Privacy Notices

C TRANSPORT MARITIME S.A.M. (“CTM” or “we”), is committed to comply with applicable personal data protection laws in countries where CTM operates and ensure that it treats personal data in a lawful, fair and transparent manner. To this end we would like to inform you about the personal data we collect about you, how we use it and how you can exercise your rights in this respect. Please select the Privacy Notice relevant to you:

Privacy Notice for Website Visitors

What is the purpose of this document?

C Transport Maritime S.A.M. (“CTM” or “we”) takes your privacy seriously and is committed to protecting your personal information when visiting our website. This privacy notice applies to visitors of our website. This privacy notice describes how we collect and use personal data about you when you use our website, in accordance with the EU General Data Protection Regulation (“GDPR”).

This website (https://ctmmc.com) is owned and operated by CTM, the data controller of your personal data. This means that CTM is responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of how we collect and use personal data about you as well as other information contained in this privacy notice.

This notice does not form part of any contract to provide services. We may update this notice from time to time.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are aware of how and why we are using such information. This privacy notice supplements the other notices and is not intended to override them. Please be aware that a separate privacy notice applies to our business customers, suppliers and business partners.

Please note that our website and other digital platforms may contain links to third party websites / digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own digital platforms. We recommend that you check the privacy and security policies and procedures of each and every website / digital platform that you visit.

Data Protection Principles

In compliance with applicable data protection laws, CTM commits that the personal data we hold about you must be:

  1. Used lawfully, fairly and in a transparent way;
  2. Collected only for valid purposes, clearly explained to you and not used in any way that is incompatible with those purposes;
  3. Relevant to the purposes we have told you about and limited only to those purposes;
  4. Accurate and kept up to date to the best of our knowledge (you are required to inform us of changes to your personal data to ensure our records are up to date);
  5. Kept only as long as necessary for the purposes we have told you about;
  6. Kept securely; and
  7. Shared with third parties only as required and relevant to the purposes we have informed you of. When shared with third parties, we will make reasonable efforts to ensure such third parties comply with GDPR.

The type of information we hold about you

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are “special categories” of more sensitive personal data which require a higher level of protection.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, title, company name and position.
  • Contact Data includes email address, physical address and telephone numbers.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage Data includes information about how you use our website. (e.g. the time spent on each page and the details about the path followed within the website with special reference to the sequence of pages visited).
  • Marketing and Communications Data includes your preferences in receiving alerts from us.

Cookies

In common with many other website operators, we use standard technology called ‘cookies’ on our website. Cookies are small pieces of information that are stored by your browser on your computer’s hard drive and they are used to record how you navigate this website on each visit.

Cookies are used on websites to help visitors navigate around them effectively. They are also used to perform certain vital functions within a website. You can disable cookies through your internet browser, however, this may impact on how websites work.

Cookies also provide information to website owners to analyze visitor behavior patterns, for example, how many visitors view a particular page.

More information about cookies can be found at www.allaboutcookies.org

Our Use of Cookies

When someone visits our website we collect standard internet log information and details of visitor behavior patterns. We do this to monitor and analyze our website traffic.

We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. We will not associate any data gathered from our site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Google Analytics

Place of processing: USA

We use a tool called “Google Analytics” to collect information about use of our website. Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google collects information such as how often users visit our website, what pages they visit when they do so, and what other sites they used prior to coming to our website. Google utilizes the data collected to track and examine the use of our website, to prepare reports on its activities and share them with other Google services.

Google may use the data collected to contextualize and personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to our website is restricted by the Google Privacy Policy. Google provides website visitors the ability to prevent their data from being used by Google Analytics (Google Analytics opt-out).

How is your personal data collected?

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity and Contact Data by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you contact us or subscribe to our alerts or fill in the contact form.
  • Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.

Purposes for which we will use your personal data and legal basis for processing

We will only process your personal data when and to the extent that the law allows us to. In broad terms, we use your data for the following purposes:

  • To better understand how people use our website to enable us to create better content and more relevant communications;
  • Provide you with information you have requested from us;
  • To share industry news and information with you; and
  • To communicate with you in general.

The above categories of information are necessary (a) for our legitimate interests (for running our business, provision of administration and IT services, network security, define types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) and (b) to comply with a legal obligation.

If you fail to provide personal data

If you fail to provide certain information when requested, or unprompted when it has changed, we may not be able to fulfill the above purposes.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so and, if required, we will request your consent prior to doing so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where and to the extent this is required or permitted by law.

Data Sharing

We may have to share your data with (a) third-party service providers (b) other third parties and (c) authorities, to the extent permitted by law and on a need to know basis.

Which third-parties process my personal data?

The third parties (including contractors and designated agents) which may process some or all of your personal data, as the case may be, are:

  • Website maintenance service providers
  • Judicial authorities or regulatory bodies

How secure is your information with third-party service providers?

CTM requests third-party service providers to assure CTM that they take appropriate security measures to protect your personal data in line with our policies. CTM requests its third-party service providers assurance they will not use your personal data for their own purposes but will only process your personal data for specified purposes and in accordance with our instructions and will retain your personal data only as long as required for said purpose in accordance with legal requirements.

Transferring information outside the EU

The above third parties may be located outside EU. When there is no adequacy decision by the European Commission in respect of the countries where such entities are established, we will only effect such transfers as reasonably required for the purposes outlined in this notice on the basis of appropriate safeguards and/or the derogations under Articles 46 and 49 of GDPR.

Data Security

We have put in place appropriate security measures to prevent your personal data from being lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Protection Officer.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data Retention

How long will we use your information for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. To determine the appropriate retention period for personal data, we consider the applicable legal requirements and the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.

In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Rights of access, correction, erasure, and restriction

Your rights in connection with personal data

You have the right to:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to another party.

If you want to review, verify, correct or, under certain circumstances as provided by law request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us at dpoctm@ctmmc.com.

If you subscribe or have previously subscribed to receive our newsletters, you can choose to stop receiving the same. Follow the unsubscribe instructions included in such communications in order to opt-out.

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us at dpoctm@ctmmc.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Data Privacy Officer

We have appointed a Data Privacy Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the Data Protection Officer at the following e-mail address: dpoctm@ctmmc.com

Alternatively, you may send your written comments, inquiries or concerns to:

C Transport Maritime S.A.M.
Gildo Pastor Center – 7, rue du Gabian
MC 98000 Monaco

Changes to this privacy notice

We aim to meet high standards and so our policies and procedures are constantly under review. From time to time we may change this privacy notice. Accordingly, we recommend that you check this page periodically in order to review the latest version.

Privacy Notice for Customers, Suppliers and Partners

What is the purpose of this document?

This privacy notice applies to individuals who work for or on behalf of or who are beneficial owners, shareholders and directors of former, existing or prospective customers, suppliers and business partners  of C Transport Maritime S.A.M. (“CTM” or “we”). This privacy notice describes how we collect and use personal data about you during and after your business relationship with us, in accordance with the EU General Data Protection Regulation (“GDPR”).

The data controller of your personal data is CTM. This means that CTM is responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of how we collect and use personal data about you as well as other information contained in this privacy notice.

This notice does not form part of any contract of employment or other contract to provide services. We may update this notice from time to time.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions (including our website privacy notice) when we are collecting or processing personal data about you, so that you are aware of how and why we are using such information.

Data Protection Principles

In compliance with applicable data protection laws, CTM commits that the personal data we hold about you must be:

  1. Used lawfully, fairly and in a transparent way;
  2. Collected only for valid purposes, clearly explained to you and not used in any way that is incompatible with those purposes;
  3. Relevant to the purposes we have told you about and limited only to those purposes;
  4. Accurate and kept up to date to the best of our knowledge (you are required to inform us of changes to your personal data to ensure our records are up to date);
  5. Kept only as long as necessary for the purposes we have told you about;
  6. Kept securely; and
  7. Shared with third parties only as required and relevant to the purposes we have informed you of. When shared with third parties, we will make reasonable efforts to ensure such third parties comply with GDPR.

The kind of information we hold about you

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are “special categories” of more sensitive personal data which require a higher level of protection.

We will collect, store, and use the following categories of personal data about you:

  • Personal details (to the extent required) such as:
    • Name and surname
    • Telephone number
    • E-mail address
    • Address
    • Passport number, national ID number, tax code
    • Other personal information that may be provided in a contract if you are the signatory of it
  • Professional details such as:
    • Job title
    • Department and name of organization
    • Relationship with the relevant customers, suppliers and business partners
    • Other information that your organization may include in a bid document

We may also collect, store and assess information about criminal convictions. For more information please see the relevant section below (‘Information about criminal convictions’).

How is your personal data collected?

Most of your personal data is provided directly by you or your organization in the course of its business relationship with us. We may however collect personal data about criminal convictions from screening service providers. For more information please see the relevant section below (‘Information about criminal convictions’).

Purposes for which we will use your personal data and legal basis for processing

We will only process your personal data when and to the extent that the law allows us to. We need your personal information in the list above primarily for the following purposes (or for compatible purposes):

  • Business operations
    • Considering bids of our potential counterparties
    • Executing agreements, reports and other documents which are required in the course of day-to-day business
    • Performing or receiving the services provided under the agreements with our customers, suppliers and business partners
    • Managing business and investor relationships
    • Carrying out marketing activities
    • Providing access to our premises including our offices and vessels
    • Communicating with third parties
  • Business management
    • Management reporting
    • Financial and accounting management
    • Mergers and acquisitions
    • Ship Sale and Purchase
    • Compliance with “Know Your Customer” procedures
    • Internal / external audits and investigations
  • Compliance with laws
    • Compliance with legal, tax, and regulatory obligations
    • Complying with health and safety obligations
    • Dealing with disputes involving you or your organization
    • Processing personal data to comply with data subject requests pursuant to this privacy notice

The relevant personal data will only be processed (a) where it is necessary to enter into a contract with you; or (b) where it is necessary to comply with our legal obligations; or (c) where it is necessary to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights are protected and do not override those interests; or (d) in limited circumstances and only if legally required, with your consent.

CTM may process your personal data by using both automated processing and hard copies.

If you fail to provide personal data

If you fail to provide certain information when requested, or unprompted when it has changed, it will negatively affect our ability to communicate with you, or our ability to enter into a contract with a counterparty or continuing to contract with a counterparty. It may also prevent us from complying with our legal obligations.

Information about criminal convictions

To comply with our legal and regulatory obligations (especially with anti-bribery and corruption and anti-money laundering laws and other regulatory requirements) and to protect our assets and employees, we carry out screening on existing and potential business counterparties both pre-contract and on a periodic basis afterwards. This screening includes carrying out searches using an online screening tool provided by a screening service provider and may include individuals such as directors, officers and shareholders of our current and potential counterparties. To the best of our knowledge, these searches take place against publicly available or government issued sanctions lists and media sources. Your organization may also share such data with us in the course of our anti-bribery and corruption due diligence.

This data may include personal data regarding suspected and actual criminal convictions, criminal records or proceedings regarding criminal or unlawful behavior but only for the purposes of ensuring our compliance with legal and regulatory obligations and/or to the extent permitted or required by law.

Our due diligence officers will always review the screening results and any other information that may be provided by your organization and there will be no automated decision making in relation to our counterparties or potential counterparties.

Data Sharing

We may have to share your data with: (a) third-party service providers (such as advisors, consultants, external auditors and law firms, screening service providers etc.), (b) other third parties, and (c) authorities and regulatory bodies or agencies to the extent permitted by law and on a need to know basis.

How secure is your information with third-party service providers?

CTM requests third-party service providers to assure CTM that they take appropriate security measures to protect your personal data in line with our policies. CTM requests its third-party service providers’ assurance they will not use your personal data for their own purposes but will only process your personal data for specified purposes and in accordance with our instructions and will retain your personal data only as long as required for said purpose in accordance with legal requirements.

Transferring information outside the EU

We may transfer the personal data we collect about you to third-parties not established in the European Union nor in a country for which the European Commission has issued an adequacy decision. This means these countries to which we transfer your data are not deemed to provide an adequate level of protection for your personal data. However, we will only effect such transfers: (a) after taking organizational, contractual and legal measures to ensure that your personal data is adequately protected and processed as reasonably required for the purposes outlined in this notice under Article 46 of GDPR, or (b) in limited circumstances, on the basis of the derogations under Article 49 of GDPR.

Data security

We have put in place appropriate security measures to prevent your personal data from being lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Protection Officer (see ‘Data Protection Officer’ section below).

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

How long will we use your information for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the applicable legal requirements and the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.

In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current so please keep us informed if your personal data changes during your business relationship with us.

Your rights in connection with personal data

You have the right to:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to another party.

If you want to review, verify, correct or, under certain circumstances as provided by law request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact our Data Protection Officer at dpoctm@ctmmc.com

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.

What we may need from you?

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact our Data Protection Officer. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so at law.

Data Privacy Officer

We have appointed a Data Privacy Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the Data Protection Officer at the following e-mail address: dpoctm@ctmmc.com

Alternatively, you may send your written comments, inquiries or concerns to:

C Transport Maritime S.A.M.
Gildo Pastor Center – 7, rue du Gabian
MC 98000 Monaco

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.

Privacy Notice for Job Applicants

What is the purpose of this document?

This privacy notice applies to prospective employees, interns and contractors of C Transport Maritime S.A.M. (“CTM” or “we”). This privacy notice describes how we collect and use personal data about you during the recruitment process, in accordance with the General Data Protection Regulation (“GDPR”). Individuals who are successful in their application for employment, internship or engagement as a contractor, will receive a separate privacy notice.

The data controller of your personal data is CTM. This means that CTM is responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of how we collect and use personal data about you as well as other information contained in this privacy notice.

This notice does not form part of any contract of employment or other contract to provide services. We may update this notice from time to time.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are aware of how and why we are using such information.

Data protection principles

In compliance with applicable data protection laws, CTM commits that the personal data we hold about you must be:

  1. Used lawfully, fairly and in a transparent way;
  2. Collected only for valid purposes, clearly explained to you and not used in any way that is incompatible with those purposes;
  3. Relevant to the purposes we have told you about and limited only to those purposes;
  4. Accurate and kept up to date to the best of our knowledge (you are required to inform us of changes to your personal data to ensure our records are up to date);
  5. Kept only as long as necessary for the purposes we have told you about;
  6. Kept securely; and
  7. Shared with third parties only as required and relevant to the purposes we have informed you of. When shared with third parties, we will make reasonable efforts to ensure such third parties comply with GDPR.

The kind of information we hold about you

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are “special categories” of more sensitive personal data which require a higher level of protection. We will collect, store, and use the following categories of personal data about you:

  • Name and surname
  • Contact details
  • Documents verifying educational background
  • Professional qualifications
  • Previous employment
  • References
  • Interview records, results of interviews and assessments
  • Other information that you have included in your CV or cover letter or shared with as part of the application process
  • background checks
  • reports from headhunters

How is your personal data collected?

Most of your personal data is provided directly by you; however, we may also collect personal data indirectly through an employment agency, former employers or schools, or background check provider.

Purposes for which we will use your personal data and legal basis for processing

We will only process your personal data when and to the extent that the law allows us to. We need all the categories of information in the list above primarily to allow us to enter into a contract with you at your request and to enable us to comply with legal obligations. In some cases we may use your personal data to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights are protected and do not override those interests. The situations in which we will process your personal data are listed below.

Personnel management

  • Evaluating internal and external job applicants
  • Ensuring you are legally entitled to work in your place of employment
  • Making job offers

CTM may process your personal data by using both automated processing and hard copies.

If you fail to provide personal data

Failure to provide us the information requested (which is limited to what required for the above purposes) may negatively affect your chances of being selected for any potential employment, engagement or internship.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so and, if required, we will request your consent prior to doing so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where and to the extent this is required or permitted by law.

How we use special categories of personal data

For the purposes of recruitment, personal data regarding health data may be processed only as strictly required and as permitted or required by local law for the purposes of making adjustments to the recruitment process, for assessing eligibility for positions and fitness to work and provision of facilities in the workplace to accommodate health problems.

We will only collect, store and use this type of personal data when justified. We may only process special categories of personal data in the following circumstances:

  • In limited circumstances, with your explicit written consent.
  • Where we need to carry out our legal obligations or exercise rights in connection with employment.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your vital interests (or someone else’s vital interests) and you are not capable of giving your consent.

Do we need your consent?

We do not need your consent if we use special categories of your personal data in accordance with this notice to carry out our legal obligations or exercise specific rights in the field of employment law. In limited circumstances, we may approach you for your written consent to allow us to process certain categories of personal data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of entering into a contract with us that you agree to any request for consent from us.

Information about criminal convictions

We will only collect information about criminal convictions if it is appropriate and where we are legally able to do so. Where appropriate (depending on the nature of the role), we will collect information about criminal behavior, criminal records or proceedings as part of the pre-employment/pre-engagement screening but only for the purposes of ensuring compliance with legal and regulatory obligations and/or to the extent permitted or required by law.

Pre-screening of applicants

We carry out screening for all applicants who we intend to hire on permanent roles and prior to entering into any employment agreement with you, for the purposes of:

  • verifying the information that you provide during the screening/interview process. This will include current/previous employers and educational institutions information verification. No steps will be taken in this respect until you confirm the action can take place.
  • screening you against publicly available or government issued sanctions lists may apply for specific roles. This is to comply with legal and regulatory obligations, to protect CTM’s assets and employees/contractors and specifically to ensure that CTM can comply with anti-money laundering and/or bribery and corruption laws and other regulatory requirements.

Automated Decision Making

Automated decision-making takes place when an electronic system uses personal data to make a decision without human intervention. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.

Data sharing

We may have to share your data with (a) third-party service providers (b) other third parties and (c) authorities, to the extent permitted by law and on a need to know basis.

Which third-parties process my personal data?

The third parties (including contractors and designated agents) which may process some or all of your personal data, as the case may be, are:

  • Third parties carrying out reference and background checks on behalf of CTM
  • Manning agents
  • Building and security service administrators
  • Judicial authorities or regulatory bodies

How secure is your information with third-party service providers?

CTM requests third-party service providers to assure CTM that they take appropriate security measures to protect your personal data in line with our policies. CTM requests its third-party service providers assurance they will not use your personal data for their own purposes but will only process your personal data for specified purposes and in accordance with our instructions and will retain your personal data only as long as required for said purpose in accordance with legal requirements.

Transferring information outside the EU

We may transfer the personal data we collect about you to third parties not established in the European Union nor in a country for which the European Commission has issued an adequacy decision. This means these countries to which we transfer your data are not deemed to provide an adequate level of protection for your personal data. As a result, we will only effect such transfers (a) after taking organizational, contractual and legal measures to ensure that your personal data is adequately protected and processed as reasonably required for the purposes outlined in this notice under Article 46 of GDPR or (b) on limited circumstances, on the basis of the derogations under Article 49 of GDPR.

Data Security

We have put in place appropriate security measures to prevent your personal data from being lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Protection Manager.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data Retention

How long will we use your information for?

We will only retain your personal data for 2 years after the completion of the assessment or recruitment process unless we have a legal or regulatory reason to keep it longer.

If your application is successful, we will keep your personal data collected during the recruitment process and we will process it in accordance with the relevant privacy notice which will be provided to you upon commencement of your employment, internship or engagement.

Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. You are required to keep us informed if your personal data changes during your working relationship with us.

Your rights in connection with personal data

You have the right to:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to another party.

If you want to review, verify, correct or, under certain circumstances as provided by law request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact our Data Protection Officer at dpoctm@ctmmc.com

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact our Data Protection Officer. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Data Privacy Officer

We have appointed a Data Privacy Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the Data Protection Officer at the following e-mail address: dpoctm@ctmmc.com

Alternatively, you may send your written comments, inquiries or concerns to:

C Transport Maritime S.A.M.
Gildo Pastor Center – 7, rue du Gabian
MC 98000 Monaco

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.