Privacy Policy

1. Applicability and Scope

This policy applies to all personal data collected by SGMA from employees, contractors, customers, suppliers, agents, representatives, and business partners. All such parties must comply with this or an equivalent data protection policy when processing data on SGMA's behalf, whether subject to Singapore's Personal Data Protection Act ("PDPA") or the EU's General Data Protection Regulation ("GDPR").

2. Purpose

SGMA is committed to protecting the personal data of its staff, partners, clients, suppliers, and website users. This policy describes how SGMA collects, uses, discloses, stores, and protects personal data in compliance with the PDPA, GDPR, and other applicable laws.

3. What Is Personal Data?

Personal data refers to any information relating to an identified or identifiable natural person, including name, contact information, age, employment, or behavioural data. Special categories under GDPR (health, ethnicity, religion, genetics, political views, criminal records) have stricter safeguards.

4. Collection, Use, and Processing

• Data is collected for specified and legitimate business, employment, compliance, and administrative purposes.
• Data is processed only when there is a lawful basis (consent, contract, legal obligation, or legitimate interests under GDPR).
• SGMA may use third-party processors and expects them to meet PDPA and GDPR standards when handling data on SGMA's behalf.
• Personal data we may collect: name and contact details, vessel and company information, technical website data (cookies, IP addresses), and communications sent to us.

5. Retention and Deletion

• Personal data is retained only as long as necessary for business, contractual, or legal compliance needs.
• Data is securely deleted or anonymised once no longer required.
• Individuals may request deletion or correction per PDPA and GDPR rights.

6. Your Rights

If you are in the EU or UK, or where applicable law grants such rights, you have the right to:

• Access your personal data held by SGMA
• Rectify inaccurate or incomplete data
• Erase your data ("right to be forgotten") where no overriding legal basis exists
• Restrict or object to particular processing activities
• Data portability — receive your data in a structured, machine-readable format
• Withdraw consent at any time where processing is based solely on consent

To exercise any of these rights, contact our Data Protection Officer at security@sgmarineagency.com.

7. Data Quality and Security

• SGMA uses adequate technical and organisational measures to protect all personal data as required by PDPA and GDPR.
• Logs of data access and unauthorised attempts are maintained in accordance with our cybersecurity policy.
• Our team undergoes regular cyber hygiene training aligned with IACS E26/E27 standards.

8. International Transfers

If personal data is transferred outside Singapore or the EU/UK, SGMA ensures an adequate level of protection using legally recognised mechanisms (Standard Contractual Clauses, adequacy decisions, or explicit consent) as mandated by PDPA and GDPR.

9. Cookies and Website Data

Our website uses cookies to improve browsing experience and collect analytics data. You may disable cookies in your browser settings; however, some functionality may be limited. Analytics data is anonymised and not linked to individual identities.

10. Risk Assessment and Monitoring

SGMA regularly reviews and audits personal data processing, performs risk and impact assessments, and updates security policies in line with best practices and applicable law.

11. Data Breach and Enforcement

Data breaches will be promptly notified to relevant authorities and affected individuals as legally required under PDPA and GDPR. Breaches of this policy may result in penalties for SGMA and disciplinary action for staff.

12. Contact and Review

Questions or requests regarding this policy:

• Email: security@sgmarineagency.com
• WhatsApp: +65 8015 7820
• Post: Singapore Marine Agency Pte. Ltd., 106D #02-508, Singapore 824106

SGMA may update this policy to reflect changes in law or company practices. The current version is always at sgmarineagency.com/privacy-policy/.