Introduction 

North Sea Port processes personal data when carrying out our tasks and obligations. North Sea Port attaches great importance to your privacy as a data subject, handles your personal data with care and complies with the applicable laws and regulations regarding the protection of personal data. In order to ensure that we, as the controller, process your personal data in accordance with laws and regulations, an internal supervisor, the Data Protection Officer, has been appointed. The Data Protection Officer supervises the processing of personal data by North Sea Port. The contact details of the Data Protection Officer can be found below. 

By means of this privacy notice, we wish to inform you about the way in which personal data are processed in the context of shipping. 

 Who we are 

 Contactperson of the Controller  

 Belgium 

  • Data Protection Officer: Jonas De Cock
  • North Sea Port Flanders nv van publiek recht
  • J. Kennedylaan 32 
  • 9042 Gent
  • Companies’Registry BE 0218.843.678
  • E-mail:   privacy@northseaport.com
  • Telephone number: +32 9 251 05 50   

Netherland 

  • Data Protection Officer: Yousra Ghanem
  • North Sea Port Netherlands NV 
  • Schelpenpad 2
  • 4530 AC Terneuzen
  • Trade Registry number 50987496
  • E-mail:   privacy@northseaport.com
  • Telephone number: Tel +31 115 64 74 00 

Do you have a question about your individual rights under the GDPR? Please contact North Sea Port via privacy@northseaport.com  

From whom do we collect personal data? 

We collect personal data from all port users. 

Processing 

1. Maritime Shipping  

Legal basis 

The processing is lawful on the following bases: 

  • The data subject has given consent to the processing of their personal data;
  • The processing is necessary to comply with legal obligations imposed on North Sea Port (including EU Directive 2010/65/EU (FAL Directive); the Belgian Law of 25/12/2015 on the processing of passenger data; and the Dutch Decree on reporting formalities and data processing in shipping (Stb. 2012, 211);
  • The processing is necessary for the performance of tasks carried out in the public interest. 

Processing Purposes 

The personal data are processed in the context of the following objectives:  

  • Accessibility and traffic flow in the port area
  • Contributing to smooth and safe shipping traffic in the port area
  • Security and safety of the port as a whole
  • Monitoring internal port infrastructure and facilities
  • Handling accidents
  • Compiling shipping statistics
  • Complying with European and national regulations and legislation regarding the transfer of personal data of ships calling at the port
  • Following up on authorized permits and/or authorizations
  • Supervision and control of port-related services 

Which personal data is processed? 

  • Travel notification: contact details of the person reporting/registering. This includes name, email address, phone number, etc. 
  • Initial berth request: crew, contact person, contact person's phone number 
  • Description: ship's agent's name, ship's name 
  • Departure notification: ship's agent's name 
  • PAX/CREW list notification: name, ID, nationality, place of birth, date of birth 
  • Passenger notification: place of birth, date of birth, port of embarkation, port of disembarkation 
  • Stowaway notification: name, description, ID, nationality, place of birth, date of birth, port of embarkation 
  • Chief Security Officer notification: name, phone number, email address 

How did we come by this data? 

The data that North Sea Port processes is obtained from the data subject when completing the notification form, the Flemish Waterway (via Eriba), terminals (ISPS), shipping companies, inland waterway skippers or the shipping agent.How long will we retain such data? 

Personal data will not be retained longer than necessary for the purposes described above. Personal data related to a trip registration will be retained for up to six days after the trip.With whom (third party) will we share this data? 

In the context of this processing, North Sea Port transfers the personal data to third parties within the EU. These third parties are:  

  • bodies with which North Sea Port is legally obliged to share information. For North Sea Port Flanders, these include other authorities, (shipping) police, Local Committee for Maritime Security and the Flanders Environment Agency (VMM). 
  • chain partners who require certain information to ensure that the chain operation in the Westerschelde area runs as optimally as possible. 
  • De Vlaamse Waterweg NV and the parties involved in any way with the route of the journey (port of departure and destination, infrastructure points such as locks along the way, etc.).
  • Service providers/suppliers who assist North Sea Port with (technical) support of applications or IT systems. North Sea Port concludes processor agreements with these suppliers/service providers in which the necessary guarantees with regard to the processing and protection of the personal data in question are included. 

Transfer to third countries 

In principle, personal data is not transferred to third countries. However, if this were to occur for data processing or storage, North Sea Port guarantees that it will take the necessary measures to ensure that this transfer complies with European regulations regarding the protection of personal data. 

2, Inland shipping 

Legal basis 

Processing is lawful on the following grounds:  

• The data subject has given consent to the processing of the personal data;  

• Processing is necessary to comply with legal obligations imposed on North Sea Port;  

• Processing is necessary for the performance of tasks carried out in the public interest. 

 

Processing Purposes 

  • Accessibility and traffic flow in the port area 
  • Contributing to smooth and safe shipping traffic in the port area 
  • Security and safety of the port as a whole 
  • Monitoring internal port infrastructure and facilities
  • Handling accidents 
  • Preparing shipping statistics 
  • Following up on permitted permits and/or authorizations 
  • Supervision and control of port-related services 
  • Mandatory reporting under European and national regulations 

 

Which personal data are processed?  

  • For pre-registration: vessel name, vessel identification number, origin, destination, draft, cargo, number of persons on board.
  • For registration: same.
  • For transit through the port area: same.
  • For departure: same. 

 How do we obtain this data? 

North Sea Port obtains the data it processes from the data subject, terminals (ISPS), shipping companies, inland waterway skippers or the shipping agent. 

How long do we store this data? 

The personal data are not stored longer than necessary for the purposes described above. 

With whom do we share this data? 

In the context of this processing, North Sea Port passes on the personal data to third parties within 

the EU. These third parties are: 

  • bodies with which North Sea Port is legally obliged to share information. For North Sea Port Flanders, these include other authorities, (shipping) police, Local Committee for Maritime Security and the Flanders Environment Agency (VMM).. 
  • chain partners who need certain information to ensure that the chain operation in the Westerschelde area runs as optimally as possible.
  • Service providers/suppliers who assist North Sea Port with (technical) support of applications or IT systems. North Sea Port concludes processor agreements with these suppliers/service providers in which the necessary guarantees with regard to the processing and protection of the personal data in question are included. 

Transfer to third countries 

In principle, personal data is not transferred to third countries. However, if this were to occur for data processing or storage, North Sea Port guarantees that it will take the necessary measures to ensure that this transfer complies with European regulations regarding the protection of personal data. 

 

3. Camera images 

Legal basis 

 

  • Processing is necessary to comply with legal obligations imposed on North Sea Port (for Dutch ports to comply with ISPS regulations, the International Code for the Security of Ships and Port Facilities of the International Maritime Organisation (IMO) and the SOLAS Convention, Regulation (EC) No 725/2004 of the European Parliament and of the Council of the European Union of 31 March 2004 on enhancing ship and port facility security (OJEU 129), the Port Security Act and the Policy Rule on Seagoing Vessels Safety (Version 20100730), published on 30 July 2010 (Article 2.6). For Belgium, the ISPS Code, the Camera Act, the Maritime Security Act and the Belgian Shipping Code of 8 May 2019 apply to the use of cameras.);
  • Processing is necessary for the performance of tasks carried out in the public interest;
  • Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. 

Processing Purposes 

  • Ensuring safety
  • Incident follow-up 

Which personal data are processed? 

CCTV footage of shipping traffic: Surveillance and other cameras are located in the port area of North Sea Port Flanders, on waterways, structures, and at locally critical points. These cameras are indicated, where necessary, with a pictogram, as prescribed in the Belgian Act of 21 March 2007 (also known as the Camera Act) regulating the location and use of CCTV cameras and for the Dutch ports to comply with ISPS regulations, the International Code for the Security of Ships and Port Facilities of the International Maritime Organization (IMO) and the SOLAS Convention, Regulation (EC) No 725/2004 of the European Parliament and of the Council of the European Union of 31 March 2004 on enhancing ship and port facility security (OJEU 129), the Port Security Act and the Policy Rule on Seagoing Vessel Safety (Version 20100730), published on 30 July 2010 (Article 2.6),. These cameras are used to record footage. 

How do we obtain this data? 

The data that North Sea Port processes is obtained from security camera’s that have been installed in the port area  

How long do we store this data? 

The personal data are not stored longer than necessary for the purposes described above. 

With whom do we share this data? 

In the context of this processing, North Sea Port passes on the personal data to third parties within 

the EU. These third parties are: 

 

  • bodies with which North Sea Port is legally obliged to share information. For North Sea Port Flanders, these include other authorities, (shipping) police, Local Committee for Maritime Security and the Flanders Environment Agency (VMM).. 
  • chain partners who need certain information to ensure that the chain operation in the Westerschelde area runs as optimally as possible.
  • Service providers/suppliers who assist North Sea Port with (technical) support of applications or IT systems. North Sea Port concludes processor agreements with these suppliers/service providers in which the necessary guarantees with regard to the processing and protection of the personal data in question are included. 

Transfer of personal data Check per case 

In principle, personal data is not transferred to third countries. However, if this were to occur for data processing or storage, North Sea Port guarantees that it will take the necessary measures to ensure that this transfer complies with European regulations regarding the protection of personal data. 

4. Radio conversations/marine radio 

 

Legal basis 

 

Processing is lawful on the following grounds:  

 

  • Processing is necessary to comply with legal obligations imposed on North Sea Port; 
  • Processing is necessary to protect the vital interests of the data subject or another natural person; 
  • Processing is necessary for the performance of tasks carried out in the public interest. 

Processing purposes 

 

  • Ensuring safety
  • Monitoring traffic in the port area
  • Incidents 

 

Which personal data are processed? 

 

Very High Frequency Digital Mobile Radio (VHF DMR) sound recording is used in the port area. 

How do we obtain this data? 

The interactions with North Sea Port are recorded. 

How long do we store this data? 

The personal data are not stored longer than necessary for the purposes described above. 

With whom do we share this data? 

In the context of this processing, North Sea Port passes on the personal data to third parties within 

the EU. These third parties are: 

  • bodies with which North Sea Port is legally obliged to share information. For North Sea Port Flanders, these include other authorities, (shipping) police, Local Committee for Maritime Security and the Flanders Environment Agency (VMM).. 
  • chain partners who need certain information to ensure that the chain operation in the Westerschelde area runs as optimally as possible.
  • Service providers/suppliers who assist North Sea Port with (technical) support of applications or IT systems. North Sea Port concludes processor agreements with these suppliers/service providers in which the necessary guarantees with regard to the processing and protection of the personal data in question are included. 

Transfer of personal data Check per case 

In principle, personal data is not transferred to third countries. However, if this were to occur for data processing or storage, North Sea Port guarantees that it will take the necessary measures to ensure that this transfer complies with European regulations regarding the protection of personal data. 

5. Radar and Automatic Idenfiication System (AIS) 

Legal basis 

Processing is lawful on the following grounds:  

  • Processing is necessary to comply with legal obligations imposed on North Sea Port; 
  • Processing is necessary for the performance of tasks carried out in the public interest; 
  • Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. 

Processing purposes 

The personal data are processed in the context of the following purposes: 

  • Ensuring safety 
  • Monitoring traffic in the port area 
  • Incidents 
  • Monitoring berth occupancy 

Which personal data are processed? 

Anyone on the water within the port area will be subject to radar images and AIS. 

How do we obtain this data? 

The radar scans the entire port area and what happens within that area. 

How long do we store this data? 

The personal data are not stored longer than necessary for the purposes described above. 

With whom do we share this data? 

In the context of this processing, North Sea Port passes on the personal data to third parties within 

the EU. These third parties are: 

  • bodies with which North Sea Port is legally obliged to share information. For North Sea Port Flanders, these include other authorities, (shipping) police, Local Committee for Maritime Security. For North Sea Port Netherlands, these are also other authorities.
  • chain partners who need certain information to ensure that the chain operation in the Westerschelde area runs as optimally as possible.
  • Service providers/suppliers who assist North Sea Port with (technical) support of applications or IT systems. North Sea Port concludes processor agreements with these suppliers/service providers in which the necessary guarantees with regard to the processing and protection of the personal data in question are included. 

Transfer of personal data  

In principle, personal data is not transferred to third countries. However, if this were to occur for data processing or storage, North Sea Port guarantees that it will take the necessary measures to ensure that this transfer complies with European regulations regarding the protection of personal data. 

6. Port-related services and port cards  

Legal basis  

The processing is lawful on the basis of the following grounds:  

  • The data subject has given consent to the processing of the personal data 
  • The processing is necessary for the performance of tasks in the public interest; 
  • The processing is necessary for the performance of legal obligations; 
  • The processing is necessary for the protection of the legitimate interests of the controller or of a third party, except where the interests or fundamental rights and freedoms of the data subject which require protection of personal data outweigh those interests. 

Purposes  

  • Administrative follow-up (issuing permits, issuing port cards, supervision of permissions or permits, etc.) 
  • Incidents  

Which personal data are processed?  

  • Port-related services: name, e-mail address, contact details of service provider 
  • Port cards: name and first name, e-mail address, national register number, identity card number  

How do we obtain this data?  

The data that North Sea Port processes is obtains from the data subject, terminals (ISPS), shipping companies, inland waterway skippers or the shipping agent.  

How long do we store this data?  

The personal data are not stored for longer than necessary for the purposes described above.  

With whom do we share this data? 

In the context of this processing, North Sea Port transfers the personal data to third parties within the EU. These third parties are: 

  • Authorities with which North Sea Port is legally obliged to share information. For North Sea Port Flanders, these include other authorities, (shipping) police, Local Committee for Maritime Security and the Flanders Environment Agency (VMM). 
  • Chain partners who need certain information to ensure that the chain operation in the Western Scheldt area runs as optimally as possible. 
  • Service providers/suppliers who assist North Sea Port with (technical) support of applications or IT systems. North Sea Port concludes processing agreements with these suppliers/service providers in which the necessary guarantees with regard to the processing and protection of the personal data in question are included.  

Transfer of personal data  

In principle, personal data is not transferred to third countries. However, if this were to occur for data processing or storage, North Sea Port guarantees that it will take the necessary measures to ensure that this transfer complies with European regulations regarding the protection of personal data. 

7. Drones (permit Unmanned Aircraft System (UAS) operator) 

For each UAS flight, the UAS operator must submit a flight request. This information is necessary to ensure safety in the port area and to issue the correct permit. For more information, see the privacy statement link, registering drone flights in the Netherlands, and registering drone flights in Belgium. 

How are personal data secured? 

At North Sea Port, personal data is protected in accordance with all applicable legal provisions. We take appropriate measures to prevent misuse, loss, unauthorized access and other unwanted actions with personal data.  

Rights as a data subject 

You can exercise your rights as a data subject by, among other things, contacting North Sea Port by e-mail (see contact details). Below you will find an overview of the various rights linked to the legal basis on which personal data are processed. 

Amendments 

North Sea Port reserves the right to make changes to this privacy statement. When North Sea Port updates this Privacy Notice, it will take appropriate measures to inform you, depending on the importance of the changes and the legal requirements. You can find the date of the last change at the top. 

Questions, suggestions, complaints or other concerns? 

If, despite the care that North Sea Port uses with regard to your personal data, you still have complaints about the processing of your personal data or how North Sea Port handles your rights, you can file a complaint with the Supervisory Authorities. In that case, we would like to ask you to first contact North Sea Port to see if a solution can be found. Contact details of the controller 

Contactperson of the Controller  

Belgium 

  • Data Protection Officer: Jonas De Cock
  • North Sea Port Flanders nv van publiek recht
  • J. Kennedylaan 32 
  • 9042 Gent
  • Companies’Registry BE 0218.843.678 
  •   E-mail:   privacy@northseaport.com
  • Telephone number: +32 9 251 05 50  

Netherland 

  • Data Protection Officer: Yousra Ghanem
  • North Sea Port Netherlands NV 
  • Schelpenpad 2
  • 4530 AC Terneuzen
  • Trade Registry number 50987496
  • E-mail:   privacy@northseaport.com   
  • Telephone number: Tel +31 115 64 74 00 

   

Do you have a question about your individual rights under the GDPR? Please contact North Sea Port via privacy@northseaport.com  

 

Contact information of the supervisory authorities 

Belgium 

  • Data Protection Authority
  • Drukpersstraat 35
  • 1000 Brussel
  • Tel. +32 (0)2 274 48 00
  • contact@apd-gba.be 
  • Your complaint can be submitted online via the complaint form (only available in NL) 

  

Flemish Supevisory Committee  

Koning Albert II Laan 15 bus 149 

1210 Brussel 

Tel. 02 553 20 85 

contact@toezichtcommissie.be  

Your complaint can be submitted online via the complaint form (available languages NL-FR-GE) 

 Netherlands 

  • Dutch Data Protection Authority
  • Hoge Nieuwstraat 8
  • 2524 EL Den Haag
  • Tel. 088 1805 250
  • Your complaint can be submitted online, Clicjk here for more information (available languages NL-EN)