Privacy Policy

Something about Privacy policy

This privacy policy will explain how our organization uses the personal data we collect from you when you use our website.
At Stronghold Seccuracy we highly prioritize protecting your personal information and being transparent about what we do with it. We are committed to using your personal information following all applicable laws concerning the protection of personal information and ensuring that you understand your data rights and freedoms. Stronghold Seccuracy will be considered as the "controller" of your data. We determine which personal data we need to process and for what purpose and are responsible for the safe storage and handling of this data. First, we need to define, and it is important for you to understand, the expression: "Personal Data". It generically represents any kind of information about a physical person, whose particularities can lead, directly or indirectly, to its identification. Here you have, by way of example, but not limited to: name and surname, geographical address, any identification number, political orientation, sexual orientation, email address, any location information and any other online identifier such as the device used to access the Internet, IP address, or cookie information. With regards of your agreement on collection and use of personal data, we have taken all the necessary technical measures to provide you with this detailed agreement, so you can have a crisp clear experience, from the first to the last interaction with our website or our services. Visitors and Users agree and accept that the use of our website is not possible without any indication of personal data.

Definitions
Our data protection policy should be legible and understandable for the general public, as well as for our Users and business partners. To ensure this, we would like to first explain the terminology used. In this data protection declaration, we use, inter alia, the following terms:
Data Subject or Data Principal - is any identified or identifiable natural person, whose personal data is collected and processed by us.
Processing - is any operation which is performed on personal data, such as collection, recording, organization, structuring, storage, etc.
Restriction of processing - is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling - means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person.
Data Controller or Data Fiduciary - is the natural or legal person, public authority, agency or other body, which determines the purposes and means of the processing of personal data.
Processor - is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient - is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed. The processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
Third-party - is a natural or legal person, public authority, agency or body other than the ones above, who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent - is any freely given, specific, informed and unambiguous indication of data subject’s acceptance to the processing of their personal data.

Compliance
The processing of personal data will be in line with these main international legislations:
General Data Protection Regulation (GDPR), applicable in Europe.
California Consumer Privacy Act (2018) and Privacy Act U.S.C. 552a (Privacy Act of USA).
Personal Data Privacy Bill (2020) applicable in India.
We are able to provide our services worldwide. For the purpose of avoiding any compliance conflict with any terminology used by any particular legislation, in this document: “Users” are the “data subjects” or the “data principals” and Seccuracy is the “data controller” or “data fiduciary” Our privacy notice tells you what personal data (PD) and non-personal data (NPD) we may collect from you, how we collect it, how we protect it, how we may share it, how you can access and change it, and how you can limit our sharing of it. Our privacy notice also explains certain legal rights that you have with respect to your personal data. Any capitalized terms not defined herein will have the same meaning as where they are defined elsewhere on our website.

Automated individual decision-making and profiling
You will have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Filing a complaint with authorities
You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the General Data Protection Regulation. If the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy. For details about your rights under the law, visit: https://goo.gl/F41vAV

Use Cases
Please take a moment to understand which use case(s) set out in this Privacy Policy apply to you:
Website Visitor: You are a “Website Visitor” by definition when you visit our Website and any other eventual subdomains associated with our principal domain. As a website visitor, we use your navigation statistical information for our own purposes, primarily for improving the use of our website and to provide you with more relevant content.
User: You become a “User” if you create an account on our website/platform in order to benefit from our services. If you are a User, our primary purpose of using your personal data is for providing the service and the services to you. We retain your personal information for a limited time and for limited purposes, such as to make it easier for you to re-join our service in the future or to wish you offers for services that we think you may be interested in.

What data do we collect?
For Privately Contracted Armed Security Personnel (PCASP)
If provided to us, we collect the following categories of personal data about you (at time of registration)
• Personal Identification Information (First Name, Last name)
• Contact Information (Email address)
• Gender, Date of Birth, Nationality
Once you have registered as a PCASP, the following data will be collected to complete your profile.
• Primary, Mailing, and Residential Addresses
• Nearest Airport
• Languages and their proficiency level
• Previous employment information, including employer information, employment period, role
• Information regarding service in the military, police, or any other law enforcement agencies (if applicable)
• Next of kin Information (First Name, Last name, Email, Phone number, Relationship with PCASP, Gender)
• Documentation (For assigning a pool)
o Personal ID Documents (CV, Passport, Military ID/Police ID, Criminal Record, Seaman’s Book, Passport Photo, Full Body Photo)
o Professional Certificates (STCW, SSO or PDSD, MSO level 3, Firearm Certificate, Medical Training Course, Military Discharge Certificate, Proof of NATO Frontline Experience)
o Medical Certificates (Seafarer's Medical Certificate, Yellow Fever Vaccination, Psychological Report, Drugs & Alcohol Test)
o Oil and Gas certificates (Oil/Gas/Chemical Tanker Familiarization, BOSIET)
For Private Maritime Security Companies (PMSCs), Manning Agencies (MA), Shipping Companies (SC), Port Agencies (PA), Floating Armory Companies (FA), and Training Centers (TC)
If provided to us, we collect and process the following data
• Company Information including name, taxation information, country of incorporation, address, email address, phone number, website
• Details of the focal person including first name, last name, email address, phone number, and designation
• Points of Contact including their first name, last name, email address, phone number, and designation
• Location data (locations of operation)
• Data of Employees (first name, last name, email, phone number, and designation) for creating sub-accounts to give them privilege based access
• Activity Log of Users with the aforementioned privilege-based access

How do we collect your data?
For Privately Contracted Armed Security Personnel (PCASP)
You directly provide Seccuracy with most of the data collected. We collect data and process data when you:
• Register online.
• Complete your profile after you have logged in to your account.
• Use or view our website via your browser’s cookies.
Seccuracy may also receive your data indirectly from the following sources:
• From PMSCs and Manning Agencies that you are already in a contract with.
For Private Maritime Security Companies (PMSCs), Manning Agencies (MA), Shipping Companies (SC), Port Agencies (PA), Floating Armory Companies (FA), and Training Centers (TC)
• By filling out the “request a demo” form on our website
• By completing your profile after you have been registered by us.
Seccuracy may also receive your data indirectly from the following sources:
• When your company is added as a client/service provider by a company already registered on the platform
• When your company is invited to our platform by a company already registered with us

What is the purpose of collection?
Our commercial purpose, by reference to the subject matter of our business, is provision of intermediary services between the stakeholders in the maritime security domain services, and also intermediation services between data subjects and/or other adjacent or complementary third-party service providers, and the new rules of personal data protection (GDPR, CCPA, PDPB.) are part of this context.
For Privately Contracted Armed Security Personnel (PCASP)
Seccuracy collects your data for the following purposes:
• The creation of your account and completion of your profile, so that you can be assigned a pool and your profile can be made available for the PMSCs and Manning Agencies to hire your services for transits.
• Next of kin information is used in case of an emergency
If you agree, Seccuracy will share your data with our partner companies so that they may
• Offer you certifications, in case of a Training Centers
• Hire you for transits, in case of PMSCs and Manning Agencies
• Embark / Disembark you to/from vessels, in case of Port Agencies and Floating Armories
For Private Maritime Security Companies (PMSCs)
Seccuracy collects your data for the following:
• The verification of your company and creation of your account so that you can send transit offers, create and manage transits, give role-based access to your employees, and generate compliance reports.
If you agree, Seccuracy will share your data with our partner companies so that they may
• Provide vetted on location PCASPs, in case of Manning Agencies
• Embark / Disembark your PCASPs and Equipment Kits to/from vessels, in case of Port Agencies and Floating Armouries
For Manning Agencies (MA)
Seccuracy collects your data for the following:
• The verification of your company and the creation of your account so that you can create and manage recruitment drives for hiring vetted PCASPs and be hired by PMSCs for your services
If you agree, Seccuracy will share your data with our partner companies so that they may
• Be able to view and utilize the services of your PCASPs in their transits, in case of PMSCs
For Shipping Companies (SC)
Seccuracy collects your data for the following:
• The verification of your company and the creation of your account so that you can create and manage transit requests
• Manage your fleet
• Track transits on your vessels
If you agree, Seccuracy will share your data with our partner companies so that they may
• Be able to view your fleet and create & manage transits for your vessels, in case of PMSCs
For Port Agencies (PA)
Seccuracy collects your data for the following:
• The verification of your company and the creation of your account so that you can facilitate embarkation/disembarkation of PCASPs to/from vessels assigned to you by PMSCs
If you agree, Seccuracy will share your data with our partner companies so that they may
• Be able to assign embarkation and/or disembarkation of PCASPs while in transit, in case of PMSCs
For Floating Armory Companies (FA)
Seccuracy collects your data for the following:
• The verification of your company and the creation of your account so that you can create Floating Armories and facilitate embarkation/disembarkation of PCASPs to/from vessels assigned to you by PMSCs
If you agree, Seccuracy will share your data with our partner companies so that they may
• Be able to assign embarkation and/or disembarkation of PCASPs while in transit, in case of PMSCs
For Training Centers (TC)
Seccuracy collects your data for the following:
• The verification of your company and the creation of your account so that you can offer training and certifications to PCASPs on our platform
If you agree, Seccuracy will share your data with PCASPs so that they may apply for the training and certifications that you offer.
Complementary purposes
To improve our services
We always want to offer you the best online experience and for this we can collect and use certain information about your behavior and preferences when using the website and platform, or we can conduct market research directly or through partners.
To improve your marketing activity
We want to keep you informed about the best offers for the services you may be interested in. In this sense, we may send you any type of message (such as: email / SMS / phone / mobile push / web push / etc.) containing general and thematic information about products or services, information on offers or promotions, as well as other commercial communications.
To defend our legitimate interests
There may be situations in which we use or transmit information to protect our rights and our commercial activity. These situations may include:
- measures to protect the website and platform Visitors and Users against cyber-attacks;
- measures to prevent and detect fraud attempts;
- transmission of information to the competent public authorities;
- other risk management measures.
We therefore commit ourselves:
- to protect the privacy of your data, which is a top priority for our company’s management;
- to use this data for the sole purpose of providing you with a personalized experience on our website as well as on the online platforms that we promote our products and services (Facebook and Google, etc.) on.
We may process data about your use of our website and services, or the User’s website ("usage data"). The usage data may include your IP address, geographical location, browser type, and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analyzing the use of the platform and services. We may process your personal data that are provided in the course of the use of our services ("service data"). The service data may be processed for the purposes of providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.
We may process information contained in any inquiry you submit to us regarding services and/or services ("inquiry data"). The inquiry data may be processed for the purposes of providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.
We may process information relating to our User relationships, including User contact information ("User relationship data"). The User relationship data may include your name, your employer, your job title or role, all your contact details, and information contained in communications between us and you or your employer. The User relationship data may be processed for the purposes of providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.
We may process information contained in or relating to any communication that you send to us ("correspondence data"). The correspondence data may include the communication content and metadata associated with the communication. Our platform will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.

How do we store your data?
Seccuracy securely stores your data at third-party dedicated server, Linode, located in London, United Kingdom. We do not use the information you provide to make any automated decisions that might affect you.

Our Legal Basis for Collecting and Processing Personal Data
Our legal basis for collecting and processing your PD when you buy, request our services is based on the necessity for the performance of a contract or to take steps to enter into a contract.

What Happens If You Don’t Give Us Your PD
If you do not provide us with enough PD, we may not be able to provide you with our services. However, you can access and use some parts of our website (not our platform) without giving us your PD.

What are your data protection rights?
Seccuracy would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to be informed – You have the right to be informed about the personal data we collect from you, and how we process it.
The right to access – You have the right to request Seccuracy for copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that Seccuracy correct any information you believe is inaccurate. You also have the right to request Seccuracy to complete the information you believe is incomplete.
The right to erasure – You have the right to request that Seccuracy erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that Seccuracy restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to Seccuracy’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Seccuracy transfer the data that we have collected to another organization, or directly to you, under certain conditions. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us:
• Email us at: info@seccuracy.com
• Call us at: +351 231 927 042
• Or write to us: Avenida Dr. Jose Assis e Santos, N69 2o Esquerdo 3450-123 Mortágua Portugal

Cookies Policy
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we will collect information from you automatically through cookies or similar technology
For further information, visit allaboutcookies.org

How do we use cookies?
Seccuracy uses cookies in a range of ways to improve your experience on our website, including:
• Keeping you signed in
• Understanding how you use our website
• To authenticate you

What types of cookies do we use?
There are several different types of cookies, however, our website uses:
• Functionality – Seccuracy uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and the location you are in. A mix of first-party and third-party cookies are used. Seccuracy uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed, and information about your browser, device, and your IP address.
• Strictly Necessary cookies– let you move around the website and use essential features like secure areas. Without these cookies, we cannot provide the requested services.We use these Strictly Necessary cookies to:
o Identify you as being logged in to the website and to authenticate you
o Make sure you connect to the right service on the website when we make any changes to the way it works
o For security purposes
• 'Performance' cookies – collect information about how you use the website, e.g. which pages you visit, and if you experience any errors. These cookies do not collect any information that could identify you and are only used to help us improve how the website works. We use performance cookies to:
• Help us improve the website by measuring any errors that occur
• Test different designs for the website

How to manage cookies
You can set your browser not to accept cookies, allaboutcookies.org tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

Privacy policies of other websites
The Seccuracy website/platform contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Changes to our privacy policy
Seccuracy keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 26 March 2021.

How to contact us
If you have any questions about Seccuracy’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.
• Email us at: info@seccuracy.com
• Call us at: +351 231 927 042
• Or write to us: Avenida Dr. Jose Assis e Santos, N69 2o Esquerdo 3450-123 Mortágua Portugal

Sharing Information with Affiliates and Other Third Parties
We do not sell or rent your PD to third-parties for marketing purposes. You understand, and we undertake, that we will provide your PD through our platform strictly to the corporate stakeholders that are using our platform. However, for data aggregation purposes we may use your NPD, which might be sold to other parties at our discretion. Any such data aggregation would not contain any of your PD.

Retaining and Destroying Your PD
We only retain the personal information collected from a User for as long as the User’s account is active on our platform, or otherwise for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law.
In some cases, it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the 2-year criteria, after your relationship with us ends. We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

California Privacy Rights
In addition to the rights provided for above, if you are a California resident, you have the right to request information from us regarding whether we share certain categories of your personal information with third parties for the third parties' direct marketing purposes. To the extent we share your personal information in this way, you may receive the following information:
(a) the categories of information we disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year; and
(b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.
Effective January 1, 2020, pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights in relation to their personal information, subject to limited exceptions. Any terms defined in the CCPA have the same meaning when used in this California Privacy Rights section.
• For personal information collected by us during the preceding 12 months that is not otherwise subject to an exception, California residents have the right to access and delete their personal information. Seccuracy will not discriminate against those who exercise their rights. Specifically, if you exercise your rights, we will not deny you services, charge you different prices for services or provide you a different level or quality of services.
• To the extent we sell your personal information to third parties, you also have the right to request that we disclose to you:
(i) the categories of your personal information that we sold, and
(ii) the categories of third parties to whom your personal information was sold. You have the right to direct us not to sell your personal information. Seccuracy does not sell your personal information in its ordinary course of business and will never sell your personal information to third parties without your explicit consent.
Should Seccuracy engage in any of the activities listed in this section, your ability to exercise these rights will be made available to you in your account settings. You can exercise your rights by contacting us via email so that we may consider your request.
If you are a California resident, you may designate an authorized agent to make a request to access or a request to delete on your behalf. We will respond to your authorized agent's request if they submit proof that they are registered with the California Secretary of State to be able to act on your behalf, or submit evidence you have provided them with power of attorney pursuant to California Probate Code section 4000 to 4465. We may deny requests from authorized agents who do not submit proof that they have been authorized by you to act on their behalf, or are unable to verify their identity.

Transferring PD From the European Economic Area
PD that we collect from you may be stored, processed, and transferred between any of the countries in which we operate. The European Union and the UK has not found the United States and some other countries to have an adequate level of protection of PD under Article 45 of the GDPR. Our company relies on derogations for specific situations as defined in Article 49 of the GDPR. For European Union customers and users, with your consent, your PD may be transferred outside the European Union to the United States and or other countries. We will use your PD to provide the goods, services, and/or information you request from us to perform a contract with you or to satisfy a legitimate interest of our company in a manner that does not outweigh your freedoms and rights. Wherever we transfer, process or store your PD, we will take reasonable steps to protect it. We will use the information we collect from you in accordance with our privacy notice. By using our website, services, or products, you agree to the transfers of your PD described within this section.

Changes to Our Privacy Policy
We reserve the right to change this privacy notice at any time. If our company decides to change this privacy notice, we will post those changes on our website so that our users and customers are always aware of what information we collect, use, and disclose. If at any time we decide to disclose or use your PD in a method different from that specified at the time it was collected, we will provide advance notice by email (sent to the email address on file in your account). Otherwise we will use and disclose our users’ and customers’ PD in agreement with the privacy notice in effect when the information was collected. In all cases, your continued use of our website, services, and products after any change to this privacy notice will constitute your acceptance of such change.

How to contact the appropriate authority
Should you wish to report a complaint or if you feel that Our Company has not addressed your concern in a satisfactory manner, you may contact Comissão Nacional de Proteção de Dados (‘National Commission for the Protection of Data’. also known as ‘CNPD’). Av. D. Carlos I, 134 - 1.º 1200-651 Lisboa T +351 21 392 84 00 F +351 21 397 68 32
geral@cnpd.pt
www.cnpd.pt