Effective Date: 20/04/2026
1. Purpose of This Policy
This Privacy Policy explains how Marlow Navigation (“we”, “us”, “our”) collects, uses, stores, and protects personal data when you visit our website or interact with us. We are committed to processing personal data lawfully, fairly, and transparently in accordance with the General Data Protection Regulation (GDPR).
2. Data Controller
Name: Marlow Navigation Co. Ltd.
Address: Alexandrias 13, 3013 Limassol, Cyprus
Email: [email protected]
3. Data We Collect
We may collect the following categories of personal data:
- Identification data: name, email address, contact details
- Recruitment data: CV/resume, rank, preferred office, employment history
- Technical data: IP address, browser type, device information
- Usage data: pages visited, time spent, referral source
- Communication data: enquiries submitted through forms or email
We do not collect more data than necessary for the stated purposes.
4. How We Collect Data
We collect personal data:
- Directly from you (forms, emails, job applications)
- Automatically through cookies and analytics tools
- From authorised third‑party service providers where required
5. Legal Basis for Processing
We process personal data under the following GDPR bases:
- Consent (newsletter subscription, job applications)
- Contractual necessity (employment processes, service delivery)
- Legal obligation (maritime employment requirements, compliance)
- Legitimate interests (website security, service improvement)
6. How We Use Personal Data
We use personal data to:
- Process job applications and manage recruitment
- Respond to enquiries
- Provide access to online portals
- Improve website performance and security
- Comply with legal and regulatory obligations
We do not sell or commercially exploit personal data.
7. Data Sharing
We may share personal data with:
- Marlow Navigation subsidiaries
- Authorised recruitment centres
- Service providers (IT, analytics, hosting)
- Regulatory authorities where legally required
All third parties are bound by confidentiality and data‑processing agreements.
8. Third-Party Processors
We may engage trusted third‑party service providers to support the operation of our business. These may include:
- Website hosting and IT infrastructure
- Analytics and performance monitoring
- Recruitment and applicant management platforms
- Email and communication tools
- Cloud‑based business applications
All processors act only on our instructions and in compliance with applicable data protection laws.
9. International Transfers
As a global organisation, data may be transferred outside the EU. Transfers occur only where:
- Adequacy decisions exist, or
- Standard Contractual Clauses (SCCs) are in place, or
- Processing is necessary for recruitment or service delivery
10. Data Retention
We retain personal data only as long as necessary:
- Job applications: 12 months
- Employee records: 7 years
- Website analytics: up to 26 months
- Enquiries: as long as required to respond
11. Your GDPR Rights
You have the right to:
- Access your data
- Correct inaccurate data
- Request deletion
- Object to processing
- Withdraw consent
- Request data portability
12. Data Subject Request Process
We will acknowledge and respond to GDPR requests within 30 days. For complex requests, we may extend this period by up to 60 days and will notify you accordingly. We may request additional information to verify your identity before fulfilling a request.
13. Right to lodge a complaint
You have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection in Cyprus or with your local supervisory authority if you believe your personal data has been processed unlawfully.
14. Data Security
We implement technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures include:
- Access controls
- Encryption
- Secure data storage
- Network monitoring
- Regular system updates
- Staff training on data protection
While no system can guarantee absolute security, we continuously review and enhance our safeguards.
15. Cookies & Tracking Technologies
We use cookies and similar technologies to improve website functionality, enhance user experience, and analyse traffic. For full details on the types of cookies we use and how to manage them, please refer to our Cookie Policy.
16. Children's Data
Our website is not intended for children under the age of 16. We do not knowingly collect personal data from minors. If you believe that a child has provided us with personal data, please contact us so we can delete it.
17. Changes to This Policy
We may update this Privacy Policy. The latest version will always be available on this page.