DATA PRIVACY POLICY STATEMENT

Company Privacy Commitment

Seacrest   Maritime    Management   Inc.   (SEACREST   for    brevity)    shall ensure its adherence and compliance with the Data Privacy Act of 2012 under the Republic Act (R.A.) 10173 and its implementing Rules and Regulations. In this respect, Seacrest shall develop, adopt, observe, and implement appropriate Policies and Procedures that shall govern the collection, usage, disclosure, protection, retention, and disposal of personal data that comes within its control and possession.

Seacrest respects the fundamental right to privacy of all individuals whether personal or juridical, entity and stakeholders within the sphere of its organization such as but not limited to its:

• Principals and its agents;
• Office Personnel;
• Contracted Seafarers and their respective families, dependents and beneficiaries;
• Third Party Suppliers.

This Data Privacy Policy Statement is Seacrest’s declaration on its privacy policies and practices.

Rationale in the collection of personal information

As Stakeholders mentioned in Seacrest’s Privacy Commitment, the basic information that Seacrest collects and handles is/are used only for the following purpose/s:

• Submission to POEA of the requirements for accreditation of Principals and its vessels as well as its cancellation and amendments of Principals and its vessel’s records;
• Submission to POEA of the requirements for Seafarer Registration, processing and approval of POEA Contract, legal obligations, proceedings and other necessary information needed to facilitate seafarer registration;
• Submission of requirements to the appropriate Philippine Government Agencies necessary for the payment of mandatory contributions such as but not limited to Social Security, PhilHealth, Pag-Ibig (HDMF) including taxes as well as processing of applicable benefits which includes but not limited to death and disability benefits, claim refund , educational grant applications among others;

• Submission to Philippine local banks for the processing of remittances, payroll, allotment, final wages and other benefits as may be applicable for seafarers and their families and for office employees ;
• Submission to local banks of Principal’s information for fund request and remittances;
• Submission of requirements to Health Insurance providers such as but not limited to HMO benefits (if applicable), Insurance companies pursuant to and in compliance with AMWA R.A. 10022, Protection and Indemnity Clubs for seafarers protection coverage;
• Submission of requirements to Principal’s office , Airline companies and its travel agents, Port Agents, Vessels Agents, Embassies to facilitate visa issuance (if applicable), flight ticket issuance, clearances and permissions for joining vessels in specific ports;
• Submission to Third Party Suppliers such as but not limited to accredited Medical Clinics, working gears suppliers and Training and Assessment centers for proper endorsement and referrals of its seafarers for PEME compliance purposes and other Training needs;
• Be part of company records and as reference for maintaining the Quality of products and services supplied to Seacrest’s contracted seafarers;
• To understand your needs as a stakeholder so that Seacrest can continuously improve its services;
• To create and nurture Seacrest’s business relationship with its stakeholders so that trust, mutual respect and long term association can be developed and established.

Sources of Information

These are the sources of information and the means how Seacrest collect them:

1. Information that you voluntarily and personally give to Seacrest.

• From the applications forms that you have accomplished during your first time job application to Seacrest and its subsequent processing/updating of information;
• From the data given during the accreditation process of Principals and its vessels;
• Pre-Departure Briefing and Off-signed debriefing process;
• Officers and crew seminar events;
• During research or evaluation of specific courses , activities and training;
• From Supplier Accreditation forms, during initial application as supplier of services and/or products for seafarers use;

• From the regular mail, electronic mail , phone correspondences and your social media account when you use this medium in communicating with Seacrest;
• From the Training registration forms, Embassy application forms and PEME referral forms which the stakeholder personally accomplish or Seacrest accomplish for and in behalf of the seafarer or its employees;
• From the information you provided to Seacrest during your security log-in or registration when visiting or reporting to Seacrest office ;
• From the Medical Clinics during the completion of your PEME;

2. Information collected during business relations and employment relations.

• From the data updates required during the course of Seacrest’s business relations and employment relations;

• Use of Seacrest website for employment applications, research surveys and service evaluation feedback;

Disclosure of Personal Information

Personal data shall as much as possible be kept as confidential except in cases expressly permitted for by the Data Privacy Act of 2012 under R.A. 10173 and where such disclosure is allowed to satisfy the following requirements:

• Government mandatory reportorial requirements;
• Principals requirements to satisfy vessel       charter requirements and safety requirements;
• P&I and Insurance requirements in cases of illness, injuries, death and disability;
• During Natural Calamities and Disasters as maybe needed;
• Embassy requirements for issuance of visa for joining vessels or visit to Principals office;
• Port Agent requirements to facilitate clearances for allowing seafarers or office representatives to join vessel in specific port/s;
• Bank requirements to facilitate proper remittance of allotments and special allotments for designated allottees;
• Third Party suppliers requirements to generate medical results in terms of medical clinics;
• Training   Centers   requirements   for generation of registration and training certificate/s.

Nota Bene: Seacrest will never sell, pass or rent any personal information to any outside parties which is outside the scope of its services and agreed terms and conditions of your engagement or business relations with the company.

Protection and Security of your Personal Information

Seacrest shall seriously secure and preserve the integrity, confidentiality and safety of your personal information. Seacrest has put in place the following measures and safeguard of its stored data:

• Seacrest database utilizes a secured server behind a well-kept firewall, encryption, protection protocols and other security measures and controls;
• Observance of proper record keeping, its retention and proper disposal in accordance with the Company established and certified Quality management system;
• Restriction of access to information to chosen, qualified and authorized company personnel;
• Conduct of regular Privacy Impact assessment within the organization;
• Proper physical set up of Company working spaces to ensure security of files, documents and records including use and proper safekeeping of secured and designated File Storage areas and rooms;
• Periodic Privacy Audit;
• Prompt notification to concerned person/s – seafarers and families, office personnel, Principals, third party suppliers and the National Privacy Commission (NPC) for any security data breach where personal and sensitive information may be deemed compromised.

Right to Access your Personal Data

As Seacrest Principal , office personnel, contracted seafarers, third party suppliers you have the right to:

• Verify whether the company holds any personal information about you or your organization and to access such data;
• Require the company to correct any personal data relating to you or your organization which may be inaccurate;
• Inquire about Seacrest Data Privacy Policy and practices in relation to personal data;
• Object to the processing of your personal data or data of your organization as maybe allowed by the applicable provisions of the Data Privacy Act of 2012 under R.A. 10173;
• Order the withdrawal, suspension, removal or destruction of your personal data or the data of your organization as may be allowed by the applicable sections of the Data Privacy Act of 2012 under R.A. 10173 and its Implementing Rules and Regulations.

Personal Data Retention and Disposal

Seacrest keep your personal data only for as long as necessary and as may be required by the following measures:

• For the fulfillment of the declared, specified and legitimate purpose/s provided above or when the processing thereof shall be relevant to the requirement and purpose by which it has been completed or terminated;
• For the establishment, exercise or defense of legal claims;
• For other business purpose/s that are consistent with Philippine Law or with standards established or approved by Regulatory agencies governing Seacrest.

Thereafter, your personal data shall be disposed of or discarded in a secure manner that would prevent further processing , unauthorized access or disclosure to any other party or the general public.

For Data Privacy Concerns

Please contact Seacrest’s DATA PROTECTION OFFICER (DPO) Ms. Rose

Seacrest Maritime Management Inc. Northpoint Corporate Tower

7502 Bagtikan Street corner Guijo Street San Antonio Village, Makati City 1203 Philippines

Tel. No. +632 8856 5338 local 4020

E-Mail   : rose.decilos@seacrestmaritime.com copy to : IT@seacrestmaritime.com

Amendments to Company Data Privacy Policy Statement

Seacrest reserves the right to amend, add, change update or modify anytime without notice to this Privacy Policy Statement with changes in the law/s rules and regulations, to comply with the Government regulatory requirements as mandated by the Data Privacy Act of 2012 under R.A. 10173, to adapt to new and emerging technologies, to be within alignment of Industry practice or other purposes that has an effect on Data Privacy.

Seacrest shall inform you accordingly of such changes within the bounds provided for by Law and what is required for notification.