«We knew we had to do something about it, but we did not know how much work it would be. Looking back, it was quite a job. However, we are happy that the EU forced us to sharpen our attention on how we store all sorts of information about people. It was a steep learning curve, but it was a necessary exercise,” say Kathrine Bogen, Karianne Nordby and Trond Helland.
Knowledge about your identity and personal profile is a core business idea for global players such as Facebook, Google, Microsoft and Apple. This is knowledge with a price in a market for marketing, research, justice and even crime. All employees on shore and at sea in Seatrans leave valuable information about themselves in various data systems. How are these identities taken care of? Relax. You are safe. However, GDPR was a wake-up call from Brussels to all businesses in Europe – and beyond.
“We started last autumn and had a real kick-off in February this year. We found that we had to look at some 60 to 70 different applications in use within our company,” IT Manager in Seatrans Ship Management (SSM) Trond Helland explains. “We had to go thoroughly through what service agreements we had with external data suppliers and maintenance companies and how they treated sensitive identity data.”
“Remember, this is not only related to binary data. Some (..) of us had to carefully go through our folders and shelves and shred papers with sensitive
information. A few of us got a cleaner desk and more space on the shelves,” Kathrine Bogen continues. “I would say I am happy for the EU initiative to take up the battle against the global moguls, forcing them to take part in protecting all European citizens in this field. An American has by far so many more rights to protect their identity from being sold to third parties,” Kathrine concludes.
The three aim to greet their colleagues with a positive attitude. “I mean, initially GDPR was not an exciting thing to jump into. We had a very positive and obligatory general meeting where we presented the project and the beneficial aspects related to GDPR. Since then, we have noticed how the positive Seatrans spirit made this a great project for the organisations we work in,” Trond says. “And the job will never be over. GDPR
is part of our way of working and of the awareness of the valuable information we have about people around us,” Kathrine adds.
GDPR at sea
The next phase in the GDPR project is to ensure that
all personal information stored on board the vessels follows the GDPR requirements. This might partly be a reality already. Some personal information about the crew members has to be stored on board. With the GDPR guidelines in mind, the routines and systems on board will be brought into compliance with the new and protective requirements. GDPR is expected to be a central topic on the Top2 seminar this winter.
Privacy statement – GDPR
If you want to know more about how Seatrans complies with the GDPR requirements, you can take a look at the website http://www.seatrans.no/privacy-statement-gdpr/