This data protection declaration applies to KGJ Group and subsidiaries’ (the company) processing of personal data.
Kristian Gerhard Jebsen Skipsrederi AS (914 530 393 MVA) is appointed Controller for all personal data, collected and processed by us.
Personal data are all data that can be linked to you as an individual, i.e. name, telephone number or appraisal.
The purpose of this data protection declaration is to provide information about which personal data we process, why we process personal data and which rights you are entitled to in this regard.
Which personal data are processed?
The company processes the following personal data:
– Telephone number(s)
– E-mail address
– Personal identity number
– Bank account details
– Marital status
How are personal data collected?
The company collects personal data mainly via the company’s web page, direct contact via e-mail and telephone, LinkedIn and possible third parties (i.e. recruitment companies or manning agencies).
The company collects personal data from you directly and/or through third parties. To the extent that personal data is compiled from other third parties, you will be informed about which third party has provided the information, which personal data has been gathered, the purpose with the intended processing of the personal data, the legal basis for processing these personal data and possible recipients of the personal data. Furthermore, we will inform you how long we intend to store the personal data and which rights you are entitled to.
The purpose of collecting personal data
The company collects personal data in order to conduct recruitment processes, maintain business relations and overviews of suppliers.
How are personal data stored and secured
Personal data are stored in the company’s personnel system, digital filing system, e-mails and in physical and lockable cabinets. The systems are access controlled and protected by usernames and passwords. E-mails containing personal data are to be encrypted by the sender, including possible attachments containing personal data. The company’s network will have the best protective means possible to avoid any intruder to have access to personal data. This includes also measures such as firewalls, backup systems, anonymization, built in protection systems and data minimizing.
How to delete personal data?
The company has internal routines that safeguard that your personal data are deleted in accordance with the personal privacy regulations.
If you are of the opinion that there are grounds for deleting all or parts of your personal data, you are kindly requested to contact the company for the deletion of your personal data.
Distribution to a third party
Personal data are not distributed/shared with external third parties. KGJ Group and subsidiaries will on occasion make use of subcontractors who process personal data on our behalf. We will only engage subcontractors who have submitted guarantees that the personal data will only be used for the purpose they have been contracted and always in compliance with personal privacy regulations.
When KGJ Group and subsidiaries processes your personal data, the regulations provides you with the following rights/entitlements vs the company:
- You can request access into which personal data we process regarding your person and which security measures are in place when making use of your personal data.
- You can request to correct and/or supplement personal data information we process regarding your person.
- You can request restricted processing of your personal data.
- You can file an objection for processing your personal data.
- You can request that your personal data is deleted. Such request must be acceded to, unless we can justify (i.e. legal obligations) that we are obligated to retain/store certain personal data about you.
- You can request that personal data being processed by us is transferred to another controller, (i.e. to another company).
If the company’s processing of your personal data is based on a consent form, you can withdraw your consent at any time, without giving any reasons for this.
If you are of the opinion that KGJ Group and subsidiaries are not in compliance with your rights in accordance with the regulations (GDPR/The Personal Data Act), you have the right to file a complaint to the controlling authority, which is in our case “Datatilsynet” (the Norwegian Data Protection Authority). This can be achieved by sending a written complaint to “Datatilsynet”. “Datatilsynet”’s contact information can be found on their website; www.datatilsynet.no.
KGJ Group and subsidiaries
Zander Kaaes gt 7, 5015 Bergen, Norge
Zander Kaaes gt 7, 5015 Bergen, Norge