Data controller (“the Company”)

​

Kyrios Ark World Logistics Ltd NO:13/31,Thangavel Street,West Tambaram,Chennai, Tamilnadu-600045, IN

​

Introduction

​

Kyrios Ark World Logistics may collect and process personal information, or personal data, relating to its suppliers and customers as part of our trading relationship between parties. This personal information may be held by the Company on paper or in electronic format.

​

Kyrios Ark World Logistics is committed to being transparent about how it handles your personal information, to protecting the privacy and security of your personal information and to meeting its data protection obligations under the Personal data protection bill (“PDPB”) and the Data Protection Act 2019. The purpose of this privacy notice is to make you aware of how and why we will collect and use your personal information. We are required under the PDPB to notify you of the information contained in this privacy notice.

​

This privacy notice applies to all current and former suppliers and customers of Kyrios Ark World Logistics. It is noncontractual and does not form part of any professional contract that we have in place with you.

​

The Company has appointed a Data Compliance Manager to oversee compliance with this privacy notice. However, if you have any questions about this privacy notice or about how we handle your personal information, please contact the Associate Services team in the first instance.

​

Data protection principles

​

Under the PDPB, there are six data protection principles that the Company must comply with. These provide that the personal information we hold about you must be:

​

1. Processed lawfully, fairly and in a transparent manner.
2. Collected only for legitimate purposes that have been clearly explained to you and not further processed in a way that is incompatible with those purposes.
3. Adequate, relevant and limited to what is necessary in relation to those purposes.
4. Accurate and, where necessary, kept up to date.

5. Kept for no longer than is necessary for those purposes.
6. Processed in a way that ensures appropriate security of the data.

​

The Company is responsible for, and must be able to demonstrate compliance with, these principles. This is called accountability.

 

What types of personal information do we collect about you?

​

Personal information is any information about an individual from which that person can be directly or indirectly identified. It doesn’t include anonymised data, i.e. where all identifying particulars have been removed.

​

The Company may collect, use and process a range of personal information about you. This includes (but is not limited to):

​

• Your name 
• Your e-mail address  
• Your telephone number

​

The Company does not envisage that we would use and process special categories of your personal data.

​

How do we collect your personal information?

​

The Company may collect personal information, however we would envisage this to be directly from you.

​

Your personal information may be stored in different places, including in our Finance system and in other IT systems, such as the e-mail system.

​

Why and how do we use your personal information?

​

We will only use your personal information when the law allows us to. These are known as the legal bases for processing. We will use your personal information in one or more of the following circumstances:

​

• where we need to do so to perform the professional contract we have entered into with you
• where we need to comply with a legal obligation
• where it is necessary for our legitimate interests (or those of a third party), and your interests or your fundamental rights and freedoms do not override our interests.

​

We may also occasionally use your personal information where we need to protect your vital interests (or someone else’s vital interests).

 

The purposes for which we are processing, or will process, your personal information include (but are not limited to):

 

• enable us to maintain accurate and up-to-date contact details • administer the contract we have entered into with you

​

Please note that we may process your personal information without your consent, in compliance with these rules, where this is required or permitted by law.

​

What if you fail to provide personal information?

​

If you fail to provide certain personal information when requested or required, we may not be able to perform the contract we have entered into with you, or we may be prevented from complying with our legal obligations. You may also be unable to exercise your statutory or contractual rights.

​

Change of purpose

​

We will only use your personal information for the purposes for which we collected it. If we need to use your personal information for a purpose other than that for which it was collected, we will provide you, prior to that further processing, with information about the new purpose, we will explain the legal basis which allows us to process your personal information for the new purpose and we will provide you with any relevant further information. We may also issue a new privacy notice to you.

​

Who has access to your personal information?

​

Your personal information may be shared internally within the Company, if access to your personal information is necessary for the performance of their roles.

​

We may also need to share your personal information with a regulator or to otherwise comply with the law.

​

We may share your personal information with third parties where it is necessary to administer the contract we have entered into with you, where we need to comply with a legal obligation, or where it is necessary for our legitimate interests (or those of a third party).

​

How does the Company protect your personal information?

​

The Company has put in place measures to protect the security of your personal information. As part of our Corporate Governance, Kyrios Ark World Logistics has a Global Confidentiality Policy and Procedure which sets out internal policies, procedures and controls in place to try and prevent your personal information from being accidentally lost or destroyed, altered, disclosed or used or accessed in an unauthorized way. In addition, we limit access to your personal information to those employees, workers, agents, contractors and other third parties who have a business need to know in order to perform their job duties and responsibilities.

​

The Company also has in place procedures to deal with a suspected data security breach and we will notify the Information Commissioner’s Office (or any other applicable supervisory authority or regulator) and you of a suspected breach where we are legally required to do so.

​

All data stored on the company’s IT infrastructure will be subject to rules set out by the global IT security policy.

​

For how long does the Company keep your personal information?

​

The Company will only retain your personal information for as long as is necessary to fulfill the purposes for which it was collected and processed, including for the purposes of satisfying any legal, tax, health and safety, reporting or accounting requirements.

​

The Company will generally hold your personal information for the duration of your professional engagement. It may be kept on our Finance system for longer than this.

​

Personal information which is no longer to be retained will be securely and effectively destroyed or permanently erased from our IT systems and we will also use third parties to destroy or erase such personal information where applicable.

​

In some circumstances we may anonymise your personal information so that it no longer permits your identification. In this case, we may retain such information for a longer period.

​

As a data subject, you have a number of statutory rights. Subject to certain conditions, and in certain circumstances, you have the right to:

​

• request access to your personal information - this is usually known as making a data subject access request and it enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it
• request rectification of your personal information - this enables you to have any inaccurate or incomplete personal information we hold about you corrected
• request the erasure of your personal information - this enables you to ask us to delete or remove your personal information where there’s no compelling reason for its continued processing, e.g. it’s no longer necessary in relation to the purpose for which it was originally collected
• restrict the processing of your personal information - this enables you to ask us to suspend the processing of your personal information, e.g. if you contest its accuracy and so want us to verify its accuracy
• object to the processing of your personal information - this enables you to ask us to stop processing your personal information but only where we are relying on the ‘legitimate interests of the business’ as our only legal basis for processing and there is something relating to your particular situation which makes you decide to object to processing on this ground
• data portability - this gives you the right to request the transfer of your personal information to another party so that you can reuse it across different services for your own purposes.

​

If you wish to exercise any of these rights, please contact the Associate Services team or complete a Subject Access Request form. We may need to request specific information from you in order to verify your identity and check your right to access the personal information or to exercise any of your other rights. This is a security measure to ensure that your personal information is not disclosed to any person who has no right to receive it.

​

In the limited circumstances where you have provided your consent to the processing of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. This will not, however, affect the lawfulness of processing based on your consent before its withdrawal. If you wish to withdraw your consent, please contact our Associate Services Department. Once we have received notification that you have withdrawn your consent, we will no longer process your personal information for the purpose you originally agreed to, unless we have another legal basis for processing.

​

Changes to this privacy notice

​

The Company reserves the right to update or amend this privacy notice at any time, including where the Company intends to further process your personal information for a purpose other than that for which the personal information was collected or where we intend to process new types of personal information. We may also notify you about the processing of your personal data in other ways.