At MCTC Marine Ltd., we respect your privacy. The protection of your personal data (such as your name, email address or telephone number) is therefore of particular importance to us. Our data protection practice and procedures comply with the provisions of the EU Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data 2016/679, the “General Data Protection Regulation” or “GDPR” as well as with additional legal national requirements.

Names and Address of the Controller

MCTC Marine Ltd

Archiepiskopou Leontiou A, 183

3020 Limassol, Cyprus

Tel: +357 25 000 021

Email: [email protected]

Web: www.mctconsultancy.com

 

This also applies for the following companies of MCTC Marine Ltd.

 

MCTC Far East Incorporated

20th Floor BDO Plaza,

8737 Paseo de Roxas,

Makati City, 1209 Philippines

Tel : +63 2 772 5710

Email: [email protected]

Web: www.mctconsultancy.com

 

MCTC Germany GmbH

Hohenzollernring, 18, 22763 Hamburg, Germany

MCTC Singapore Pte. Ltd.

Singapore:

9 Temasek Boulevard, # 20-04, Suntec Tower 2, 038989, Singapore.

 

MCTC Marine Ltd, MCTC Far East Incorporated, MCTC Germany GmbH, MCTC Singapore Pte. Ltd.  and any subsidiaries thereof (together “Group Companies”)

 

Address of the Data Protection Officer

We value your trust. Should you have any questions regarding the collecting, processing or use of your personal data, in the case of revocation of consent, information, correction,   restriction or deletion of data, please contact:

Email: [email protected]

 

Or

 

Postal Address:

MCTC Marine Ltd

Archiepiskopou Leontiou A, 183

3020 Limassol, Cyprus

 

Introduction

MCTC Marine Limited and its affiliates (referred to as “we”, “our”, “us” or “MCTC”) recognise and respect the rights and privacy of individuals. This includes our applicants, current and former employees, suppliers, customers and other third parties.

 

This privacy policy (“Privacy Policy”) explains how we collect, handle, and process your personal data, and how, in doing so, we comply with our legal obligations. Whether we are considering your application for employment, continuing our relationship with you, providing you with a service, receiving a service from you, or if you are visiting our premises or our website.

 

We consider privacy to be important and we are committed to protecting and safeguarding your data privacy rights. The use of the word “processing” in this Privacy Policy is intended to include such actions as collecting, handling, using, storing and protecting your personal data. This Privacy Policy applies to the personal data of Data Subjects such as yourself, our employees, customers, visitors, suppliers of goods and services, website users, and others whom we may contact in order to collect more information about our employees or those whom they have indicated as an emergency contact or other third parties.

Our website may provide links to third party sites. Since we do not control those Websites, we encourage you to review the privacy policies of these third-party websites. MCTC is not responsible for the privacy practices or content of third-party websites.  By visiting our website, you signify your acceptance of the terms of our Privacy Policy as may be amended from time to time. If you do not agree with the terms of this Privacy Policy, please do not use the Website.

Legal framework

 

This Privacy Policy has been implemented by the organization for the purposes of its compliance with the applicable data protection legislation which includes, but is not limited to, the GDPR.

 

How do we collect and use data?

You directly provide us with most of the data we collect. We collect and process data when you:

We may also collect personal data through third parties, such as your employer in case of course participants.

We may process personal data as part of our services. Such processing may include, but is not limited to, employment contracts, document processing, marketing and procurement and is necessary to enable us to:

Rights of the data subject

If your personal data is processed, then you are a “data subject” within the meaning of the GDPR. You have the following rights vis-à-vis the controller:

  1. Right of access: You may request information about your data processed by us, in particular about the purposes of processing, the category of personal data, the categories of recipients to whom the data have been or will be disclosed by us, the envisioned period of storage, the existence of a right of rectification, erasure, restriction of processing or objection to it, the existence of a right to lodge a complaint, where your data are collected from (if these are not collected by us), and the existence of automated decision-making, including profiling.
  2. Right to rectification: You have the right to demand without undue delay the rectification of inaccurate personal data stored by us as well as to have incomplete personal data stored by us completed.
  3. Right to erasure: You have the right to demand that personal data stored by us be erased as long as the processing of this data is not necessary to fulfill a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.
  4. Right to restrict processing of your personal data: You have the right to demand that processing of your personal data be restricted in the following circumstances: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. Data that is restricted will not be deleted from our databases, but they will not be processed as long as the restriction is in effect.
  5. Right to data portability: You have the right to receive the personal data on you that you have provided us in a structured, commonly used and machine-readable format or to demand that it be transmitted to another controller.
  6. Right to object: Consent given to process your personal data can be revoked at any time. As a result of this, we will no longer be permitted to continue processing data based on this consent in the future.
  7. Right to lodge a complaint: You have the right to lodge a complaint with the supervisory authority. To do so, you can contact the supervisory authority of the place of business of our company as per the information provided at the end of this Privacy Policy.
  8. Right to withdraw consent: In situations where we request and receive your consent to perform processing, we are also obliged to stop such processing if you decide to withdraw your consent. Withdrawing consent is as straightforward as giving consent. Withdrawing consent cannot be back-dated so it has no effect on processing already performed during the period of consent.

In order to exercise your rights as a data subject, please contact our Data Protection Officer as per the provisions of this Privacy Policy.

Upon receipt of a request by you, we have one month to respond to you.

When a data subject makes the request by electronic means and unless otherwise requested by you, the information will be provided in a commonly used electronic form.

If an individual exercises his or her rights in accordance with the GDPR, we will not charge any fees. However, a reasonable fee based on administrative costs may be charged for any further copies or for any other reason if we consider it reasonably necessary that we might incur administrative costs.

 

What personal data do we collect?

Employees:

In order to consider you for employment, or employ you or after the completion of the employment relationship, we need to process certain information about you. We only ask for or collect details that help us provide what is required as part of your application process or employment. For example, we need information such as your name, age, contact details, education details, employment history, emergency contacts, immigration status, photos, passport details and copy, bank account details, social insurance number and tax information and other relevant information required for the purposes of your employment or that you may choose to share with us. Where appropriate, and in accordance with local laws and requirements, we may also collect information of a more sensitive nature, such as diversity information, information related to your health, or details of any criminal convictions.

To enable employees to conduct our business, they have been provided with access to one another’s contact information including name, position, telephone number, work address, work e-mail address, and photograph (should you choose to provide one).

Customers

To enable us to communicate with you and to ensure that we meet certain legal requirements such as KYC (know your customer), we need to have certain details of yours or details of individual contacts at your organisation (such as their names, telephone numbers and e-mail addresses). We ensure that our marketing communications to you are relevant, timely and respectful.

Course Participants

We collect the basic personal data (i.e. name surname, contact details, performance details and nationality) of the course participants to provide the services their employer has engaged us to provide as per the service agreement we have signed with them. We may also collect additional personal data for providing tailored nutritional consultation services to you.

Website Users

As you interact with our website, we may automatically collect Technical Data (i.e. which might include internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website) about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please refer to further information provided below on our Cookie Policy for further information. Our website does not enable our visitors to communicate with others.

Furthermore, you may contact our company directly via our website by entering your personal data which includes your name and email. If you choose to do so, you may add your company name and phone number. You do, however, have the option to contact us directly by email or phone without entering and sharing your personal data. Any personal details collected via our website will be used only to respond to your inquiries. Your personal data will not be stored by us unless explicitly requested by you.

Suppliers of goods and services

We collect a small amount of information from our Suppliers to ensure that operations work properly. We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).

Visitors

When visiting our premises, we collect the necessary personal data required for security and notification purposes.

How do we store your data?

We have in place the necessary technical and organizational measures for the security and confidentiality of the personal data that we process.

Personal data are stored securely, using a mixture of encryption, password protection, access-controlled areas and servers/back-ups all kept with multiple lock protection.

The legal bases we use for lawful processing

In order to conduct business and fulfil our legal, regulatory, and contractual obligations, we need to perform legitimate and fundamental processing activities.

These are:

  1. Establishing contracts
  2. Maintaining contracts
  3. Provision of all contracted services
  4. Invoicing: remittance, payments, and collections
  5. Non-promotional communications
  6. Marketing and other promotional communications
  7. Risk management
  8. Contract review
  9. Response to subject requests
  10. Performance measurement
  11. IT and telecommunication support services
  12. Business Continuity and Contingency Planning
  13. Legal and regulatory obligations
  14. Responding to enquiries, requests, and complaints
  15. Employment processing
  16. Workforce planning
  17. Training and certifications
  18. Emergency communications
  19. Interacting with other organisations, industry groups, and professional associations
  20. Internal ethics reporting, security, and investigations

 

Marketing and other promotional communications

We may process personal data to inform you about products, services and offers that may be of interest to you and/or your business and/or your employers. The personal data that we process for this purpose consists of information you provide to us and data we collect and/or infer when you use our services. We can only use your personal data to promote our products and services to you if we have your explicit consent to do so or, in certain cases, if we consider that it is in your legitimate interest to do so.

You have the right to object at any time to the processing of your personal data for marketing purposes by contacting us at any time.

You have the right at any time to stop us from contacting you for marketing purposes by opting – out as easily as you have opted – in for receiving the said marketing communication.

 

Third-Party Access and Data Disclosure

The recording, processing and use of personal data is carried out by us as well as other companies in the corporate group of MCTC or by external service providers who are contracted by us and both contractually and legally bound to data protection. In these cases, we ensure that Group companies and these external service providers abide by the relevant legal data protection rules.

 

Otherwise, other than as set out in this Privacy Policy we will not share your personal data with any third parties and no third parties shall have access to your personal data. We may also need to share your personal data from time to time to comply with the law. We will only forward data to the responsible authority in the event of official or legal demands as well as legal obligations to transmit data. This also applies in the event of a court order for transmission. In the case of an official, legal or judicial obligation to transmit data, we will examine in each individual case whether the transmission complies with the basic principles of the GDPR and/or the applicable national law.

Job Applicants

We may contact the following parties in connection with our recruitment processes and, in order to obtain the information required from those parties, share your personal information:

Course Participants

Details of your course progress report, correspondence and grades will be shared with your employer.

The “Safe Food Handling and Nutrition Course” is endorsed by the Cyprus Department of Shipping, and we are therefore obligated to inform them every time a participant commences and completes the course. We share with the Cyprus Department of Shipping your Name, Surname, Rank, Date of Birth, Nationality, Gender, your final grade, the date when you commenced with the course and the date when you completed the course. The Cyprus Department of Shipping may require this data to issue a Cyprus flag state endorsement upon completion of this course, if requested to do so in the future.

Personal data shared with us for participating voluntarily and obtaining our tailored nutritional consultation services will not be shared with your employer.

 

The countries where data will be stored, processed and/or transferred

Your personal data we collect may be stored and processed in the EU or any other country in which we or associated third parties maintain facilities. Such third parties may have access to personal data solely for the purposes of performing the contractual obligations as specific accordingly to our relationship, and not for any other purpose. In case we need to transfer your personal data, we will take all reasonable measures to safeguard the transfer of your personal data to third parties in a manner that complies with the applicable data protection laws.

In these circumstances, personal data will only be transferred on the following bases:

 

How long will the data be retained

Retention of specific records may be necessary for one or more of the following reasons:

  1. Fulfilling statutory or other regulatory requirements
  2. Evidencing events/agreements in case of disputes
  3. Operational needs
  4. Historical and statistical purposes

Where we collect personal data for which we subsequently have no use for any business purpose we will then review and may destroy such personal data at our discretion.

Where we collect personal data on the basis of consent, we will proceed with their disposal upon receipt of the request for the withdrawal of consent, unless there is any other legal ground for continuing the processing of such data.

The personal data of the data subject will be erased or restricted as soon as the purpose of storing the data ceases to apply. Furthermore, data may be stored if doing so has been provided for by European or national lawmakers in EU regulations, laws or other provisions to which the controller is subject. The data will likewise be restricted or erased if a storage period stipulated by the aforementioned rules expires, unless it is necessary to continue storing the data in order to conclude or fulfill a contract.

We have an obligation, during a participant’s working life, to provide factual information on what they have studied and achieved, i.e. a transcript and copy of the certificate of achievement. The retention period for these records should reflect the need to fulfil this obligation over long periods of time. Participant records will be kept for not less than 6 years after a participant has completed the course to provide detailed records which may be used in the event of a claim made by the participant.

 

What happens if the data is not collected?

Your personal data is required for communication and setting up a contractual agreement to provide employment, products, and services. Without this data we will not be able to communicate with you or enter into a contractual agreement with you. This includes both business and employment contracts.

We need personal data to:

  1. Enable consensual bilateral communications
  2. Engage in pre-contractual activities
  3. Honour contractual obligations
  4. Be able to employ personnel
  5. Be able to provide our services

Without this data, we will not be able to perform these primary activities.

Newsletter

You have the opportunity to sign up for the free “What’s Cooking” newsletter. In order to send out our email newsletter, we work together with a service provider to which we need to pass on your email address details. We take care to ensure that the data is only used for the purposes of sending the requested emails to you. If you have signed up for our newsletter, you are also consenting to the collection of data upon receipt of the email newsletter (opening, click and unsubscribe rates, bouncebacks, devices, geotracking). Such data will be used solely for the purposes of performing internal analyses. You are free to subscribe to or unsubscribe from our newsletter at any time.

When you take part in our feedback survey

When you take part in our feedback survey, we record your  organization name, your job role and your answers to questions we ask about your opinion of, and use of, our products and services.

We use this information to develop and improve our products and services and our customer relationships. Your job role,  organization and some or all of your comments may be publicly displayed on our website as a testimonial. We will do this based in our legitimate interest in marketing our products and services.

Your details will not be shared with any third parties nor to make any automated decisions that might affect you.

 

Automated decision making

We do not use automated decision making.

Hyperlinks

Our internet sites may contain hyperlinks (i.e., electronic cross-references) with which internet sites from other companies can be called up. This Data Privacy Policy does not apply to these linked internet sites belonging to other companies.

Cookies

A cookie (sometimes also referred to as a browser cookie, HTTP cookie, Internet cookie or Web cookie) is a small file sent from a Web server to your computer whenever you visit a website.) If you return to the website later, your Web browser sends the small file to the server to notify the website of any previous activity you engaged in on the site. Once you return to a website, the server can retrieve the cookie file from local computer to assist in expediting certain functions such as logging in and retrieving account or user data.

When do we use cookies on our websites?

Cookies may also be placed in your browser when visiting our website via third party application plugins or when using third party modules on the website. This applies when using social media “sharing” tools via third party application plugins. We do not, however, have access to details regarding your social media or personal data during this process.

The table below demonstrates the cookies that we use and explains why we use them.

1st Party COOKIE NAMES

Universal Analytics (Google) Cookies

_ga 

_gid 

_gat 

_gali

These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited.

Read Google’s overview of privacy and safeguarding data

https://support.google.com/analytics/answer/6004245

All above data is collected anonymously

Necessary Cookie
PHPSESSID

To store a the logged in user’s username and a 128bit encrypted key. This information is required to allow a user to stay logged in to a web site without needing to submit their username and password for each page visited. Without this cookie, a user is unable to proceed to areas of the web site that require authenticated access.

Controlling Cookies on your Device

Cookies on an Internet device help make the user experience of our websites better. By continuing to use this website, you are consenting to the use of this site’s cookies and similar technologies for the purposes we describe in the Cookies section of this Privacy Notice. If you do not agree to the use of cookies in this or any such way, you can set your browser privacy and cookies settings accordingly. Most internet browsers are initially set up to automatically accept cookies. You can change the settings to block cookies or to alert you when cookies are being sent to your device, as well as delete them. There are a number of ways to manage cookies. Please refer to your specific browser instructions or help screen to learn more about how to adjust or modify your cookie browser settings. If you use different devices to view and access this website (e.g. PC, smartphone, tablet, Smart TV) you will need to ensure that each browser on each device is adjusted to suit your cookie preferences accordingly. For further information on Cookies, such as deleting, disabling or blocking cookies, please visit AboutCookies.org For more specific information on how to adjust cookie configurations, please refer to your specific browser.

Even though we are not collecting cookies for our purposes, the following first party cookies are collected when you visit our site. A first-party cookie is a cookie set by the domain name that appears in the browser address bar.

Modifications to Privacy Policy

MCTC reserves the right to amend this Privacy Policy from time to time and the updated versions will be posted on our website and date stamped so that you are aware of when the Privacy Policy was last updated. Your continued use of our Website following the posting of changes to these terms means you accept these changes.

Contacting Us

If you have any questions about this Privacy Policy, please email or contact us as follows referencing “Privacy Policy”:

MCTC Marine Ltd

Archiepiskopou Leontiou A, 183,

3020, Limassol, Cyprus

Email: [email protected]

 

Updated: 13 May 2024