1. Introduction
We are Stena Line Scandinavia AB with company registration number 556231-7825 (“Stena Line”) and are responsible as data controller for the processing of your personal data. All references in this privacy policy to “we”, “us” or “our” should be considered a reference to Stena Line. Our contact information is included in the end of this privacy policy.
Our following Stena Line Group companies are involved in the video surveillance as data processors:
Stena Line Danmark A/S
Stena Line Polska Sp. z o.o.
Stena Line BV
Stena Line Stevedoring BV
Stena Line Ltd.
Stena Line Irish Sea Ferries Ltd.
Baltic RoRo Services GmbH
SIA Stena Line
Stena Rederi A/S
Retail and Food Services in Sweden AB
Buro Scanbrit
2. Scope of privacy policy
This privacy policy covers Stena Line’s processing of video surveillance in our terminals, ports, offices and onboard our ferries. The processing addresses all individuals ( visitors, customers, employees, entrepreneurs, partners) who visit us in our terminals where we operate, travel on our ferries or work for us in terminals and ports or on our ferries and can be seen and identified through the recorded material. This covers also publicly accessible areas of the terminals together with adjacent service areas (cash desk windows, check-in and boarding) and passenger movement areas. Video surveillance operates 24 hours a day and covers only visual recording.
There is no recording of any sound in any place. Sanitary facilities are excluded from the surveillance.
As soon as you enter an area where video surveillance is performed, you will be notified of the monitoring by graphic signage.
3. What categories of your personal data do we process?
Stena Line processes the following categories of personal data:
- Still images and short video sequences of you (no recording of sound)
- If applicable, information about your eventual vehicle incl. car registration number
4. For what purposes do we process your personal data, what is the legal basis for such processing activities and for how long is the data stored?
Stena Line processes your personal data for the purposes set forth below. For each purpose Stena Line must have a legal basis. A legal basis could e.g. be (i) your consent to the relevant processing activity, (ii) that the processing is necessary in order for the performance of a contract to which you are a party, (iii) that processing is necessary for the compliance with a legal obligation, or (iiii) that Stena Line or a third party has a legitimate interest to process the personal data which is not overridden by your interest of not having the personal data processed. Under each purpose listed below, the legal basis that Stena Line relies on will be identified.
The purpose of the surveillance is mainly for Stena Line to ensure a safe environment for all individuals as well as to support the company’s preventive work against serious incidents that pose threats to individuals or property and in investigation of damage and thefts. The surveillance also aims to prevent unauthorised visits in restricted areas in ports, offices or on vessels as well as visual support for Stena Line’s Safety & Security department.
Stena Line’s companies are also obliged to follow legal requirements. The International Ship and Port Facility Security (ISPS) Code is an amendment to the Safety of Life at Sea (SOLAS) Convention (1974/1988) on maritime security including minimum security arrangements for ships, ports and government agencies. It prescribes responsibilities to governments, shipping companies, shipboard personnel, and port/facility personnel to “detect security threats and take preventive measures against security incidents affecting ships or port facilities used in international trade”. The EU has enacted the regulations with EC Regulation (EC) No 725/2004 of the European Parliament and of the Council of 31 March 2004, on enhancing ship and port facility security. The UK has enacted The Ship and Port Facility (Security) Regulations 2004.
In the event of an incident, the purpose of storing video recordings is to secure evidence in order to forward this material to relevant state services or bodies (e.g. Police, authorities, courts, prosecutor’s office, etc.) and other authorized entities (e.g. insurers).
Video surveillance recordings are as a rule automatically overwritten or deleted no longer than 30 days after the recording date, where the exact moment of overwriting or deleting a recording depends on the technical features and/or memory capacity of the particular recoding equipment or system. In the event of an incident or if the recording is part of a police report or ongoing police investigation, the surveillance recording may be processed for the period necessary to establish or assert any claims related to that incident or to defend against such claims.
Below you find a table that summarises purpose, legal ground and storage period.
Purpose | Legal ground | Storage period |
Ensure the safety of individuals | Legitimate interest | Up to 30 days |
Ensure the safety of property | Legitimate interest | Up to 30 days |
Ensure information security (including business secrets and intellectual property of Stena Line) | Legitimate interest | Up to 30 days |
As part of investigations, determine identities of possible offenders in the event of possible investigations or defense of claims | Legitimate interest | Up to 30 days or until the ongoing process is finalised |
5. Who has access and with whom do we share your personal data?
In order to fulfill the purposes listed above, Stena Line has authorised employees being allowed to access the CCTV systems and recorded material. Depending on the location and kind of route, these authorised employees are part of the listed companies in section 1.
In some locations, the data can be processed by data processors. These are companies that Stena Line has employed for security and surveillance as well as the operation of video surveillance systems. These partners have been chosen carefully and may not use the data for any purposes other than to provide the agreed services which they are employed for by Stena Line.
To fulfill the purposes listed above, Stena Line will share your personal data with the following recipients:
- Securitas Sverige AB, Stockholm, Sweden and its subsidiaries in UK, Ireland, Poland, Denmark, as our Data Processors.
- Relevant state services or bodies (e.g. Police, authorities, courts, prosecutor’s office, etc.) and other authorized entities (e.g. insurers)
- Other companies within the Stena Line Group
6. Will we transfer your personal data outside of the EU/EEA and the UK?
Stena Line process your personal data in the EU/EEA and the UK.
Since we also operate in the UK and on ferry routes between the UK and the EU, the processing of personal data may also mean that data is processed in or transferred to the UK or to the EU. The UK is regarded as a third country, but the EU commission has granted the UK an adequacy decision. The UK Government had already deemed EU countries to be adequate. This means that data can continue to flow freely between the EU and the UK.
There is no transfer of personal data carried out outside the EU / EEA and UK.
7. What rights do you have?
Below is a summary of the rights you have under European data protection legislation. The exercise of these rights is free of charge and you may exercise the rights by sending in a written request. Please do not hesitate to contact us should you have any questions regarding your rights (see contact details in the end of this privacy policy).
Note that Stena Line will always make an assessment of a request to exercise a right to determine whether the request is valid. All rights listed below are not absolute and exceptions may apply.
In addition to the rights set forth below, you always have the right to lodge a complaint with a supervisory authority regarding Stena Line’s processing of your personal data.
a) Right of access. You are upon request entitled to receive a copy of your personal data that Stena Line processes and also to obtain supplementary information about Stena Line’s processing of your personal data.
b) Right to rectification. You have the right to have your personal data corrected and/or completed if it is inaccurate and/or incomplete.
c) Right to erasure. You have the right to request that Stena Line erases your personal data without undue delay in the following circumstances:
-
- the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdraw your consent to a processing activity and there is no other legal basis for the processing;
- you make a valid objection to the processing of your personal data;
- the personal data has been unlawfully processed; or
- the personal data has to be erased for compliance with a legal obligation.
d) Right to restrict processing. You have the right to request restriction of the processing of your personal data in the following circumstances:
-
- the accuracy of the personal data is under examination;
- the processing is unlawful or is no longer needed for the purposes of the processing but you oppose the erasure of personal data and request restriction instead;
- Stena Line no longer needs the personal data but you need the personal data for the establishment, exercise or defence of legal claims; or
- you have objected to the processing of your personal data and such objection is under verification.
e) Right to data portability. Under certain circumstances you have the right to receive the personal data concerning you which you have provided to Stena Line in order to transmit these to another service provider if the processing of the personal data is based on your consent or the performance of a contract.
f) General right to object. You have the general right to, at any time, object to the processing of your personal data that is based on Stena Line’s legitimate interests. If you object we have to demonstrate that we have compelling legitimate grounds for such processing or that we need the personal data for the establishment, exercise or defence of legal claims.
g) Right to object to direct marketing. You have a right to, at any time, object to the processing of your personal data for direct marketing purposes. If you do this, Stena Line may no longer process your personal data for such purposes.
8. How can you contact us?
You may come in contact with us through the following communication channels:
Main office:
Stena Line Scandinavia AB, 405 19 Göteborg, Sweden
Email: [email protected]
Tel.nr: +46 (0) 31 – 85 80 00
Please note that we have appointed a data protection officer that you may contact if you have any questions about the processing of your personal data. Our data protection officer may be contacted at:
Stena Line Scandinavia AB, 405 19 Göteborg, Sweden
Email: [email protected]
Telefon: +46 (0) 31 – 85 80 00
This information was updated 24 January 2022 and the latest version will always be available on this site. The content of the information may be adjusted as laws and regulations change.