Privacy Notice

Our Policies

Privacy Notice

Black Pearl Maritime Security Management Limited ("Black Pearl", "we", "us") is committed to protecting the privacy and security of the personal data we handle. This Privacy Notice explains how we collect, use, share, retain and protect personal data, and the rights you have in relation to that data. We act as a data controller and process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are registered with the Information Commissioner's Office (ICO).

The Personal Data We Collect

Depending on your relationship with us, we may collect and process the following categories of personal data.

• Clients and business contacts: name, job title, employer, business contact details, vessel and voyage details, and correspondence.
• Operatives and job applicants: identity and contact details, passport and seafarer documentation, next of kin, qualifications, firearms and training certificates, vetting and background-check results, references, and bank details for payment.
• Special category data: health and medical fitness information, and the results of drug and alcohol testing, where necessary for operational safety.
• Operational records: incident reports, transit logs and deployment records, which may include personal data of crew or third parties.
• Website visitors: limited technical information such as your IP address and pages viewed, collected when you use our site or contact form.

Lawful Bases for Processing

We only process personal data where we have a lawful basis under Article 6 of the UK GDPR. Depending on the activity, we rely on the performance of a contract (for example to engage operatives or deliver services to clients), compliance with a legal obligation (for example flag State, immigration, firearms-licensing and employment-law requirements), our legitimate interests (for example managing our business, securing our operations and pursuing enquiries), and, where required, your consent. Where we process special category data such as health information, we additionally rely on the conditions in Article 9, principally that the processing is necessary for reasons of occupational safety, the establishment of legal claims, or your explicit consent.

How We Use Personal Data

We use personal data to assess and respond to client enquiries, to plan and deliver maritime security services, to recruit, vet, deploy and pay personnel, to ensure the fitness and safety of our operational teams, to meet our legal and regulatory obligations, to investigate incidents, and to maintain the records required by our ISO 9001 and ISO/PAS 28007-1:2015 management systems.

Sharing Your Data

We do not sell personal data. We share it only where necessary, for example with clients and their vessels' masters in connection with a deployment, with floating armoury and logistics partners, with flag and coastal State authorities, with background-screening and occupational-health providers, with our professional advisers and insurers, and with law-enforcement or regulatory bodies where we are legally required or permitted to do so. Where data is transferred outside the UK, we ensure appropriate safeguards are in place as required by the UK GDPR.

Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected and to meet our legal, regulatory and insurance obligations. Operational and incident records may be retained for extended periods where they may be required for legal proceedings or to satisfy flag State and certification requirements. When data is no longer required it is securely deleted or anonymised.

Data Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration or disclosure, including access controls, secure storage and staff confidentiality obligations. In the event of a personal data breach that is likely to result in a risk to individuals, we will notify the ICO and, where required, affected individuals.

Your Rights

Subject to the conditions in the UK GDPR, you have the right to be informed about how your data is used; to request access to your personal data; to request rectification of inaccurate data; to request erasure; to restrict or object to processing; to data portability; and, where processing is based on consent, to withdraw that consent at any time. You also have the right to lodge a complaint with the Information Commissioner's Office at ico.org.uk.

Contact for Data Matters

If you wish to exercise any of your rights, or have any question or concern about how we handle your personal data, please contact us by email at ceo@blackpearlmaritimesecurity.com or by writing to Black Pearl Maritime Security Management Limited, C/O Laytons LLP, 1st Floor, Yarnwicke, 119-121 Cannon Street, London, EC4N 5AT, United Kingdom. We may update this Privacy Notice from time to time; the current version is always published on this page.