PRIVACY POLICY - engineX

CHORD X PTE. LTD.
PRIVACY POLICY - engineX

(I) PRIVACY TERMS
 

Chord X Pte. Ltd. (“CHX”) respects your privacy and we are committed to safeguard the personal data of users of our products (“User”) and personal data belonging to customers who have engaged our company to provide products and services (“Customer”).  

This Privacy Policy sets out the ways we collect, use and process your personal data and informs you about your privacy rights. We collect User personal information through Customer and User interaction with the product. From time to time, we may also ask for feedback on the product.

 

1. INFORMATION WE MAY COLLECT ABOUT YOU 

engineX is a vessel-based software product which provides a near real-time overview of the performance and operational status of a vessel’s main engine (“engineX”). 

 

engineX does not require the credentials of an individual (such as your name or email) to access the solution.  Access is by group login credentials based on job roles (such as vessel engineers, superintendents etc.)  engineX collects usage data of the group of authorised Users. It is not intended to specifically track the usage data of an individual user unless there is only a single User in a specified job group. 

 

CHX will collect Your Personal Data in the following situations: 

(a) User Contacts ► User work contact through electronical means will be provided by the Customer for communication of product features, product updates and workflows.
 

(b) Usage Data ►includes information about how you use our product. 


(c) User Feedback ► we may ask you for feedback from time to time, that we use to help us to improve our service; and 


(d) We may also collect, use and share aggregated data such as statistical or demographic data for any purpose. 

 

2. HOW WE ARE USE YOUR PERSONAL DATA 

2.1 CHX will collect, process and store all or some of the User’s personal data for the following purposes: 

(a) Where you contact our customer support, CHX will store your name and contact details such as email address or phone number in order to provide support to you based on your request; 

(b) Where provided by Customer, to communicate to the Users any product announcement, software updates, changes to the product and its features, changes to our services and changes to the terms and conditions; 

(c) To analyse usage data to help us to better understand User and Customer requirements for research and development purposes to improve our products and services; 

(d) To monitor queries and transactions to ensure service quality and compliance with procedures. 

2.2 We continually strive to improve our services based on the information and feedback we receive from Users. Feedback may include responses submitted by Users on the accuracy of alerts generated by the Software. We may ask Users for feedback from time to time, that we use to help improve our service, and CHX will (i) use, analyse and process collected data about User, (ii) aggregate User data with other User data, for the purpose of improving the Software, creating new features, conducting research and developing new products and services, including reports based on analytics associated with the Software, provided always that your data has been anonymized and de-identified such that the data or aggregated data will not enable other Users to identify each unique User. 

2.3 The Software does not make any decisions involving the use of algorithms or profiling that affects you. 

 

3. SHARING YOUR PERSONAL DATA 

3.1 We may disclose personal data for the purposes we explain in this notice to service providers, contractors, agents, advisors (e.g. legal, financial, business or other advisors) that perform activities on our behalf and to other third parties in connection with our legal and regulatory obligations. 

3.2 We may process your personal data to comply with our regulatory requirements or dialogue with regulators as applicable which may include disclosing your personal data to third parties, the court service and/or regulators or law enforcement agencies in  connection  with  enquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so.  Where permitted, we will generally direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime. 

3.3 In the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organisation, we may need to transfer some or all of your personal data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analysing any proposed sale or re-organisation. We may also need to transfer your personal data to that re-organised entity or third party after the sale or reorganisation for them to use for the same purposes as set out in this policy. 

 

4. TRANSMISSION, STORAGE AND SECURITY OF YOUR PERSONAL DATA 

4.1 No data transmission over the Internet or Satellite Link can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal data in accordance with data protection legislative requirements. 

 

4.2 All information is stored on our or our service provider’s secure servers and can only be accessed and used subject to our security policies and standards. 

 

4.3 Any personal data provided to and collected by the Software may be transferred to, stored by or disclosed to an overseas recipient. Personal data may be accessed by service providers in, transferred to, or stored at, a destination outside the country in which you are located. We will, in all circumstances, ensure that the standard of protection to personal data so transferred is comparable to the protection required under the Personal Data Protection Act of Singapore (“PDPA”). 

 

4.4 Personal data will be stored on a server hosted by Microsoft Azure, a Privacy Shield certified global cloud service provider. 

 

5. RETENTION OF PERSONAL INFORMATION 

Our retention periods for personal data are based on business needs and legal requirements. We retain personal data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data. When personal data is no longer needed, we either irreversibly anonymise the data (and we may further retain and use the anonymised information) or securely destroy the data. 

 

6. YOUR RIGHTS AND CONTACTING US   

6.1 Access, Updating, Editing and Deleting Data 

 

(a) We will use reasonable endeavours to ensure that your personal data is accurate. In order to assist us with this, you may notify us of any changes to the personal data that you have provided to us by contacting us as set out in the “Contacting Us” section below. 

 

(b) You may request access or a copy of your User Data and may request that we correct the data if it is inaccurate or delete the data. 

6.2 Contacting Us 

If you have any questions in relation to this policy, please contact our data protection officer(s) at support@chordx.co

 

6.3 Changes to our Privacy Policy 

We may change the content of our Privacy Policy and how we use your personal data from time to time. If we change this Privacy Policy, we will update the date it was last changed below.  

 

6.4 Our Commitment to User Privacy 

To ensure integrity and security of user personal information, our privacy and security guidelines are communicated to all employees and strictly enforced within the company. 

 

(II) EUROPEAN APPENDIX

If you are based in the European Economic Area (EEA), the European data protection law (EU DP Law) require us to provide you with additional information about our processing activities, including information about rights that you have in relation to your personal information that we handle. 

 

1. Why we collect your data, and whom we disclose it to 

Under EU DP Law, we are required to inform you of the “lawful bases” on which we rely to process your personal information. Below we set out the “lawful bases” that we use as the basis for our use of your personal information for each of the purposes mentioned in the Privacy Policy. You can find an explanation of each of the grounds relied on below: 

EU USE BASES TABLE

Privacy_policY_21092021_eX_jpg.png
USE BASES 

These are the principal legal grounds that justify our use of your information: 


Consent: where you have consented to our use of your information (you will have been presented with consent language in relation to any such use and may withdraw your consent by contacting us as set out in the Contacting Us section of the main Privacy Policy). 
 

Contract performance: where your information is necessary to enter into or perform our contract with you and the Customer. 


Legal obligation: where we need to use your information to comply with our legal obligations. 


Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights. 


Legal claims: where your information is necessary for us to defend, prosecute or make a claim against you, us or a third party. 

 

2. EXPORT OUTSIDE THE EEA 

2.1 Your personal data may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the country in which you are located, whose data protection laws may be of a lower standard than those in your country. We will, in all circumstances, safeguard personal data as set out in this Privacy Policy. 

 

2.2 Where we transfer personal data from inside the European Economic Area (the EEA) to outside the EEA, we may be required to take specific additional measures to safeguard the relevant personal data. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal data to these jurisdictions. In countries which have not had these approvals (see the full list here http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm), we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements. 

 

2.3 Please contact us as set out in the “Contacting Us” section of the main Privacy Policy below if you would like to see a copy of the specific safeguards applied to the export of your personal data. 

 

3. YOUR ADDITIONAL RIGHTS 

3.1 If you have any questions in relation to our use of your personal data, you should first contact us as per the “Contacting Us” section below. Under EU DP Law, you may have the following additional rights in relation to your personal information to those set out in the main Privacy Policy. Under certain conditions, you may have the right to require us to: 

(a) provide you with further details on the use we make of your information; 

(b) provide you with a copy of information that you have provided to us; 

(c) update any inaccuracies in the personal data we hold (please see the main Privacy Policy); 

(d) delete any personal data that we no longer have a lawful ground to use; 

(e) where processing is based on consent, to withdraw your consent so that we stop that particular processing;

 

(f) to ask us to transmit the personal data you have provided to us and we still hold about you to a third party electronically; 

(g) object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and 

(h) restrict how we use your information whilst a complaint is being investigated. 

3.2 Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).  If you exercise any of these rights, we will check your entitlement and respond in most cases within a month. 

3.3 If you are not satisfied with our use of your personal information or our response to any exercise of these rights, you have the right to complain to the Information Commissioner’s Office or the data protection regulator in your country. 

 

4. CONTACT US 

If you have queries about any part of this EU Appendix, please contact us as set out in the “Contacting Us” https://www.chordx.co/contact section of the main Privacy Policy.

If after contacting us you do not feel that we have adequately addressed your concerns, you may contact the data protection regulator in your country (listed here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080)

 

Last Updated: 20 September 2021