1. Navis Latinae is committed to the right of the individual (customer, employee, supplier and other interested party) to decide the use of his personal data (“informational self-determination”). We will inform these groups of people with the necessary transparency and clarity about the collection, processing and use of personal data.

2. We process personal data in principle only in the context of the affected explicit and legitimate purpose known by the data subject and therewith compatible purposes. Only the necessary personal data is collected.

3. As far as the processing of anonymous or pseudonymous data has the same benefits, we will prefer these processes over the processing of single personal data.

4. We take particular care that and implement appropriate measures to ensure that personal data are stored accurate and kept up to date.

5. Personal data shall be erased if the knowledge of data is no longer required to achieve the purpose of processing or using and the statutory retention periods have expired.

6. To ensure data security, the necessary technical and organizational measures in accordance with the state of the art are implemented. It must in particular ensure that only authorized personnel may take note of the personal data and that the personal data are available and correct at all times. We also ensure that personal data can be attributed and tracked to their origin.

7. In our business models we ensure through appropriate data protection policies/data privacy statements the full transparency of the processing, as well as the further use, enrichment and transfer of the personal data. We enable self-determined action within the legal requirements.

8. When processing large, complex and, in some cases, unstructured quantities of personal data (big data applications), Navis Latinae will periodically review the permissibility and necessity of processing to maintain a trustworthy handling of these data and the rights and interests of those affected. Navis Latinae’s Data Protection Officer plays an important role in this process.

9. We are aiming to collaborate only with partners who offer data protection-compliant solutions and comply with the provisions of the EU GDPR, national data protection laws and other relevant data protection laws and regulations. Navis Latinae selects its partners particular taking into consideration the adequacy of the technical and organizational measures implemented by them.

10. Within the Group we intend to be able to process and use the data collected by a data controller also by other Group companies in accordance with the statutory requirements. Storage takes place in principle in Europe, but service providers from so-called third countries can also be involved in the processing of personal data within the limits of the statutory data protection requirements.

11. Above and beyond the legal requirements, Navis Latinae is aiming to promote socially acceptable (industry) standards for the collection, processing and use of personal data through a trustful and confidence-building way of handling. We strive to have an exchange with authorities, non-governmental and consumer protection organizations.

12. Navis Latinae ensures that the managers and employees comply with these guiding principles.