Superyachts Tenders and Toys Limited is committed to protect your privacy and want to ensure that all of the information we hold about you is correct, relevant and secure. We are bound by data protection legislation and are committed to protecting your privacy. More information about how we do this and how we use your information is set out below.
In order to best serve your interests in the purchase, selling, brokering superyacht tenders and onboard toys and associated equipment or in contracting with suppliers, parts and contractors, or in connection with a company marketing event that might be of interest to you we will require certain information from you including your contact details.
Please read this Notice on data protection carefully. If you have any questions or requests, then please contact Claire Richardson on +44(0)2380 01 63 63, firstname.lastname@example.org or in writing to Superyacht Tenders and Toys Limited, Harkstead Barnes, Harkstead, Ipswich, Suffolk, IP9 1DB, UK.
This Privacy Notice is a “privacy notice” for the purposes of Applicable Data Protection Law, and in particular the European Union’s General Data Protection Regulation (“GDPR“), given by Superyacht Tenders and Toys Limited when acting in its capacity as a data controller in relation to its collection and use of Personal Data.
References to (a) “we”, “us”, or “our” mean Superyacht Tenders and Toys Limited, and (b) “you”, or “your” refer to you. References to “your information” includes but is not limited to your personal data.
Purpose of Data Protection
The purpose of data protection legislation is to protect the rights and privacy of individuals (“Data Subjects”) in respect of the Processing of Personal Data concerning them. “Personal Data” is any information relating to an identified or identifiable natural person (known as a “data subject”). A person is “identifiable” if he or she can be identified, directly or indirectly, not only by things such as a name or an identification number, but also by things such as location data or some factor specific to (for example) the physical, physiological or social identity of that person. More common examples of Personal Data include names, identification numbers, contact information, identity documents, medical records and photographic images. “Processing” covers any activity involving Personal Data and includes such things as the collection, recording, storage, adaptation, use, disclosure and destruction of Personal Data.
Superyacht Tenders and Toys will Process Personal Data in accordance with Applicable Data Protection Law.
We have policies and procedures that aim to ensure that all our staff, contractors and others that we work with and who Process any Personal Data held by us, or on our behalf, wherever in the world, are aware of, and abide by, their duties under Applicable Data Protection Law and as set out in the GDPR, which requires among other things that Personal Data must be:
- processed lawfully, fairly and in a transparent
collected for lawful purposes that are clearly specified and only further processed for compatible purposes;
relevant and limited to what is necessary for the purposes of the processing;
accurate and kept up to date, with inaccurate Personal Data being erased or rectified without delay;
kept for no longer than is necessary; and
processed in a secure manner, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
What information do you collect and use about me?
We collect and use the all or some of the following information about you (a) your name, address, phone numbers, email address, nationality, residential address, banking and financial details, and (b) any other information which we reasonably need to comply with our legal obligations. In particular:
Investors, Legal and Beneficial Owners and Beneficiaries We deal with individuals and various types of organisations that are connected with clients, such as owners and investors and beneficiaries,
As a person connected with a potential client and (if applicable) then a client that falls under this paragraph, the Personal Data that we Process about you will include personal and/or professional contact details (addresses, telephone numbers, email addresses), copy identity documents and proofs of address, copy professional and educational certificates and data to facilitate tax information exchange.
Other Client-Connected People: Advisers and Regulators We also deal with those organisations that provide professional advice or services to us or to our clients, those that supervise and regulate us and our clients, those that supply goods and services to us and our past, present and (in the case of job applicants) future staff.
As an “Other Client-Connected” person, the Personal Data that we Process about you may include personal and/or professional contact details (addresses, telephone numbers, email addresses).
Contractor/ Suppliers (and potential contractors/suppliers) As a potential contractor or supplier and then (if applicable) as a contractor or supplier, the Personal Data that we Process will include personal and/or professional contact details (addresses, telephone numbers, email addresses), documents and other proofs of standing and reputation and details of bank accounts and/or other payment details.
If you are an applicant for a job with us (a potential employee), the Personal Data that we Process about you will include:
- your name, address and contact details, including telephone numbers and email addresses;
- details of your qualifications, skills, experience and employment history;
- information about your current level of remuneration, including entitlement to benefits;
- whether or not you have a disability that we may need to make adjustments for during the recruitment process;
- information about your entitlement to reside and/or work in the place where you have applied for a job; and
- equal opportunity monitoring information, including information about your ethnic origin, sexual orientation, health and religion or beliefs.
If your application for a job with us is unsuccessful, we will retain your Personal Data for 6 months after the date on which we inform you (or any recruitment agency through which you have applied to us) that your application was unsuccessful, unless you ask us to retain your details on file for a longer period. We will delete any Personal Information no longer required and will do so in an appropriate and secure manner.
If your application for a job with us is successful, our retention of your Personal Data will be governed by our separate policy on staff Personal Data, which will be made available to you by our HR department as part of your becoming a member of staff.
Enquirers and visitors to our website
You may give us Personal Data by filling in a contact form on our website or by corresponding with us by email. In each of the above cases, the Personal Data that we Process will include personal and/or professional contact details (addresses, telephone numbers, email addresses) and, if you leave a voicemail message with us, that message may be Processed in a similar manner to email and postal correspondence. If you have stated contact preferences for service and/or jurisdiction updates and/or events that we may organise or participate in, we will also Process that information.
We will also automatically collect certain information each time you visit our website. This includes:
- technical information including the Internet Protocol (IP) address used to connect your computing device to the Internet, your browser type and version, time zone setting, operating system and platform;
- information about your visit which may include the pages viewed, page response times; and
- your country of location by reference to a look-up of your IP address against public sources.
How do you collect my information?
We collect information about you in a number of ways (a) information you provide to us through the process of obtaining a quote, (b) information you provide through communications with us in the process of purchasing any of our products or services (c) contracting with suppliers and contractors and (d) from third parties to verify for due diligence purposes.
How do you use my information?
We will process your information to:
(a) commission a search to verify your identity and due diligence where applicable. The legal basis for this processing is for our compliance with a legal obligation to which we are subject;
With whom do you share my information with?
We may share information about you with: (a) any firm, organisation or person who provides us with products or services or who we provide products and services to and organisations such as information cloud storage and IT. These providers have limited access to your information to perform these tasks on our behalf and are contractually obligated to use it consistently with this Notice (b) government or regulatory authorities when ordered or required to do so in order to identify, prevent, detect or tackle fraud, money laundering, terrorism and other crimes – this is to ensure our compliance with our legal and regulatory obligations (Article 6(1)(c), General Data Protection Regulation), (c) any firm, organisation or person to whom we sell or transfer (or enter into negotiations to sell or transfer) our business or any of our rights or obligations under any agreement we may have with you. If the transfer or sale goes ahead, the transferee or purchaser may use your information in the same way as us, (d) regulatory and governmental authorities, ombudsmen, or other authorities, including tax authorities where we are requested by them to do so.
We do not sell or otherwise pass on your contact details to any third party for marketing purposes.
Transfer of Information, Security & Retention
We may transfer your information to a supplier/contractor in a country outside the European Economic Area (EEA) but will ensure that there is adequate protection as required by applicable data protection laws. We take appropriate technical and organisational measures to guard against unauthorised or unlawful processing of the information we hold about you and against accidental loss or destruction of, or damage to, such information.
We take appropriate technical and organisational measures to guard against unauthorised or unlawful processing of the information we hold about you and against accidental loss or destruction of, or damage to, such information.
This section sets out our data retention policies and procedures, which are designed to help ensure that we comply with our legal and regulatory obligations in relation to the retention and deletion of personal data. Information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
We will retain your information for two years or as long as we are required by law. During the aforementioned periods your data is kept on-line and with a cloud provider in the UK. At the end of the period of retention your data is deleted. No paper versions of your data are collected or retained for any period. However, we may retain your information where such retention is necessary for our compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of others.
Your information may also be used by us to meet legal, regulatory or administrative obligations. We may transfer your information to to supervisory or judicial authorities dealing with, financial control, the fight against money-laundering, the financing of terrorism and the application of financial sanctions.
Your information will be processed electronically by us. Your telephone conversations with staff may be monitored and recorded to improve the quality of our service to you. Your information may be communicated by us to subcontractors and duly authorised partners for the sole purposes of implementing the aims stated above. Your information may be transferred to subcontractors established in countries not members of the European Economic Area (EEA). In this case we will, in order to ensure the security and confidentiality of your information, determine the terms and conditions for working with these subcontractors within a detailed contractual framework.
In this section, we summarise the rights that you have under applicable data protection laws. Some of the rights are complex, and not all of the details have been included in our summaries below. Accordingly, you should read the applicable data protection laws and guidance from the UK Information Commissioner for a fuller explanation of these rights. You can do so by using this link https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
You have the right to require that we:
- provide you with certain personal information we hold about you. This is called a data subject access Request.
- correct errors in your personal information and/or erase it, if you think that information we hold about you is inaccurate, incomplete or simply out of date.
- delete personal information we hold about you, if you think that holding such information is no longer justified.
- restrict the processing of your personal information e. g. you no longer want to be contacted about our products or services or the products or services of our selected partners.
provide you with a copy of the personal information we hold about you or transfer it to a third party you tell us about.
Advise your right to complain to the UK Information Commissioner: If you consider that our processing of your personal data infringes the applicable data protection laws, you have a legal right to lodge a complaint with the UK Information Commissioner (www.ico.org.uk) which is the UK data protection regulatory body.
In order to exercise your rights, please contact us by writing to Claire Richardson at the address given above.
We regularly review this Data Protection Privacy Notice to make sure that we continue to serve your privacy interests. We may make changes to it from time to time. However, we will notify you only of major changes. Such a major change could be a change in the law that affects your rights or we make changes to the list of companies that we share your information we use.
We intend to rely on this Notice for the services we provide. If you do not understand any point, please ask for further information.