GDPR Compliance (EU)
Our Commitment
At Elite Offshore, we place the utmost importance on protecting the personal data of our clients and users, particularly those residing in the European Union. In line with the General Data Protection Regulation (GDPR), we have implemented specific measures to ensure transparent, responsible, and secure management of the information entrusted to us.
What is the GDPR?
The GDPR (Regulation (EU) 2016/679) is a European law that came into force on May 25, 2018. It is designed to strengthen the rights of EU citizens over the handling of their personal data and imposes enhanced obligations on any business that collects or processes such data within the EU, emphasizing transparency, security, and control.
Data Governance and Accountability
At Elite Offshore, our data protection governance is based on :
- Appointment of a dedicated Data Protection Officer (DPO) or designated point of contact
- A comprehensive data processing registry: we record and document every personal data flow within our company, specifying its purpose, the retention period, and the security measures in place
- Restricted access: only authorized personnel, acting for justified purposes, have access to personal data
GDPR Principles We Apply
In all our relations with European clients and partners, we strictly apply the core principles of the GDPR :
- Transparency: we clearly inform you about the collection and use of your personal data (see our privacy policy)
- Purpose limitation: data is collected for legitimate, explicit, and specified purposes only
- Data minimization: we only collect the data strictly necessary for the relevant service
- Accuracy: we ensure that personal data is accurate and kept up to date
- Security: we protect your data against unauthorized access, loss, disclosure, or alteration
Data Security and Technical Measures
The security of your personal data is one of our highest priorities. We have implemented :
- Secure hosting in data centers meeting European standards
- Encryption of all communications between users and our site (SSL/TLS)
- Strict internal procedures for access management and vulnerability detection
- Regular audits and vulnerability assessments
Subcontractors and Partners
When we work with subcontractors or partners who may process personal data (such as banks or IT service providers), we ensure that :
- They provide sufficient GDPR compliance guarantees
- A data processing agreement compliant with Article 28 of the GDPR is in place
- Any data transfer outside the EU is covered by Standard Contractual Clauses or offers an equivalent level of data protection
Data Breach Notification
Should a personal data breach occur (e.g., hacking, data loss), we have a swift protocol in place :
- Notification to the relevant supervisory authority (such as the CNIL or other EU authority) within 72 hours
- Informing affected individuals if the breach is likely to result in a high risk to their rights and freedoms
- Immediate corrective actions to minimize impact and enhance future security
Exercising Your GDPR Rights & Contact
For any questions regarding the management of your personal data or to exercise your rights (access, rectification, deletion, objection, etc.), you can contact our dedicated GDPR point of contact :
- Use the contact form on our website or write directly to the address listed in our legal notice
- Our team will review your request as quickly as possible and provide a response in line with GDPR requirements
For details about your rights, how to exercise them, and all our privacy practices, please see our Privacy Policy.
Evolving Our GDPR Approach
Our GDPR compliance policy is subject to regular updates to reflect :
- Changes in European regulations
- Recommendations from supervisory authorities
- Technological advancements and industry best practices
This page is updated whenever there is a significant change in our data governance.
