GDPR Compliance Statement

Effective Date: January 1, 2025

Last Reviewed: January 1, 2025

§1. Commitment to Global Data Protection Standards

Seaway Export affirms its commitment to safeguarding personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and all applicable international privacy frameworks. As a global logistics provider, we treat personal data not merely as a compliance obligation, but as a foundation of trust, transparency, and operational integrity.

1.1 Privacy by Design and Default

Seaway Export incorporates GDPR principles into every stage of system design, data workflows, and operational procedures. All new platforms, services, and partnerships undergo a privacy impact assessment to ensure data minimization, pseudonymization where applicable, and privacy-enhancing technologies.

1.2 Data Minimization and Lawful Processing

We collect and process only the minimum personal data necessary for clearly defined and lawful purposes. Personal data is not reused or repurposed without appropriate legal basis and documentation. Data retention periods are defined, and deletion protocols are enforced through secure methods.

§2. Your Rights as a Data Subject

Seaway Export empowers all individuals whose personal data we process—including clients, employees, vendors, and website visitors—with the following rights under the GDPR:

Right of Access

Obtain confirmation of whether we hold personal data about you and request a copy.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure ("Right to Be Forgotten")

Request deletion of your personal data, subject to contractual and legal limitations.

Right to Restrict Processing

Request a temporary or permanent halt to specific data uses.

Right to Data Portability

Receive your data in a structured, machine-readable format and transmit it to another controller.

Right to Object

Object to processing based on legitimate interest, including profiling or direct marketing.

To exercise your rights, please contact our Data Protection Officer (see §4).

§4. Contact: Data Protection Officer (DPO)

Our appointed Data Protection Officer (DPO) ensures regulatory compliance, manages risk assessments, and serves as your point of contact for all privacy-related inquiries.

Contact Information:

📧 Email: info@seawayexport.com

đź“ž Phone: +1-800-380-9315

📬 Mailing Address:

Seaway Export UA, LLC

Attn: Data Protection Officer

440 Telfair Rd, Unit A

Garden City, GA 31415

United States

§5. International Data Transfers

Seaway Export may transfer personal data from the European Economic Area (EEA) or the UK to countries outside those jurisdictions only when:

  • The European Commission or UK ICO has issued an adequacy decision;
  • We have entered into Standard Contractual Clauses (SCCs) or International Data Transfer Agreements (IDTAs); or
  • Other legally recognized safeguards exist, such as binding corporate rules, derogations under Article 49 GDPR, or customer-approved mechanisms.

We maintain encryption, access controls, and system audit trails to protect transferred data from unauthorized access or compromise.

§6. Security Measures

Seaway Export applies multi-layered security controls, including:

  • Transport Layer Security (TLS) and email encryption
  • Role-based access controls (RBAC)
  • Activity logging and intrusion detection
  • ISO-aligned business continuity and data recovery policies
  • Privacy risk assessments and training for all staff with data access

These controls are reviewed semi-annually and audited as part of our compliance framework.

§7. Complaints and Enforcement

If you believe your personal data has been misused, mishandled, or unlawfully processed, you may file a complaint with:

  • Your local Data Protection Authority in the EEA, or
  • The Data Protection Authority of the country where the issue occurred.

đź“Ť List of European Data Protection Authorities:
https://edpb.europa.eu/about-edpb/board/members_en

đź“‹

TABLE OF CONTENTS