Last updated 26.06.2018
Maritechs primary business consists of distributing software and databases to businesses within the seafood production and exportation field (hereafter “Customer”) pursuant to our Framework Agreement or the terms for the Digital Seafood product. As part of these offered services, Maritech processes personal data about their Customers’ leadership and owners, employees, hired personnel and their contact persons at their clients, transportation services and customers. Maritech processes personal data about these categories of data subjects to the extent the Customer has allocated access to Maritech’s products or services to them (these data subjects are hereafter “End User”).
2. Our Processing
Maritech processes personal data to provide the Customer with the desired product(s) and service(s) as agreed in the agreement between Maritech and the Customer, for statistical purposes for Maritech and to improve the basic and additional services available to Maritech’s Customers and End Users of the User Accounts. Read our standard frame agreement applicable for all our customers here.
To the extent that we process personal data, we follow these principles:
- The processing shall be lawful, fair, transparent and proportionate to the purposes for which the data is collected.
- Your personal data are collected for specified, explicit and legitimate purposes.
- The personal data collected from you shall be accurate and updated, as well as adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- The personal data collected shall be kept in a form which does not allow you to be identified for any longer than what is necessary for the purposes for which the data was collected.
- We have established appropriate technical and organizational security measures, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage.
3. Personal Data
3.1 User Account
Our websites provide End Users with the possibility of creating and using two different user accounts (collectively User Accounts) for the two following purposes:
3.1.1 Cloud Account
When creating a Cloud Account, your information is sent to our third party processors as further described in Section 4 below:
IT Data AS (Adcom)
Microsoft Corporation (Azure)
Your information is only shared with our processors to the extent necessary for us to supply you with the agreed upon service.
3.1.2 Support Account
The websites www.maritech.no and www.maritechseafood.com provide the End User with an User Account, which allows them to register, follow up and administrate complaints or other service requests. When creating an account, our Framework agreement applies.
When creating a Support Account, your information is sent to our third party suppliers (see Section 4):
Your information is only shared with our processors to the extent necessary for us to supply you with the agreed upon service.
3.1.3 General information about the User Accounts
Each Customer can decide who may register as an End User on behalf of the Customer. To create an User Account on www.maritech.no, www.maritechseafood.com or www.digitalseafood.com, you as the End User must provide us with the following data: Your name, email address (which is also your account ID) and a chosen password. Additionally, Maritech may process which Customer the End User is associated with (typically the End User’s employer). These personal data are strictly necessary for us to provide the Customer with the services requested, and our legal basis for performing this processing is Maritech’s fulfillment of an agreement to which the End User is party.
The Customer may choose whether additional personal data from the End User should be uploaded to the user accounts. For instance, whether the End User should register a phone number, additional employment or title information or billing information. Additionally, the End User may use the User Accounts to upload documents and inform us of any new cases needing support or administrate current/ongoing cases. The data the End Users provide to us is considered given to us by the consent from the End User (the action from the End User is the consent). Maritech asks that no additional and unnecessary personal data are revealed or included in these uploads. To the extent personal data may appear in these uploads, Maritech will process these as well as part the fulfillment of the agreement with the Customer. The End User can remove these additional personal data when logged in to their User Account at any time or by contacting us at firstname.lastname@example.org.
The End User acknowledges that user accounts are personal that shall only be used by the End User. If the End User is aware of that any personal data about the End User should be changed, the End User should contact Maritech at email@example.com. The End User shall keep his or her username and password confidential. If the End User discovers that another person may know his or her username or password, then the End User shall contact the Maritech to request a new username or password.
3.2 Maritech cloud apps
If covered by the agreement with the Customer, the End User may be granted access to the Maritech App. When using the Maritech App, the End User must provide their name, email, password and may provide their phone number as well. Additionally, Maritech may process personal data such as the unit’s IP address, MAC address, serial number, IMEI number, IMSI number and device name, browser information and location data.
The Customer’s End Users may contact Maritech in various ways to request support or information. Maritech’s support is part of the agreement with the Customer and our legal basis for processing the End Users personal data is the fulfillment of said agreement. Normally, Maritech will process the End Users name, phone number, email address, employer and title. Any other relevant personal data that the End User chooses to inform Maritech of, may be logged and saved as part of the fulfillment of the agreement between Maritech and the Customer.
If you choose to contact Maritech without an already existing contractual relationship with Maritech, then your active and voluntary submission of personal data via the contact form, email or over the phone are considered consent to the processing necessary to consider your request. If this is the case, you can at any time contact Maritech at firstname.lastname@example.org and require the personal data we store relating to you deleted.
The Customer’s given contact persons or End Users may receive emails with newsletters with promotional material from Maritech. This involves the processing of the receiver’s name, email address and other relevant, customer related, historical data. Such promotional and newsrelated emails will only consist of information relevant to the Customer’s contractual relationship with Maritech, in accordance with the Norwegian Marketing Act § 15. Our communication of newsletters is done with the aid of our subprocessor SuperOffice AS. For more information about our subprocessors, see Section 4 below.
To opt-out of such newsletters, please follow the link in the newsletter you receive from us or contact Maritech at email@example.com.
3.5 Use of Websites
When you use our websites, we may collect your personal data for the purposes of optimizing your user experience, improving the performance of the websites, enhancing the websites’ security, preventing fraud and running statistics. For this purpose, we will use anonymized data to the extent possible. We may still collect your that may be considered personal data: Your IP address, MAC address, browser information and/or geographic location.
For the purpose of enhancing the websites’ security and preventing fraud, it is in our legitimate interest to keep our own, as well as your data, secure and confidential. We have assessed the implications to your privacy rights as a user of our services, and our need and obligation under the GDPR to secure our systems and concluded that we have a legitimate interest in processing personal data if and when it is necessary to ensure the security of our websites and avoid fraud. If you wish to opt-out of being processed under this legal basis, please contact us at firstname.lastname@example.org.
For more information about our websites optimization process and how to turn off cookies to minimize the personal data being processed, please see Section 5 of this Policy. For more information concerning our devotion to security, please see Section 6 of this Policy.
3.6 Legal Obligations
In some cases, we might be under legal obligation to process your personal data, for instance for keeping accounts or bookkeeping, or may have to process personal data as part of an ongoing legal dispute. For such cases, the processing will be limited to what is strictly necessary to comply with the applicable Member State law.
We have established routines for deleting personal data as part of our internal control documentation. If you stop using our services, for instance by deleting your account or removing yourself from our newsletter list, we will delete or anonymize the personal data relating you as soon as possible and latest within 12 months, unless we have legal basis for storing it longer.
4. Our Processors
To aid us in our processing of personal data, we use processors.
If the End User chooses to acquire products or services, which are supplied by third parties, through any of the Maritech products or services, then the End User or the Company in question are encouraging to verify the third party’s policy for processing personal data and will not be held accountable for the third party’s processing. The third party is not a processor to Maritech seeing as an agreement is entered into directly between the Company and the third party.
The following process personal data on our behalf:
Microsoft Corporation, with registered business address One Microsoft Way, Redmond, WA 98052, U.S.A. Microsoft provides Maritech with their product Azure, which consists of servers for our End Users cloud account. Maritech stores personal data from End Users to fulfill our contractual obligations to our Customers. This may be data related to a User Account, or data relating to our other products and services. These are located on servers in Ireland. If your personal data stems from within the EU/EEA, this personal data does not leave the EU/EEA.
IT Data AS (Adcom), with org.nr. 966 946 873 and registered business address Fabrikkveien 13, 6415 Molde, Norway. This processor provides Maritech with cloud based storage using servers located in Norway at the server center Troll Housing. Maritech stores personal data from End Users to fulfill our contractual obligations to our Customers. This may be data related to a User Account, or data relating to our other products and services. If your personal data stems from within the EU/EEA, this personal data does not leave the EU/EEA.
SuperOffice AS, with org.no. 956 753 104 and registered business address Wergelandsveien 27, 0167 Oslo, Norge. This processor provides Maritech with the service SuperOffice CRM Online Service. This aids Maritech with sales support, issuing newsletters to our Customers and allows the Customer to register, follow up and administrate support requests via their User Accounts.
We have data processor agreements in place with our processors in accordance with the GDPR.
5. Your Rights
As a user of our websites and systems and to the extent that we might process your personal data as described under Section 3, you have rights concerning this data in accordance with the GDPR.
You may revoke a given consent to processing of your personal data at any time. If you wish to revoke your consent, please contact us at email@example.com. Revoking your consent does not affect the legality of processing taking place before the consent is revoked.
As a user of our websites, you have the right to request access to your personal data in accordance with the GDPR Article 15, rectification of your personal data in accordance with the GDPR 16, erasure of your personal data in accordance with the GDPR Article 17 or restriction of processing concerning yourself in accordance with the GDPR Article 18. If the conditions in the GDPR Article 20 are met, you also have the right to data portability.
If you believe Maritech’s processing of personal data does not comply with the relevant provisions on privacy and personal data, you may make an official complaint to the Norwegian data protection authority (Datatilsynet).
A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information back from the browser.
For statistical purposes, to see how many users we have and which parts of the websites they visit. We collect information such as geographic location, type of web-browser etc. to customize our websites to give the user a more personalized experience.
It is possible to switch off cookies by adjusting your browser settings.
6.2 The Cookies we use
|cookieconsent_status||Stores status of cookie consent. Used to prevent cookie dialog from appearing after you clicked close.||1 year|
|_gat||Used to limit the amount of calls to Google Analytics||Google Analytics||1 minute|
|_gid||Used by Google Analytics to distinguish between different users.||Google Analytics||24 hours|
6.3 Deleting Cookies
Previously accepted cookies may be deleted. If you are using a PC with a newer browser, you can delete or manage your cookies by using the keyboard shortcut: CTRL + SHIFT + Delete. If this does not work and/or you are using a MAC, please follow the instructions on the links below for the appropriate browser. Turning cookies off may result in a loss of functionality when using our website.
- Internet Explorer
- Mozilla Firefox
- Google Chrome
- Flash cookies (all browsers)
- iPhone, iPad and anything else from Apple
- Phones with Android operating system
- Phones with Windows 7
Note: If you are using multiple browser, you must delete cookies for each browser.
We have implemented appropriate technical and organizational security measures to ensure that our processing of data is secure, whether it be your personal data or non-personal data.
Our organizational measures consist of established internal control systems and routines that all personnel authorized to process data on our behalf must abide by. We have also entered into data processor agreements in accordance with the GDPR with all our subcontractors that process personal data on our behalf. We furthermore require that these subcontractors implement appropriate technical and organizational security measures, such as using encryption when sending data.
Our technical security measures, such as, where applicable, pseudonymisation, anonymization and encryption, help ensure that data are kept secure. We have also implemented measures to ensure the ongoing confidentiality, integrity, availability and resistance of our processing systems. These systems and services are regularly tested and assessed to evaluate the effectiveness of our implemented measures.
8. Contact information
If you have any requests concerning your personal data or any enquiries regarding this Policy, please contact us by sending us email to the following address: firstname.lastname@example.org
Alternatively, the End User or Customer may contact their Administrator or given contact person pursuant to the agreement between the Customer and Maritech.