regularly to Members on subjects of a more technical or urgent nature.

Contact Us

 

For any questions about this Privacy Notice, or if you want to enforce your rights, please contact Mr. Sophoclis N. Constantinou, Legal Officer on +357 25 360717 or at gdpr@csc-cy.org

If you choose to contact us by post, please use the below address:

6 Regas Fereos Street

City Chambers, 1st Floor

P.O Box 56607, 3309, Limassol, Cyprus

3095, Limassol, Cyprus

What we collect and how we use it

Category A - Member-Companies’ Representatives

Please click here for Privacy Notice [CSC/PN-Reps]

Category B - Business Associates

Please click here for Privacy Notice [CSC/PN-BAs]

Category C - Third Parties

Please click here for Privacy Notice [CSC/PN-TPs]

Category D - Suppliers/Service Providers

Please click here for Privacy Notice [CSC/PN-SSPs]

Category E - Job Seekers

Please click here for Privacy Notice [CSC/PN-Jobs]

For any questions about this Privacy Notice, or if you want to enforce your rights, please contact Mr. Sophoclis N. Constantinou, Legal Officer on +357 25 360717 or at gdpr@csc-cy.org

Your Rights

  1. The right of Access to information

As a data subject, you have the right to confirm whether we are processing your personal data and, in such case, to request to receive a copy of the personal data we process, as well as supplementary information on:

  • why we are processing it;
  • the categories of personal data we process about you;
  • the recipients or categories of recipient to whom the personal data has been or will be disclosed;
  • where possible, how long we plan to keep your personal data or the criteria we use to determine that period;
  • information on your rights under the GDPR;
  • information on where we received your personal data from if we did not receive it directly from you, and
  • if we transfer your personal data outside of the EEA, details of the appropriate safeguards we have used to protect your personal data and uphold your personal data protection rights.

We will not charge you for such a request. Where your personal data is inseparable from the personal data of others, we reserve the right to object or withhold it if it will infringe the rights of those third parties. We also reserve the right to withhold your personal data if permitted by relevant provisions in applicable local laws.

  1. The right to withdraw your Consent to the processing of your personal data

If we process your personal data on the grounds of your consent, you have the right to withdraw your consent at any time. This will not affect the legality of our processing of your personal data up until the point at which you withdraw your consent. Please also note that we may still need to process your personal data on other grounds, such as, on the basis of our legitimate interests or for the performance of a contract.

  1. The right to Object to processing of your personal data

You have the right to object to our processing of your personal data if we are using the lawful grounds 'legitimate interest' or that the processing is in the public interest. When we receive your objection we will assess our legal grounds for processing and will stop processing the personal data if we cannot demonstrate compelling legitimate grounds to continue processing the personal data.

  1. The right to request the Restriction of your personal data

You have the right to request from us to restrict our processing of (ie. stop using) your personal data if you think that it is inaccurate, that we are processing it illegally, or that we no longer need it for the purposes for which it was originally collected. While we consider your request we will stop processing your personal data within a reasonable time from the date we receive your request. We will notify you of our decision and any justifications for continuing to process your personal data as soon as possible.

  1. The right to request Amendment or Rectification of your personal data

You have the right to request the amendment or rectification of your personal data at any time if it is inaccurate. If it is incomplete, you have the right to have the information completed, taking into account the purposes of processing.

  1. The right to request Erasure of your personal data

You also have the right to request from us to delete your personal data if the following conditions are met:

  • the personal data is no longer necessary for the purposes for which they were originally collected or otherwise processed;
  • you withdraw your consent to us processing your personal data and we have no other legal grounds for processing it;
  • the personal data has been unlawfully processed;
  • the personal data must be erased for compliance with a Cyprus or EU legal obligation on us;
  • the personal data relates to a child under 16.
  1. The right to personal data Portability

You have the right to receive personal data which you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those personal data to another controller, if we are processing it on the grounds that you have consented to that processing or because it was necessary in order to perform a contract with you, and if we have no other legal bases for processing it. This will not apply to most of our processing as it is based on the legitimate interests grounds, but we thought it prudent to inform you.

  1. The right to Complain to the Supervisory Authority

If you feel that we have processed your personal data unfairly or unlawfully, you have the right to complain about us to the relevant Supervisory Authority, but before doing so, we kindly ask you to contact us first so that we can assess and address your concerns.

In Cyprus, the Supervisory Authority for personal data protection is the Office of the Commissioner for Personal Data Protection. You can contact the Commissioner's Office here

How to exercise your rights

You can exercise your rights at any time by contacting our Legal Officer, Mr. Sophoclis N. Constantinou, at gdpr@csc-cy.org

In order to process your request effectively, efficiently and securely, please include in your email:

  • A clear statement on which rights you are seeking to enforce;
  • A full description of the information or type of information that you are writing about; and
  • Details which will confirm your identity, such as a scan of your passport or ID card.

International Transfers

 

Where appropriate, for certain issues/matters, we may use business associates or other third parties located outside the EEA.

For example a matter we are advising on, may require confirmation or sector-specific advice from experts located in third countries. When we transfer personal data to such business associates or third parties it will usually be on an ad hoc basis, and either in accordance with instructions from our Members or for compelling legitimate interests of the Chamber.

Where the recipient is located in a country which has not received an “adequacy decision” by the European Commission (namely, it has been deemed by the European Commission not to have adequate laws in place to protect it) we transfer the personal data by seeking to introduce Standard Contractual Clauses approved by the European Commission. For more information on Standard Contractual Clauses, see European Commission: Standard Contractual Clauses. Where the recipient is based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

Where the transfer is on an ad hoc basis, to a service provider which we do not regularly use, we will only transfer the personal data if:

  • The transfer is necessary for the establishment, exercise or defence of legal claims;
  • We have the individual's explicit consent;
  • The transfer is necessary for the conclusion or performance of a contract in the interest of the individual concerned, and we are party to that contract; or
  • The transfer is necessary in order to perform a contract between us and the individual concerned, or the implementation of pre-contractual measures taken at the individual's request.

If you would like further information on the specific mechanism used by us when transferring your personal data out of the EEA, please contact our Legal Officer, Mr. Sophoclis N. Constantinou, at gdpr@csc-cy.org

Retention

 

Under the GDPR, we may only keep your personal data for as long as necessary to fulfil the purposes for which we originally collected and continue to process it, and to satisfy any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

If you would like further information on our Retention Policy, please contact our Legal Officer, Mr. Sophoclis N. Constantinou, at gdpr@csc-cy.org

 

Data Security

The Security of your personal data is at the forefront of our general Data Protection Policy.

We have introduced appropriate physical, technical and organisational security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those who have a legitimate interest to know. They may only process your personal information on our instructions and they are subject to a duty of confidentiality. Furthermore, we have put in place procedures to deal with any suspected data security breach and will notify you and the Data Protection Authority of a suspected breach.

Our measures ensure the security of our IT system network, for our Servers, E-Mails and Website.

All data is managed and maintained at our secure Server Center in our offices and we conduct an annual audit of our security controls.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website and any transmission is at your own risk. Once we have received your information, we will do our utmost to keep it safe.

Where you are using our IT services and we have provided you (or you have chosen) a password to access certain parts of our Website, you are responsible for keeping this password confidential. Please do not share your password with anyone, except as required within your organisation.

We will make any legally-required disclosures of any breach of the security, confidentiality, or integrity of your electronically stored personal data to you either directly or by posting a clear notice on our Website without undue delay.

If you would like further information on our Data security Policy, please contact our Legal Officer, Mr. Sophoclis N. Constantinou, at gdpr@csc-cy.org

Cookies and e-footprint technologies

We use cookies and e-footprint technologies for a number of reasons such as to enable us to recognise when you have logged in and to improve your experience of the services we provide to you.

In particular, we use these technologies:

  • to keep you logged in, to improve the security of our services and for system administration, such as preventing fraudulent or disruptive activity
  • to remember your preferences and settings and other functionality you have requested
  • to record what you like and don’t like on the website and the popularity of various elements of the website so that we can ensure that it works properly at points of high usage.

On our website we use Google Analytics, and other similar services, to collect statistical information about how our website is used. They use information such as your IP address, browser type and unique identifiers stored in (first party) cookies on your device to record how you interact with our website.

If you have any questions or concerns about our use of cookies and e-footprint technologies, or if you believe there has been a breach of this policy, please contact Mr. Sophoclis N. Constantinou, Legal Officer on +357 25 360717 or at gdpr@csc-cy.org 

Amendments to Privacy Notice

 

We may amend our Privacy Notice in the future and in such case, relevant information will be posted on this page. Please check back frequently to see any updates or changes to our Privacy Notice.

Last update: May 2018