Passenger list information

Shipping companies duly verify to the organization conducting the registration and granting access that the particular vessels are owned by the shipping companies and their personnel perform the registration and other activities on behalf of the companies.

It must be ensured that only authorized personnel (as recorded in the registration) may have access to the interface by complying with the following new regulations:

- The physical and logical protection of the interface access (only authorized personnel have physical access to the computer and passwords). Further levels of IT security are to be determined (firewall, antivirus software, logging, backup etc.)

- Only authorized personnel may upload files.

- The list of authorized personnel is recorded and updated (former members of the personnel are removed from the records)

- The data management guide and the privacy policy of the shipping company are compiled/modified in line with the present regulation. Passsengers are informed about the data management guide, whereas the personnel are made familiar with the privacy policy in a verifiable manner.

The Obligations of the Authorized Personnel:

- Login data (username, password) must be handled with great care. They mustn’t be given away to any third parties.

- Authentication of data to be uploaded in line with the internal procedure of the company prior to uploading.

- The personnel are obliged to report any incidents regarding personal data, data protection and information security immediately.

- The personnel are obliged to handle personal data confidentially.

The Shipping Companies are responsible for the authenticity of the uploaded data, data handling and the rectification of data by the authorized personnel. The Companies are also responsible for providing updated information about their personnel to the organization granting access.