Tidewater Inc. Data Privacy Statement
Looking after the personal data you share with Tidewater is hugely important to us. We want you to be confident that your data is safe and secure and understand how we use it. The data controller is Tidewater Inc. (referred to in this policy as “we” or “us”).
We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. We comply with all applicable data privacy and protection requirements in the countries in which we operate.
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Tidewater will endeavor to keep your information accurate and up to date and not keep it longer than necessary.
WHY DO WE RETAIN YOUR PERSONAL DATA IN OUR SYSTEM?
Our use of your personal data is based on our “legitimate interests”, these are: to service our customers’ needs and requirements;
- to promote and market our products and services;
- to protect and support our business, colleagues, customers and shareholders;
- to prevent and detect anti-social behaviour, fraud and other crime;
YOUR PERSONAL DATA
When you apply for a job vacancy or send us a copy of your CV you provide us with your personal details, including your postal address, email address, phone numbers and date of birth. This data is retained in order to allow us to process job applications and to contact you about future opportunities within the Company.
If you have had an accident or incident involving Tidewater your personal data may be accessed to resolve legal claims or disputes. This could include medical reports.
In order to protect our vessel assets and the personnel on-board, cameras may be used as monitoring and recording devices. Recorded activity is used to review vessel incidents, monitor safety procedures and provide real-time video during an emergency response situation. If you are on-board our vessels at any time, your image may be captured on camera and retained in line with the Tidewater’s retention policy and practices.
When we ask you for personal data we will always tell you why and how the information will be used. Personal data will be retained on file in line with the Company retention policy, taking into account legal requirements and business sector requirements.
SHARING PERSONAL DATA WITH OTHER ORGANISATIONS
We may share personal data with other organisations in the following circumstances:
- if the law or a public authority says we must share the personal data or for the administration of justice;
- if we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud);
- where we restructure, merge, acquire a business or sell any part of our business.
SHARING PERSONAL DATA WITH THIRD PARTIES
We may pass your personal data on to third-party service providers contracted to Tidewater in the course of your employment. Any third parties that we may share your data with are obliged to keep your details securely protected, and to use them only in the line of business requirements. When they no longer need your data to fulfill this service, they will dispose of the details in accordance with their retention policy.
HOW WE PROTECT PERSONAL DATA
- We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
- We only authorise personal data access to employees and trusted partners who need it to carry out their responsibilities;
- We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security;
- We will ask for proof of identity before we share your personal data with you; and
- The personal data that we collect from you may be transferred to, and stored at, destinations outside the European Economic Area (“EEA”). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. If we do this we ensure that your privacy rights are respected in line with our GulfMark Data Protection Policy.
HOW LONG WE USE PERSONAL DATA FOR
We will not keep your personal data longer than we need to, how long this is depends on several factors, including:
- Why we collected it in the first place;
- How old it is;
- Whether there is a legal/regulatory reason for us to keep it;
- Whether we need it to protect you or us.
- Our Company Retention Policy
SUBJECT ACCESS RIGHTS
The right of access, commonly referred to as subject access, gives you the right to obtain a copy of your personal data as well as other supplementary information. You have the right to obtain the following data from Tidewater:
- confirmation that we are processing your personal data; and
- a copy of your personal data
You are only entitled to access your own personal data and not information relating to other people, therefore it is important that you establish whether the information requested falls within the definition of personal data.
To file a subject access request please email firstname.lastname@example.org with “Subject Access Request” in the subject box. You will be asked to provide sufficient ID verification prior to the request being actioned.
In relation to your personal data, you also have the right to:
- Have inaccurate information corrected:
If you believe we hold inaccurate or missing information, please let us know and we will correct it.
- Object to our use of it:
We will consider your objection to our use of your personal data. If on balance, your rights outweigh our interests in using your personal data, then we will at your request either restrict our use of it (see section 3 below) or delete it (see section 4 below).
- Restrict our use of it:
There are several situations when you can restrict our use of your personal data, this includes (but is not limited to):
- you have successfully made a general objection (listed in section 2 above).
- you are challenging the accuracy of the personal data we hold.
- we have used your personal data unlawfully, but you do not want us to delete it.
- Have us delete it:
There are several situations when you can have us delete your personal data, this includes (but is not limited to):
- we no longer need to keep your personal data;
- you have successfully made a general objection (listed in section 2 above);
- you have withdrawn your consent to us using your personal data (and we do not have any other grounds to use it);
- we have unlawfully processed your personal data.
In the event that you wish to make a complaint about how your personal data is being processed by Tidewater or how your complaint has been handled you have the right to lodge a complaint directly to Tidewater’s data protection officer on email@example.com or write to:
Tidewater Inc. – Compliance Department
6002 Rogerdale Road, Suite 600
Houston, Texas 77072, USA
Telephone: (713) 470-5300