Published: July 2018
Author: UK Chamber of Shipping
The purposes of this guidance document, produced by the UK Chamber of Shipping with Hill Dickinson LLP, are:
to summarise the key points of the General Data Protection Regulation (GDPR);
to identify the main areas where shipping companies will be affected by it; and
to advise companies on the most effective and efficient ways to familiarise themselves with the new rules and then to determine how to best implement them.
The document defines GDPR terminology and lists the types and sources of personal data and how it should be processed. It also describes the role and responsibilities of the Data Controller and the Company Data Protection Officer.
Guidance is also provided on the strict provisions relating to transfer of personal data to ‘third countries’ and those outside the EU. This is particularly relevant in the offshore industry where crew are transferred from one site to another and to and from a multitude of jurisdictions where their personal data will follow.
Finally, the publication sets out an ‘Action Plan for Companies’, describing suggested stages for a company to implement GDPR and verify compliance.