Elliott Ave, Parkville VIC 3052, Melbourne+370 698 06093info@pavlogistics.com
+370 698 06093info@pavlogistics.com
Get a Quote
Home
About US
Services
Contact Us
Disclaimer
Code of conducts
Terms and conditions
Privacy policy
Emailinfo@pavlogistics.com
Phone number+ 370 698 06093
Get a Quote
img
PAV

Privacy Policy

Privacy Policy

NMT International Shipping B.V. and its offices around the world respect your privacy. Privacy and the protection of your personal data is important to NMT and we are committed to protecting the availability, integrity and confidentiality of your personal data. This Privacy Policy outlines your rights to privacy and our commitment to safeguarding personal data. It is meant to help you understand how we process and protect your personal data. “Personal data” means any data which can be used to identify an individual, either on its own or together with other data. This term is widely defined and could include simple login details, e-mails, website browsing histories, HR records etc.

Controller

NMT International Shipping B.V. and all its global entities/offices process personal data as an employer, as a supplier of services, for marketing purposes and in connection with visits to this website.
The Controller of your personal data is ENPIRE Łukasz Wojciechowski (ul. Toruńska 151, 85-800 Bydgoszcz). As a responsible organization, which is aware that information has a certain value and is a resource that requires proper protection, we intend to inform you appropriately about issues related to the processing of your personal data, particularly as regards the content of the new regulations on personal data protection, including the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). Due to this reason, we present in this document the key information on legal bases of the processing of personal data, methods of its gathering and using, as well as the rights of entities they apply to. ENPIRE Łukasz Wojciechowski appointed the Data Protection Supervisor who can be contacted by writing to the following e-mail: iod@enpire.pl. When processing personal data, we follow the laws concerning data protection. Personal data are collected and processed in the way and based on the principles specified in this Policy.

In ENPIRE Łukasz Wojciechowski, we place particular emphasis on protection of privacy of our clients, contracting parties, employees and co-workers. One of its key aspects is protection of rights and freedoms of natural persons in relation to the processing of their personal data. We make sure that the processing of your personal data is performed in compliance with the Regulation of the European Parliament and of the Council 2016/679/EC (hereinafter called the GDPR), the law on protection of personal data, as well as special regulations (contained in the labor law and the accounting law). ENPIRE Łukasz Wojciechowski is the Controller of personal data pursuant to art. 4, sec. 7 of the GDPR, using also services of the processors, specified in art. 4 sec. 8 of the GDPR – they process personal data on behalf of the Controller (they include IT companies, law firms, security companies). ENPIRE Łukasz Wojciechowski implements appropriate technical and organizational measures, in order to secure the level of safety corresponding with the possible risk of violation of rights and freedoms of natural persons with a varying probability of occurrence and scale of threat. Our activities concerning protection of personal data are based on policies and procedures accepted, as well as regular training broadening knowledge and competencies of our employees and co-workers. The joint controller of your personal data is a company operating within the group of companies:
ENPIRE sp. z o.o. ul. Toruńska 151, 85-880 Bydgoszcz.

As controller, the NMT group processes personal data for the following main purposes:

1. Human resourcesr

The NMT group processes personal information as part of human resources management. Personal data relating to vacant positions and applications will be deleted one year after you applied for employment with the NMT group, unless you are employed or explicit consent for further storage is given.

2. Customer and supplier information

The NMT group processes personal data regarding customers and suppliers as well as any third parties required for the performance of contractual obligations. This personal information may be exchanged between the various legal entities/offices within the NMT group, but will not be disclosed to other businesses, unless otherwise stated.

The information being processed is contact information for customers and suppliers. Personal data is stored in a separate database and deleted seven years after completion of the customer relationship.

3. Marketing

The NMT group processes personal data for marketing purposes. This personal information may be exchanged between the various legal entities/offices within the NMT group, but will not be disclosed to other businesses.

The NMT group processes contact information of potential customers. The information is obtained from publicly available sources, such as the websites of companies, or from direct contact with the company in question. The purpose of this processing of personal data is to promote marketing for our services and coordinate this marketing effort. We may use the e-mail address to send you information and updates pertaining your shipping order. It may also be used to respond to your inquiries, questions and/or other requests. If you decide to opt-in to our NMT news clip, You will receive e-mails that may include company news about shipments, services, offices or other information. If at any time you would like to unsubscribe from receiving future e-mails, we include a detailed unsubscribe instructions at the bottom of these promotional e-mails, or you may contact us via our website.

The NMT group has a well-founded interest in contacting potential customers in order to promote our services, and in our opinion this interest is not overridden by the interests of the data subject. Reference is here made to the fact that we only process contact information relating to the data subjects position at his/her employer. Personal data relating to potential customers will be deleted within one year after they were added to the database, unless a customer relationship is established - or consent to further storage is given.

Like most websites, nmtshipping.comuses cookies. A cookie is a small file of numbers and letters that is saved in your browser. The cookies cannot identify you. We at nmtshipping.com uses session, persistent and third part cookies for statistical purposes and to optimize our service. In most browsers you can accept or reject all, or certain, cookies. If you continue to use nmtshipping.com you accept our use of cookies.By visiting or using our Site, you agree to the provisions of this privacy policy. If you do not agree to the terms of this Policy, please do not use this Site.

4. Other purposes

The NMT group may also use personal data for other additional purposes. Any such purposes will be identified at the time of collection and we will inform you of the purpose of the processing in accordance with applicable law requirements.

Data protection

We take data protection seriously and have adopted appropriate security measures to protect your personal data against loss, misuse, unauthorized access, theft, alteration, disclosure or destruction. We will restrict access to your personal data to those who have a legitimate need for such access.

In order to maintain safety of personal data processed by our companies, which have capital, personal and organizational ties, and also to assure high quality of services provided by us, we have accepted a model of joint control of data. Joint controllers ensure strict compliance with the laws concerning privacy of users and protection of their personal data. Joint controllers ensure sufficient warranties to implement appropriate technical and organizational measures, in order to make sure that the processing meets the requirements of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”) and protects the rights of the people who are data subjects. All companies apply the same Privacy Policy. Based on it, we control the personal data adhering to the laws, including in particular regulations concerning protection of personal data and safety requirements. Each of the joint controllers is severely liable for all violations related to the processing of personal data. The person who is a data subject can file a claim to the selected joint controller, who will be obliged to repair the damage, even when it was caused by a different joint controller.

Personal data provided by you will be processed for the following purposes:

  • Conclusion and performance of the contract of carriage based on art. 38 sec. 1 and 2 and art. 50 of the Act of November 15, 1984 of the Transport Law or art. 6 and 7 of the Convention on the Contract for the International Carriage of Goods, and art. 6 sec. 1 letter b and letter f of the GDPR,
  • Fulfilment of the legal obligation by the Controller pursuant to art. 6 sec. 1. letter. c of the GDPR,
  • Conducting marketing activities with the use of electronic communication means, art. 6 sec. 1 letter a of the GDPR,
  • Securing the claims, art. 6 sec. 1 letter f of the GDPR and undertaking activities related to debt recovery procedure,
  • Establishing of a contact based on art. 6 sec. 1 letter f of the GDPR as a legitimate interest pursued by the Controller (email, contact forms)
  • Claim submission process – art. 6 sec.1 letters b and c,
  • Legitimate interest pursued by the Controller – art. 6 sec. 1 letter f of the GDPR.

We forward your personal data to third parties with your consent or when we are obligated to do so – based on legal regulations. We do not make automated decisions regarding your personal data.

The NMT group will provide training to employees and third parties where relevant to promote awareness of the group’s policy surrounding data protection. The NMT group complies with legal requirements and avoids unacceptable legal risks.

Principles that guide us during the processing of your personal data

  • We act with diligence in order to protect interests of the people who are data subjects; in particular, we make sure that such data are: processed in accordance with the law, reliably and transparently for the data subjects;
  • collected for specific, clear and legitimate purposes and not processed further in a way that is not compliant with these purposes;
  • adequate, appropriate and limited to what is necessary to achieve the objectives for which they are processed;
  • accurate and updated when needed. We undertake activities to immediately erase or rectify personal data which are inaccurate in the light of the purposes of their processing;
  • stored in the way that makes possible identification of a person who is the data subject for a period no longer than it is necessary to fulfil the purposes of processing;
  • processing in the way ensuring proper safety of personal data, including protection against unauthorized or illegitimate processing and accidental loss or damage.

We usually process your personal data based on a consent, which can be withdrawn anytime. A different case is when the processing of your personal data is necessary to perform a contract to which you are a party or to undertake activities at your request, even before concluding a contract. In some cases, processing is necessary to fulfil the legal obligation by the Controller. Such obligations result from, for instance, the labor law and the accounting law. Processing may also be necessary for the purposes resulting from our legitimate interests; one of the examples is pursuing claims related to business activity of our company.

Exchange and transfer

We may share your information within the NMT group as well as with third parties to the extent necessary for the purposes described above.

Retention of personal data

necessary for the purposes described above. When storage is no longer necessary, we will delete, destruct or anonymize the relevant personal data.

Your rights

The NMT group's processing of personal data is governed by the GDPR (General Data Protection Regulation, EU, 2016/679 of the European Parliament and Council of 27 April 2016. Your rights relating to our processing of personal data are listed, inter alia, in chapter III of the GDPR.

We undertake appropriate measures in order to provide to you all applicable information in a concise, transparent, understandable and easily accessible way, and to handle all communication with you with regard to processing of your personal data related to exercising of the following rights you are entitled to:

  • information provided during collection of personal data;
  • information provided upon request – regarding cases when personal data are processed and other issues specified in art. 15 of the GDPR, including the right to copy data;
  • rectify data;
  • be forgotten;
  • limit processing;
  • transfer data;
  • raise an objection;
  • not be subject to decision based exclusively on automated processing (including profiling);
  • information about violation on data protection.
In addition, when your personal data are processed based on consent, you have the right to withdraw it. The consent can be withdrawn anytime, not affecting the legitimacy of processing before its withdrawal. In order to contact us regarding exercising any of the rights, please email us at iod@enpire.pl or send a letter to the following address: ul. Toruńska 151, 88-850 Bydgoszcz. Safety of your data is our top priority; however, when you decide that during processing of your data we violate the GDPR regulations, you have the right to lodge a complaint to the President of the Personal Data Protection Office.

You have the right to request access to the personal data that is being processed on your behalf and to request deletion or correction of inaccurate or incomplete personal data in accordance with applicable law requirements.

You have the right to lodge a complaint with your national data protection supervisory authority, or the Dutch Data Protection Agency. The contact information for the Dutch Data Protection Agency is as follows;

Dutch Data Protection Agency (Autoriteit Persoonsgegevens)
Address: Postbus 93374 (P.O. Box 93374) 2509 AJ Den Haag, Netherlands
Telephone: +31 88 1805250

Data Protection Officer

NMT group has its own privacy representative who assists with guidance so that personal information is processed in accordance with the GDPR. Requests for access, rectification and erasure, as well as reports of security breaches, are handled by the data protection officer.

How will we contact you?

We provide information in writing or in a different way, including – when appropriate – by e-mail. When you request it, we can provide information verbally, when we are able to verify your identity in another way. When you provide your request by e-mail, where possible, information will be also provided by e-mail, unless you indicate to us a different, preferred form of communication.

When will we comply with your request?

We try to provide information immediately – basically within a month from receiving a request. When needed, this period can be extended by another two months depending on the complexity of request. However, in every case, within a month from receiving the request, we will inform you about activities undertaken and (in appropriate cases) about extension of the deadline, giving the reason for such delay.

Subcontractors / processors

We can forward your personal data to companies or other trustworthy business partners who provide services on our behalf; for example, to secure technical support, to assess usefulness of website for marketing purposes or a different way to make the service available. When we cooperate with companies which on our behalf process personal data, we use exclusively services of processors that ensure sufficient warranties to implement appropriate technical and organizational measures, in order to make sure that the processing of personal data meets the requirements of the GDPR and protects the rights of the people who are data subjects. We verify in detail companies to which we entrust processing of your data. We conclude with them detailed agreements and perform periodic inspections of the compliance of processing operations with the content of such agreement and legal regulations. Your personal data can be also received by: a. entities and bodies authorized to process personal data based on legal regulations, banks in order to perform settlement of accounts, b. institutions providing additional financing for the purpose of performance of a contract concluded with the Controller, c. entities cooperating within marketing campaigns, d. entities providing transport and loading services, e. customs agencies, f. platforms for exchange of information between carriers, g. entities and bodies authorized to process personal data h. entities ensuring delivery of software, i. entities providing IT services, j. law firms, k. the owner of the social media portal Facebook on the principles not affected by changes regarding data specified by Facebook available at https://www.facebook.com/about/privacy. Personal data provided by you can be forwarded to entities having their place of business outside the European Economic Area (EEA), i.e. in third countries. In regard to these countries, no decision was issued by the European Commission confirming that these states ensure a proper level of protection within the meaning of the European regulations concerning data protection.

How do we protect processing of your personal data?

In order to meet the legal requirements, we have prepared detailed procedures involving the following issues:
  • protection of personal data by design and data protection by default;
  • data protection impact assessment;
  • notification of violations;
  • keeping register for data processing activities;
  • data retention;
  • exercising of rights by the people who are data subjects.
We verify and update on regular basis our documentation, in order to indicate meeting of legal requirements in accordance with the accountability principle specified in the GDPR, but also in order to take into consideration interests of the people who are data subjects, we try to incorporate the best market practices.

Data retention

We store personal data in the form making possible identification of a person to whom such data apply, for a period that is no longer than it is necessary for the purposes for which such data are processed. After expiration of this period, we anonymize data (depriving them of features making possible identification of a specific person) or delete them. In the retention procedure, we ensure limitation of the period for personal data storage to the strict minimum. We specify the period of data processing in the first order based on legal regulations (e.g. time of storing employee documentation, accounting documents), as well as legitimate interests of the Controller (e.g. marketing activities). The retention policy includes data processed both on paper and online.

Authorizations

We ensure that every person acting on our behalf within authorization, having access to your personal data, processed it exclusively at our request, unless other requirements result from EU laws or the laws of a member state.

Cookies

The policy of using cookie files (cookies) by service. a) The cookie files (cookies) are small pieces of data, in particular text files, which are stored on the terminal equipment of the Service User and designed to use websites of the Service. Cookies usually contain the name of the website, from which they derive, time of their storage on the terminal equipment and their unique identifier. b) The entity that places cookies on the terminal equipment of the Service User and having access to them is the service owner. c) The cookie mechanism is not used to collect any information about service users or to track their navigation. Cookies used in the service do not store any personal data or information collected from user, and are used for statistical purposes. d) Default software used to view websites (browser) allows to support cookies on the User’s equipment, on which it is activated. In the majority of cases, software in this area can be configured independently, including forcing automatic blocking of cookie files. The issues related to configuration of cookie support are located in software settings (Internet browsers). It is necessary to bear in mind that settings of limitations related to cookie support can impact operation of some service functions. e) Cookie files are used for the purpose of adjustment of the content of Service websites to User’s preferences and optimization of website use; in particular, these files allow to recognize Service User’s equipment and display properly the website, adjusted to its individual needs; development of statistics, which allow to understand how Service Users use websites, making possible improvement of their structure and content; maintaining Service User’s session (after logging), thanks to which User doesn’t have to enter login and password on every subsite of the Service; f) Within the Service, we use two basic types of cookie files: “session cookies” and “persistent cookies.” “Session cookies” are temporary files that are stored on User’s terminal equipment until logging out, leaving the website or turning off software ((Internet browser). “Persistent cookies” are stored on User’s terminal equipment for the time specified in cookie file parameters or until the time of their deletion by the User. g) The Service uses the following types of cookie files:
  • “necessary” cookie files, making possible the use of services available within the Service, e.g. authentication cookies used for services requiring authentication within the Service;
  • cookie files used to ensure safety, e.g. used to detect abuses within authentication within the Service; ◦”performance” cookies are used to gather information on how visitors use websites of the Service;
  • “functional” cookies, making possible “remembering” of settings selected by the User and personalization of User interface, for example in the scope of selected language and region, from which the User originates, font size, look of the website, etc.;

References to other sites on the Service website

NMT group has its own privacy representative who assists with guidance so that personal information is processed in accordance with the GDPR. Requests for access, rectification and erasure, as well as reports of security breaches, are handled by the data protection officer.

Data Protection Officer

NMT group has its own privacy representative who assists with guidance so that personal information is processed in accordance with the GDPR. Requests for access, rectification and erasure, as well as reports of security breaches, are handled by the data protection officer.

Questions?

The service owner informs that the service features references to other sites. The service owner recommends reading of policy practices that are in force for these sites, since it is not liable for them.

Data protection of Service users

Description of technical and organizational measures for protection purposes is contained in the Safety Policy (personal data protection) of the service owner. In particular, the following safeguards are used: a) data collected automatically through the server are secured through mechanism authenticating access to the service; b) data collected from users during registration process are protected with SSL protocol and through mechanism authenticating access to the service; c) access to control the service takes place with the use of authentication mechanism.