GasLog Partners LP, together with its subsidiaries and affiliates (“GasLog” or “we”), is committed to comply with applicable personal data protection laws in countries where GasLog operates and ensure that it treats personal data in a lawful, fair and transparent manner. To this end we would like to inform you about the personal data we collect about you, how we use it and how you can exercise your rights in this respect. Please select the Privacy Notice relevant to you:

• Privacy Notice for website visitors*
• Privacy Notice for customers, suppliers, partners, investors and other stakeholders**

PRIVACY NOTICE FOR WEBSITE VISITORS

What is the purpose of this document?

GasLog Partners LP and its subsidiaries and affiliates (“GasLog”, “GasLog Group”, “we” or “our”) takes your privacy seriously and is committed to protecting your personal information when visiting our website. This privacy notice applies to visitors of our website. This privacy notice describes how we collect and use personal data about you when you use our website, in accordance with the EU General Data Protection Regulation (“GDPR”).

This website (www.gaslogmlp.com) is owned and operated by GasLog and the data controller of your personal data is GasLog UK Services Ltd, a company organized under the laws of England with registered office at 81 Kings Road London SW34NX, United Kingdom. This means that GasLog Services UK Ltd is responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of how we collect and use personal data about you as well as other information contained in this privacy notice.

This notice does not form part of any contract to provide services. We may update this notice from time to time.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are aware of how and why we are using such information. This privacy notice supplements the other notices and is not intended to override them. Please be aware that a separate privacy notice applies to our business customers, suppliers, business partners, stakeholders and/or investors.

Please note that our website and other digital platforms may contain links to third party websites / digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own digital platforms. We recommend that you check the privacy and security policies and procedures of each and every website / digital platform that you visit.

Data protection principles

In compliance with applicable data protection laws, GasLog commits that the personal data we hold about you must be:

1. Used lawfully, fairly and in a transparent way;
2. Collected only for valid purposes, clearly explained to you and not used in any way that is incompatible with those purposes;
3. Relevant to the purposes we have told you about and limited only to those purposes;
4. Accurate and kept up to date to the best of our knowledge (you are required to inform us of changes to your personal data to ensure our records are up to date);
5. Kept only as long as necessary for the purposes we have told you about;
6. Kept securely; and
7. Shared with third parties only as required and relevant to the purposes we have informed you of. When shared with third parties, we will make reasonable efforts to ensure such third parties comply with GDPR.

The type of information we hold about you

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are “special categories” of more sensitive personal data which require a higher level of protection.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

• Identity Data includes first name, last name, title, company name and position.
• Contact Data includes email address, physical address and telephone numbers.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
• Usage Data includes information about how you use our website.
• Marketing and Communications Data includes your preferences in receiving alerts from us.

Cookies

In common with many other website operators, we use standard technology called ‘cookies’ on our website. Cookies are small pieces of information that are stored by your browser on your computer’s hard drive and they are used to record how you navigate this website on each visit.

For further, more detailed information on how we use cookies, please refer to our Cookie Policy which you can read here.

How is your personal data collected?

We use different methods to collect data from and about you including through:

• Direct interactions. You may give us your Identity and Contact Data by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you contact us or subscribe to our alerts
• Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.

Purposes for which we will use your personal data and legal basis for processing

We will only process your personal data when and to the extent that the law allows us to. In broad terms, we use your data for the following purposes:

• To better understand how people use our website to enable us to create better content and more relevant communications;
• Provide you with information you have requested from us;
• To share industry news and information with you; and
• To communicate with you in general.

The above categories of information are necessary (a) for our legitimate interests (for running our business, provision of administration and IT services, network security, define types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) and (b) to comply with a legal obligation.

If you fail to provide personal data

If you fail to provide certain information when requested, or unprompted when it has changed, we may not be able to fulfill the above purposes.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so and, if required, we will request your consent prior to doing so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where and to the extent this is required or permitted by law.

Data sharing

We may have to share your data with (a) other entities in the GasLog Group, (b) third-party service providers (c) other third parties and (d) authorities, to the extent permitted by law and on a need to know basis.

Which third-parties process my personal data?

The third parties (including contractors and designated agents) which may process some or all of your personal data, as the case may be, are:

• Website maintenance service providers
• Judicial authorities or regulatory bodies

How secure is your information with third-party service providers and other entities in the group?

GasLog requests third-party service providers and other entities in the GasLog Group to assure GasLog that they take appropriate security measures to protect your personal data in line with our policies. GasLog requests its third-party service providers assurance they will not use your personal data for their own purposes but will only process your personal data for specified purposes and in accordance with our instructions and will retain your personal data only as long as required for said purpose in accordance with legal requirements.

Transferring information outside the EU

We may transfer the personal data we collect about you to other entities in the GasLog Group. When there is no adequacy decision by the European Commission in respect of the countries where such entities are established we will only effect such transfers as reasonably required for the purposes outlined in this notice on the basis of appropriate safeguards and/or the derogations under Articles 46 and 49 of GDPR.

Data security

We have put in place appropriate security measures to prevent your personal data from being lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Protection Manager.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

How long will we use your information for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. To determine the appropriate retention period for personal data, we consider the applicable legal requirements and the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.

In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Rights of access, correction, erasure, and restriction

Your rights in connection with personal data

You have the right to:

• Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
• Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of your personal data to another party.

If you want to review, verify, correct or, under certain circumstances as provided by law request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us at contact@gaslogmlp.com.

If you have subscribed to receive marketing communications, you can unsubscribe here at any time.

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us at contact@gaslogmlp.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Data privacy manager

We have appointed a data privacy manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the Data Protection Manager at the following e-mail address: privacy@gaslogmlp.com

Alternatively, you may send your written comments, inquiries or concerns to:

GasLog LNG Services Ltd
69 Akti Mialouli street,
Piraeus 185 37,
Greece

Attention: Data Protection Manager

You also have the right to make a complaint at any time to the Information Commissioner’s Office at the following address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

You can also contact the Information Commissioner’s Office using their online form: https://ico.org.uk/global/contact-us/email/

Changes to this privacy notice

We aim to meet high standards and so our policies and procedures are constantly under review. From time to time we may change this privacy notice. Accordingly, we recommend that you check this page periodically in order to review the latest version.

PRIVACY NOTICE FOR CUSTOMERS, SUPPLIERS, PARTNERS, INVESTORS AND OTHER STAKEHOLDERS

What is the purpose of this document?

This privacy notice applies to individuals who work for or on behalf of or who are shareholders of former, existing or prospective customers, suppliers, business partners, stakeholders and/or investors in relation to individuals who work for or on behalf of or who are shareholders of our business customers (B2B), suppliers, business partners (including within non Shell-operated joint ventures), stakeholders and/or investors of GasLog Partners LP and its subsidiaries and affiliates (“GasLog”, “GasLog Group”, “we” or “our”). This privacy notice describes how we collect and use personal data about you during and after your business relationship with us, in accordance with the EU General Data Protection Regulation (“GDPR”).

The data controller of your personal data is GasLog LNG Services Ltd., a company organized under the laws of Bermuda with its registered office at Clarendon House, 2 Church Street, Hamilton, Bermuda and its branch office established in Greece at 69 Akti Miaouli, GR-18537 Piraeus, Greece. This means that GasLog LNG Services Ltd is responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of how we collect and use personal data about you as well as other information contained in this privacy notice.

This notice does not form part of any contract of employment or other contract to provide services. We may update this notice from time to time.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions (including our website privacy notice) when we are collecting or processing personal data about you, so that you are aware of how and why we are using such information.

Data protection principles

In compliance with applicable data protection laws, GasLog commits that the personal data we hold about you must be:

1. Used lawfully, fairly and in a transparent way;
2. Collected only for valid purposes, clearly explained to you and not used in any way that is incompatible with those purposes;
3. Relevant to the purposes we have told you about and limited only to those purposes;
4. Accurate and kept up to date to the best of our knowledge (you are required to inform us of changes to your personal data to ensure our records are up to date);
5. Kept only as long as necessary for the purposes we have told you about;
6. Kept securely; and
7. Shared with third parties only as required and relevant to the purposes we have informed you of. When shared with third parties, we will make reasonable efforts to ensure such third parties comply with GDPR.

The kind of information we hold about you

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are “special categories” of more sensitive personal data which require a higher level of protection.

We will collect, store, and use the following categories of personal data about you:

• Personal details (to the extent required) such as:
  • Name and surname
  • Telephone number
  • E-mail address
  • Address
  • Other personal information that may be provided in a contract if you are the signatory of it
• Professional details such as:
  • Job title
  • Department and name of organisation
  • Relationship with the relevant customers, suppliers, business partners, stakeholders and/or investors
  • Other information that your organisation may include in a bid document

We may also collect, store and assess information about criminal convictions. For more information please see the relevant section below (‘Information about criminal convictions’).

How is your personal data collected?

Most of your personal data is provided directly by you or your organisation in the course of its business relationship with us. We may however collect personal data about criminal convictions from screening service providers. For more information please see the relevant section below (‘Information about criminal convictions’).

Purposes for which we will use your personal data and legal basis for processing

We will only process your personal data when and to the extent that the law allows us to. We need your personal information in the list above primarily for the following purposes (or for compatible purposes):

• Business operations
  • Considering bids of our potential counterparties
  • Executing agreements, reports and other documents which are required in the course of day-to-day business of GasLog
  • Performing or receiving the services provided under the agreements with our customers, suppliers and business partners
  • Managing business and investor relationships
  • Carrying out marketing activities
  • Providing access to our premises including our offices and vessels
  • Communicating within the GasLog Group and/or with third parties
• Business management
  • Management reporting
  • Financial management
  • Mergers and acquisitions
  • Internal audits and investigations
• Compliance with laws
  • Compliance with legal, tax, and regulatory obligations (including capital market regulations)
  • Complying with health and safety obligations
  • Dealing with disputes involving you or your organisation
  • Processing personal data to comply with data subject requests pursuant to this privacy notice

The relevant personal data will only be processed (a) where it is necessary to enter into a contract with you; or (b) where it is necessary to comply with our legal obligations; or (c) where it is necessary to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights are protected and do not override those interests; or (d) in limited circumstances and only if legally required, with your consent. The situations in which we will process your personal data are listed below.

GasLog may process your personal data by using both automated processing and hard copies.

If you fail to provide personal data

If you fail to provide certain information when requested, or unprompted when it has changed, it will negatively affect our ability to communicate with you, or our ability to enter into a contract with a counterparty or continuing to contract with a counterparty. It may also prevent us from complying with our legal obligations.

 Information about criminal convictions

To comply with our legal and regulatory obligations (especially with anti-bribery and corruption and anti-money laundering laws and other regulatory requirements) and to protect our assets and employees, we carry out screening on existing and potential business counterparties both pre-contract and on a periodic basis afterwards. This screening includes carrying out searches using an online screening tool provided by a screening service provider and may include individuals such as directors, officers and shareholders of our current and potential counterparties. To the best of our knowledge, these searches take place against publicly available or government issued sanctions lists and media sources. Your organisation may also share such data with us in the course of our anti-bribery and corruption due diligence.

This data may include personal data regarding suspected and actual criminal convictions, criminal records or proceedings regarding criminal or unlawful behaviour but only for the purposes of ensuring our compliance with legal and regulatory obligations and/or to the extent permitted or required by law.

Our due diligence officers will always review the screening results and any other information that may be provided by your organisation and there will be no automated decision making in relation to our counterparties or potential counterparties.

Data sharing

We may have to share your data with: (a) other entities in the GasLog Group, (b) third-party service providers (such as advisors, consultants, external auditors and law firms, building and security service providers, screening service providers etc.), (c) other third parties, and (d) authorities and regulatory bodies or agencies to the extent permitted by law and on a need to know basis.

How secure is your information with third-party service providers and other entities in the GasLog Group?

GasLog requests third-party service providers and other entities in the GasLog Group to assure GasLog that they take appropriate security measures to protect your personal data in line with our policies. GasLog requests its third-party service providers’ assurance they will not use your personal data for their own purposes but will only process your personal data for specified purposes and in accordance with our instructions and will retain your personal data only as long as required for said purpose in accordance with legal requirements.

Transferring information outside the EU

We may transfer the personal data we collect about you to other entities in the GasLog Group, and third-party service providers, not established in the European Union nor in a country for which the European Commission has issued an adequacy decision. This means these countries to which we transfer your data are not deemed to provide an adequate level of protection for your personal data. However, we will only effect such transfers: (a) after taking organisational, contractual and legal measures to ensure that your personal data is adequately protected and processed as reasonably required for the purposes outlined in this notice under Article 46 of GDPR, or (b) in limited circumstances, on the basis of the derogations under Article 49 of GDPR.

Data security

We have put in place appropriate security measures to prevent your personal data from being lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Protection Manager (see ‘Data privacy manager’ section below).

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

How long will we use your information for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the applicable legal requirements and the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.

In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current so please keep us informed if your personal data changes during your business relationship with us.

Your rights in connection with personal data

You have the right to:

• Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
• Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of your personal data to another party.

If you want to review, verify, correct or, under certain circumstances as provided by law request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact our Data Protection Manager at privacy@gaslogmlp.com

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact our Data Protection Manager. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so at law.

Data privacy manager

We have appointed a data privacy manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the Data Protection Manager at the following e-mail address: privacy@gaslogmlp.com

Alternatively, you may send your written comments, inquiries or concerns to:

GasLog LNG Services Ltd
69 Akti Miaouli street,
Piraeus 185 37,
Greece

Attention: Data Protection Manager

You also have the right to make a complaint at any time to your local data protection authority or to the Hellenic Data Protection Authority (HDPA), the Greek supervisory authority for data protection issues, at Kifissias 1-3, 115 23 Athens, Greece.

Please visit http://www.dpa.gr/portal/page?_pageid=33,40911&_dad=portal&_schema=PORTAL for more information.

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.