Jamaica Freight and Shipping Company Limited, (“JFS”, “we”, “us”, “our”) is a vibrant, full service shipping agent dedicated to quality service in managing the shipment and delivery of your cargo.
At JFS, we are committed to protecting your privacy. We ensure that the processing of your Personal Data is compliant with Jamaica’s Data Protection Act (JDPA), and any country-specific data protection laws and regulations to the extent applicable to JFS. We have also implemented a number of technical, organizational and physical measures to ensure the most complete protection of Personal Data processed by us.
We have prepared this Privacy Notice to describe to you our practices regarding the personal information we collect from our valued customers.
This Privacy Notice describes how JFS collects, uses and shares, stores and disposes of your Personal Data, and informs you of your rights regarding your Personal Data. “Personal Data” means any information that allows someone to identify you, including: your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with any of these.
This Privacy Notice applies to data we collect in order to provide our services to you, when you subscribe to our newsletter, access our products and services, or any other marketing initiative.
When you visit our website, you are free to explore without providing any Personal Data about yourself. We only collect Personal Data from you when you subscribe to a service or fill out a form.
How We Collect Data
We collect your Personal Data through the following means:
- Information you provide via our Website
- Information you provide when accessing our Services
- Third Parties
In some instances, we may collect Personal Data from public and non-public third parties for regulatory purposes or to better serve you.
Types of Data We Collect:
We collect a wide range of Personal Data to allow us to conduct business with you. The types of Personal Data we collect directly from our customers, prospective customers, visitors and users of our website include:
- Valid Photo ID, for example a Passport, Driver’s Licence or National ID card
- Taxpayer’s Registration Number (TRN)
- Email address
- Image Capture via CCTV or webinar recording
In operating our website, we may also collect the following types of Personal Data:
Log Data – This data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.
Bases for Collecting Personal Data:
User Consent – We will always obtain your clear, informed and freely given consent before processing your Personal Data, except in circumstances where it is not possible to obtain your consent but your Personal Data still needs to be processed (for example due to legal obligations we may have or to protect your vital interests, the public interest or to aid in the administration of justice). You may withdraw your consent at any time by the same method it was provided to us or by contacting us.
Contractual Obligation – We may process your Personal Data in contemplation of entering into a contract with you or to fulfil our existing contractual obligations to you.
Legitimate Interest – We process your Personal Data in order to efficiently provide and market our services to you. However, we will not process your personal data where doing so poses a risk to your rights and freedoms and vital interests.
Legal Obligation – There may be instances when we will have to process your Personal Data in order to comply with the law.
How We Use Your Personal Data
We use the information we collect from you in connection with the services we provide for a range of reasons, including to:
- verify your identity, prevent criminal activity, fraud and money laundering;
- provide our products and services;
- process and complete transactions, and send related information, including transaction confirmations and records;
- manage our customers’ use of our services, respond to enquiries and comments and provide customer service and support;
- send technical alerts, updates, security notifications, and administrative communications;
- for any other purposes about which we notify customers and users.
Third Parties and International Data Transfers
Our website may contain links to other sites that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party site or service. We may disclose your Personal Data to third parties to whom you expressly ask us to send your Personal Data or to third parties for whom you consent to us sending your personal information. Third parties include our partners, affiliates, service providers and professional advisors. Personal Data may also be shared with regulators in order to demonstrate compliance with legal obligations. Personal Data will only be shared with third parties to provide our services to you and/or to comply with legal obligations. These third parties do not retain, share, use or process personal data beyond the defined purpose of providing our services to you.
How we protect your personal data
JFS is committed to protecting the security of your Personal Data. We (and our third party service providers) use a variety of industry-standard security technologies and procedures, as well as organizational measures to help protect your Personal Data from unauthorized access, use, or disclosure, such as:
- We do use vulnerability scanning and/or scanning to PCI standards.
- We use regular Malware Scanning.
- Your Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.
- We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while JFS uses reasonable efforts to protect your Personal Data, we cannot guarantee its absolute security.
Under Jamaica’s Data Protection Act data subject enjoy the following rights:
- Right to access your personal data – You are entitled to make a written request to us to be informed whether your Personal Data is being processed by us. You are also entitled to request a copy of your data. You may also request that your Personal Data be transferred to a third party;
- Right to be informed about automated decision making – You may request in writing that decisions regarding your Personal Data that have been made solely on the basis of automated processing be reconsidered with human involvement;
- Right to prevent processing – You are entitled to make a written request to us to cease or not to begin processing your Personal Data in a specific manner or for a specific purpose; and
- Right to rectification – You may request that inaccuracies in your Personal Data be rectified. “Rectification” means amend, block, erase or destroy, as may be required to correct the inaccuracy. You may request that your personal data be erased on the expiration of any applicable retention period
We only retain your Personal Data for as long as it is needed to provide our services to you. We also retain Personal Data in line with legal requirements which may stipulate retention periods for different categories of Personal Data. We typically, therefore, retain customers’ Personal Data for a minimum of seven years following the date of transaction or termination of customer relationship. We may also keep your data for longer than seven years if we cannot delete it for legal, regulatory or technical reasons.
Notifiable data breaches
We take data breaches very seriously. We will endeavour to meet the 72 hour deadline as imposed by the JDPA to report any data breach which affects your personal data to the Information Commissioner. Further, where there is likely to be a high risk to your rights we will endeavour to contact you without undue delay.
Our report will inform you of:
- the nature of the security breach;
- the measures taken or proposed to be taken to mitigate or address the possible adverse effects of the breach; and
- the name, address and other relevant contact information of our Data Protection Officer or other designated representative.
We will review every incident and/or breach and take action to prevent future incidents or breaches.
Our services are not offered to persons under the age of 18 without parental or guardian consent. Any information that is in breach of this provision will be deleted.
If you become aware that a child has provided us with information please contact our Privacy Office.
If at any time you would like to unsubscribe from receiving future emails, you can email us at firstname.lastname@example.org and we will promptly remove you from ALL correspondence.
Last Update: October 2023