Website Privacy and Cookies Policy

Effective: 25 May 2018

INTRODUCTION

This Website Privacy and Cookies Policy ("Privacy Policy") describes how Oceaneering International
(Oceaneering International and the affiliates listed here) ("Oceaneering") collects, uses, shares, and
otherwise processes individually identifiable data about visitors to this Site (defined below) as well as
contact persons of our corporate customers, vendors, and suppliers ("Personal Data"). This Privacy
Policy applies to Personal Data that we collect through our websites ("Site"), as well as through trade
shows, seminars, conferences, and other offline means.

COLLECTION OF PERSONAL DATA

As a business-to-business ("B2B") organization, we collect name, contact details, and other Personal
Data related to our commercial relationships. We collect the following categories of Personal Data:

  • Basic Data: Name, title, company, region, job responsibilities, phone number, mailing address,
    email address, contact details, age and/or date of birth if requested, and any other personal
    data that you submit to us during the course of correspondence with us.
  • Registration Data: Newsletter and/or other alert requests, subscriptions, downloads, and
    registration to seminars, courses, or conferences.
  • Marketing Data: Data about individual participation in trade shows, seminars, and conferences,
    credentials, associations, product interests, query information, and preferences.
  • Job Applicant Data: Data provided by job applicants or others on our Site or offline means in
    connection with employment opportunities. Additional notice will be provided via separate
    privacy statement(s) where applicable.
  • Device Data: Computer Internet Protocol (IP) address, unique device identifier (UDID), cookies
    and other data linked to a device, and data about usage of our Site (Usage Data). Note,
    however, we do not consider Device Data to be Personal Data except where we can link it to
    you as an individual or where applicable law provides otherwise.

 

USE OF PERSONAL DATA

We use the above categories of Personal Data for the following purposes:

PURPOSE OF USECATEGORIES OF PERSONAL DATA
Perform transactions and respond to your inquiriesBasic Data, Registration Data, and Device Data
Manage your accounts and maintain our business operationsBasic Data, Registration Data, and Device Data
Make our Site more intuitive and easy to useDevice Data
Protect the security and effective functioning of our Site and information technology systemsBasic Data, Registration Data, and Device Data
Provide relevant marketingBasic Data, Registration Data, Device Data, and Marketing Data
Address our compliance and legal obligations and exercise our legal rightsBasic Data, Registration Data, and Device Data
Consider individuals for employment and contractor opportunities and manage on-boarding proceduresJob Applicant Data

 

SHARING OF PERSONAL DATA

We may share Personal Data with the following categories of recipients:

  • Affiliates: We share Personal Data within the Oceaneering group of affiliated companies as necessary
    for the purposes identified above. As noted above, the list of affiliates within the Oceaneering group is
    provided here.
  • Suppliers and service providers: We share Personal Data with suppliers and service providers to
    enable such parties to perform functions on our behalf and under our instructions in order to carry out the
    purposes identified above. We require such parties by contract to provide reasonable security for
    Personal Data and to use and process such Personal Data only on our behalf.
  • Auditors, and advisors: We share Personal Data with auditors for the performance of audit functions,
    and with advisors for the provision of legal and other advice.
  • Business reorganization: We share Personal Data with any corporate purchaser or prospect to the
    extent permitted by law as part of any merger, acquisition, sale of company assets, or transition of service
    to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal
    Data would be transferred as an asset of Oceaneering.
  • Mandatory disclosures and legal rights: We share Personal Data in order to comply with any
    subpoena, court order or other legal process, or other governmental request. We also share Personal
    Data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others,
    or to defend against legal claims.

If you have questions about the parties with which we share Personal Data, please contact us as
specified below.

MARKETING CHOICES

You have control regarding our use of your Personal Data for directing marketing. If you no longer wish
to receive any marketing communications, remain on a mailing list to which you previously subscribed,
or receive any other marketing communication, you can choose to not receive such communications at
any time. Please follow the unsubscribe link in the relevant communication or contact us as detailed
below.

COOKIES

We use and allow certain third parties to use cookies, web beacons, and similar tracking technologies
(collectively, "cookies") on our Site.

What are cookies?
Cookies are small amounts of data that are stored on your browser, device, or the page you are
viewing. Some cookies are deleted once you close your browser, while other cookies are retained
even after you close your browser so that you can be recognized when you return to a website. More
information about cookies and how they work is available at www.allaboutcookies.org.

How do we use cookies?
We use cookies to provide the Site and services, gather information about your usage patterns when
you navigate this Site in order to enhance your personalized experience, and to understand usage
patterns to improve our Site, products, and services. We also allow certain third parties to place
cookies on our Site in order to collect information about your online activities on our Site over time and
across different websites that you visit. This information is used to provide advertising tailored to your
interests on websites you visit, also known as interest based advertising, and to analyze the
effectiveness of such advertising.

Cookies on our Site are generally divided into the following categories:

STRICTLY NECESSARYANALYTICAL/PERFORMANCETARGETING
These are required for the operation of our Site. These cookies are session cookies that are erased when you close your browser.These allow us to recognize and count the number of users of our Site and understand how such users navigate through our Site. This helps to improve how our Site works, for example, by ensuring that users can find what they are looking for easily. These cookies are session cookies which are erased when you close your browser. We use Google Analytics, and you can see below for how to control the use of cookies by Google Analytics.These record your visit to our Site and the pages you have visited. You can delete these cookies via your browser settings. See below for further details on how you can control third party targeting cookies.

 

What are your options if you do not want cookies on your device?

You can review your Internet browser settings, typically under the sections "Help" or "Internet Options,"
to exercise choices you have for certain cookies. If you disable or delete certain cookies in your
Internet browser settings, you might not be able to access or use important functions or features of this
Site, and you may be required to re-enter your log-in details.

To learn more about the use of cookies for Google analytics and to exercise choice regarding such
cookies, please visit https://tools.google.com/dlpage/gaoptout.

To learn more about certain cookies used for interest based advertising by third parties, including
through cross-device tracking, and to exercise certain choices regarding such cookies, please visit
the Digital Advertising Alliance, Network Advertising Initiative, Digital Advertising Alliance-
Canada, European Interactive Digital Advertising Alliance or your or your device settings if you have the
DAA or other mobile application.

DATA SUBJECT RIGHTS

Where required by applicable law, you have the right to obtain confirmation that we maintain certain
Personal Data relating to you, to verify its content, origin, and accuracy, as well as the right to access,
review, port, delete, block or withdraw consent to the processing of certain Personal Data (without
affecting the lawfulness of processing based on consent before its withdrawal), by contacting us as
detailed below. In particular, you have the right to object to our use of your Personal Data for direct
marketing, and in certain other situations at any time. Contact us below for more details. Please note
that we need to retain certain Personal Data as required or permitted by applicable law.

DATA SECURITY

We maintain reasonable technical and organizational measures to protect Personal Data from loss,
misuse, alteration, or unintentional destruction. However, no security measure can guarantee against
compromise. You also have an important role in protecting your Personal Data. You should not share
your username and password with anyone, and you should not re-use passwords across more than
one website. If you have any reason to believe that your username or password has been
compromised, please contact us as detailed below.

CROSS-BORDER DATA TRANSFERS

We transfer Personal Data to various jurisdictions as necessary for the purposes described above,
including to jurisdictions that may not provide the same level of data protection as your home
country. We provide appropriate protections for cross-border transfers as required by applicable law for
international data transfers. With respect to transfers originating from the European Economic Area
("EEA"), we implement standard contractual clauses approved by the European Commission, and other
appropriate solutions to address cross-border transfers as required by applicable law. Where required
by such laws, you may request a copy of the suitable mechanisms we have in place by contacting us
as detailed below.

OTHER ISSUES

What is the legal basis of processing?
Some jurisdictions require an explanation of the legal basis for collecting and processing Personal
Data. We have several different legal grounds on which we collect and process Personal Data,
including:

  1. as necessary to perform a transaction (such as when we respond to your requests);
  2.  as necessary to comply with a legal obligation (such as when we use Personal Data for recordkeeping to
    substantiate tax liability);
  3. consent (where you have provided consent as appropriate under applicable law, such as for direct
    marketing or certain cookies); and
  4. necessary for legitimate interests (such as when we act to maintain our business generally, including
    maintaining the safety and security of the Site).

With respect to legitimate interests, given that we are a B2B company, we typically collect and process
limited Personal Data about customer contacts and other individuals acting in their business capacities,
as part of our overall effort to reduce the privacy impact on individuals.

What are the consequences of not providing Personal Data?
You are not required to provide all Personal Data identified in this Privacy Policy to use our Site or to
interact with us offline, but certain functionality will not be available if you do not provide certain
Personal Data. If you do not provide certain Personal Data, we may not be able to respond to your
requests, perform a transaction with you, or provide you with marketing that we believe you would find
valuable.

Do we engage in automated decision-making without human intervention?
Except with regard to certain recruitment activities, which are detailed in a separate privacy statement,
we do not use automated decision-making without human intervention, including profiling, in a way that
produces legal effects concerning you or otherwise significantly affects you.

Does the Site honor do not track ("DNT") signals sent via browsers?
Yes, we DO honor DNT signals.

How long do we retain Personal Data?
We typically retain Personal Data related to marketing activities for as long as you accept marketing
communications from us and then generally for up to 2 years. After 2 years, or upon request, we will
generally securely delete such data in accordance with applicable law. For Personal Data that we
collect and process for other purposes, as described above, we typically retain such Personal Data for
no longer than the period necessary to fulfill the purposes outlined in this Privacy Policy, and as
otherwise needed to address tax, corporate, compliance, employment, litigation, and other legal rights
and obligations.

Are third party websites governed by this Privacy Policy?
This Site contains links and references to other websites administered by unaffiliated third parties. This
Privacy Policy does not apply to such third party websites. When you click a link to visit a third party
website, you will be subject to that website's privacy practices. We encourage you to familiarize
yourself with the privacy and security practices of any linked third party websites before providing any
Personal Data on those websites.

How does Oceaneering handle employee and contractor privacy issues?
Personal Data about our employees and contractors are addressed through internal company policies
and procedures, and are outside the scope of this Privacy Policy.

How will we handle any changes to this Privacy Policy?
We may update this Privacy Policy from time-to-time as our services and privacy practices change, or
as required by law. The effective date of our Privacy Policy is posted below, and we encourage you to
visit our Site periodically to stay informed about our privacy practices. We will post the updated version
of the Privacy Policy on our Site, and ask for your consent to the changes if legally required.

CONTACT US

If you have questions or comments regarding this Privacy Policy or our privacy practices, please
contact us at legal@oceaneering.com. You may also have a right to lodge a complaint with a data
protection supervisory authority.