Introduction
At OSEA, we are deeply committed to safeguarding your personal information. Our privacy policy outlines the reasons for collecting and using personal data, as well as details about your rights. This policy applies to personal data shared with us, either directly by individuals or through other sources. We may utilize the personal data provided for purposes outlined in this privacy policy or as indicated at the point of collection.

Personal data includes information related to identified or identifiable living individuals. At OSEA, we process personal data for various purposes, and the methods of collection, legal basis for processing, use, disclosure, and retention periods may vary for each purpose.

We are dedicated to maintaining transparency when it comes to the collection and use of personal data. To learn more about our specific data processing activities, please refer to the relevant sections of this policy.

By submitting any personal data to us, you consent to its use by OSEA in accordance with this privacy policy.

Security
At OSEA, we prioritize the utmost security for all the data we maintain. We have established a robust framework consisting of policies, procedures, and ongoing training that encompasses professional confidentiality, data protection, privacy, and security. We consistently assess the effectiveness of these measures to ensure the safeguarding of the data under our care.”

When and how we share personal data and locations of processing
We are committed to sharing personal data only when it is legally permissible. Whenever we share data with third parties, we establish contractual agreements and employ security measures to safeguard the data, ensuring compliance with our stringent data protection, confidentiality, and security standards.

We collaborate with third-party entities located in various countries to support our business operations. This international collaboration may involve the transfer of personal data beyond the borders of the countries where we and our clients are situated. This may include countries outside the European Union (EU) and regions lacking specific laws for personal data protection.

To uphold the highest standards of data protection, we have implemented measures to ensure that all personal data receives adequate protection. Moreover, all transfers of personal data outside the EU are carried out in full compliance with the law.

In instances where personal data is transferred from the EU to a country not recognized by the European Commission as providing an adequate level of data protection, such transfers are executed under agreements that align with EU requirements for international data transfers. These agreements, which incorporate European Commission approved standard contractual clauses, can be reviewed here.

Personal data held by us may be transferred to:

• Third party organizations that provide applications/functionality, data processing or IT services to us:We enlist the assistance of third-party partners to enhance our service delivery and to efficiently operate and oversee our internal IT systems. These partners encompass a wide range of services, including information technology, cloud-based software-as-a-service providers, identity management, website hosting and administration, data analysis, data backup, security, and storage solutions. The servers that empower and support our cloud infrastructure are securely housed within data centers located across the globe, potentially leading to the storage of personal data in any of these facilities.
• Third party organizations that otherwise assist us in providing goods, services or information
• Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation:On occasion, we may receive requests from authorized third parties seeking the disclosure of personal data. These requests may serve various purposes, including verifying our compliance with relevant laws and regulations, investigating alleged criminal activities, or establishing, exercising, or defending legal rights. We will only respond to requests for personal data when we are legally allowed to do so, as dictated by applicable laws and regulations.
  
  

Changes to this privacy statement
We recognise that transparency is an ongoing responsibility so we will keep this privacy statement under regular review.

This privacy statement was last updated on 5 October 2023.

Individuals’ rights and how to exercise them
Individuals possess specific rights regarding their personal data, and data controllers are responsible for upholding these rights. As data controllers who determine how and why personal data is processed, we provide detailed information below about these rights and how to exercise them.

Access to Personal Data:
You have the right to access personal data held by us as data controllers. To exercise this right, please email us at privacy@oseasolutions.com. We strive to respond promptly to any requests for information, meeting all legally mandated time limits (currently 30 days).

Amendment of Personal Data:
To update personal data you’ve provided to us, you may email us at privacy@oseasolutions.com. Alternatively, when applicable, you can contact us through the relevant website registration page or update your personal details on relevant applications associated with your registration. Upon notification of any inaccuracies in your personal data, we will make necessary corrections where feasible.

Withdrawal of Consent:
If we process personal data based on your consent (though we typically rely on other legal bases), you have the right to withdraw that consent at any time. To do so, please email us at privacy@oseasolutions.com. To stop receiving emails from our marketing lists, you can click on the unsubscribe link in the emails you receive from us.

Other Data Subject Rights:
In addition to the rights of access and amendment mentioned above, individuals may have other rights concerning the personal data we hold. These rights can include the right to erasure/deletion, the right to restrict or object to our processing of personal data, and the right to data portability.

To exercise any of these rights, please send an email to privacy@oseasolutions.com. You can also submit your requests via our privacy portal.

Complaints:
While we hope you won’t need to, if you wish to complain about our use of personal data, please email us with the details of your complaint at privacy@oseasolutions.com. We will investigate and respond to all complaints we receive.

Additionally, you have the right to lodge a complaint with the relevant data protection authority, should you deem it necessary.