West Nautical18A Osborne RoadJesmondNewcastle upon TyneNE2 2ADUnited Kingdom
Who we are
Our website address is: https://www.westnautical.com.
visitors leave comments on the site we collect the data shown in the
comments form, and also the visitor’s IP address and browser user agent
string to help spam detection.
An anonymised string created from
your email address (also called a hash) may be provided to the Gravatar
is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
you upload images to the website, you should avoid uploading images
with embedded location data (EXIF GPS) included. Visitors to the website
can download and extract any location data from images on the website.
contact form collects your name, email address and telephone number so
we can add you to our mailing list to keep you updated with our latest
fleet updates, news and offers.
If you leave a
comment on our site you may opt-in to saving your name, email address
and website in cookies. These are for your convenience so that you do
not have to fill in your details again when you leave another comment.
These cookies will last for one year.
If you have an account and
you log in to this site, we will set a temporary cookie to determine if
your browser accepts cookies. This cookie contains no personal data and
is discarded when you close your browser.
When you log in, we will
also set up several cookies to save your login information and your
screen display choices. Login cookies last for two days, and screen
options cookies last for a year. If you select “Remember Me”, your login
will persist for two weeks. If you log out of your account, the login
cookies will be removed.
If you edit or publish an article, an
additional cookie will be saved in your browser. This cookie includes no
personal data and simply indicates the post ID of the article you just
edited. It expires after 1 day.
on this site may include embedded content (e.g. videos, images,
articles, etc.). Embedded content from other websites behaves in the
exact same way as if the visitor has visited the other website.
third-party tracking, and monitor your interaction with that embedded
content, including tracing your interaction with the embedded content if
you have an account and are logged in to that website.
We do not share our data with any third parties.
you leave a comment, the comment and its metadata are retained
indefinitely. This is so we can recognize and approve any follow-up
comments automatically instead of holding them in a moderation queue.
users that register on our website (if any), we also store the personal
information they provide in their user profile. All users can see,
edit, or delete their personal information at any time (except they
cannot change their username). Website administrators can also see and
edit that information.
you have an account on this site, or have left comments, you can
request to receive an exported file of the personal data we hold about
you, including any data you have provided to us. You can also request
that we erase any personal data we hold about you. This does not include
any data we are obliged to keep for administrative, legal, or security
Visitor comments may be checked through an automated spam detection service.
Impact Assessments (PIA’s) are an integral part of taking a ‘privacy by
design’ approach. PIA’s are a tool that West Nautical uses to identify
and reduce the privacy risks of a project or service. A PIA can reduce
the risk of harm to individuals through misuse of their personal
information and helps West Nautical to design a more efficient and
effective process for handling personal data.
The core principals
of the PIA process are integrated within our existing project and risk
management policies with the aim of reducing the resources necessary to
conduct the assessment and spreading awareness of privacy throughout the
An effective PIA will allow West Nautical to identify
and fix problems at an early stage. PIAs must be applied to new projects
or services as well as processes that involve changes to an existing
project or service.
West Nautical has a process that outlines how we will approach PIAs.
assist West Nautical in identifying privacy risk, which is the risk of
harm through an intrusion into privacy. This is the risk of harm through
use or misuse of personal information. Some ways that this risk can
arise are through personal information being:
outcome of a PIA is to minimise privacy risk. The aim of this policy is
to enable West Nautical to develop an understanding of how it will
approach the broad topics of privacy and privacy risk.
allow individuals to be reassured that we follow best practice when
using their information. A project or service which has been subject to a
PIA should be less privacy intrusive and therefore less likely to
affect individuals in a negative way. A PIA should also improve
transparency and make it easier for an individual to understand why
their information is being used.The process of conducting the
assessment will also improve how the Company uses information which
impacts on individual privacy. This should in turn reduce the likelihood
that the Company will fail to meet its legal obligations.
a PIA will help the Company build trust with our staff and the people
using our services. The actions taken during and after the PIA process
can improve the Company’s understanding of its stakeholders.
use of PIA’s will increase the awareness of privacy and data protection
within the Company and ensure that all staff involved in designing
projects think about privacy at the early stages.
When should we use PIAs?The
core principals of PIA can be applied to any project that involves the
use of personal data, or any other activity which could have an impact
on the privacy of individuals.
A PIA should be used on new
projects or services, or when making an amendment to a current project
or service. The PIA should be built into the project management
The Company will
decide who is best placed to carry out a PIA. The Data Protection
Officer (DPO) is well placed to have a significant role in a PIA.
However, the PIA is designed to be used by anyone within the Company.
For the PIA to be effective it should include some input from various
people within the Company who are involved in a project or a service and
who will each be able to identify different privacy risks and
The PIA should be
flexible so that it can be integrated with the Company’s existing
approach to managing projects. The PIA should incorporate the following:• Identify the need for a PIA.• Describe the information flows.• Identify the privacy and related risks.• Identify and evaluate the privacy solutions.• Sign off and record the PIA outcomes.• Integrate the outcomes into the project plan.• Consult with internal and external stakeholders as needed throughout the process.
Screening questions to assess if a PIA is required
If the answer is yes to any of the questions below, then using a PIA may be useful.
the need for a PIA – Explain what the project aims to achieve, what the
benefits will be to the organisation, to individuals and to other
You may find it helpful to link to other relevant documents related to the project, for example a project proposal.
Also summarise why the need for a PIA was identified (this can draw on your answers to the screening questions).
Data Flow• How is the information collected?• How is the information stored?• How is the information used?• How is the information deleted?
Describe the information flows.
collection, use and deletion of personal data should be described here,
and it may also be useful to refer to a flow diagram or another way of
explaining data flows. You should also say how many individuals are
likely to be affected by the project or service.
Privacy Risks• Are there any privacy risks to individuals?• Are there any compliance risks to the Company, such as fines for non-compliance?• Are there any Company level risks?
what practical steps you will take to ensure that you identify and
address privacy risks. Who should be consulted, internally and
externally? How will you carry out the consultation? You should link
this to the relevant stages of your project management process.
Consultation can be used at any stage of the PIA process.
identify the privacy related risks.
the key privacy risks and the associated compliance and corporate
risks. Larger-scale PIAs might record this information on a more formal
Identify privacy solutions.
the actions you could take to reduce the risks, and any future steps
which would be necessary (e.g. the production of new guidance or future
security testing for systems).
Sign off and record the PIA outcomes.
Who has approved the privacy risks involved in the project? What solutions need to be implemented?
Integrate the PIA outcomes back into the project plan.
is responsible for integrating the PIA outcomes back into the project
plan and updating any project management paperwork? Who is responsible
for implementing the solutions that have been approved? Who is the
contact for any privacy concerns which may arise in the future?
may update this policy from time to time so we suggest you review this
page occasionally. If you have any questions or concerns regarding the
policy or the way in which we use our data please email
firstname.lastname@example.org. This policy was last updated in May 2018.
the event that something went wrong we would always try our best to
resolve things. Please do speak to our Privacy Team first as we may be
able to quickly and easily resolve the problem. In the event that you
wish to make a complaint about how your personal data is being
processed, or how your complaint has been handled, you have the right to
lodge a complaint directly with the Information Commissioners’ Office
who’s website is http://www.ico.org.uk/ or calling 0330 123 1113.
information we hold about you. You can email us using email@example.com, write to us at Privacy Team, Baltic Place, South Shore Road, NE8 3AE or telephone on 0191 478 9920.