Registered Company Details
Ocean Phoenix International Limited
1 George Square
Company No: SC668607
VAT Number: GB 353 8543 81
Protection of Personal Data
It is our policy to protect data and comply with Data Protection regulations. Personal data must be controlled and secured and details must not disclosed to any other person (whether inside or outside the company) unless authorised to do so. The data protection declaration applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter also referred to collectively as "online offer"). To ensure all workers and 3rd party users are aware of data protection obligations and information security we have a training programme in place which covers this and other relevant policies.
Compliance with Data Protection Regulations
To ensure we are in compliance with data protection regulations including General Data Protection Regulation (GDPR) the company has taken various measures to ensure we are meeting all requirements;
Data Protection Officer – our management system details key responsibilities including details of a Data Protection Officer (DPO)
Personal Data Collected - we do not actively collect or process any personal information other than the details of our employees & 3rd parties who by providing their data have given consent for their use which can be a component of our (pre)contractual services (applicant selection procedure), purpose of tendering and in pursuit of securing contracts where their business services will be contracted, provided that the use of the 3rd party providers has been agreed in this context. Otherwise, user data is processed on the basis of our legitimate interest in efficient and secure communication with our communication partners. This data may also hold some personal data from interactions with prospective and existing customers and systems are in place to manage this data. By submitting data to us, 3rd Parties agree to the processing of their data for the purposes of the applicant selection procedure in accordance with the type and scope described in this data protection declaration.
Personal data is information about personal or factual circumstances of an identified or identifiable natural person. This includes information such as your name, your address, your telephone number and your date of birth, but also data about your specific career, etc., which can be assigned to a specific person with reasonable effort.
Processed data types: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers, linked profiles ie LinkedIn, Facebook), content data (e.g. text entries, photographs, videos, Skill Sets), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), Certification (Passports, IDs, Medical Certificates, Associated Training and Certification)
Affected persons: applicants, users (e.g. website visitors, users of online services, candidates, 3rd Party business/persons).
Purposes of processing: applicant selection procedure, office and organisational procedures, securing business contracts
Data Submission – By means of an online form on our website www.OceanPhoenix.co.uk. Or via the online Portal also available on the website. The data is transmitted to us in encrypted form according to the state of the art. Applicants can also send us their applications by e-mail. *Please note, however, that e-mails are generally not sent in encrypted form and that applicants must ensure that they are encrypted themselves. We cannot therefore accept any responsibility for the transmission path of the application and therefore recommend that you use an online form / portal.
Data Review - we regularly review and check Personal data by completing a data audit to identify "any information relating to an identified or identifiable natural person (data subject)", to ensure the personal data we hold is required, lawfully managed and processed and accurate.
Data Retention data retention is managed and retention period is documented in our management system manual.
Consent - if any data is to be collected for any purpose other than normal employment purposes we will obtain your explicit consent and you have the right to withdraw this consent at any time.
Sensitive Personal Data - we do not collect or hold any sensitive personal data and DPO should be advised if this is not the case
Privacy by Design - Any new developments, projects or technologies that involve personal data will be reviewed to ensure privacy by design and privacy impact assessment completed.
Data Processing / Transfer - Personal data is processed and handled in a lawful and transparent manner with clear communication of what data we hold, why we hold it and how long we retain it. In the course of our processing of personal data, it may happen that the data is transferred to or disclosed to other bodies, companies, legally independent organisational units or persons. The recipients of this data may include, for example, prospective clients, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases we observe the legal requirements and in particular conclude appropriate contracts or agreements with the recipients of your data which serve to protect your data.
Transfer of data within the organization: We may transfer personal data to other entities within our organization or grant them access to such data. If this transfer is for administrative purposes, the transfer of the data is based on our legitimate business and commercial interests or takes place if it is necessary to fulfil our contractual obligations or if there is a consent of the persons concerned or a legal permission.
If we process data in a third country (i.e. outside UK), or if the processing takes place in the context of the use of services of third parties or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements.
Data Security - we have measures in place to protect Confidentiality, Integrity and Accessibility of all company data and complete regular audits and reviews of the security of personal data and information security systems in accordance with legal requirements. Taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection commensurate with the risk.
These measures shall include in particular the safeguarding of confidentiality, integrity and availability of data by controlling physical and electronic access to data as well as access, input, disclosure, safeguarding of availability and segregation of data relating thereto. Furthermore, we have established procedures to ensure that data subjects' rights are exercised, data is deleted, and responses are made to any threats to the data. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and processes in accordance with the principle of data protection, by designing technology and by using data protection-friendly default settings.
Data Subject Access – Data subjects have the right to access, correct, transfer or request deletion of the personal data we hold about them. Subject access requests should be directed at our DPO who will respond to all data requests within 1 month. We will not charge for responding to such requests. Data access is available via our secure portal which is available on our website: www.OceanPhoenix.co.uk.
The data processed by us will be deleted in accordance with the legal requirements as soon as their consent permitted for processing is revoked or other permissions cease to apply (e.g. if the purpose for which the data were processed ceases to apply or if they are not necessary for the purpose).
Unless the data are deleted because they are required for other and legally permissible purposes, their processing is limited to these purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or that must be stored for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person.
Active Sourcing - If we approach potential 3rd Party candidates on behalf of clients, information and data of potential candidates are collected and processed from publicly available sources. The persons concerned are contacted by us and approached about a relevant opportunity. In the course of the contact, information on data protection as well as consent for storage is also obtained. 3rd Party candidates who do not consent to processing or are not contacted by us will be deleted.
Commercial and Business Services - We process data of our contractual and business partners (3rd Parties ), e.g. customers and prospective customers within the scope of contractual and comparable legal relationships as well as associated measures and within the scope of communication with the contractual partners (or pre-contractual), e.g. to answer inquiries.
We process this data for the purpose of fulfilling our contractual obligations, securing our rights and for the purposes of the administrative tasks associated with this information and for the purposes of the company's business organisation. Within the framework of the applicable law, we only pass on the data of the contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to fulfil legal obligations or with the consent of the contractual partners (e.g. to involved telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, tax authorities). The contractual partners will be informed about other forms of processing, e.g. for marketing purposes, within the scope of this data protection declaration. Consent will be implied by provision of these details.
If we use third-party providers or platforms to provide our services, the terms and conditions and data protection information of the respective third-party providers or platforms apply in the relationship between the users and the providers.
Newsletter and electronic notifications - We send newsletters, e-mails and other electronic notifications (hereinafter referred to as "correspondence ") only with the consent of the recipients or a legal permission. If, in the course of registering for the correspondence, its contents are specifically described, they are decisive for the consent of the users. Furthermore, our correspondence contain information about our services and us.
To register for our correspondence, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name for the purpose of personal contact in the correspondence, or other details if these are necessary for the purposes of the correspondence.
Double opt-in procedure: The registration to our correspondence is always done in a so-called Double-Opt-In-Procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with foreign e-mail addresses. The correspondence registrations are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the shipping service provider are also logged.
The logging of the registration procedure is based on our legitimate interests for the purpose of proving that it has been carried out properly. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and secure sending system.
Information on legal bases: The sending of correspondence is based on the consent of the recipients or, if consent is not required, on our legitimate interests in direct marketing, if and to the extent permitted by law, e.g. in the case of advertising to existing customers. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests in order to prove that it was carried out in accordance with the law.
Processed data types: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), meta/communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times).
Affected persons: communication partners.
Purposes of processing: direct marketing (e.g. by e-mail or by post, Portal).
Right of objection (Opt-out): You can cancel the receipt of our correspondence at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the correspondence either at the end of each correspondence or you can use one of the contact options listed above, preferably by Portal / e-mail.
Presence in social networks (Social Media) - We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.
Please note that user data may be processed outside the UK. This can result in risks for the users, because the enforcement of the users' rights could be made more difficult.
Furthermore, user data within social networks are usually processed for market research and advertising purposes. Thus, for example, user profiles can be created on the basis of user behaviour and the resulting interests of the users. The user profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behaviour and interests of the users are stored. Furthermore, data may also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
For a detailed presentation of the respective forms of processing and the possibilities of objection (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks.
Also in the case of requests for information and the assertion of data subject rights, we would like to point out that these can most effectively be asserted with the providers. Only the providers have access to the data of the users in each case and can directly take appropriate measures and provide information.
Processed data types: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Affected persons: Users (e.g. website visitors, users of online services).
Data Breaches – all data breaches will be reported internally and significant breaches will be reported to the ICO and affected data subjects notified within 72 hours of discovery.
Used services and service providers – Can be provided on request
Much of the arrangements for management of data, documented information, ongoing checks including internal audits are all covered by our ISO compliant integrated management system which includes the following;
Summary of all company procedures and policies relating to Data management / Security
Organisation details including details of the Data Protection Officer and summary of their responsibilities
Document register detailing what records we hold, how managed and retention period
Personal Data / Information Registers
Training arrangements including details of planned training and staff training / competency matrix
The content of our data protection declaration, may change and we will adapt the data protection declaration as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes make it necessary for you to take action to cooperate (e.g. to give your consent) or to receive other individual notification, we ask you regularly familiarise yourself with our declaration.
Website Cookies Policy
Also, cookies may also be used to track how you use the site to target ads to you on other websites via 3rd party providers such as google adwords.
This website may also include third-party services which may also place cookies. Some of these services include but are not limited to: Google, social network sites, security firewalls and service providers.
These services may also collect and use anonymous identifiers such as IP Address, HTTP Referrer, Unique Device Identifier and other non-personally identifiable information and server logs.
Website usage terms and conditions
The term ‘Ocean Phoenix International Limited’ or ‘us’ or ‘we’ refers to the owner of the website whose registered office is 1 George Square, Glasgow, United Kingdom,G2 1AL. Our company registration number is SC 668607, Scotland. The term ‘you’ refers to the user or viewer of our website.
The content of the pages of this website is for your general information and use only. It is subject to change without notice.
Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
From time to time, this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Northern Ireland, Scotland and Wales.
The information contained in this website is for general information purposes only. The information is provided by Ocean Phoenix International Limited and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
Through this website you are able to link to other websites which are not under the control of [business name]. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, Ocean Phoenix International Limited takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
This website and its content is copyright of Ocean Phoenix International Limited - © Ocean Phoenix International Limited 2020. All rights reserved.
Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:
· you may print or download to a local hard disk extracts for your personal and non-commercial use only
· you may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material
You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.