Marlink Group Privacy Policy Notice
Effective Date: September 30, 2022
The Marlink Group Privacy Policy Notice
LAST UPDATED: December 8, 2023
The Marlink Group (“Marlink,” “we,” “us,” or “our”) values your privacy. In this Privacy Policy Notice(“Policy”), we describe how we collect, use, and disclose information that we obtain about visitors to our website https://www.marlink.com (the “Site”) and corporate offices (collectively, the Site and corporate offices are referred as the “Services”), information collected to access our customer portal, information about the end-users who use the services of our satellite communications customers, as well as information collected about our employees.
Table of Contents
1. Scope and Consent
2. Definition of “Personal Information”
3. Information Practices: How We Collect, Use, Retain, and Disclose Personal Information
4. Summary of Information Practices in Last 12 Months
5. Our Use of Cookies
6. Third-Party Links
7. Security of My Personal Information
8. Children’s Privacy
9. GDPR Compliance
10. Additional Choices
11. Contact Us
12. Changes
1. Scope
The services we provide require us to collect, store and process data. When doing so, we are committed to ensuring the protection and security of all data pertaining to our customers, prospects, suppliers, business partners and employees.
We want our company’s name to stand for setting the highest possible standard in data protection. As a globally operating corporation we view it as our duty to meet, and when possible, exceed requirements of all applicable laws and regulations and industry standards as well as implement the industry’s best practices.
Our Privacy Policy lays out strict requirements for handling personal information pertaining to customers, prospects, business partners and employees. It meets the requirements of the European Data Protection Regulation and ensures compliance with the applicable principles of national and international data protection laws in force in all jurisdictions where we and our affiliates and subsidiaries have a business presence. The Policy sets a globally applicable data protection and security standard for our company and regulates the sharing of information between our business units, subsidiaries, and affiliates.
As part of the overall compliance effort, we are committed to comply with the Privacy Principles pertaining to (1) Notice, (2) Data Integrity and Purpose Limitation, (3) Choice, (4) Security, (5) Access, (6) Accountability for Onward Transfer, and (7) Recourse, Enforcement and Liability.
2. Definition of "Personal Information"
When used in this Notice, “Personal Information” means any information relating to an identified or identifiable natural person or their household; an identifiable person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his physical, physiological, genetic, mental, economic, cultural or social identity.
3. Information Practices: How we Collect, Use, Retain, and Disclose Personal Information
The information we collect through the Services is controlled by Marlink AS, which is headquartered in Norway at Lysaker Torg 45 NO-1366. The information collected through services offered through our customers is controlled by our customers.
The Information We Collect About You
We collect information about you directly from you and from third parties, as well as automatically through your use of our Site and Services.
Information We Collect Directly From You Through the Site
The information we collect from you depends on how you use our Site. When you contact us through the Site, we may collect identifiers such as your name, email address, company name, country of origin, phone number, and your reasons for contacting us.
Information We Collect About End-Users of our Customers’ Services.
To provide the service offerings, it is sometimes necessary for us to collect certain Personal Information about users of such service offerings, including, but not limited to, account username, IP address (local and public), session information and other usage data. It is important to note that some of this Personal Information may be provided to us by our customers.
To the extent necessary for management of the service offerings, security purposes and statistical purposes, we may retain collected Personal Information for a limited period of time, after which time, the information will be discarded or destroyed. Where possible, any such retained Personal Information will be stripped of personal identifiers and rendered anonymous.
Customer billing and carriage of communications traffic associated with some of the service offerings may be conducted by one or more of our customers, e.g., a user’s home Internet service provider. As a result, an end user’s customer relationship is with such Internet service provider.
Information We Collect Through Our Corporate Customer Relationships.
To manage our customer relationships with our service partners, we collect identifiers and employment-related information about and from our customers’ employees. To request access to our customer portal, you may provide us with identifiers or employment-related information such as your name, your job title and the name of the customer company you work for; your contact information, such as your business email and phone number; and the username and password you would like to use to access the portal. We may seek other employee identifiers to administer our corporate customer contracts and to market our products and services to corporate customers.
Information We Collect Through Our Vendor/Supplier.
To manage our relationships with our vendor/supplier and to provide access to our portals, we collect identifiers and employment-related information about and from our vendor/supplier employees. To request access to our vendor/supplier portals, you may provide us with identifiers or employment-related information such as your name, your job title and the name of the Marlink Group vendor/supplier you work for; your contact information, such as your business email and phone number; and the username and password you would like to use to access the portal. We may seek other personal information to administer our vendor/supplier due diligence process and contracts.
Information We Collect Automatically.
We automatically collect the following identifiers and internet or other electronic network activity information about your use of our Site through cookies or other technologies: your domain name, your browser type and operating system, web pages you view, links you click, your IP address, the length of time you visit our Site, and the referring URL, or the webpage that led you to our Site. Please see the section “Our Use of Cookies” below for more information.
How We Use Your Information
We use your information, including your personal information, for the following purposes:
- To provide our services to our customers, to provide access to our portals, to communicate with you about your use of our Site or Services, to respond to your inquiries, and for other customer service purposes.
- To tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Site.
- For marketing and promotional purposes. For example, we may use your information, such as your email address, to send you a welcome email, news, and newsletters, special offers, and promotions, or to otherwise contact you about products, services or information we think may interest you.
- To better understand how users access and use our Site, both on an aggregated and individualized basis, in order to improve our Site and respond to user desires and preferences, and for other research and analytical purposes.
- To administer surveys and questionnaires.
- To administer our customer and supplier/vendor contracts. For example, we will use a customer’s and supplier/vendor’s employee’s contact information to send our invoices or to send service communications.
- To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal processes; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.
- To protect the safety, rights, property, or security of Marlink, our services, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity that Marlink, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; to conduct audits; and to enforce this Notice.
We Do Not Sell Your Personal Information
We have not sold your personal information in the preceding 12 months and do not intend to sell in the future without your prior written consent. We do not and will not sell the personal information of minors under 16 years of age without affirmative authorization.
Data Retention
Your information will be retained in accordance with our Data Retention Policy [1] which is designed to retain data for as long as needed for us to comply with our contractual obligations, employment obligations, and other business purposes, including global legal obligations to retain data.
[1] IS.PY.7.5 – Marlink Group Document Control & Record Retention Policy, a copy of this policy is available on request from legal@marlink.com.
4. Summary of Information Practices in Last 12 Months
The below table summarizes our personal information collection, use, and sharing practices in the preceding 12 months since we last updated this Notice. As reflected in this table, we may share your personal information with the below entities.
| Category of Personal Information Collected | Examples | Categories of Sources | Commercial/Business Purpose | Categories of Third Parties with Whom Marlink Shares PI |
|---|---|---|---|---|
| Professional or Employment-related Information | Job history, educational history, First Name, Last Name, Physical Address | Applicants, corporate customers, and outside sources such as credit bureaus | Process and evaluate applications for positions with Marlink, administrative purposes | Service providers such as HR vendors, cloud providers or payroll processors |
| Business Contact | First Name, Last Name, Login ID, Password, phone number, email address, physical address, job title | Business Contacts | Administration of corporate customer and vendor/supplier contracts, education and marketing of our products and services to corporate customers, access to our portals or systems | Cloud service provider |
| Marketing Contact/Subscriber | First Name, Last Name, email address | Marketing contact directly, Subscriber directly | Education of our new products and services, our events at trade shows, communications | Cloud service provider |
| Corporate Website Visitor | IP Address, referring URL | Corporate Website Visitor | Education of our new products and services | Cloud service provider |
| Corporate Office Visitor | First Name, Last Name | Corporate Office Visitor | Security, Allowing Access to our Corporate premises | N/A |
Information We Collect as a Service Provider on Behalf of our Customers
| Identifiers | Full name, email address, phone number, account login | You, your Internet service provider | Processing payments, customer services, protecting against malicious, deceptive, fraudulent, or illegal activity and enabling or effecting, directly or indirectly, a commercial transaction | Service providers, legal counsel, law enforcement authorities, and those involved in legal proceedings, with consent |
| Unique identifiers or personal identifiers | IP address, MAC addresses | You | Processing or fulfilling orders and transactions, and enabling or effecting, directly or indirectly, a commercial transaction | Service providers |
| Internet and other network activity | Browsing activity | You, Your mobile devices and computers | Customer inquiry and troubleshooting purposes | Your Internet service provider |
5. Our Use of Cookies
We and our third-party service providers may use cookies or other tracking mechanisms to track information about your use of our Site.
Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Our Site uses functional cookies, strictly necessary cookies, performance cookies and targeting cookies. For further details regarding cookies used on our Site and to adjust your settings, please consult the information included in the Cookie‘s policy page in this portal.
Disabling Cookies. You can enable and disable the various cookies used on our site following the information included in the Cookie‘s policy page in this portal. Please also note that most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future.
The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.
Service Provider Analytics. We use automated devices and applications, such as Google Analytics, to evaluate usage of our Site. We also may use other analytic means to evaluate our Site. We use these tools to help us improve our Site, performance, and user experiences. These entities may use cookies and other tracking technologies to perform their services. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.
6. Third-Party Links
Our Site may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Notice but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.
7. Security of my Personal Information
We have implemented reasonable security measures to protect the information we collect from unauthorized access, exfiltration, theft, loss, misuse, disclosure, alteration, or destruction. Please be aware that despite our best efforts, no data security measures can guarantee security.
You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
8. Children's Privacy
Our Site is not directed to children under the age of sixteen (16), nor do we market products or services to such children. We request that children do not provide personally identifiable information through our Site. We do not knowingly collect information from children under 16 without parental consent.
9. GDPR Compliance
When we act as Data Controller: If we process your Personal Information in our capacity as a data controller, the following applies:
Where there is a statutory or contractual requirement that you provide information to us, or where it is necessary to enter into a contract with us, not providing such information may actually restrict us from entering into an agreement.
We collect, use, and share your Personal Information where we are satisfied that we have an appropriate legal basis to do so. This may be because:
- Our use of your personal information is in our legitimate interest as a commercial organization (for example: in order to make improvements to our products and services and to provide you with information you request); you have a right to obtain your information upon request and to object to the processing as explained in the section below titled Your Legal Rights;
- Our use of your Personal Information is necessary to initiate or maintain employment or requirements within the scope of human resources’ regulations or processes.
- Our use of your Personal Information is necessary to comply with a relevant legal or regulatory obligation that we have (for example: where we are required to disclose personal information to a court); or
- Our use of your Personal Information is in accordance with your consent (for example: when you consent to the receipt of a welcome email, news, newsletters, and marketing communications).
If we process your data as a Data Processor: For certain activities where we provide satellite communications services to our corporate customers, including Internet service providers, we act only on the instruction of those corporate customers. In those situations, the corporate customer is the Data Controller for that purpose. Where we process your data in our capacity as a data processor on behalf of the Data Controller, you may exercise your data subject access rights by contacting your Internet service provider or the entity providing the service directly.
Your Legal Rights under GDPR: Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, European Union individuals have certain rights in relation to your Personal Information:
Right to access, correct, and delete your personal information: You have the right to request access to the Personal Information that we hold about you, and: (a) the source of your Personal Information; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your Personal Information may be transferred. You also have the right to request that we delete your information. We are not required to comply with your request to erase Personal Information if the processing of your Personal Information is necessary for compliance with a legal obligation or for the establishment, exercise, or defence of legal claims.
Right to restrict the processing of your Personal Information: You have the right to restrict the use of your Personal Information when (i) you contest the accuracy of the data; (ii) the use is unlawful but you do not want us to erase the data; (iii) we no longer need the Personal Information for the relevant purposes, but we require it for the establishment, exercise, or defense of legal claims; or (iv) you have objected to our Personal Information use justified on our legitimate interests verification as to whether we have a compelling interest to continue to use your data.
We can continue to use your Personal Information following a request for restriction, where:
- we have your consent; or
- to establish, exercise or defend legal claims; or
- to protect the rights of another natural or legal person.
Right to data portability: To the extent that we process your information (i) based on your consent or under a contract; and (ii) through automated means, you have the right to receive such Personal Information in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller.
Right to object to the processing of your Personal Information: You can object to any processing of your Personal Information which has our legitimate interests as its legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
Where processing is based on consent, you have the right to withdraw your consent at any time.
You have a right to contact your supervisory authority in the state of your habitual residence or place of work.
How to Exercise Your Rights: In situations where we are a Data Controller, if you would like to exercise any of the rights described above, please send an email request to dpo@marlink.com. In your message, please indicate the right you would like to exercise and the information that you would like to access, review, correct, or delete.
We may ask you for additional information to confirm your identity and for security purposes, before disclosing the Personal Information requested to you. We reserve the right to charge a fee, where permitted by law, for instance, if your request is manifestly unfounded or excessive.
We may not always be able to fully address your request, for example, if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Cross-border Transfer of Information: Marlink maintains and has servers and systems mainly in Europe and the United States hosted by Marlink or its service providers. We also may subcontract the processing of your data to, or otherwise share your data with, other third parties in the European Union, the United States or countries other than your country of residence. As a result, where the Personal Information that we collect through the Site or in connection with providing services to or administering our relationship with a corporate customer and vendor/supplier is transferred to and processed in the United States or anywhere else outside the European Economic Area (EEA) for the purposes described above, we will take steps to ensure that the information receives the same level of protection as if it remained within the EEA, including entering into data transfer agreements, using the EU Commission approved Standard Contractual Clauses or, as applicable, relying on other transfer mechanisms provided in the GDPR, for instance the Marlink AS Binding Corporate Rules. You have a right to details of the mechanisms under which your data is transferred outside the EEA. The list of the countries where your data may be transferred to is available upon request.
10. Additional Choices
What Choices Do I Have Regarding Promotional Emails?
We may send periodic promotional emails to you. You may opt-out of such promotional emails by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving promotional emails, we may still send you emails about your account or any services you have requested or received from us.
Access To My Personal Information
If you have created an account to access any of our customer and vendor/supplier portals, you may modify the Personal Information that you have submitted by logging into your account and updating your information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Services for a period of time.
11. Contact Us
Questions or comments regarding Marlink’s Privacy Notice should be submitted to Marlink by mail or e-mail at the addresses provided below. Any complaints regarding Marlink’s adherence to this Privacy Notice or the requirements of the European General Data Protection Regulation, should be addressed to Marlink by mail or email at Marlink AS (Attn: Legal Department), Lysaker Torg 45, 1327 Lysaker, Norway, email: dpo@marlink.com .
12. Changes
Marlink may change this Notice and the related Privacy Policy from time to time, consistent with the requirements of the relevant laws and regulations. Marlink will post any revised Notice in its work places, train its employees about any substantive changes, if necessary, and will publish any amended Privacy Policy on this website or any similar website.