Privacy Policy
Nostra Privacy Policy
At Nostra Shipping Services (Nostra), we are committed to our customers, colleagues and associates. Part of this commitment is accountability and integrity as it relates to the collection, processing and retention of any customer and/or colleague and/or associate personal data.
At Nostra, we appreciate the importance of protecting your personal information. This EU Data Protection and Privacy Regulation requires compliance by all organizations who use data relating to EU citizens as part of their business, regardless of whether the organization resides within the EU.
In this respect, we have updated our Privacy Policy and Terms and Conditions to reflect the GDPR requirements and ensure that NOSTRA is in compliant.
1. What categories of personal data we process
We use a variety of personal information depending on the circumstances under which personal information is made available to us.
- Business contacts: We hold the names, job titles, employer details and professional contact details for various business contacts, including client contacts, supplier contacts and interested parties who have signed up for our newsletter via our website.
- Clients: Most of our clients are incorporated entities, however in the course of conducting surveys/audits, we may collect and use personal information of individuals that work for our clients. This can include names, contact details and information about an individual’s work or role at our client.
- Job applicants: Where you apply for a role with us, we will process the personal information you provide to us as part of your application and any interview selection process. This will ordinarily include your name, personal contact details, professional history, education and qualifications and references.
- Personal data automatically collected when you browse our website: When ordering or registering on our site, as appropriate, you may be asked to enter your: name, e-mail address or phone number. You may, however, visit our site anonymously.
2. The purposes for which we process personal data
Personal data actively provided by you may be used to enable us to communicate with you with regards to the services in which you have registered an interest, to make available targeted information and provide you with e-mail information on our services.
We use your information to communicate with you and improve our business relationship, to personalize and expand your business experiences as well as to provide our services and to manage our business operations. We may use your information or part of it for marketing and promotional purposes and share your information with third parties assisting us completing our business cycles.
3. Retention periods
Personal data will be deleted as soon as it is no longer needed for the purpose it was collected for to provide the services and fulfill the agreements and transactions you have requested, or for other essential purposes such as complying with our legal obligations and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly. we may, however, retain information about your previous transaction for auditing purposes (financial, quality and other audits), to ensure the integrity of our data and to fulfill legal requirements.
In the event of complying with our audit legal requirements (financial, quality and other audits), we may keep our records for a certain period, as required, to a controller which we will ensure that shall be GDPR compliant.
Unsuccessful job applicant information is retained for a period of 6 months after the position has been filled.
We will retain the personal information of business contacts that receive our newsletter until they opt-out or unsubscribe from our newsletter.
4. Sharing personal information with third parties
We only share personal information with third parties to the extent necessary for fulfilling the purposes of our work, including where necessary for the provision of services, where we are under a legal or contractual obligation to do so and where is it fair and reasonable for us to do so in the circumstances.
We may share personal information with the following third parties:
- Suppliers: We use a number of different suppliers, including IT suppliers and consultants, with whom we share personal information so that these suppliers can process personal information on our behalf. In these circumstances, we take steps required by data protection laws to ensure that these suppliers protect the personal information we share with them;
- Certification Bodies: We may be required to share personal information with accreditation and regulatory bodies, who monitor certification and audit services to ensure that we are compliant with their rules and requirements when awarding certifications and accreditations; and
- Flag Administrations: We are required to share personal information with the Flag Administrations, who monitor seafarer’s certification services to ensure that we are compliant with their requirements.
6. Monitoring and recording of communications
NOSTRA may monitor and record communications with you, such as emails for quality assurance and compliance.
7. Security
We take market standard precautions to protect personal data.
The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically and transmission of such data is therefore entirely at your own risk.
Unfortunately, no data transmission or processing can be guaranteed to be 100 % secure. Accordingly, despite our efforts to protect the personal data, NOSTRA is not able to guarantee or warrant the security of the personal data.
8. Privacy rights
You may be entitled to exercise some or all the following rights free of charge:
- require (i) information whether your personal data is retained and (ii) access to and/or (iii) duplicates of your personal data retained, including the purposes of the processing, the categories of data concerned, and the recipients or categories of recipients to whom the data are disclosed and where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- request proper rectification, removal or restriction of your personal data, e.g. because (i) of the incomplete or inaccurate nature of the personal data, (ii) it is no longer needed for the purposes for which it was collected, (iii) the consent on which the processing was based has been withdrawn, or (iv) you have taken advantage of an existing right to object to the data processing; in case your personal data is processed by third parties, we will forward your request for rectification, removal or restriction also to such third parties unless this proves impossible or involves disproportionate effort;
- receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller,
- refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;
- object at any time, out grounds relating to your particular situation, that your personal data shall be subject to a collection, processing or use;
- not to be subject to any automatic individual decisions (automatic decisions based on data processing by automatic means, for assessing several personal aspects) which produce legal effects on you or similarly significantly affect you;
- take legal actions in relation to any breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators.
9. Online activities
In the following www.nostraship.com and enviromar.com are referred to as the “Website”.
The Website uses “cookies” to help personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. We may use cookies to collect, store, and track information for statistical purposes to operate our Website and Services. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
In some special cases we also use cookies provided by trusted third parties. We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites including: Facebook and Twitter, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.
10. Revision of the Privacy Policy
Nostra may change or update the privacy policy without notice. All such changes will take effect once they have been posted in our website. It is your responsibility to monitor such updates. The privacy policy was last updated on the date stated at the beginning of this privacy policy.
11. Contact Details
If you are concerned about use of your data or have any questions regarding this Privacy Policy, please contact us here.