Articles in this section

GDPR New Version

In Compas, this feature can be found through: Admin | System | GDPR Rule.

The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1] Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements related to the processing of personal data of individuals (formally called data subjects in the GDPR) who reside in the EEA, and applies to any enterprise—regardless of its location and the data subjects' citizenship or residence—that is processing the personal information of data subjects inside the EEA. 

Controllers and processors of personal data must put in place appropriate technical and organisational measures to implement the data protection principles. Business processes that handle personal data must be designed and built with consideration of the principles and provide safeguards to protect data (for example, using pseudonymization or full anonymisation where appropriate). Data controllers must design information systems with privacy in mind, for instance use the highest-possible privacy settings by default, so that the datasets are not publicly available by default, and cannot be used to identify a subject. No personal data may be processed unless this processing is done under one of six lawful bases specified by the regulation (consent, contract, public task, vital interest, legitimate interest or legal requirement). When the processing is based on consent the data subject has the right to revoke it at any time. 

Note: This feature is activated by Netvision only when requested by the client. 

How GDPR is set in the System?

In Compas to set the GDPR, please check in the Admin Panel, under the System Section

Select if the setting is for Compas Office/On-board or Crew Application.

Step 1

Assign a Rule Name

Ensure you select the Compas application you want the rule to apply to (Compas or Crew Application)

Step 2

In the Step Configuration tab, click Add Step. By adding a step, you will be able to configuration the number of days and data elements should be deactivated after the crew has resigned/been dismissed. Example is shown below.0fcb7fe2-2e4a-4f64-a648-e6fed33c7270.png

Unassigned list - are data elements that are not been assigned.

You may drag and drop the data elements by clicking the data elements and drop to a step.

This includes the list of personal data that has to be deleted after X days, X being the days after the crew has resigned / been dismissed, this is defined by the client. i.e. I want to delete all these items of personal data after 365 days. The period configured here should be in accordance to the company’s data retention policy, with regards to crew members personal & non-financial related data. 

For the scanned copies of various items, they will be deleted along with the data record. No additional setup is required for this. 

For the contract details (data record), it is linked to crew payroll, hence cannot be deleted. 

Step 3

In the Last step tab, this step allows full deletion of the data elements left unchecked in the system under Step Configuration, after Y (greater than X) days since the seafarer has resigned / been dismissed (if the check box is checked). This period is generally governed by the local jurisdiction of the crew employer with regards to data retention for various auditing requirements. Here the client has the option to either Anonymise the crew name or leave the same as-is.

52d60aa5-1c75-4450-a100-45d10e2773c5.png

Compared with the previous GDPR tool, the new tool allows you to set applicability by Company, Owner Pool, Manning Office and Nationality, providing the flexibility required to apply different rules to different crew communities.

To determine the applicability, once the rule has been created, please click on the globe icon available besides the rule:e3451e4b-1c13-4d55-aebb-ae1bcff931a7.png

Select the applicability required based on company specifications:89784ac3-a5e9-4f33-9336-766ab898eb55 (1).png

Once all the settings and click Save.

The last step is to request activation to OTG of the schedule job to run the rules through the database. Note that the System Administrator can also decide when the rules applies or not clicking on the Enable/Disable functionality in the different rules:e04b1a6b-877d-46e4-9c7f-5cc1031c67dd.png

User Permission7a001dde-723b-4c9e-bb31-3ec672c30a41.png

If for any crew member, we need to retain all data and this crew member should not be included in the GDPR process, for such crew member, on the crew profile, the users can exclude the crew member from GDPR process, by clicking on the Green Lock icon (Included in GDPR processing) and turning the icon to Red Lock (Excluded from GDPR Processing)

693bdd0f-1ba3-43ea-84c8-703b467728a1.png

Silver Key icon is now for changing the password 

The user is required to have the Crew page > Personal details - Lock permission on the permission tree. 

Movement

External Sea – will delete All External Sea Service recorded on the Crew Profile. 23ebf8db-6d1b-48ff-b0b6-8f5c05978039.png

Pre-employment Checks - will delete recorded Pre-employment Checks and uploaded documents.c95cbba5-fb67-4b8a-8ad2-d71dc9bc951d.png

Seniority starting point – will delete the Seniority balance starting point and all computed data. 9b1bce88-bf43-45d1-ade3-07a367862044.png

Personal

Personal Details-will delete the information from crew profile - main page. d15edfdd-2b7c-4a68-8f14-b616d4bd0488.png

Address – will delete Address section under Personal tab, as per below: 1a9f4631-198e-4dc2-a60f-167abe1a1edf.png

Contact - will delete Contacts section under Personal tab: e3479810-0c4c-4946-840e-1d2a136bfe42.png

Family - will delete Family members details under Personal tab. 2dd4e6d6-f56e-4e86-b694-2c9a90631b00.png

Union – Data under the Union section is deleted when checked. 44d67a5d-47a4-4f3b-9220-dc9da5f2b475.png

Additional Information- will delete Additional Information under Personal tab 62500e4e-f3ff-44bf-b348-114a14a6ca37.png

Education - will delete Education records under Personal tab39aa9c9d-43f2-460c-a5cd-d466af888141.png

Comments - will delete all the Comments recorded under Personal tab 0cebc3bd-67f6-4ad1-b248-287f4e749b4b.png

Security questions - will delete Security questions. 2442d0e9-c070-4307-ade1-5fdde24344c2.png

Crew Chat - will delete Crew Chat under Personal tab. 6de46d00-6532-4baa-bf78-7b8106dcbb2a.png

Traveller Profile - will delete Traveller Profile under Personal tab. 572eec8b-696c-4f48-931c-4b8eb895e7cf.png

Crew Sticky Notes - will delete the recorded Sticky notes. ca837c40-f120-447a-a137-21dee3cf0cad.png

Working gear – will delete records related to the Working gear issued to the crew. 74372dda-5759-4a30-9ebb-0aa44a66bed7.png

Crew contract scanned documents – will remove the scanned contract attached under Service > Contracts. The contract data record will not be deleted as this is linked to closed payrolls. 9530c6bd-da34-402f-b9da-a34384b22677.png

Crew Photo – will remove crew’s photo from crew profile. 2d7487f3-f1f7-48a8-bcc7-d68e4ac0b8fa.png

Bank Accounts & Payments - anonymize processed payment bank draft details, including Beneficiary details such as name and account number. These records cannot be deleted as they are linked to payments and closed payrolls.bb0e41e3-9005-434d-bb30-9a85ddd3dbaa.png

Service

Assignments - will delete the recorded Assignments as per below: 911089dd-39c8-4a4f-8605-4515f6cb9545.png

Long service award - will delete Long service award records. e20185c5-b9d9-472e-8ff2-f5658ff60792.png

Nominations - will delete Nominations records 8b040afd-bc3d-49e4-a3c0-1b0eed4a46ed.png

Programs – is deleting the Programs recorded under Service tab. b41b122b-b89e-4b80-8ea8-4e3dad3d759b.png

Readiness - will delete the readiness records. 23743d2b-529e-402d-a6be-a282aa84f4b6.png

Flights - will delete crew recorded Flights. 5e9fbc01-7149-4d5b-a25a-6b2cce847060.png

Documents

When checked will delete the following sections under Documents & Flag Docs. tabs: 

Authentications / Certificates / Books / Licences / Passports / Visa / Vaccinations / Acknowledgment / Dispensations / Maritime Legislation Exams 4eb8f4a0-ad7d-4317-96f3-cd4a77ef95b6.pngf0615323-7e49-479e-a736-ac31cd9f1b25.png

Training

When checked will delete the following sections under Training tab: 

Activities / Training Requests / Elearning history / Study grant / Drills / CBT Results Competency7613b404-12c1-4e31-bad9-cdf862816a27 (1).png

Evaluation

E-Appraisals - will delete the recorded appraisals under Evaluation tab as per below5a0c3395-2b80-4b27-809d-f0c80d0dcaef.png

Medical

When checked will delete the following sections under Medical tab, as per below print screen: 

Medical Examinations / Medical Events / Drug & alcohol tests / Health Insurance.b26df38e-e448-47a0-b7d3-9a0f7b8b7ea3.png

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Article is closed for comments.