ITIC circular: BIMCO GDPR clauses

Following a number of recent enquiries regarding GDPR (the General Data Protection Regulation) ITIC would like to remind our ship management members that BIMCO has drafted the following GDPR clauses: 

Personal Data Protection Clause for CREWMAN A and B 2009
Personal Data Protection Clause for GUARDCON
Personal Data Protection Clause for SHIPMAN 2009
Personal Data Protection Clause for SUPPLYTIME 2017

ITIC's legal advisor, Mark Brattman, was part of the drafting committee.

BIMCO personal data protection clause for SHIPMAN 2009:

For the purposes of this Clause:

“Data Subject” means any identified or identifiable natural person, including Crew.
“Personal Data” means any information relating to any Data Subject connected with the Management Services.
“DPR” means any data protection regulations applicable to the Parties in relation to the Management Services, including the European Union General Data Protection Regulation (GDPR).

(a) The Parties shall each ensure compliance with the DPR in respect of Personal Data, with particular regard to:

(i) its collection and use; 
(ii) its safeguarding; 
(iii) any transfer to third parties; 
(iv) its retention; and 

(v) the protection of Data Subjects’ rights.

(b) The Parties shall have proper notification and response procedures for any Personal Data breach.

(c) The Parties agree to conduct or submit to audits or inspections in accordance with the DPR 

Please note that you will need to register with BIMCO in order to access the website, but for ease of reference you can download the Shipman 2009 clause and explanatory notes by clicking here.