Privacy policy

At Ports of Jersey, we are committed to protecting your privacy. This privacy notice explains what information we collect, how we collect it and how that information is then used. This information is referred to as your ‘personal data’ and is managed in accordance with the Data Protection Jersey (2018) Law.

Definitions

‘We’, ‘our’ or ‘us’ means Ports of Jersey.

‘You or ‘your’ means any person using the services of Ports of Jersey.

‘Information’ or ‘data’ means all the different forms of information you provide us and which we collect in carrying out our duties and in providing services to you.

Why we collect your personal data

We collect your personal data to

  • help keep the public, our customers and employees safe and secure
  • comply with our obligations under Tax and Customs and Immigration legislation
  • operate any online applications and services used to promote a better customer experience
  • comply with our operational policies and procedures and the terms of our maritime and aviation operator’s

We are the Data Controller of your information. We endeavour to structure our core business activities in a clear and transparent manner, reflecting the different ways we may interact with you. These include, but are not limited to

  • airport operations
  • digital platforms (social media and websites)
  • emergency services
  • employee data
  • maritime and marina operations
  • newsletters and mailing lists
  • surveillance (CCTV and body-worn cameras) and court recordings
  • tenants, concessions and property
  • terminals and parking

How and why we obtain your information

We often need to collect information so that we can provide you with our full range of services and fulfil our statutory, regulatory and public obligations. Much of the information we hold comes directly from you. This includes:

  • business partner contracts
  • employment contracts
  • mooring agreements
  • query box on our website
  • supplier contract
  • tenant contracts

In some cases, we gather data as part of our statutory functions, for example CCTV surveillance (including body-worn cameras) at the Harbour and Airport for security and enforcement, safety and regulatory purposes. We also act as third party and joint controllers in certain instances. These are documented in Data Sharing Agreements and/or Processor Controller agreements (as required).

We also hold data in relation to

  • boat owners, for boat registration, marinas, moorings, billing, parking and safety and security
  • drone operators, for licensing, registration, billing
  • passengers, in relation to travel, safety, security
  • plane owners, for plane registration, hangars, billing
  • staff, for employment, safety and security
  • suppliers, for contracts, services, billing
  • tenants, in relation to property management, leases and billing

What we do with your information

We take the security of your personal information seriously and do not share this unless it is essential to provide you with a service in performing our statutory duties. There may also be occasions when we need to share your information, in the following ways:

  • when we have your permission
  • when required by law to disclose it
  • while pursuing tasks for which we have a legitimate interest to remain open, safe and

How we protect your information

We adopt up-to-date, appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information. We have a Data Protection Policy, Information Security Policy and Training Policy to ensure we adhere to the highest standards of governance.

The security measures we have in place include, but are not limited to

  • data is encrypted while at rest and sensitive documents may also be encrypted while in transit
  • destruction process – all personal data is securely removed after it has reached the end of its retention period. Paper waste is disposed of in designated confidential waste bins
  • physical security/access permissions – we implement an electronic access control system to physically restrict access to areas where data is stored. Access to data that is held in electronic format is managed by a username and password and access is restricted to only those users who have a valid business need
  • policies – all staff adhere to the Acceptable Use Policy
  • training – there is mandatory Data Protection training for all new staff and annual updates for existing staff

Retention periods

We keep information for only as long as necessary to fulfil the purpose for which it was collected. Retention periods are applied according to the classification of the data type and the purpose for which it is held. A schedule of our retention periods is shown below.

Subject Retention period
Employment As needed + 5 years
Financial statements Indefinitely
Marketing and mailing lists As needed
Moorings As needed + 1 year
Parking As needed + 1 year
Passes and permits As needed + 1 year
Property As needed + 10 years
Records As needed + 1 year
Registration As needed + 1 year
Reports As needed + 10 years
Surveillance 30 days

Note: Currently under review

Cookies

Our site uses cookies. A cookie is a small text file that a website saves onto your device when you visit the site. The cookies on our website simply allow us to track generic usage of our website – not your individual usage behaviour. It is not used to identify you personally. Cookies don’t store any confidential information about you personally.

By continuing to use our site you agree to our use of cookies. We provide information on how we use cookies below.

Most browsers support cookies but you can set your browser to decline them and delete them whenever you like. However, some functions of our website may not work as they should if cookies are not enabled.

The law states that we can store cookies on your device if they are strictly necessary for the operation of our website. For all other types of cookies we need your permission.

Your consent applies to the following domains: ports.je and jerseyairport.com

Necessary cookies help to make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Cookie Description Duration Type
_ga This cookie is installed by Google Analytics. The cookie is used to calculate visitor session campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. 2 years Analytics
_gid This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number of visitors, the source where they have come from and the pages visited in an anonymous form. 1 day Analytics
_gat_UA-161859490-1

And

_gat_UA-161859490-2

This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identify number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. 1 minute Performance
test_cookie This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the users’ browser supports cookies. 15 minutes Advertisement
ARRAffinity This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitise a client to an instance of an Azure Web App. Necessary

Third party websites

Users may find plug-ins and  other content on our site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our site.

These sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our site, is subject to that website’s own terms and policies.

Third country transfers and safeguard

We operate in Jersey in the Channel Islands and our data substantially resides in Jersey.

We do use technology that may transfer data to another jurisdiction, for example use of Microsoft and cloud-based back-up of data. We will ensure that your data is appropriately protected (for example by reference to IT security standards), where such transfers do not offer the same level of protection of personal data.

Updates to this privacy notice

We reserve the right to modify this privacy notice at any point. We recommend you review it frequently.

Your rights

Under the Data Protection Law, data subjects have the following rights with regards to their personal information. The right to

  • access personal data and supplementary information
  • automated decision making and profiling
  • be informed about the collection and the use of their personal data
  • complain to the Information Commissioner (https://oicjersey.org/)
  • data portability, which allows the data subject to obtain and reuse their personal data for their own purposes across different services
  • erasure (to be forgotten) in certain circumstances
  • have inaccurate personal data rectified, or completed if it is incomplete
  • object to processing in certain circumstances
  • restrict processing in certain circumstances
  • withdraw consent at any time (where relevant)

If you object to processing or withdraw your consent, this may affect our ability to deliver services to you.

Queries

Email dataprotection@ports.je if you have any questions relating to

  • data protection
  • how we use your information
  • information security
  • our privacy policy
  • a wish to have your information modified, deleted or to gain access to the information held about you

Alternatively, write to Zoltan Pallot, Data Protection Officer, Ports of Jersey, Jersey Airport, St Peter, Jersey, JE1 1BY.