Norwegian Cruise Line Privacy Policy

This Data Protection Privacy Policy applies to the information about you which is collected by NCL Corporation Ltd and its subsidiaries.

We are a data controller for the purposes of the Data Protection Act 1998. This Policy explains what information we collect about you and what we do with it. We reserve the right to revise this Policy at any time. We will notify you of any material changes to the Policy by posting the new Policy here and by changing the "Effective Date" at the top. You should periodically read this Policy to check whether there have been any changes.

In this Policy, the following words have the following meanings;-

“we”, “our” and “us” means NCL (Bahamas) Limited and its subsidiaries and affiliates.

“you” means the individual(s) from or about whom we collect any information;

“Act” means the Data Protection Act 1998;

“Cruise” means any cruise(s) and/or other services (such as hotels, flights or transfers) we offer or arrange for you;

“Policy” means this Privacy Policy;

“Personal Data” means information we collect from which we are able to identify you either on the basis of this information alone or this information in combination with any other information in our possession;  

“Sensitive Personal Data” means Personal Data which the Act defines as Sensitive Personal Data This includes information relating to an individual’s racial or ethnic origins, religious beliefs or physical or mental health or condition;

“Website” means www.ncl.co.uk and any other website(s) we operate at any time which is aimed at individuals resident in the UK including but not limited to our mobile site http://mobi.ncl.eu/uk

What Personal Data do we collect?

The Personal Data we collect is likely to include some or all of the following pieces of information;-

  • The full name, address, telephone number and e-mail address of any guest who makes a booking or requests any information from us (including a call back)
  • The full name of every other guests named on the booking
  • The date of birth, gender and passport details of all guests
  • Credit or debit card details
  • Details of any disability or medical condition any guest may have and any connected special requirements
  • Any special request which may disclose your religious beliefs or racial or ethnic origin such as dietary restrictions or particular meal requests
  • Any other details we may require in order to provide your Cruise

On our Website, in addition to Personal Data, we also collect non-personally identifiable information that allows us to track the number of visitors we receive and the way they navigate through the Website. This non-personally identifiable data includes information about the website the visitor arrived from and departs to as well as the IP address of the computer being used to access our Website. While it may be possible to correlate this information to identify particular individuals, we do not generally do so, and we limit our use of this information to its aggregate anonymous form reflecting all visitors to the Website. We may share this aggregated anonymous information with other third parties. We also make use of Google Analytics, a third party analytics provider, to track and provide analysis on website activity, only making use of non-personally identifiable information. We may share non personal statistics website traffic and patterns with third parties.

When do we collect Personal Data?

We may collect Personal Data on a number of occasions including the following;-

  • You book a Cruise either directly with us by telephone or via our Website or through a travel agent
  • You request information about any Cruise either directly from us by telephone or via our Website or through a travel agent     
  • You request a call from us
  • You make any payment before or during your Cruise
  • You travel on your Cruise
  • You provide us with your Personal Data to enable us to send you e-mail and/or postal marketing
  • You enter a competition or prize draw or participate in a guest survey we offer at any time

If you give us any Personal Data concerning a third party (for example another guest on the booking), you must ensure that you have that person’s permission to do so.  We are entitled to assume that you have obtained such permission.

Why do we collect Personal Data?

We collect Personal Data for the following purposes;-

  • To provide the Cruise you have booked
  • To fulfil any special request you have made
  • To respond to any request for information you make (including a request for a call from us)
  • To respond to any communications you have with us
  • To provide you with marketing or promotional material by post (such as our brochure and/or advertising flyers) unless you tell us at any stage you do not wish to receive this
  • To provide you with marketing or promotional material by e-mail or telephone (such as our  marketing e-mails) where you have agreed to our doing so unless you tell us at any stage you do not wish to continue receiving this material
  • To investigate possible breach of and/or to enforce any terms of the Legal Notice appearing on our Website and any other agreement(s) we have with you such as those set out in our booking conditions

On our Website, we use IP addresses and anonymous demographic information in the aggregate to share with advertisers and market researchers, and to improve the design of our Website so as to better serve our customers. We do not drill down into anonymous demographic information in order to analyze and/or collect Personal Data from these sources. However, we reserve the right to do so in order to investigate actual or apparent unlawful conduct and/or breaches of this Policy or of the terms of the Legal Notice appearing on the Website.

Who may we disclose your Personal Data to?

We will or may disclose your Personal Data to some or all of the third parties referred to below. However, we will only do so where and to the extent we consider this is necessary in order to provide your Cruise or to do any of the things referred to in section 3 above or where you have given us your consent to our doing so or we are otherwise permitted to do so by the Act or any other applicable law.

  • The suppliers of any services which make up your Cruise (for example, airlines, hotels and transfer operators)
  • Your bank or credit card provider
  • Our bank and any provider of credit card facilities
  • Customs, immigration, the police, security services and any other government or public authority in the UK and/or any other country to or through which you are travelling
  • Any business who sends out e-mails, brochures or other marketing material or who processes payments on our behalf
  • Any other business we use for or in connection with the provision of your Cruise
  • Any third party to whom we transfer the whole or any part of our business
  • Any third party to whom we are required or entitled to disclose your Personal Data in accordance with the Act 

Can my Personal Data be passed to a country outside the European Economic Area?

Yes. Personal Data may be passed or transferred to companies, organisations, authorities and other third parties located in countries outside the European Economic Area (EEA). EEA countries are all member states of the European Union together with Norway, Iceland and Liechtenstein. Data protection laws in non EEA countries may not be as strong as in the United Kingdom and other EEA countries.

We are entitled to pass or transfer Personal Data to non EEA countries where we consider it is necessary to do so in order to provide your Cruise, to check the availability of services which are likely to form part of your Cruise prior to your making your booking or to do any of the other things referred to in section 3 or where you have consented to our doing so or we are otherwise permitted to transfer the Personal Data by the Act.

We are a United States company. You consent to Personal Data being transferred to us in the United States in connection with your Cruise as above, for internal analysis and management purposes and also to enable us to carry out marketing and advertising as referred to in this Policy. 

Except as referred to above, Personal Data will not be transferred outside the EEA unless

(1) the country to which it is transferred is one which the European Commission considers to provide an adequate level of data protection or

(2) the Personal Data is transferred is a United States business which has signed up to the Safe Harbour scheme or

(3) the Personal Data is transferred to a business which is required by our contract with them only to deal with the Personal Data in accordance with our instructions and to maintain appropriate security to protect the Personal Data which we are satisfied they have.

Do we use cookies?

Yes. Cookies are small text files generated by website servers and stored in the browser in your computer, mobile phone or other device for future access. We use them to study visitors' use of the Website and to improve your navigation of it. For example, a cookie can allow you to continue shopping without having to re-enter items already placed in the shopping cart. The majority of web browsers accept cookies, but the "help" menu on your browser should give you options for preventing, accepting or receiving notice of new cookies. You can configure your web browser to disable cookies, but doing so may impair or even prevent your use of the Website or parts of it.

What about third party links?

Our Website may have hyperlinks to other websites. This Policy does not apply to any such websites which are outside our control. We are not responsible for the privacy practices or content of any such website. We urge you to review the privacy policy of any website that you visit.

What about third party advertising?

The ads appearing on the Website are delivered to you by our advertising partners. Our advertising partners may use cookies. Doing this allows the ad network to recognise your computer, mobile phone or other device each time they send you an online advertisement. In this way, ad networks may compile information about the advertisements you click on. This information allows an ad network to deliver targeted advertisements that they believe will be of most interest to you. We do not have access to or control of the cookies that may be placed on the computer, mobile phone or other device of any users by any third party ad servers or ad networks.

How do we protect your Personal Data?

We take a range of appropriate technical and organisational measures which are intended to prevent unauthorised or unlawful processing of Personal Data and accidental loss or destruction of, or damage to, Personal Data. These measures include the following;-

  • We require all third parties to whom any Personal Data is disclosed to keep it secure, treat it as confidential information, only use it for the purpose of providing their services and to fully comply with all applicable provisions of the Act.
  • We will not disclose your Personal Data to any third party except as set out in this Policy.
  • We follow strict security procedures in the storage, use and disclosure of Personal Data
  • Credit card numbers that you enter on our billing webpage are encrypted and transmitted through SSL (Secure Sockets Layer) technology. SSL is the industry standard for securing web-messaging transactions.

However, while we strive to protect Personal Data and user privacy, we cannot guarantee the security of any information you disclose online and you do so at your own risk. Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure.

Children

The Website is not intended for children under the age of 13, and we do not intentionally collect Personal Data from children under 13 (except as guests named on a booking). If you have reason to believe that we have collected Personal Data from someone under 13 years of age, please let us know.

How can you opt-out or unsubscribe or otherwise prevent use of your Personal Data?

All e-mails you receive from us will include specific instructions on how to unsubscribe and you may unsubscribe at any time. Additionally, you have the following options for notifying us that you want us to cease use or disclosure of your Personal Data, either generally or for any particular purpose(s):

(1) use the Email Removal Request form here

(2) click the unsubscribe link and follow the instructions provided in any e-mail we send you;

(3) e-mail us at ukunsubscribe@ncl.com

(4) write to us at the following address:

Norwegian Cruise Line, Horatio House, 77-85 Fulham Palace Road, Hammersmith, London, W6 8JA ,UK

(5) or call us on 0845 201 8900

Please note, we cannot cease use or disclosure of Personal Data which we consider necessary for the purpose of providing your Cruise where you have made a booking with us we have yet to fulfil. We will, however, cease all other use or disclosure on receipt of your request to do so. In order to ensure we do not inadvertently contact you after receiving your request, we cannot delete all your Personal Data from our systems but will only retain such Personal Data as is necessary for this purpose.

How can you check the Personal Data we are holding?

You are generally entitled to ask us (by letter to the above address or by e-mail to ukconsumer@ncl.com, what details of yours are being held or processed by us, for what purpose(s) and to whom they may be or have been disclosed. We will charge a fee to respond to such a request as permitted by the Act which is currently £10. We promise to respond to your request within 40 days of receiving your written request with sufficient details to enable us to respond and the fee.  In certain limited circumstances we are entitled to refuse your request. 

If you believe that any of the Personal Data we are holding about you is inaccurate or incorrect or that we have acted outside or inconsistently this Policy, please notify us using the details above and we will try to resolve your concern.