If a company collects, transmits, hosts or analyzes personal data of EU citizens, GDPR requires the company to use third-party data processors who guarantee their ability to implement the technical and organizational requirements of the GDPR.
ManageMyVessel will provide our customers that request MMV compliance as a processor with contractual commitments regarding our compliance with applicable EU data protection law and will implement additional contractual provisions required by the GDPR.
Our contractual commitments guarantee that customers can:
Respond to requests from data subjects to correct, amend or delete personal data.
Be made aware of and report personal data breaches to relevant supervisory authorities and data subjects in accordance with GDPR timeframes.
Demonstrate their compliance with the GDPR as pertaining to ManageMyVessel Services
ManageMyVessel GDPR Product Readiness
While much of our preparation is happening behind the scenes, we are also working on a number of initiatives that will be visible to our users. We are, among other things:
Updating our Data Processing Agreement to meet the requirements of the GDPR in order to permit you to continue to lawfully transfer EU personal data to ManageMyVessel and permit ManageMyVessel to continue to lawfully receive and process that data;
Analyzing all of our current features and templates to determine what improvements or additions can be made to make them more efficient for those users subject to the GDPR;
Evaluating potential new GDPR-friendly features and templates to add to our application
New GDPR Features added to ManageMyVessel
1. Security of Personal Data - Policy on the Use of Encryption
- Additional Data Encryption and Controls have been added to all databases that store Data Subject personal or private information
- Data encryption will be both at rest and during transmission
2. Security of Personal Data - Password Security Policy
- Additional strong password Security settings have added to user roles , allowing stronger protection for those users that may have access to Crew Records and/or Users Records
3. Managing Data Subject Rights - Data Subject Consent Form
- Data Subject Consent Form can be set up under Data Security Settings . By implementing this feature the Data Consent Form can be digitally displayed and acknowledged by users at login. In addition this will add the Form to the Crew Mandatory Documents (CMD) for easy reporting and auditing of required crew documents. This new feature allows for easier and quicker Consents to be collected and added to the respective CMD.
4. Personal Data Policy Framework - Privacy Notice
- Privacy Notice can also be set up under Data Security Settings. Customers will also be able to upload their Privacy Notice allowing the Privacy Notice to be accepted digitally by a user or Crew Member when logging into either the Web Browser version of MMV or the Mobile App , this would allow for easier and quicker Privacy Notice to be collected and added to the respective CMD.
5. Data Portability
- MMV will allow the customer to provide personal data in a structured and commonly used machine-readable format when requested by adding additional functionality to Crew and User Records allowing the ability to Export the record to Excel
Additional features and functionalities will be added in the future as required to further support our customers with their GDPR compliance programs.