Privacy Policy

1. Scope and Applicability​

​

This Privacy Policy governs the collection, processing, storage, and disclosure of personal and business-related information by Morland Atlantic Trading Company LTD (“Morland,” “we,” or “us”) through our website, applications, and direct business interactions. Morland is registered in Ireland and operates in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and all applicable EU and Irish data protection laws.

This policy applies to business clients, commercial entities, and regulatory partners who interact with Morland as part of our role in industrial hemp importation, regulatory compliance, and wholesale distribution across the EU. This site and our services are not directed to or intended for consumers or private individuals acting outside of a business or professional capacity.

​

2. Information We Collect

​

We only collect information that is necessary for legal, logistical, regulatory, and contractual purposes. This includes:

·       Contact and identification information: Name, title, business name, email, phone number, address, VAT/EORI numbers;

·       Licensing and regulatory documentation: Business registration records, import/export licenses, and hemp-related authorizations;

·       Transactional data: Commercial invoices, PO references, delivery records, customs clearance documentation;

·       Compliance data: Certificates of Analysis (COAs), labeling templates, declarations of use;

·       Website metadata (when applicable): IP addresses, browser version, geolocation zone (EU only).

We do not collect sensitive personal data (e.g., national ID numbers, health records), nor do we process information unrelated to lawful business operations.

​

3. Purpose and Legal Basis for Processing

​

Morland processes personal and business-related data solely for the following purposes:

·       Contract fulfillment and due diligence for commercial partnerships;

·       Compliance with EU customs, import, and agricultural regulations;

·       Verification of product documentation (e.g., COAs, licenses);

·       Onboarding of qualified buyers or suppliers;

·       Prevention of fraud, diversion, or regulatory noncompliance;

·       Internal business operations and legal compliance.

The legal bases for processing under GDPR include:

·       Article 6(1)(b) – processing necessary for performance of a contract;

·       Article 6(1)(c) – processing necessary for compliance with a legal obligation;

·       Article 6(1)(f) – processing necessary for legitimate interests (regulatory due diligence, market security).

​

4. Data Storage and Security

​

All data is stored in secure, access-controlled systems. We implement:

·       Encryption of cloud-based records and regulatory archives;

·       Access restrictions based on role and function;

·       Activity logging for internal accountability;

·       Document retention schedules based on legal and regulatory obligations.

We retain data only as long as necessary to fulfill business or compliance purposes, or as required by EU tax, customs, or regulatory frameworks (e.g., 6+ years for transactional records).

​

5. Data Sharing and Third Parties

​

Morland does not sell or lease data to third parties. We only share data as necessary to:

·       Customs agents, legal advisors, or public authorities for import/export clearance;

·       Contracted service providers for bonded storage, logistics, or regulatory review;

·       Our parent company (Sequoia Atlantic Trading Company) solely for intercompany compliance operations.

All third-party processors are bound by contractual obligations to uphold GDPR-compliant security and confidentiality practices.

​

6. International Transfers

​

Where necessary, data may be transferred to the United States or other third countries for regulatory or logistical processing. In such cases, we rely on:

·       Standard Contractual Clauses (SCCs) approved by the European Commission;

·       Data processing agreements that ensure GDPR equivalency.

​

7. Your Rights Under GDPR

​

As a data subject, you may exercise the following rights:

·       Right to access personal data we hold about you;

·       Right to rectification of inaccurate data;

·       Right to erasure, restriction, or objection (under certain conditions);

·       Right to data portability (where applicable);

·       Right to lodge a complaint with a supervisory authority.

To exercise these rights, contact us at: privacy@morlandatlantic.com

​

8. Cookies and Website Analytics

​

Morland may use basic, non-invasive cookies solely to:

·       Maintain secure sessions and login activity;

·       Analyze aggregate website traffic (without individual tracking);

·       Ensure regional content accuracy (EU vs non-EU viewers).

We do not use advertising cookies or behavioral tracking.

9. Policy Changes and Updates

We may revise this Privacy Policy to reflect changes in law, regulation, or company practices. All updates will be posted with a revised Effective Date. Continued use of our website or services constitutes agreement with the updated policy.