COLUMBIA STÖDIG ROMANIA SRL
Stodig Ship Management provide first class ship management services, facilitating high vessel
operational availability and QHSE standards at competitive cost.
Our values
We care and we involve people. We change and improve. What we say is what we do.
Global environment
Stodig Ship Management have implemented an environmental management system which is ISO 14001 certified by DNV GL.
This will ensure that we are in compliance with all rules and legislations, and we are committed to taking specific and
measurable action to reduce our impact on the global environment.
operational availability and QHSE standards at competitive cost.
Our values
We care and we involve people. We change and improve. What we say is what we do.
Global environment
Stodig Ship Management have implemented an environmental management system which is ISO 14001 certified by DNV GL.
This will ensure that we are in compliance with all rules and legislations, and we are committed to taking specific and
measurable action to reduce our impact on the global environment.
Contact details
Phone
E-mail
Website
Working hours
Luni - Vineri: 10:00 - 14:00
Address
Constanța, Bd. Mamaia nr. 158, Clădirea GSS, et. 5
Vessel types
VLCC, MPC Heavy Lift Vessel, Dynamic Positioning Ships, Cruise ship, Chemical / Oil Products Tanker, General Cargo / Passenger Ship, Research vessel, Yacht, Supply vessel, Multipurpose vessel, Passenger Ship, Ro-Ro Passenger, Ro-Ro Cargo Ship, LPG, Chemical Tanker, Oil Products Tanker, Crude Oil Tanker, Bulk Carrier, General Cargo Ship, Container vessel, DP2 Ships, Offshore Guard Vessel, Very Large Gas Carrier, LPG / Oil / Chemical Tanker, Capesize Bulk Carrier, Panamax Carrier, Handymax Carrier, Handysize Carrier
Active jobs
Application forms
1) Stodig Application Form.docx
General Data Protection Regulation Policy
Information about the GDPR policy
1. PURPOSE
The purpose of the Seatrans Group (Seatrans AS's and subsidiaries, including Stodig Ship Management) Policy for Privacy is to
describe the fundamental principles for establishing, implement, improve and follow up the internal control designed to ensure
privacy compliance. In addition, the Policy clarifies roles and responsibilities related to this work.
This document provides an overall description of the internal control to ensure privacy in Seatrans Group. Seatrans Group's internal
control for privacy consists of policies, guidelines and routines. The guidelines are in accordance with The Personal Data Act and
the EU General Data Protection Regulation (GDPR).
2. SCOPE
The Policy for Privacy contains guidelines and recommendations applicable for all employees in wholly owned or majority-controlled
companies in Seatrans Group and Seatrans Holding AS.
3. RESPONSIBILITY
This document assigns tasks and responsibilities to:
Chief Executive Officer in Seatrans Group
Managing Director in subsidiary
All employees processing personal data in Seatrans Group
This document also provides guidelines for all employees and employee representatives managing personal data in Seatrans
Group.
4. DEFINITIONS
The data subject
The natural person identified by, and owner of the personal data
Personal data
Any information about a natural person. A natural person is a person identifiable directly or indirectly by an identificator, such as a
name, identity number or IP-address. In addition, there may be one or several elements specific for the person's physical, physiological, genetic, psychological, economic, cultural or social identity.
Processing of personal data
Any operation or series of operations conducted with personal data. This applies to both manual and automated procedures.
Examples of such processing is collecting, registration, organizing, structuring, storage, customization, change, retrieval, consultation, use, transfer and spreading of data. This also applies to all forms of making personal data available, assembled, limited, deleted or destroyed.
Automated decision
A decision based entirely on automated processing that legally and significantly affects the natural person the decision is aimed towards.
Data controller
A natural or legal person (for instance a company), a public authority, an institution or any other body that on their own or together with others decides the purpose of the personal data processing and which means that must be used.
Data processing basis
A basis for processing personal data, for instance consent, legal basis or that processing is necessary to fulfill a contract with the registered.
Data processor
A natural or legal person, public authority, institution or any other body processing personal data on behalf of the data controller.
Data Protection Impact Assessment (DPIA)
DPIA is the risk assessment procedure performed by Seatrans Group in relation to the processing of personal data. A DPIA is required if Seatrans Group makes use of new technology in a shape, scope, purpose or context with a high risk for a natural person's rights or freedom.
Data portability
Data portability is the right to transfer personal information between different business entities.
Data portability may be executed by extraditing personal data to the data subject in a structured, generally accepted and machine readable format, in order to transfer the data to another data processor. If feasible, the registered person may demand that personal data is transferred to the new data processor directly.
Privacy by Design
Privacy by Design means that Seatrans Group is required to consider privacy in all aspects when implementing new personal data processing's or IT systems. Processing of personal data beyond what is necessary is not allowed. Enough technical and organizational measures shall be implemented to secure personal data.
Privacy by default
Privacy by Default means that the strictest privacy settings are default for all systems.
5. DESCRIPTION
Embedded privacy
Embedded privacy is required in work flows and IT systems processing personal data.
This means that Seatrans Groups work flows and IT systems are designed to prohibit processing of personal data beyond what is necessary. In addition, enough technical and organizational measures shall be implemented to secure personal data. Where relevant, freedom of choice for the data subject shall be emphasized.
Data minimization
The processing of personal data is required to be appropriate, relevant and limited to the purpose of the processing.
Authorized processing
Processing of personal data is limited to authorized personnel in Seatrans Group.
Valid information
All personal data is required to be valid and reliable. Seatrans Group is responsible for correcting or deleting non-valid or unreliable personal data.
Right to information
A data subject has the right to information about personal data processed by Seatrans Group. The information should be provided in a scope and form that complies with the Personal Data Act and suited to give a proper expectation clarification for the data subject. Seatrans Group is required to inform data subjects of their rights according to the GDPR.
The guideline for how Seatrans Group will give the data subject information is present.
Consent
Consent is insufficient as a legal basis for processing personal data if a refusal to consent can, or will, result in a negative consequence for the data subject. This also applies to situations where the power relationship between Seatrans Group and the data subject is in disfavour of the data subject, for instance between an employer and an employee, resulting in a fear for negative consequences if the data subject refuses to consent.
Seatrans Group is required to inform the data subject that consent is voluntary.
Seatrans Group is required to give the data subject freedom of choice of which elements of personal data that shall be part of a processing.
Seatrans Group is required to inform that the data subject is allowed to withdraw consent without disclosing the foundation.
The guideline for how Seatrans Group will obtain consent is present.
Right to access
The data subject has the right to access personal data processed by Seatrans Group.
Seatrans Group is required to confirm if personal data is processed and provide access to the personal data within one month after
a request from the data subject.
Seatrans Group is required to provide copies of personal information related to the data subject upon request.
The right to access is free of charge for the data subject.
The routine for how Seatrans Group will handle the right to access is present.
Right to edit and supplement incomplete personal information The data subject has the right to make changes in order to ensure that personal information processed by Seatrans Group is correct and complete.
Seatrans Group is required to ensure that incorrect personal information is changed within one month following an inquiry to correct. The equivalent applies for incomplete personal information supplemented by the data subject.
Upon request by the data subject, Seatrans Group is required to ensure that personal information is corrected and or supplemented within one month after receiving and validating the information.
The routine for how Seatrans Group will handle the right to edit and supplement incomplete personal information is present.
Right to erasure
The data subject has the right to have personal data erased. Seatrans Group is obliged to erase all personal data that is required in order to perform the intended processing.
In order to comply with the right to erasure, Seatrans Group is required to set rules for personal data retention. The routine for how Seatrans Group will handle the right to erasure is present.
Right to restriction of processing
The data subject has the right to restrict the processing of personal information.
Seatrans Group is required to inform the data subject of the right to restriction of processing.
The routine for how Seatrans Group will handle the right to restriction is present.
Right to data portability
The data subject has the right to receive the personal data concerning him or her in a commonly used format and have the right to transmit those data to another data controller without hindrance.
Seatrans Group is required to make personal data available within one month after a request for data portability.
Seatrans Group is required to facilitate a direct transmit to another data controller, if requested by the data subject.
The routine for how Seatrans Group will handle data portability is present.
Right to object
The data subject has the right to object to the processing of personal data. Seatrans Group is required to terminate the processing of personal data unless compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, is demonstrated.
Seatrans Group is required to implement technical and or organizational measures in order to handle objections of personal data processing.
Seatrans Group is required to inform data subjects of the right to object.
The routine for how Seatrans Group will handle the right to object is present.
Information security
Seatrans Group is required to safeguard the personal data.
The policy for information security is present.
Data processing agreement
When using external data processors, a suitable Data Processing Agreement is required.
Annual review of internal control
Seatrans Group is required to perform an annual review of the internal control for privacy to ensure that the processing of personal
data is in compliance with privacy laws and regulations.
The guideline for annual review of the internal control is present.
The purpose of the Seatrans Group (Seatrans AS's and subsidiaries, including Stodig Ship Management) Policy for Privacy is to
describe the fundamental principles for establishing, implement, improve and follow up the internal control designed to ensure
privacy compliance. In addition, the Policy clarifies roles and responsibilities related to this work.
This document provides an overall description of the internal control to ensure privacy in Seatrans Group. Seatrans Group's internal
control for privacy consists of policies, guidelines and routines. The guidelines are in accordance with The Personal Data Act and
the EU General Data Protection Regulation (GDPR).
2. SCOPE
The Policy for Privacy contains guidelines and recommendations applicable for all employees in wholly owned or majority-controlled
companies in Seatrans Group and Seatrans Holding AS.
3. RESPONSIBILITY
This document assigns tasks and responsibilities to:
Chief Executive Officer in Seatrans Group
Managing Director in subsidiary
All employees processing personal data in Seatrans Group
This document also provides guidelines for all employees and employee representatives managing personal data in Seatrans
Group.
4. DEFINITIONS
The data subject
The natural person identified by, and owner of the personal data
Personal data
Any information about a natural person. A natural person is a person identifiable directly or indirectly by an identificator, such as a
name, identity number or IP-address. In addition, there may be one or several elements specific for the person's physical, physiological, genetic, psychological, economic, cultural or social identity.
Processing of personal data
Any operation or series of operations conducted with personal data. This applies to both manual and automated procedures.
Examples of such processing is collecting, registration, organizing, structuring, storage, customization, change, retrieval, consultation, use, transfer and spreading of data. This also applies to all forms of making personal data available, assembled, limited, deleted or destroyed.
Automated decision
A decision based entirely on automated processing that legally and significantly affects the natural person the decision is aimed towards.
Data controller
A natural or legal person (for instance a company), a public authority, an institution or any other body that on their own or together with others decides the purpose of the personal data processing and which means that must be used.
Data processing basis
A basis for processing personal data, for instance consent, legal basis or that processing is necessary to fulfill a contract with the registered.
Data processor
A natural or legal person, public authority, institution or any other body processing personal data on behalf of the data controller.
Data Protection Impact Assessment (DPIA)
DPIA is the risk assessment procedure performed by Seatrans Group in relation to the processing of personal data. A DPIA is required if Seatrans Group makes use of new technology in a shape, scope, purpose or context with a high risk for a natural person's rights or freedom.
Data portability
Data portability is the right to transfer personal information between different business entities.
Data portability may be executed by extraditing personal data to the data subject in a structured, generally accepted and machine readable format, in order to transfer the data to another data processor. If feasible, the registered person may demand that personal data is transferred to the new data processor directly.
Privacy by Design
Privacy by Design means that Seatrans Group is required to consider privacy in all aspects when implementing new personal data processing's or IT systems. Processing of personal data beyond what is necessary is not allowed. Enough technical and organizational measures shall be implemented to secure personal data.
Privacy by default
Privacy by Default means that the strictest privacy settings are default for all systems.
5. DESCRIPTION
Embedded privacy
Embedded privacy is required in work flows and IT systems processing personal data.
This means that Seatrans Groups work flows and IT systems are designed to prohibit processing of personal data beyond what is necessary. In addition, enough technical and organizational measures shall be implemented to secure personal data. Where relevant, freedom of choice for the data subject shall be emphasized.
Data minimization
The processing of personal data is required to be appropriate, relevant and limited to the purpose of the processing.
Authorized processing
Processing of personal data is limited to authorized personnel in Seatrans Group.
Valid information
All personal data is required to be valid and reliable. Seatrans Group is responsible for correcting or deleting non-valid or unreliable personal data.
Right to information
A data subject has the right to information about personal data processed by Seatrans Group. The information should be provided in a scope and form that complies with the Personal Data Act and suited to give a proper expectation clarification for the data subject. Seatrans Group is required to inform data subjects of their rights according to the GDPR.
The guideline for how Seatrans Group will give the data subject information is present.
Consent
Consent is insufficient as a legal basis for processing personal data if a refusal to consent can, or will, result in a negative consequence for the data subject. This also applies to situations where the power relationship between Seatrans Group and the data subject is in disfavour of the data subject, for instance between an employer and an employee, resulting in a fear for negative consequences if the data subject refuses to consent.
Seatrans Group is required to inform the data subject that consent is voluntary.
Seatrans Group is required to give the data subject freedom of choice of which elements of personal data that shall be part of a processing.
Seatrans Group is required to inform that the data subject is allowed to withdraw consent without disclosing the foundation.
The guideline for how Seatrans Group will obtain consent is present.
Right to access
The data subject has the right to access personal data processed by Seatrans Group.
Seatrans Group is required to confirm if personal data is processed and provide access to the personal data within one month after
a request from the data subject.
Seatrans Group is required to provide copies of personal information related to the data subject upon request.
The right to access is free of charge for the data subject.
The routine for how Seatrans Group will handle the right to access is present.
Right to edit and supplement incomplete personal information The data subject has the right to make changes in order to ensure that personal information processed by Seatrans Group is correct and complete.
Seatrans Group is required to ensure that incorrect personal information is changed within one month following an inquiry to correct. The equivalent applies for incomplete personal information supplemented by the data subject.
Upon request by the data subject, Seatrans Group is required to ensure that personal information is corrected and or supplemented within one month after receiving and validating the information.
The routine for how Seatrans Group will handle the right to edit and supplement incomplete personal information is present.
Right to erasure
The data subject has the right to have personal data erased. Seatrans Group is obliged to erase all personal data that is required in order to perform the intended processing.
In order to comply with the right to erasure, Seatrans Group is required to set rules for personal data retention. The routine for how Seatrans Group will handle the right to erasure is present.
Right to restriction of processing
The data subject has the right to restrict the processing of personal information.
Seatrans Group is required to inform the data subject of the right to restriction of processing.
The routine for how Seatrans Group will handle the right to restriction is present.
Right to data portability
The data subject has the right to receive the personal data concerning him or her in a commonly used format and have the right to transmit those data to another data controller without hindrance.
Seatrans Group is required to make personal data available within one month after a request for data portability.
Seatrans Group is required to facilitate a direct transmit to another data controller, if requested by the data subject.
The routine for how Seatrans Group will handle data portability is present.
Right to object
The data subject has the right to object to the processing of personal data. Seatrans Group is required to terminate the processing of personal data unless compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, is demonstrated.
Seatrans Group is required to implement technical and or organizational measures in order to handle objections of personal data processing.
Seatrans Group is required to inform data subjects of the right to object.
The routine for how Seatrans Group will handle the right to object is present.
Information security
Seatrans Group is required to safeguard the personal data.
The policy for information security is present.
Data processing agreement
When using external data processors, a suitable Data Processing Agreement is required.
Annual review of internal control
Seatrans Group is required to perform an annual review of the internal control for privacy to ensure that the processing of personal
data is in compliance with privacy laws and regulations.
The guideline for annual review of the internal control is present.
