DATA PROTECTION POLICIES & HOW WE HANDLE YOUR DATA
We need to make sure your data is secure, and protecting it is one of our most important responsibilities. We’re committed to being transparent about our security practices and helping you understand our approach.
We are also committed to GDPR and want to make sure that you understand why we have your data and what we do with it.
To help with this, we created this FAQ section to better explain how we handle your data.
What is GDPR?
The General Data Protection Regulation, or GDPR, is a European Union regulation that establishes a framework for handling and protecting the personal data of EU residents. It replaces the Data Protection Directive as of 25 May 2018.
In summary, there are six key principles of GDPR:
Lawfulness, fairness and transparency.
Collected for specified, explicit and legitimate purposes.
Adequate, relevant and limited to what is necessary.
Accurate and, where necessary, kept up to date.
Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
Processed in a manner that ensures appropriate security of the personal data.
We at MARINE MASTERS have a legal obligation to adhere to these principles and we work with our customers to ensure that you remain in control of your own data.
Similar to the Data Protection Act, GDPR defines the roles of each party and this is important for our customers to understand:
Data Subject: This is you. If you join us as a member and complete our membership forms, engage our services to deliver a course, consult on a project or we are completing an inspection on behalf of another organisation, it means you are a customer and we hold your data.
Data Controller: This is MARINE MASTERS, we are ultimately responsible for your data if WE collect it in connection with delivering or providing a service directly to you or if the data is collected BY US for the purposes of completing a service on behalf of a third party.
Data Processor: This is JOTFORM Inc. and/or WIX.COM or WORLDPAY (card processing) as they all process your data on behalf of MARINE MASTERS in accordance with GDPR best practice if you complete any of our on line forms (JOTFORMS Inc) or purchase anything through our website (WIX.COM) and/or process a payment through our website (WORLDPAY).
Once the organisations listed above have taken the data they require and processed it they become responsible for securing that data as per their own policies.
Lastly, we should also explain by what is meant by “personal data” and “sensitive personal data”.
Personal data: This is any data that can be attributed to you. For example, your phone number or email address would be classed as “personal data”.
Sensitive personal data: This is one of the following types of personal data that can be attributed to you:
racial or ethnic origin
religious or philosophical beliefs
trade union membership
genetic data, biometric data
sex life or sexual orientation
Is marine masters a data processor or a data controller?
We are both - we process the data you provide us for the purposes of ensuring you can use our facilities safely, we can deliver a course, consultancy or a service (including those for third parties).
However, we use a third party provider called JOTFORM Inc. who process things like our MEMBERSHIP FORMS, JOB APPLICATIONS and DATA COLLECTION for services such as inspections.
We also use a company called WIX.COM who handle all our website data, customer forms and information you may provide via our website.
All online PAYMENTS are processed by WORLDPAY and they are responsible for processing your PAYMENT DETAILS which we do not receive or handle if you make a payment online we simply receive the actual payment from WORLDPAY.
Where does activities away store my data?
Any data submitted online is stored either by wix.com or JOTFORM who are the providers of our web sites and on one forms.
Do you share my data with anyone else?
No - the only people we would ever share your data with is the emergency services on request if it was appropriate to do so to enable correct medical care to be given to you following an incident or for your 'in case of emergency' contact to be contacted.
We will provide any data requested by the appropriate security or government departments if asked to do so, but we will only do this is they have a legal basis for requesting any information and have applied through the correct channels.
Who has access to my personal data?
Users with the correct permissions within MARINE MASTERS will have access to your personal data.
We restrict this access to managers of the business, so they may access your data if required in an emergency.
Some of our staff may have view access to your data on a day to day basis so they can check your membership status and/or edit things like you membership number or may any changes to your file that you request.
Who has access to my sensitive personal data?
No one - we do not collect this type of data on our systems.
We do ask that you record any relevant medical details on your membership card when it is issued to you, this remains your property and leaves site with you at the end of every visit. Obviously it is viewable by staff when they are processing your card for the purposes of signing you into our lake.
This is a necessary part of our safety system and we are sorry but if you do not want to hand your card over so we can identify you if you have an issue while with us, we are unable to accept your application for membership at this time.
How can I see my personal data?
You can request a copy of your data held on either our WIX account or our JOTFORM account at any time, we will take a screen shot and send it to you on request.
If there is a mistake or I need to make changes, how do I go about doing it?
You simply contact us to request a change, this can be done in person at the centre when you visit or if you are happy to do so you can email your request to us, we will action this and your email will be removed from our system as soon as we have carried out the change.
What happens to my data if I decide to stop using your services?
Your data will remain on our system until we no longer need it to deliver the service you require.
You can request your data to be removed at any time and we will do this within 30 days of the request and confirm it has been done.
What about my right to be forgotten?
You can request for ALL of your data on ALL of our systems to be TOTALLY REMOVED at any time.
Obviously if you request this you will not be able to use our facilities and will need to resubmit a new application before you can resume activities.
If you request to be totally removed from our systems we promise to do this within 30 days of the request.
We ask that you return your membership card to us so this can be destroyed.
I have more questions about my data, who can I contact?
The DPO for marine masters is in charge of your data and their details are shown below -
Marine Masters - 74a Thorpe Lane - South Hykeham - Lincoln LN6 9N
I have questions for Marine Masters, how do I contact you?
We love hearing from our customers and you can contact us by emailing: firstname.lastname@example.org