Global Technology Ltd (“GTMaritime”), registered in England and Wales with company number 3657237, whose registered office address at 11 Padgate Business Park, Green Lane, Padgate, Warrington, Cheshire, WA1 4JN (We) are committed to protecting and respecting your privacy.
This policy sets out the basis on which any data (both personal and non-personal) we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your data and how we will treat it. By visiting our websites and using our services you are accepting and consenting to the practices described in this policy.
For the purpose of EU GDPR and UK GDPR (Applicable Data Protection Laws), we are the controller of personal data, save in relation to personal data which is processed through any of our software systems that are operated for our customers. In such case, we will be the processor.
What information we process and why we process this information
The company processes email data which may contain personal information, as it has entered into a commercial contract with your organisation, and to meet its obligations under this contract.
Information you give to us – When signing up to use our software services on behalf of your organisation we require you to provide us with personal information, such as your name, company name, email address and telephone number. We will process this personal data as controller and only use this information to carry out our obligations arising from any contracts entered into between your organisation and us. We will use this information to contact you to notify you about any changes to our products and services that you are utilising.
Information we collect about you from our websites. With regard to each of your visits to our site(s) we may automatically collect the following information:
• Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
If you contact GTMaritime’s Customer Operations, Finance or Sales Operations Teams, we keep a record of your communication to help solve any issues you might be facing or to respond order requests or invoice queries.
How we use your information
We are allowed to use and share your personal data only where we have a proper reason to do so. The law says we must have one or more of these reasons and these are:
- Consent – where you agree to us using your information in this way e.g. sending you marketing communications relating to our business, products or services.
- Legitimate Interests – this means the interests of GTMaritime in managing our business and where there is a reasonable expectation from you as the data subject based on the relationship you have with us.
- Legal Obligation – where there is a statutory or other legal requirement to share this information.
Below is a list of ways that we use your personal information, and which of the reasons described above we rely on to do so. If we rely on legitimate interests, we also describe what we believe these legitimate interests to be:
Any information (including, but not limited to personal data) that passes through our systems may be anonymised and analysed. Such analysis may result in derived, aggregated or statistical data outputs. All such outputs and any derivatives of them belong to GTMaritime, which shall be free to use them as it sees fit.
Information that we share
We do not share personal information with companies, organisations or individuals outside of GTMaritime unless one of the following circumstances apply:
If your software services are managed for you by a reseller who provides user support to your organisation, then they will have access to your software services and information. Your reseller may be able to:
- Access or retain information stored as part of your account.
- Receive your account information in order to satisfy applicable law, regulation, legal process or enforceable government request.
- Change your account password.
- Suspend or terminate your account access.
For external processing
We process emails, that may contain personal information, on our servers in countries around the world through our trusted IT partners who support our business systems and process it for us. This is based on our instructions and in compliance with this Privacy Notice and any other appropriate confidentiality and security measures. We do this to provide you with a high quality available service.
For Legal reasons
We will only share personal information with companies, organisations or individuals outside of GTMaritime if we have a belief in good faith that access, use, preservation or disclosure is reasonably necessary too:
- Meet any applicable law, regulation, legal process or enforceable governmental request.
- Enforce applicable terms of Service, including investigation of potential violations.
- Detect, prevent or otherwise address fraud, security or technical issues.
- Protect against harm to the rights, property or safety of GTMaritime, our users or the public, as required or permitted by law.
Our commitments to you
All GTMaritime employees and processors engaged by GTMaritime who have access to and are associated with the processing of personal data, are obliged to handle customer information with the upmost confidentiality and (in the case of processors) under a written contract which is compliant with Applicable Data Protection Laws.
We work hard to protect GTMaritime and our users from unauthorised access to or unauthorised alteration, disclosure or destruction of information that we hold. The organisation has a documented “Information Security Policy” and a set of subordinate security policies and controls relating to our management of data and information security. In particular:
- GTMaritime operate separate corporate and customer infrastructures to maintain complete physical and logical separation between networks.
- GTMaritime take steps to minimise the exposure of systems to the Internet.
- The Customer infrastructure can only be accessed by GTMaritime staff with a legitimate need. All access is granted on the principle of “least privilege”. Access is secured with multi-factor authentication.
- Security of data is reviewed on a regular basis with policies and procedures updated where necessary.
- Failure to comply with company security obligations is met with disciplinary action up to and including dismissal.
- GTMaritime review all processing activities on a yearly basis to ensure they remain relevant, lawful and limited to the agreed purposes.
- Information is only stored for as long as is necessary with retention periods, which are reviewed annually.
- Information is only stored electronically and there is a mandatory and consistent encryption deployed on all Company devices including laptops and mobile phones.
- GTMaritime ensures that all suppliers it works with are compliant with data protection regulations through the procurement process and with contracts that are entered into.
WHERE WE STORE YOUR PERSONAL DATA
How long we keep your information
We will only keep the information that is necessary to enable us to provide you with the services that you have requested (list above) for as long as it takes us to provide that service and as otherwise described below.
The length of time we hold your personal information is determined by the purpose for which we hold that information.
Email data, which may contain personal information, processed through our Customer systems is stored in line with your selected archiving options. Upon termination of an email account all email data will be deleted automatically within 60 days unless you determine when and how the deletion or return of information should take place.
We may need to retain personal information you have supplied to us when signing up for our software services to establish facts or bring or defend legal claims. For this purpose, we will always retain customer information, which may contain personal data, for a period of 7 years after the date it is no longer needed by us for the purpose listed under ‘How we use your information’ above.
If you have asked us not to use your details for marketing purposes either as an existing customer or new contact and we do not have an existing business relationship with you, we may still need to keep your personal information to ensure our systems reflect your preferences. You have the right to request this information is deleted as per the ‘What are your rights’ section below.
What are your rights
You have the following rights in relation to the personal data we hold about you. There is more information on these on the Information Commissioners website www.ico.co.uk.
- Right of access – to request access to your personal information about how we process it.
- Right to rectification – to have your personal information corrected if it is inaccurate and to have incomplete personal information completed.
- Right to erasure (also known as Right to be forgotten) – to have your personal information erased unless we have to keep that information for legitimate business or legal purposes.
- Right to restriction of processing – to restrict processing of your personal information.
- Right to data portability – to electronically move, copy or transfer your personal information in a standard form.
- Right to object – to object to processing of your personal information.
- Rights with regards to automated individual decision making, including profiling.
Where you have provided consent for us to contact you, you are free to withdraw consent at any time by contacting us using the information below.
Should you need to contact us or have any questions relating to this privacy notice or how your information is processed, please write to our Data Protection Representative: