1. Data Processing and Data Processing Purposes
1.1 Diana Shipping Inc. (hereinafter: «the Company»), pursuant to the applicable legislation on data protection, and especially with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “General Data Protection Regulation” or “GDPR”) (to the extent that such is applicable), and in its capacity as a data controller, hereby informs you with respect to the processing of personal data it conducts.
1.3 The Company processes your personal data during your or your employer’s cooperation with it, if such exists, while such processing may extend after the completion of such cooperation or despite the absence of such cooperation, if this is required in order for the Company to comply with its legal obligations towards the authorities and/or third parties, due to applicable provisions on the obligatory data retention periods or if such retention is required for the establishment, exercise and/or support of legal claims.
1.4 The Company processes your data on the following legal grounds: (a) to comply with its legal obligations, (b) to fulfill its obligations and/ or satisfy its rights deriving from an agreement between you and the Company, (c) to satisfy its legitimate interests, such as to ensure the security of persons and property, to fulfil its legal/contractual obligations, to assess its counterparties, to establish, exercise or defend legal claims and to conduct business communications, and/or (d) to process your personal data on the basis of your consent.
1.5 The Company processes your data for the following purposes of processing: (a) to comply with its legal and contractual obligations, (b) to receive services, (c) to assess its counterparties and (d) to conduct business communications.
2. Transfer of personal data to third parties
2.1 Your data may be made accessible to the Company’s personnel, to other subsidiaries of Diana Shipping Inc., as well as to third parties, such as the competent authorities, travel agents, airlines, advisors, consultants, investigators and other legal entities employed by the Company, accountants, auditors, lawyers and legal counsels, IT companies providing technical or cloud services or i-storage platforms and banks.
2.2 The Company may also transfer some or all your data for the above purposes to persons located in third countries, non-members of the European Economic Area (EEA). In case where such countries have not been granted with an adequacy decision by the European Commission, any transfer shall take place under the appropriate safeguards in accordance with the GDPR, such as Standard Contractual Clauses approved by the Commission or by the competent national authority, or appropriate contractual clauses between the Company and the recipient of such data.
3. Your rights
To the extent that the GDPR applies to the processing of your personal data, you have the right to: (a) be informed and request access to your data and to information relating to the processing thereof by the Company, (b) request corrections and/or the completion of your data, (c) request the deletion of your data, (d) request the restriction of the scope of processing and the way and/or purposes for which we process them, (e) receive the data you provide to the Company and transmit them and/or request their transmission to another data controller, (f) object to the processing of your data, (g) file a complaint before the competent supervisory authority, and (h) so far as the processing relies upon your consent, withdraw such consent. To exercise your rights, please contact the Company at firstname.lastname@example.org.