Personal Data Protection Policy
GENERAL DATA PROTECTION POLICY
OBJECTIVE
This policy is the guidance for GDPR compliance (EU 2016/679), applies to all staff and is supplementary to Company’s policy related to Cyber Security. Data Protection Officer, has overall responsibility for the day-to-day implementation of this policy.
POLICY
Top Management has approved the General Data Protection Policy.
It is the Policy of the UNITED MARINE EGYPT (UME) to ensure that:
a. Fair and lawful processing is applied to items subject to regulation b. Regulatory and legislative requirements are to be met.
c. Sensitive personal data is protected, secured and handled as per regulation.
d. Personal data processed by Company is accurate, adequate, relevant and not excessive, given the purpose for which it was obtained.
e. Processing of data is in accordance with the individual's rights.
f. Cooperating Third Parties (service providers, producers etc) to be reviewed regarding their General Data Protection Policy and performance
g. All breaches or unauthorized process to be reported to Data Protection Authority within 72 hours.
Guidance and procedures have been produced to support this policy. These include incident handling, information backup, system access, virus controls, passwords and encryption.
The role and responsibility of the designated Data Protection Officer is to manage information security and to provide advice and guidance on implementation of the Cyber Security Policy.
The designated owner of the General data Protection Policy has direct responsibility for maintaining and reviewing the Policy.
All managers are directly responsible for implementing this Policy within their departments.
It is the responsibility of each employee/crew member to adhere to the General Data Protection Policy.