CIRM Privacy Policy

1. Who is responsible for your data

References in this Privacy Policy to “CIRM”, “we”, “us” or “our” mean Comité International Radio-Maritime, a company registered in England and Wales with registration no 02494458 and registered office at 202 Lambeth Road, London, SE1 7JW.

This Privacy Policy applies to the personal data that CIRM collects and uses. CIRM controls the ways personal data is collected and the purposes for which personal data is used by CIRM and is the “data controller” for the purposes of the UK Data Protection Act 1998 and European data protection legislation.

2. Personal data we collect about you

When using the term “personal data” in our Privacy Policy, we mean information that relates to you and which allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include your name, your contact details, information relating to your CIRM membership or information on how you use our website or how you interact with CIRM.

2.1 Sensitive personal data

By providing any sensitive personal data you explicitly agree that we may collect and use it to provide our services and in accordance with this Privacy Policy.

3. How and why we use your personal data

We use your personal data for the following purposes:

• To provide our services to you: for example, to issue your ‘MyCIRM’ access details;
• To communicate with you and manage our relationship with you: for example, add you to appropriate working group email distribution lists and contact you directly about matters that relate to your membership of CIRM and the areas of interest that you indicated in the membership application form;
• To improve our services, fulfil our administrative purposes and protect our business interests: for example: accounting, billing and legal purposes.

PLEASE NOTE: To change or remove your membership of any CIRM distribution list, send an email to the CIRM Secretariat detailing the required changes.

4. Individual’s rights and Subject Access Requests

You have a right to request access to the personal data that we hold about you. A Subject Access Request (SAR) is a written request made by or on behalf of an individual for the information which he or she is entitled to ask for. On request, CIRM will:

• list what information is held on an individual (the right to be informed);
• provide all information held on an individual (the right of access);
• amend the information held on an individual (the right to rectification);
• delete information held on an individual (the right to erasure);
• suppress processing of information held on an individual (the right to restrict processing);
• provide a file containing the information held on an individual, in a commonly used format such as comma separated value (.csv), Excel (.xsl), or plain text (.txt) (the right to data portability);
• respond to objections regarding information held on an individual, and act as appropriate (the right to object).

SARs should be sent to the CIRM Secretariat. CIRM will deal with SARs within a month of the request being received. A refusal or charge will be made for requests that are clearly unfounded or excessive. If a request is refused, the individual will be told why and that they have the right to complain to the supervisory authority and to a judicial remedy.

Regarding the right not to be subject to automated decision-making including profiling, CIRM does not use any automated decision-making or profiling systems.

5. Security of your personal data

We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to personal data.

The information that you provide to us is held in our systems, which are located on our premises and those of third parties appointed by CIRM.

We will never disclose your personal data to third parties without your specific consent.

We will retain your personal data for as long as we need it to fulfil the purposes set out in this Privacy Policy or to comply with the law.

6. Cookies or other tracking technologies

Cookies are small pieces of information stored by your browser on your computer's hard drive. They enable you to navigate on our website and allow us to provide features such as remembering aspects of your last visit to our website to make subsequent visits faster. You can delete cookies if you wish.

To improve our services, to provide you with more relevant content and to analyse how visitors use our website we use Third-Party cookies (Google Analytics). Please be aware that we will not be able to directly identify you from the information we collect using these cookies.

7. Updates to the CIRM Privacy Policy

We may make changes to this Privacy Policy from time to time, particularly as required by the European data protection legislation which will apply from 25 May 2018 (the “General Data Protection Regulation”). We will update and publish any new version of this Policy on our website.

8. Contact information

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to the CIRM Secretariat.