Data Protection law in the UK will undergo some significant changes with the introduction of the General Data Protection Regulations [GDPR] which come into force on 25th May 2018.

The Crouch Harbour Authority’s [CHA] remit necessitates the collection and use of certain types of information about persons with whom it transacts and deals in carrying out its statutory and additional responsibilities. These include past and prospective employees, suppliers, stakeholders, trustees and River Crouch and Roach harbour plaque holders as well as others with whom it needs to communicate.

In addition, it may occasionally be required by law to collect and use certain types of information of this kind to comply with the requirements of government departments for business data.

The CHA identifies and recognises that this personal information must be dealt with appropriately, accurately and correctly however it is collected, recorded and used, be that on paper, in a computer or recorded by any other method.

We will always comply with GDPR when dealing with your personal data, The CHA respects the lawful and correct treatment of personal information is of the upmost importance and shall only hold such information as is sufficient, relevant and not excessive in relation to the purposes for which it is processed. Such information shall also be kept up to date and not held for longer than is necessary.

What information we collect from CHA Harbour Plaque Holders and for what purpose.

Type of information Purpose

Vessel Owner

Telephone numbers
e-mail address
Emergency Contact details

  • To inform and collect annually payable Harbour Dues or Ski Licenses/PWC Licenses as applicable, and issue a plaque as confirmation of payment and identification.
  • To notify and circulate local safety notices [Notices to Mariners]
  • To promulgate general safety information
  • To inform owners if there should be reported an incident involving their vessel or contact a relative in the event of an emergency


Manufacturers Make/Model/Type
Sail No [If appropriate]
Insurance details (where applicable)

Identification to:

  • Verify annual payment
  • Report incidents and emergency situations.

Bank and Payment Details

Payment of Harbour Dues

Bank details collected for transaction period only then:

  • shredded using [cross shredding equipment, certificated to Payment Card Industry Data Security Standard] if details taken down by hand
  • or via automatic deletion process¬† on completion of computerised payment

In addition the CHA will ensure that:

  • We will not transfer your data outside the EU without your consent.
  • We have implemented general acceptable standard of technology and operational security in order to protect personal data from loss, misuse or unauthorised alteration or destruction.
  • For any payment which we take from you online we will use a recognised online secure payment system.
  • We will notify you immediately in the event of any breach of your personal data which may expose you to risk.
  • We will ensure there is someone specifically responsible for data protection within the organisation and that queries about the handling of personal information are promptly and courteously dealt with.
  • We will ensure that everyone handling personal information understands that they are contractually responsible for following good data protection practice.
  • A regular audit and review will be made of the way the CHA manages personal information.

Your Rights

You have rights under GDPR:

  • To access your personal data
  • To be provided with information about how your personal data is processed
  • To have your personal data corrected
  • To have your personal data erased in certain circumstances
  • To restrict or object to how your personal data is processed
  • To make complaint about how we process your personal data to the Information Commissioner

Captain Susan Harrison, MNM
Harbour Master
Crouch Harbour Authority