APMT Global Data Privacy Policy
This Privacy Notification is effective as of April 15th, 2024.
This Privacy Notification explains how APMT and its affiliated companies which are controlled by APMT wholly or partly (“APMT”, “we”, “us”, “our”) use personal data about you on our websites, mobile applications, or other sites that display this Privacy Notification. This Privacy Notification will also apply to information gathered from your visits to our facilities.
1. Scope
APM Terminals (“APMT”) recognizes and respects the importance of your privacy. This policy sets out how APMT collects and uses your personal data. APMT processes your personal data in accordance with this policy and the applicable laws,. APMT may change this policy from time to time. We would advise you to regularly check our website to find out whether any changes have been made to this policy.
Protecting your personal data
With offices and operations throughout the world, personal data will be transferred or be accessible internationally throughout APMT's global business. Any such transfers throughout APMT’s global business take´s place in accordance with the applicable local data privacy laws and regulations and for the European Union in accordance with the authority approved Binding Corporate Rules (“BCR”).
Our BCR reflect the standards contained in European data privacy laws and regulations (including the General Data Protection Regulation). Having our BCR means that all our entities which have signed up to our BCR have to comply with the same internal rules. It also means that your rights stay the same no matter where your data are used by APMT.
Binding Corporate Rules (BCR) can be downloaded here.
2. Personal data and purposes
This privacy policy applies to individuals whose personal data is processed by APMT, more specifically this policy applies to visitors of the APMT website, job applicants, contractors, visitors of AMPT sites, including truck drivers. More details relating to APMT’s processing of personal data are provided below for each category of individuals.
- Visitors of the APMT website
When you visit and use our website, we may collect your personal data for the following purposes:
- Provision of APMT services and products;
- To accommodate your requests and inquiries;
- Provision of newsletters offered by APMT;
- Evaluating the use of our websites for statistical purposes and for compliance with any laws to which APMT is subject; and
- The purposes listed in our cookie policy
On our websites, we may collect information about name, postal address, email address, other contact information, age, interests, gender, IP addresses, information about your behaviour on our website (e.g. what pages you visit, how long you are on the website and what you click on) and other personal data. Our websites are intended for a general audience, and APMT does not knowingly collect personal data about any person under the age of 16 years. This age may vary by countries (for example the age of 13 years in Sweden).
We process your personal data on the basis of your consent and to pursue our legitimate interests, which include our legitimate interest to transmit your personal data to our affiliates for administrative purposes, to ensure network and information security and our commercial company interest, including direct marketing. You always have the right to withdraw consent at anytime. If you would choose not to share the requested personal data with us, we would not be able to meet some of our purposes, as described in this privacy policy.
-
Job applicants
We may process personal data that is submitted by you during your online or paper application process, personal data that is collected by us as part of the recruitment process and personal data that is submitted in our Candidate Pool (as defined below). We may from time to time receive information relating to your job application from third parties, such as recruitment agencies, head-hunters and parties performing reference checks. You may also be requested to provide additional information, such as your address, cover letter, relevant education and any other relevant information required for APMT to evaluate your application. You may be requested to respond to various assessment tests, including assessment tests on logical reasoning and personality profiling. You will be informed prior to any collection of your personal data, including in case of references being collected during the recruitment process if required according to applicable local law. If you are applying for a position where health certification is required by law or internal policy, for example in all positions offshore, you may also be required to participate in a health examination in compliance with applicable local law.
If you are applying for a position where a criminal history record, credit report or visa/work permit etc. is required by law or internal policy, you may be required to provide these as well, in compliance with local law.
We may process your personal data for the following purposes:- Assessing your candidacy for our available positions;
- HR and personnel administration purposes;
- Evaluating the use of our websites for statistical purposes and for compliance with any laws to which APMT is subject.
To apply for a position online within APMT you have to register a profile on our website using a username and a password of your own choice. Your username and password will be required to gain access to your profile. You can also register a profile without applying for a specific position or without releasing your profile in the Candidate Pool (as defined below).
Please be informed that if you choose to apply for a job with APMT, we may request you to provide information on persons whom you allow us to contact for reference purposes. We will only collect information from such references that is adequate and relevant to assess your qualifications, experience and areas of improvement.
If you are below the local legal age applicable in your country please make sure to consult your parents/legal guardian before applying for a position with APMT. Please also be informed that APMT requires your parents’/legal guardian’s consent before an employment relationship may be established.
We remove all personal data that relates to recruitment processes within a period of 4 weeks after the end of the recruitment process. If you provide us your consent, we may store your personal data for a longer period in our Candidate Pool.Types of personal data
When applying for a position within APMT, you will be requested to submit personal data to your profile, such as your name, email address, mobile phone number, your primary language and an attachment of your resume/CV. You may also be requested to provide additional information, such as your address, cover letter, relevant education and any other relevant information required for APMT to evaluate your application. You may be requested to respond to various assessment tests, including assessment tests on logical reasoning and personality profiling. You will be informed prior to any collection of your personal data, including in case of references being collected during the recruitment process if required according to applicable local law. Furthermore, we will inform you before we start collecting references if required according to applicable local law.
If you are applying for a position where health certification is required by law or internal policy, for example in all positions offshore, you may also be required to participate in a health examination in compliance with applicable local law.
If you are applying for a position where a criminal history record, credit report or visa/work permit etc. is required by law or internal policy, you may be required to provide these as well, in compliance with local law.If your application is successful, the job offer may be conditional on pre-employment checks being carried out to APMT’s satisfaction. You will be informed beforehand whether a pre-employment check is part of the recruitment procedure. After a pre-employment check is performed, you will also be informed about its outcome.
APMT is an equal opportunity employer (in accordance with applicable law) and makes all employment-related decisions entirely on merit and qualifications. Consequently, you should only include information relevant for the review of your application, and disregard information such as your race or ethnic origin, your political or philosophical orientation, your religious beliefs, your union memberships or your sexual orientation. If you are applying for a position in the US you will be asked to provide certain specific demographic information in a separate questionnaire due to APMT’s obligation to collect information for equal opportunity compliance purposes. The assessment of your application will not be affected in any way should you choose not to provide the listed information.
Legal bases
We process your personal data on the basis of your consent and to pursue our legitimate interests, which include our legitimate interest to transmit your personal data to our affiliates for administrative purposes, to ensure network and information security and our legitimate interest to make sure that future staff is honest and reliable. If you would choose not to share the requested personal data with us, we would not be able to meet some of our purposes, as described in this privacy policy.
Candidate Pool
The Candidate Pool is a shared pool for candidates to release their profile and share their data in the database for future job opportunities in APMT (“Candidate Pool”). If you decide to release your profile in the Candidate Pool, you explicitly consent to personal data submitted by you during your online or paper application process, personal data collected by APMT as part of the recruitment process and personal data collected by APMT as part of a previous employment process, including but not limited to potential assessment tests results, interview conclusions and an overview of previous applications (and whether they are in process, rejected, etc.) being made available and disclosed to authorised HR professionals around the world, including in territories other than your preferred employment location. The authorised HR professionals may access your profile when recruiting for a specific position, for statistical, operational or other legitimate business purposes, etc.
You may at any time unrelease your profile from our Candidate Pool by logging on to your profile and unchecking the relevant box. Likewise you can check, change and update your personal data at any time by logging on to your profile and clicking “My Profile”.If you are an external candidate who has not applied for a position within APMT but has registered a profile, you will receive an email every 6 months from your last log-in inviting you to update your profile. If you do not update your profile within 1 month of receiving such email, your profile will be deregistered and your data will be deleted irrevocably. If you have released your profile in our Candidate Pool this will also be deregistered and your data herein will also be deleted irrevocably.
If you are an external candidate who has applied for a position within APMT, you will receive an email 4 weeks after the last rejection or 6 months after the time you last withdrew an application (the latter of the two dates), and from here on every 6 months from your last log-in, inviting you to update your profile. If you do not update your profile within 1 month of receiving such email, your profile including your application(s) will be deregistered and your data will be deleted irrevocably. If you have released your profile in our Candidate Pool this will also be deregistered and your data herein will also be deleted irrevocably.
- Visitors, truck drivers and other individuals at our facilities.
APMT may process your personal data when you visit a APMT location. The individuals whose personal data we process include:
- Visitors;
- Truck drivers;
- Boatman;
- Lashers;
- Inland shipping crew members; and
- Ship handlers.
Please note that we have placed CCTV cameras on and around our physical sites. These cameras may from time to time make recordings of you as you pass the areas that are covered by the CCTV cameras. These recordings also qualify as your personal data and therefore are managed by this privacy policy. The camera recordings are removed after 4 weeks, unless there are legal requirements for keeping the recordings for a longer period, for example in case of an investigation of an incident.
In this context, we process your personal data for the following purposes:
- Access control and safeguarding security;
- Prevention of damage and criminal acts and/or acts that are prohibited by APMT’s internal policies and procedures; and
- To conduct internal investigations of suspected criminal/prohibited behaviour.
When you perform work at a APMT location, we may collect your name, postal address, email address, other contact information, company name, job title, visiting purpose and hours, CCTV camera images that are recorded on sites and biometric data for access purposes. We may ask you to provide your ID document, which consequently shall be checked visually, we will not take copies thereof. We may also ask you to provide criminal records, to the extent permitted by applicable law, including criminal records in the context of background checks.
We process your personal data in order to execute the contract between you (or your employer) and APMT, to meet our legal obligations and to pursue our legitimate interests, which include our legitimate interest to transmit your personal data to our affiliates for administrative purposes, to ensure network and information security and safeguarding security on APMT sites. If you would choose not to share the requested personal data with us, we would not be able to meet some of our purposes, as described in this privacy policy. - Contractors
APMT may process your personal data when you are a contractor who is executing works on location at a physical APMT site. In this context, we process your personal data for the following purposes:
- Access control and safeguarding security;
- Human resources and personal management;
- Business process execution;
- Prevention of damage and criminal acts and/or acts that are prohibited by APMT’s internal policies and procedures; and
- To conduct internal investigations of suspected criminal/prohibited behaviour.
Please note that we have placed CCTV cameras on and around our physical sites. These cameras may from time to time make recordings of you as you pass the areas that are covered by the CCTV cameras. These recordings also qualify as your personal data and therefore are managed by this privacy policy. The camera recordings are removed after 4 weeks, unless there are good reasons for keeping the recordings for a longer period, for example in case of an investigation of an incident.
In this context, we process your personal data for the following purposes:
- Access control and safeguarding security;
- Prevention of damage and criminal acts and/or acts that are prohibited by APMT’s internal policies and procedures; and
- To conduct internal investigations of suspected criminal/prohibited behaviour.
When you perform work at a APMT location, we may collect your name, postal address, email address, other contact information, company name, job title, working hours and criminal records, to the extent permitted by applicable law, including criminal records in the context of background checks.
Please be informed that we may require contractors to apply for a certificate of good conduct (‘verklaring omtrent gedrag’ or ‘VOG’) prior to having work performed.
We process your personal data in order to execute the contract between you (or your employer) and APMT, to meet our legal obligations and to pursue our legitimate interests, which include our legitimate interest to transmit your personal data to our affiliates for administrative purposes and to ensure network and information security and safeguarding security on APMT sites. If you would choose not to share the requested personal data with us, we would not be able to meet some of our purposes, as described in this privacy policy. - Customers, Suppliers and Business Partners
APMT processes personal data if we have, want to have, or have had a business relationship with you, or if we have had contact with you. The individuals whose personal data we process include:
- clients and their representatives;
- individuals who show an interest in APMT or our products and services;
- individuals who are connected in another way with a business or organisation with which we have, want to have, or have had a business relationship;
- security providers; and
- potential clients.
In this context, we process your personal data for the following purpose:
- To enter into a business relationship and agreement with you;
- To perform agreements and carry out instructions;
- To ensure your security and integrity as well as the security and integrity of the APMT;
- To help develop and improve products and services;
- For account management, promotional and marketing purposes;
- To enter into and perform agreements with suppliers and other parties we work with;
- To comply with legal obligations; and
- To carry out business processes and for the purpose of management reports and internal management.
If your business or organisation transfers any personal data concerning employees or other representatives to us, we also expect your employees, executive directors or other representatives to be informed about this. You can give this privacy policy to them so that they can learn how we deal with their personal data.
For the purposes listed above, we may collect your name, postal address, email address, other contact information, information relating to or used for agreements / contracts or financial statements, payment and transaction data, conversations we have with you, and you have with us, by telephone, emails you send to us and which we receive from you, camera images that we take in our premises, information about criminal convictions, data we receive from other parties (e.g. Chamber of Commerce), data we require to combat fraud, to ensure your security and ours, and to prevent money laundering and the financing of terrorism.
We process your personal data in order to execute the contract between you and APMT, to meet our legal obligations and to pursue our legitimate interests, which include our legitimate interest to transmit your personal data to our affiliates for administrative purposes and to ensure network and information security and safeguarding security on APMT sites. If you would choose not to share the requested personal data with us, we would not be able to meet some of our purposes, as described in this privacy policy.
3. Special categories of personal data
Special categories of personal data, information about criminal convictions and the Dutch citizen service numbers (‘burger service nummer’ or ‘BSN’) are sensitive data. Special categories of personal data include data concerning health, biometric data and data which reveal racial or ethnic origin. We only process such information if we are required to do so.
For the Netherlands: we use your citizen service number only if this is permitted by law. In addition, we process special categories of personal data where this is permitted by law, for example because you have given us your explicit consent for this or this information was made public by you, or with your permission. If you give us consent to record special categories of personal data relating to you, or you have made this information public yourself, we will only process the information if this is necessary so that we can provide our services. If you have given us consent to record special categories of personal data, you may withdraw that consent at any time. To do this, please find our contact details below.
4. Automated individual decision-making including profiling
APMT uses automated decision-making in relation to some of your personal data for some services and products. An example is our fraud prevention and detection efforts on our online platforms.
You may request that APMT provides information about the decision-making methodology and ask us to verify that the automated decision has been made correctly.
We may reject the request, as permitted by applicable law, including when providing the information would result in a disclosure of a trade secret or would interfere with the prevention or detection of fraud or other crime. However, generally in these circumstances we will verify that the algorithm and source data are functioning as anticipated without error or bias.5. Using your personal data for any other purpose.
If we would like to use your personal data for any purpose other than the purpose for which it was obtained, we shall only do this as long as the two purposes are closely related. In such case we will provide you with information on that other purpose and any other information that may be relevant in connection thereto.
If there is not a sufficiently strong connection between the purpose for which we obtained the data and the new purpose, we will ask you to give your consent or will rely on another legal basis to process your personal data. If you have given us consent, you may withdraw that consent at any time.
5. Sharing of your personal data
In addition to us sharing your Personal Data with group entities, we may in some situations also share your Personal Data with third parties such as business partners, consultants, agencies, consumers, governmental bodies, courts, and IT hosting, supply and service providers that we use for our group’s IT environment (Third Parties). We only share Personal Data where it is relevant and necessary for us to perform the activities described in this Privacy Notification, for example, the fulfilment of your order, the processing of your payment details, or the provision of support services.
We may share your personal data with members of our group, professional service providers and advisors (such as lawyers, auditors and accountants), courts, governmental bodies/authorities if mandated due to legal or regulatory requirements. Access to your personal data will be limited to those parties that require access for the performance of their tasks.
We may further use third-party Service providers such as Google Analytics to monitor and analyse the use of our Service and gain insights on user behaviour on apmterminals.com. The purpose of using Google Analytics is to improve user experience. No personal data of our website users will be shared with Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy.
6. International transfer of personal data
As a global group APMT may transfer personal data collected by us on an aggregated or individual level to various divisions, subsidiaries, joint ventures and affiliated companies of APMT around the world for the purposes stated above, as well to data processors outside of APMT in different countries globally for storage and service purposes. We may also transfer your personal data to third parties, such as our professional service providers or advisors, to countries that do not provide an adequate level of protection. We make sure that suitable safeguards are put in place for such transfer, such as standard contractual clauses. Transfers to non-adequate countries by us satisfy the requirements under the applicable law.
Your Personal Data will not be disclosed to anyone outside APMT unless permitted or required under applicable legislations and regulations and where necessary subject to appropriate written assurances from third parties who have access to your personal data, in which they must guarantee that they will protect the data with security measures designed to provide an adequate level of protection.
Unless you are otherwise notified, any transfers of your Personal Data will be based on applicable local data privacy laws, which among other includes appropriate international data transfer mechanisms and safeguards such as an adequacy decision, Standard Contractual Clauses, and/or Binding Corporate Rules.
You can always request a copy of the transfer mechanisms, which includes the transfer of personal data, by filling out this contact form.
China specific addendum re data export
To fulfil the purposes indicated in this policy, we may need to transfer your personal data to our entity located outside of mainland China, i.e., the headquarter of APMT, APM Terminals B.V. When exporting personal data to jurisdictions outside of mainland China, we will implement appropriate protective measures as required by applicable laws to ensure the proper safeguarding of your personal data. These protective measures include, but are not limited to, conducting Personal Information Protection Impact Assessments, entering into the Standard Contract for Personal Information Export published by the Cyberspace Administration of China, and filing to the authority.
In accordance with applicable legal requirements, we will seek your valid consent to fulfil our legal obligations before exporting your personal data. You have the right to refuse or withdraw your consent. Please note that this may impact the services we can provide to you, depending on the circumstances and applicable laws.
We will actively take reasonable measures to ensure that your personal data is adequately protected during the exporting process to uphold your rights. We will adhere to applicable data protection laws and regulations to secure the safety of your personal data.
Specifically, your personal data will be provided to the following overseas recipient:
- Name of the recipient: APM Terminals B.V.;
- Contact information: please contact us via this contact form;
- Purpose and means of processing include:
o Service Delivery: Providing logistics services to customers;
o Agreement Fulfilment: Meeting contractual obligations;
o Compliance Documentation: Documenting quality and compliance;
o Marketing: Engaging in marketing activities; - Types of personal data that may be exported include:
o Name;
o Address;
o Contact information (Email, Phone number);
o Date of birth; - Destination country/region: Netherlands.
7. Security measures
We choose to use suppliers that implement security in accordance with industry practices for good IT security, and we only use encrypted data communications when transferring sensitive and confidential personal data. We also maintain organizational, physical, and technical security arrangements for all the personal data we hold. We have protocols, controls and relevant policies, procedures, and guidance to maintain these arrangements taking into account the risks associated with the categories of personal data and the using we undertake. We store personal data on servers with limited access located in secured facilities, and our security measures are evaluated on an ongoing basis. The servers are protected by anti-virus software and firewalls, among other measures.
8. Cookies
We may use information storage (commonly known as cookies) to allow you to more easily use our site and to enhance performance. We use cookies for multiple purposes. Please find our cookie policy here for more information.
9. Personal Data retention
APMT stores your personal data for as long as it is necessary to fulfil the purpose of the use, unless APMT is obliged under applicable laws and regulations or is entitled to store the personal data for a longer period, more specifically:
- We retain your personal data as long as we have an ongoing relationship with you (in particular, if you have an account with us or have not withdrawn your marketing consent).
- We will only keep the personal data while your account is active or for as long as needed to provide services to you.
- We retain your personal data for as long as needed in order to comply with our global legal and contractual obligations.
We will also retain your Personal Data where this is advisable to safeguard or improve our legal position (for instance in relation to statutes of limitations, security, litigation, or regulatory investigations).
Data Subjects rights
You are entitled, in the circumstances and under the conditions, and subject to the exceptions, set out in applicable law, to:
- Request access to the personal data we use about you: You have the right to ask us for information about or access to your personal data. There are some exemptions, which means you may not always receive all the data we use.
- Request rectification of your personal data: this right entitles you to have your personal data be corrected if it is inaccurate or incomplete.
- Object to the use of your personal data: this right entitles you to request that we no longer use your Personal Data. However, it only applies in certain circumstances, and we may not need to stop the use if we can give legitimate reasons to continue using your personal data.
- Request the erasure of your personal data: this right entitles you to request the erasure of your personal data in certain circumstances.
- Request the restriction of the use of your personal data: this right entitles you to request that we only use your personal data in limited circumstances, including with your consent.
- Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used, and machine-readable format) of personal data that you have provided to us or request us to transmit such personal data to another data controller.
- Withdraw your consent: You can withdraw your consent at any time by opting out in the email or by contacting us. However, this will not affect our right to use personal data obtained prior to the withdrawal of your consent, or our right to continue parts of the use based on other legal bases than your consent.
- File a complaint: You can always lodge a complaint with a data protection authority, for example the Danish Data Protection Agency.
Please note that certain personal data may be exempt from the above-mentioned rights pursuant to applicable data privacy laws, or other laws and regulations.
Contact information
Please contact our Data Privacy Compliance Team by filling out this contact form or send a letter to A.P. Møller - Mærsk A/S, Esplanaden 50, DK-1263 Copenhagen K, Denmark Attn: the Chief Data Protection Officer, if you have a general question about how APMT uses and/or protects your personal data, if you wish to exercise your rights, or if you wish to make a complaint about how APMT uses your personal data.
10. Your rights
You have the right to request us to provide you access to your personal data, or to rectify or erase it. You also have the right to object to the processing, to request restriction to the processing as well as data portability. We would gladly hear your questions and complaints concerning our processing of your personal data, please find our contact details below. If you are not satisfied with our response and/or solution, note that you have the right to withdraw consent at any time and the right to lodge a complaint with your local supervisory authority.
11. Contact details
If you have any questions or comments or wish to exercise your rights under applicable laws, please contact our privacy team via this contact form.