Austal Limited (Austal, we, us) respects the privacy of visitors to https://www.marinelinkfleet.com (the Site), users and subscribers of MarineLink Services (including MarineLink Fleet, MarineLink Sense and MarineLink Smart, as further described on our Site). This policy sets out how we collect, manage and use information we gather about you.
We collect, use, store and transfer different kinds of personal information about you where appropriate and relevant, which we have grouped together as follows:
• Identity Information includes first name, last name, username, marital status, title, date of birth and gender and the organisation for which you work.
• Contact Information includes email address and telephone numbers and business address.
• Technical Information includes internet protocol (IP) address, your login information, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our Site and/or the MarineLink Services.
• Profile and Service Information includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses, and any other information you give to us when communicating with us in connection with the Site and/or the MarineLink Services.
• Usage Information includes information about how you use our Site and/or the MarineLink Services.
• Marketing and Communications Information includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Where we need to collect personal information by law, or under the terms of a contract with you or the company you work for, and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you or the company you work for (for example, to provide you access to our Site and/or MarineLink Services). In this case, we may have to suspend your access to our Site and/or MarineLink Services, but we will notify you if this is the case at the time.
There are a number of ways in which we may collect your personal information, including:
• Direct interactions. You may give us your Identity, Contact, Profile and Service and KYC Information by filling in online forms or by corresponding with us by post, phone, email or otherwise. This includes personal information you provide when you:
• register for a MarineLink Services account;
• request marketing to be sent to you;
• contact us, whether by phone, email, or other electronic means.
• Automated technologies or interactions. As you interact with our Site and/or MarineLink Services, we will automatically collect Technical Information about your equipment, browsing actions and patterns. We collect this personal information by using cookies, server logs and other similar technologies. Please see section 8 below for further details.
• Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources as set out below:
• Technical Information from the following parties:
• analytics providers such as Google based outside the EU.
• Identity, Contact, Profile and Service Data from the organisation for which you work or its legal representatives.
• Identity and Contact Information from publicly available sources such as the United Kingdom Companies House and the Electoral Register based inside the EU, or the Australian Electoral Roll.
Austal has security measures in place to attempt to protect against the misuse, interference, loss and unauthorised access, modification or disclosure of personal information under our control. Austal presently stores all information on secure servers that are located either on site in Henderson or on proximate backup hardware. In addition, personal information relating to employment applications Austal does not currently store any information overseas however if in future Austal elects to transfer personal information to someone in a foreign country, this will be done in accordance with the requirements of the Australian Privacy Principles. It is likely that some of the entities which provide services to Austal store information overseas.
The kinds of information that we may collect and hold about your visits to our website include your IP address, domain name, locality, operating system, browser type, referring website, search terms, pages and links accessed, and visit date and time. We may use this information for the purpose of maintaining and improving our website and enhancing your experience browsing our website.
We use the following kinds of cookies:
• Necessary cookies. Some cookies are required to provide core functionality. The website won't function properly without these cookies and they are enabled by default.
• Analytical cookies. Analytical cookies help us improve our website by collecting and reporting information on its usage. We will only set these on your device if you consent to us doing so through our cookie tool. You can select or change your choices at any time by clicking the "c" icon on the bottom left hand corner of our Site.
• Marketing cookies. Marketing cookies are used to track visitors across websites to allow publishers to display relevant ads. We will only set these on your device if you consent to us doing so through our cookie tool. You can select or change your choices at any time by clicking the "c" icon on the bottom left hand corner of our Site.
Cookies may also be disabled on your web browser if you do not wish us to collect information about your visits to Austal’s website, but some parts of the website may not function properly as a result.
We only use your personal information where necessary for our business activities, where required or permitted by law. We set out below, in a table format, a description of the ways in which we use your personal information, and which of the legal bases under the GDPR we rely on to do so. We have set out our legitimate interests where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
Generally, we do not rely on consent as a legal basis for processing your personal data, except to email or call you with marketing materials. You have the right to withdraw consent to marketing at any time by contacting us.
We will only send email or call you about our products or services if you have first given your consent.
If you change your mind, and do not want to receive marketing from us any more, please contact Marketing Manager at firstname.lastname@example.org.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We may share your personal data, where relevant and necessary, with the parties set out below for the purposes set out in the table in section  above. In all cases we take reasonable steps to keep your personal information confidential and secure.
• Other entities in the Austal Limited corporate group.
• Organisations which process information on our behalf, such as information collection contractors, website and data hosting providers, and technology service providers.
• Law enforcement, government, tax or regulatory bodies.
• Fraud prevention and detection organisations.
• Our advisors and auditors, such as our legal advisors and accountants.
• Our insurers and insurance brokers.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Austal is established in Australia, which is outside of the European Economic Area (EEA), although it does have some limited presence in the United Kingdom through one of its subsidiaries.
Please note that all information which is collected through the Site and the MarineLink Services is hosted on to the virtual private cloud of Austal Limited on Amazon Web Services servers in Australia. Although Australia has its own privacy and data protection laws, these are not currently as comprehensive as the data protection laws of the European Union or the United Kingdom.
Whilst we strive to comply with the GDPR, please note that if you are located in the EEA and want to use the MarineLink Services or our Site, your data protection rights may not have the same protection as they enjoy in the EEA.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
Our security measures include, where appropriate:
We have in place a data breach response plan intended to enable us to contain, assess and respond to data breaches in a timely manner, and to help mitigate potential harm to individuals.
Where required by the Act or the GDPR, Austal will notify any affected individuals or corporations, as well as the Office of the Australian Information Commissioner (or relevant EEA data protection authority), in respect of notifiable data breaches which occur.
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means. We also consider the applicable legal, regulatory, tax, accounting or other requirements.
Details of retention periods for different aspects of your personal information are available in our retention policy which you can request from us by contacting us.
In some circumstances you can ask us to delete your data: see section  below for further information.
In certain circumstances, you have legal rights in relation to your personal information.
If you wish to exercise any of the rights set out above, please contact our Marketing Manager at email@example.com.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We hope that you will contact us first, but you also have the right to complain to the relevant data protection authority. In the United Kingdom this is the Information Commissioner, who can be contacted at https://ico.org.uk/make-a-complaint/. For details of relevant EEA data protection authorities please see details on the European Data Protection Board website here: https://edpb.europa.eu/about-edpb/board/members_en.
Austal can be contacted regarding privacy issues by email sent to firstname.lastname@example.org
Version 1, 5 October 2019