Global Chartering Limited (GCL) recognises the importance of preserving the security of our data and technology infrastructure. We, alongside ArcelorMittal who provide our IT infrastructure, take active measures to protect our data, and the data we receive from other parties.
The majority of GCL’s business is conducted online and continues to grow as our operations expand. We rely on technology to collect, store, and manage information with our employees, customers, and Ship Managers. Every business in today’s world is vulnerable to a cyber security attack and that it why it is essential that steps are taken to protect the integrity and confidentiality of data. The right of our employees to privacy, is a human right recognised by international human right conventions.
GCL shall ensure that all data held electronically is secure against cyber security risks. The security of our data remains the responsibility of our employees, and other parties that we pass data to, and receive data from.
GCL shall mark all data as ‘Confidential,’ where relevant to do so. No unauthorised devices used by employees shall contain Company data, whether it is marked as being Confidential, or not. Removable media (flash drivers, external hard drivers, etc.) containing Company data must only be used on authorised devices, with the data being removed when it is no longer required.
GCL requires employees to lock screens and devices when leaving desks, report stolen or damaged equipment as soon as possible, change all account passwords on a regular basis, report perceived security threats to senior management, refrain from downloading unauthorised applications, and avoid accessing suspicious websites.
Remote employees are obliged to follow all aspects of this Cyber Security Policy, as they also will be using Company IT systems, equipment, and handling confidential data, outside our office buildings.
GCL requires Ship Managers to protect data issued by the Company, in accordance with this Cyber Security Policy.
This Cyber Security Policy shall be implemented through our employee induction and training activities, internal due diligence procedures, internal audit, and from the use of appointed external cyber security auditors.
Should any employee, seafarer, or stakeholder identify a potential breach of the requirements of this Cyber Security Policy, they must immediately report the occurrence using our Whistleblowing Policy.
We will include details of how this Cyber Security Policy is being implemented in our Annual Environmental and Social Report. This shall include details of the steps taken to protect our data and IT systems.
Violations of this Cyber Security Policy by our employees may subject the person involved to disciplinary actions, and other consequences, as prescribed by law.
Violations of this Cyber Security Policy by contracted Ship Managers may lead to contract termination and other penalties. GCL shall cooperate with all government authorities and may commence legal actions against employees or companies found guilty of unauthorised actions covered by the Cyber Security Policy.
This Cyber Security Policy is derived from the:
This Cyber Security Policy, together with all other aspects of the GCL Environmental and Social Management System (ESMS) will undergo annual review by the GCL senior leadership team.
For more information about this Cyber Security Policy, its content and/or application, please contact: [email protected]
