I. General Information on Data Protection

1. Information about the Data Controller

The data controller responsible for processing personal data is:

InterMaritime Shipmanagement Limited
142 Franklin Roosevelt
3011 Limassol
Cyprus
+357 25 584 000

We attach particular importance to protecting your personal data. Your personal data is processed in accordance with the data protection regulations, in particular the General Data Protection Regulation of the European Union (GDPR).

This policy provides an overview of the nature, extent, and purpose of collecting and processing personal data. Personal data means any information relating to an identified or identifiable natural person, such as your name, address, email address, or IP address.

For any questions regarding the processing of your personal data, please use the contact details above or contact our data protection representative at [email protected].

2. Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds:

  • Consent (Art. 6(1)(a) GDPR): Where you have given us your explicit consent for the processing of your personal data for a specific purpose (e.g., responding to a contact form inquiry). You can withdraw this consent at any time.
  • Performance of a Contract (Art. 6(1)(b) GDPR): For the processing required to perform a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation (Art. 6(1)(c) GDPR): Where processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate Interests (Art. 6(1)(f) GDPR): Where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. This includes, for example, analysing website traffic to improve our services.

3. Data Deletion and Storage Period

Your personal data will be deleted as soon as the purpose for storage no longer applies. Data may be stored for longer periods if required by European or national laws, regulations, or other provisions to which we are subject (e.g., statutory retention periods).

4. Your Data Protection Rights (GDPR)

You have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): The right to obtain confirmation as to whether or not personal data concerning you is being processed, and where that is the case, access to the personal data.
  • Right to Rectification (Art. 16 GDPR): The right to obtain the correction of inaccurate personal data concerning you.
  • Right to Erasure (‘Right to be Forgotten’) (Art. 17 GDPR): The right to obtain the erasure of your personal data without undue delay, provided there are no legal obligations for us to retain it.
  • Right to Restriction of Processing (Art. 18 GDPR): The right to obtain restriction of processing of your data.
  • Right to Data Portability (Art. 20 GDPR): The right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format.
  • Right to Object (Art. 21 GDPR): The right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is based on legitimate interests (Art. 6(1)(f) GDPR).
  • Right to Withdraw Consent (Art. 7(3) GDPR): The right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint (Art. 77 GDPR): The right to lodge a complaint with a supervisory authority.

To exercise these rights, please contact us using the details provided in Section I.1.

5. Data Security

We deploy technical and organisational security measures to adequately protect the data you have made available to us from being unintentionally or intentionally manipulated, lost, destroyed, or accessed by unauthorised persons. We use SSL (Secure Socket Layer) encryption for the transmission of data you send to us via our website. An encrypted connection can be recognised when the web address changes from “http://” to “https://” and a padlock symbol is shown in your browser bar.

6. Changes to Our Privacy Policy

We reserve the right to amend this Privacy Policy to ensure that it is always up to date with current legal regulations or to implement changes to our services. The new privacy policy will then take effect on your next visit.

II. Website-Specific Data Processing

1. Provision of the Website and Server Logs

When you visit our website, the device used for accessing the site automatically transmits log data (connection data) to our servers. This is technically necessary to display the website to you. This information consists of:

  • Browser type and version
  • Operating system used
  • Referrer URL (the previously visited page)
  • IP address of the accessing computer
  • Date and time of the server request
  • Name of the file and/or page accessed
  • Amount of data transferred

This data is collected and processed based on our legitimate interest (Art. 6(1)(f) GDPR) to ensure the security and stability of our website, to perform statistical analysis, and to optimise our online presence. The data is not used to draw conclusions about you personally and will be deleted after a short period.

2. Cookies

Our website uses cookies. Cookies are small text files that are stored on your device. Some cookies we use are “session cookies,” which are automatically deleted after your visit. Other cookies remain on your device and allow us to recognise your browser on your next visit (“persistent cookies”).

Cookies that are necessary for the website’s technical operation are used based on our legitimate interest under Art. 6(1)(f) GDPR. All other cookies (e.g., for analytics) are used only with your explicit consent (Art. 6(1)(a) GDPR).

You can configure your browser settings to be informed about the placement of cookies, to decide to accept them on a case-by-case basis, or to prevent the acceptance of cookies for specific cases or in general. Please note that disabling cookies may limit the functionality of our website.

3. Contact Forms and Communication

If you contact us via a contact form on our website or by email, the data you provide (e.g., name, email address, telephone number, and your message) will be stored and processed by us to handle your inquiry and any follow-up questions.

The processing is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for pre-contractual measures. In all other cases, the processing is based on our legitimate interest (Art. 6(1)(f) GDPR) in effectively processing the inquiries addressed to us or on your consent (Art. 6(1)(a) GDPR).

Your data will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been fully processed), provided there are no contrary legal retention obligations.

4. Embedded Content & Links to Third-Party Websites (YouTube)

Our website includes embedded content from other websites, specifically a YouTube video. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

When you play the YouTube video, a connection to YouTube’s servers is established. YouTube (a service of Google LLC) may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, especially if you are logged into a YouTube account. The use of YouTube is in the interest of making our website appealing. This constitutes a legitimate interest pursuant to Art. 6(1)(f) GDPR.

For more information on how YouTube handles user data, please refer to YouTube’s privacy policy: https://www.google.com/intl/en/policies/privacy.

5. Social Media Presence

We maintain an online presence on social networks (e.g., LinkedIn, Facebook) to communicate with clients, interested parties, and users active there and to inform them about our services. When you access these networks and platforms, the terms and conditions and the data processing policies of their respective operators apply.

The processing of users’ personal data on these platforms is based on our legitimate interests in providing effective information and communication with users, pursuant to Art. 6(1)(f) GDPR. When you interact with our social media pages, we may process the data you share with us (e.g., comments, messages).

Please note that user data may be processed outside the European Union. We have no influence on the data collected by the platform operators and their use. For a detailed description of the respective processing and the opt-out possibilities, we refer to the privacy policies of the networks.

6. Children’s Privacy

Our online services are principally addressed to adults. We do not knowingly collect personal information from persons under 16 years of age. Such data may only be provided to us with the explicit consent of a parent or legal guardian (Art. 8 GDPR). If we learn that we have collected personal data from a minor without such consent, we reserve the right to delete the data.

7. Changes to This Privacy Policy

We may update this Privacy Policy to comply with legal requirements or reflect changes in our services. Any changes will be posted on this page with updated effective dates.