Privacy Notices

Fred. Olsen Cruise Lines is committed to being transparent about how we use the personal data of everyone we deal with.

This notice sets out the basis on which any personal data (‘data’) we collect, that is provided by you or we obtain by other means, including information provided on your behalf in the case of a group booking, will be processed by us whether we receive that personal data further to your use of this website or because you are a passenger, a customer, a contact, a sub-contractor or a supplier.

If you visit our website, you are accepting and consenting to this privacy notice including how we use your personal data when you visit our website.

We are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to goods and services offered to individuals in the European Economic Area (EEA), if applicable.

CCTV operates on our ships for the safety and security of our guests and crew.  Photographers and camera crew are often on board our ships to take photos and make videos for sale during and at the end of a cruise.  If you would prefer not to be photographed or included in a video, please tell us so that we may take reasonable steps to reduce the risk of you being filmed.  

Categories of Personal Data We Collect

The personal data we collect about you depends on whether you are making an enquiry, you are, or may be, a passenger in a booking (including a group booking), a customer, browsing our website or you are, or may be, a supplier or a business contact. We usually get your personal data directly from you, but we may also obtain your personal data from other sources as necessary, depending on our relationship with you and the relevant products and services that we are providing (as applicable).

We will collect and use some or all the following personal data about you (and if you are making a booking, all persons to be included in that booking):

Information type	Details
Personal information	Name, title, address, phone number(s), email address, emergency contact details (name, phone number and their relationship to you), date and place of birth, nationality, gender, photographs (for security), social media identifiers
Official documentation	This includes passport number, expiry date, issue date, place of issue
Payment method information	Credit card information, transactional history and purchases, amount paid for services, bank information
Health Details	Information you submit to us related to disability, dietary requirements, medical and contagious disease, and vaccination information
Account information	Email address and password, and information provided to set up a My Cruises account, sign up for our newsletter or for a promotion or special offer, and/or to use our mobile app
Website use & communications	We may collect your username, account ID and password, IP address, website use information, browser information, device type, location, image and video and audio recording. We may also collect information you give us when you engage with our social media (for example by mentioning or tagging us in a post on Instagram) and from third party social networking providers if you choose to connect to our services using your social network account.
Behavioural Information	Analytics information that describes your behavioural characteristics relating to your use of our products and services. For example, usual transactional activities, browsing behaviour on our websites and how you interact as a user of our products and services, or those provided by third-party organisations, such as social media platform providers.
Commercial information	Job title, contact details, email address, work address, details of company you work for, professional experience, qualificationsJob title, contact details, email address, work address, details of company you work for, professional experience, qualifications
Other information	Any information that is relevant to your interaction with us, your visit to our website, making an enquiry and making a booking. This may include details of family members and persons who may travel with you, travel insurance details, and 24-hour medical emergency number

If you make a group booking (a booking entered into by you on behalf of yourself and a number of other passengers) you are the “Lead Passenger”. If in the course of making the group booking, you provide us with personal data about other individuals included in the booking, you must have the authority of those individuals to provide their personal data to us for the purposes set out in this privacy notice. The Lead Passenger remains accountable for the information provided and must ensure that personal data about the group members is accurate and up to date.

We realise that your emergency contact may not have heard of Fred. Olsen previously and so we ask you to inform them that you will be sharing their information with us. If they have any queries, they can contact us using the details we have provided in this notice.

You are required to provide information to us before we can confirm your booking and accept you on the cruise.  If you fail to provide us with the information you will not be able to board our ship.

Receiving Data Through Third-Parties

We are proud to have a wide network of travel agents and travel partners. If you book through a travel agent, we will receive your data through the travel agent of your choosing. If you have concerns that we may have received your information in error or would like to find out where we have received your information from, please contact us using the details in this notice.

We may also collect information about you from other sources as necessary, including from publicly available resources, such as online registers or directories or online publications, social media posts and other information that is publicly available.

Depending on the relationship with you (e.g. if you are a supplier or business contact) and/or the products or services you are interested in or we are providing, we may get personal information about you from other sources such as:
• people you appoint to act on your behalf
• your employer and/or company, business or organisation you represent or is related to you
• affiliated or related service providers
• credit reference and fraud prevention agencies
• regulatory and other entities with authority over us, such as tax authorities, law enforcement agencies or authorities imposing sanctions

Purposes of processing your personal data legal basis

We process your data for a variety of purposes both shoreside and when you are on board with us. The table below informs you of our intended purposes and the legal basis we use to process your data.

Shoreside & General

Purpose	Legal Basis
Setting you up as a customer or supplier	Contractual Obligation
To confer protection under ABTA and the Air Travel Organiser’s Licence (ATOL) Scheme, where applicable	Contractual Obligation
Processing bookings and payment information	Contractual Obligation
Obtaining medical information and passport information	Contractual obligation with explicit consent Your explicit consent is obtained through the provision of this information from yourself directly or the third party passing us this information. You can withdraw or decline consent however you will not be able to board our ship without providing us with this information
Vaccination information, shielding and/or clinically extremely vulnerable status	Legitimate interest consent
Communicating with you about information that directly relates to you while providing services to you and/or in connection with your communication with us	Contractual Obligation Legitimate Interest
Arranging flights or hotels	Contractual Obligation
Amending and transferring your booking at your request	Contractual Obligation
Contacting you from call centre if phone is cut off or call back requested	Legitimate Interest
Transferring your call to Holiday Extras in the event you require travel insurance or any other additions	Legitimate Interest
Direct marketing and contacting you with information on additional services relating to your cruise. For example: information on tours, upgrades, Ocean’s Club and special events	Legitimate Interests
Contacting you via email, phone and post about Fred. Olsen Cruises We will always give the option to opt-out of this at the point we capture your information and in every subsequent communication with you	Legitimate Interests
Recording voice calls, online chat conversations via text, audio, and video images	Legitimate Interests
Using aggregated data to identify trends in bookings, to examine holiday preferences and attitudes, to improve our services and for business reporting purposes	Legitimate Interests
To combine the information that we collect directly from you with any information that we obtain from third parties to whom you have given your consent to pass that data onto us, such as the Social Media platforms and publicly available information, such as described above.	Legitimate interest
Market and brand research, insight, and customer segmentation	Legitimate interest
Improving data accuracy and data maintenance	Legitimate interest
Contacting you or your emergency contact in the event of an emergency	Legitimate Interests
Receiving your enquiry, recording relevant details, and processing your data to respond	Legitimate interest
Processing feedback and complaints	Legitimate Interest
Responding to questions, monitoring social media tags, opinions, comments, conversations and posts to be able to react and/or gain insights, identify conversations, sentiments, and complaints about us	Legitimate Interest
Disclosing information to public authorities, immigration authorities, customs and port inspection, Interpol, and police for the prevention and detection of crime and law enforcement purposes.	Legitimate Interest
Personalising and improving our services to you	Legitimate Interest
Health & safety reporting	Legal Obligation
Improving website content, record keeping and account creation	Legitimate Interest
Carrying out anti-fraud screening and verifying your identity	Public interest

On board

Purpose	Legal Basis
Uploading your information to the passenger management system	Contractual Obligation
Disclosing information to public authorities, immigration authorities, customs and port inspection, Interpol, and police for the prevention and detection of crime and law enforcement purposes.	Legitimate Interest
Preparing and sharing manifests and security lists for port agents and port authorities at the designated port-of-call	Legal Obligation
Retaining financial records of spend on board	Legal Obligation
Fulfilling specialist dietary requirements	Legitimate Interests
Providing medical care	Legitimate Interests Consent Vital Interests
Sharing medical consultation	Legitimate Interests Consent Consent is requested and captured at the point of the medical consultation You can decline consent however this could limit your access to medical resources
To operate contagious disease and pandemic contact tracing systems	Vital Interest Legitimate Interest
Contacting you or your emergency contact in the event of an emergency	Legitimate Interests
Storing passenger information in crew accessible areas at muster stations	Legitimate Interest
Filling in a Spa consultation form prior to treatment (contains medical information)	Legitimate interests with your explicit consent captured by you filling in the handwritten form You may withdraw your consent to provide us with this information however this will affect your ability to receive treatments at our Spa onboard
Communicating with you about information that directly relates to you. We do this using onboard mailing to your cabin	Contractual Obligation Legitimate Interests
We offer a facility that allows you to book or find out more information on future cruises	Legitimate Interests
CCTV	Legitimate Interests
Processing your image with a time stamp to validate the correct person is embarking and disembarking the Ship	Legitimate Interests
Taking videos and photographs of guests and crew to produce photographs, images, and media, including the Cruise Video	Legitimate Interest Please inform a member of staff if you do not wish to be featured in these
Recording financial details to settle onboard accounts	Legal Obligation
Processing feedback and complaints	Legitimate Interests
Responding to questions, monitoring social media tags, opinions, comments, conversations and posts to be able to react and/or gain insights, identify conversations, sentiments, and complaints about us	Legitimate Interests
Health & Safety reporting	Legal Obligation
Little Skippers – kids club	Consent

 

We do not target our website or offer any of our products or services for sale to anyone under the age of 18 (a “Minor”), nor do we knowingly collect personal data from a Minor.  Any adult that submits information about a Minor may only do so on the basis that they are the parent or legal guardian of that Minor and waive all claims in relation to that Minor.

 

Recipients of your information

We share information for a variety of reasons, including when you request us to do so, for the prevention and detection of crime, where required by law and regulation, to enhance, improve, develop, and promote our services, and otherwise conduct our business. The list below provides information on the types of third parties that we share information with.

• The Civil Aviation Authority, ABTA Limited (ABTA), PT Trustees Limited, trustees of the Air Travel Trust, Port Agents and Port Authorities
• Travel partners and providers such as travel agencies, airlines, and tour providers (if you book a tour through us)
• Specialist service providers, such as contact tracing solution provider(s) to support infectious disease control
• Specialist medical service providers in the event you require a specialist treatment e.g. medical care
• Health service providers, including NHS Agencies, such as GPs, hospitals, and ambulance services
• Government and public agencies, such the Department of Health and Public Health agencies
• Holiday Extras: if you need travel insurance – you will provide your information to Holiday Extras and provide us with the policy number
• Fred Olsen Business Travel; if you require additional travel to board one of our ships
• Data validation and cleansing service providers to help us keep personal data accurate and up to date
• External hosting providers for the administration of our website services, including our video chat host (Talkative) and our email letter distributor
• Mailing houses and printers, including Sterling Solutions, Pureprint, Pepper Communications, SEO2 Print, Oliver Agency, Intygra and Business Reply Direct Mail (BRMS). We share your name and address to mailing houses to send out brochures
• Market research, marketing, branding and PR agencies to help to understand our customers and guests so that we may develop, enhance and improve our products and services and deliver information and marketing messages in relation to Fred Olsen Cruise Lines 
• Our employees and contractors, selected third parties and service providers, including photographers and videographers, social media platforms and social media analytics tool (Sprinklr), data hosting service providers, so that we can develop, enhance, and promote our services and provide you with information and marketing messages about products and services

• Our affiliates and companies in the Fred. Olsen family of companies, who may use your information in the same way as we can under this notice
• Third parties as legally required to comply with law and law enforcement, to enforce our terms, to protect the security or integrity of our services, and to exercise or protect the rights, property, and safety of us and other third-parties
• Our professional advisors and auditors for the purpose of seeking professional advice or to meet our audit responsibilities

We travel all over the world and the recipients of your personal information can be in any one of the ports we can call at around the world. When docking and liaising with a recipient in Europe, the EEA, and countries on the European Commission’s data protection ‘adequacy’ list; we use the countries own data protection regulation as the safeguard for your data over and above the technical and organisational measures we have put in place to secure your data. For recipients outside of this list we use either our contractual clauses or the fulfilment of our contract with you as the appropriate safeguard.

We will never sell your data to any third party.

Retention of your personal data

We will keep your data for as long as reasonably necessary in order that we may use the information for the purpose it was collected. Factors we take into consideration when deciding how long to retain your personal data include legal, contractual and regulatory obligations, whether you make an enquiry only (you do not make a booking or create an account with us) or make a booking or make a booking and cruise with us.

Information that is collected if you make an enquiry only will be retained for a minimum of 1 year.

We retain the data relating to your booking for a minimum of 6 years from the end of the relevant cruise.

Information relating to the monetary value of your booking including financial transactions conducted onboard will be retained for a minimum of 7 years from the date of the transaction.

We retain medical information that we collect if you visit our onboard medical facility for 8 years from the end of the relevant cruise.

The limited information utilised by the onboard contact tracing system is deleted after one month following the end of the relevant cruise, unless a government, health service or public health agency requires a longer retention period. 

These retention periods are not inclusive of how long the recipients of your personal information may retain your data for.

Your Rights

We are always happy to fulfil any one of your rights. Your rights with respect to the personal data that we process on you are:

• Right to information on how your data is processed
• Right of access to the personal data we hold on you
• Right to rectify any inaccurate data we process on you
• Right to object to us processing your personal data
• Right to erasure of your data
• Right to data portability
• Right to lodge a complaint with a data protection regulator
• Right not to be subject to automated decision making

You can invoke any of your rights at any time using the contact details listed in this notice. Please be aware that we can ask for identification documents to confirm we are disclosing information to the correct person. If you elect a representative to invoke these rights on your behalf, we will request that the representative can demonstrate they have the authority to act on your behalf and their identity.

We do not conduct any automated decision-making or profiling when you make a booking with us.

We do conduct some profiling for marketing purposes.

For more information about our marketing activities please visit: www.fredolsencruises.com/legal/privacy-and-cookies-policy

How to Contact Us
Individuals in the UK

Fred. Olsen Cruise Lines is a data controller. We collect and process data for several purposes outlined in this notice. If you ever need to contact us you can by using the details below:

Address: Fred. Olsen House, White House Road, Ipswich, Suffolk, IP1 5LL

Phone: (+44) 01473 292 200

If you have a specific query relating to how we process your personal data, you can contact our Data Protection Officer on:

Email: dataprotection@fredolsen.co.uk

Individuals in the EEA

We have appointed a European representative to act on our behalf regarding EU General Data Protection Regulation compliance, and to deal with any supervisory authorities or individuals based in the EEA.

Our European representative is:

Natural Power Consultants (Ireland) Limited

Address: Suite 6, The Mall, Beacon Court, Sandyford, Dublin 18, D18 A3W8, Ireland

Phone: +353 1 697 1344

Email: eu_representative@naturalpower.com

Changes To This Notice

We may change this privacy notice from time to time.  You are encouraged to revisit our website from time to time to view the current version of this notice.

This notice provides you with information on how we use data for marketing. We are committed to fair and transparent processing of people’s data and always offer the option to opt-out of our marketing communications.

Data Controller

Fred. Olsen Cruise Lines is a data controller. We collect and process data for a number of purposes outlined in this notice. If you ever need to contact us you can by using the details below:

Address: Fred. Olsen House, White House Road, Ipswich, Suffolk, IP1 5LL

Phone: (+44) 01473 292 200

If you have a specific query relating to how we process your personal data you can contact our Data Protection Officer on:

Email: dataprotection@fredolsen.co.uk 

How we market

There are a few mediums through which we conduct marketing activities that require our use of people’s personal data. These are:

• Online
• Email
• Postal
• Telephone
• Competitions and prize draws

We have detailed the way we use data to conduct these marketing activities below. We also market through press releases, billboard and publications but these do not require us to process our customers’ or prospective customers’ personal data.

 

Online

Social Media

What we do

We are on Facebook @fredolsencruiselines, Twitter @FredOlsenCruise, and Instagram @fred.olsencruiselines. We use these channels to promote our brand and connect with our customer base and, from time to time, advertise to potential future customers.

Some of these marketing channels allow us to place advertisements on the platform. There are several ways this can be achieved, listed below:

1. Uploading a post and paying to ‘boost’ the post to a specific demographic of people

With this method we do not see any of the personal information you have shared with the social media organisation but if the personal information you have shared matches the criteria for our demographic you will see the advert.

2. Uploading emails to the social media platform

Using this method of social media advertising we use the social media platform’s marketing engine to analyse email addresses that we upload to find similar profiles to the ones associated with the emails that we have uploaded. This practice is commonly known as ‘look-a-like’ modelling as it allows us to find potential new customers based on information on existing customer profiles.

3. Tracking pixel

Some social media platforms enable the ability for organisations to place a cookie or ‘pixel’ on the organisation’s website. This allows us to see the success of our social media advertising campaigns and also allow us to reach a wider audience through our advertising. We obtain your consent to place this cookie on your browser. Please refer to our cookie notice to understand how we use cookies and how you can withdraw your consent.

When we advertise through social media we never directly receive any of the information that you have submitted to the social media platform. We use the social platform as a catalyst to find the most appropriate people to present our advertisements to.

We strongly recommend that you review the privacy information of the social media platforms that you use and your privacy settings for the platform.

 

Web Advertising

What we do

We use online adverts to display on the internet when you browse. The placement of these adverts relies on cookies which are small files placed on your browser that personalise your internet browsing experience. The cookie obtains behavioural data about areas of the website you browse, links you click on and pages you visit.

We only place these cookies with your consent. Please refer to our cookie notice to understand how we use cookies and how you can withdraw your consent.

Email Marketing

What we do

We obtain email addresses through customers that book with us, enquire about our offering and from people who ask to receive news, updates and offers from us. Enquiries and bookings can come directly to us or through one of our associate Travel Agents. The Travel Agent should always make you aware that they are transferring your data to us. We can always tell you what source we received your data from and you will be able to opt-out of receiving email marketing communications when you provide your data to us and on every subsequent email communication using our unsubscribe link.

When we undertake an email marketing campaign, we design our marketing materials and select the email recipients we believe the communication would be most relevant to. As part of this process, we remove those addresses, known as having opted out email communications. We then load the email addresses into our third-party email communication platform. This platform offers a second stage of removing anyone opted out. Once this process has been completed we send the email out. We have a Non-Disclosure Agreement (NDA) with our email communication platform (Evomail).

The email communication platform also enables us to track how many unsubscribes, opens and link clicks (if there are website links in the email) have occurred.

We email market to people who have enquired with us or have made bookings previously. From time to time, we purchase lists of potential customers’ email addresses. We use the ‘soft opt-in’ provision of the Privacy and Electronics Communications Regulations (PECR) as our legal basis to conduct our marketing activities in this way, in-line with our legitimate interests as a data controller.

 

Postal Marketing

What we do

There are two methods we use to run a postal marketing campaign.

1. Mailing to people we have the address for
2. Mailing to people whose address we do not have; commonly known as ‘door drops’

Mailing to people we have the address for

We send out postal marketing communications to people whose addresses we have on file to promote additional options for existing bookings or our direct mail to promote our cruise programme and offers.

In order to deliver our mail to you we use a few different third parties. Often we print the name of the desired recipient and their address directly on our brochure, magazine or general mailer. To do this we use a specialist third party printing organisations to print this information directly onto the item we are sending out.

As part of this process, we use a postage consolidator. We send data to this third party so that they may process it, before printing, to increase postage efficiencies and reduce postage costs. The postage consolidator we use is Onepost.

We obtain guarantees to ensure that all third parties that we send personal data to comply with data protection regulations and our information security standards.

Mailing to people whose address we do not have

We are always interested in expanding our customer base and we use unsolicited mail as method to achieve this. When we decide to carry out an unsolicited mailing campaign we determine which area we would like to send our communications to using common providers that work off aggregated data sets such as Whistl.

When doing this type of marketing we do not base the strategy on personal data but may use information that we have obtained through bookings to determine the best geographical location to send out mailers to.

 

Telephone Marketing

On the Fred. Olsen Cruise Lines website we offer users the chance to request a call back. This requires the user to provide their name and telephone number in order for a member of our Reservations Department to outbound call and assist with the enquiry. This service is provided by Optilead.

We utilise marketing specific telephone numbers on promotional material to enable us to track response to specific campaigns. We also capture inbound call numbers for business intelligence reporting purposes this is a service provided to us by ResponseTap and Daisy Communications.

If we are unable to take your call we will call you back on the number that you have called on. If you have booked or enquired with us previously we can contact you about related products. You can always opt-out of telephone calls.

 

Competitions and Prize Draws

What personal data do we collect?

When you enter a competition or prize draw, you will be asked to provide your name and your email address, along with any other information required for entry into the competition or prize draw. Occasionally we will also ask you for your phone number and your postal address.

Why do we collect this information?

We collect your personal information when you enter a competition or prize draw directly ourselves or through a third party on our behalf, such as Global Radio Services Limited.

Collection of personal information through a third party typically occurs where the third party is hosting the competition or prize draw, for example on their own website. The third party will collect your personal information in order to allow you to enter into the competition or prize draw, and provide a copy of your information to us.

The third party may process your personal information for its own purposes, so before entering a competition or prize draw, please read the third party’s privacy notice and terms and conditions.

We use your information to manage applications, administer the competition or prize draw and send news, updates and offers from Fred. Olsen Cruise Lines to you, if you opted to receive them,

We collect and process this information on the basis of your legitimate interests in participating in the competition or prize draw, and your consent to receive news, updates and offers.

How long do we retain your information?

We keep the data required to administer the competition or prize draw only for as long as it is needed.

If you have asked us to send you news, updates and offers, we keep your name and email address until you opt out of that service. You can opt out at any time by contacting emailresponse@fredolsen.co.uk.

 

Your rights and our commitment to ethical marketing practices

We are committed to ensuring that we only market through ethical practices. We uphold your rights with respect to privacy and data protection. These rights are:

• Right to information on how your data is processed
• Right of access to the personal data we hold on you
• Right to rectify any inaccurate data we process on you
• Right to object to us processing your personal data
• Right to erasure of your data
• Right to data portability
• Right to lodge a complaint with a data protection regulator
• Right not to be subject to automated decision making

You can invoke any of your rights at any time using the contact details listed in this notice. Please be aware that we can ask for identification documents to confirm we are disclosing information to the correct person. If you elect a representative to invoke these rights on your behalf we will request that the representative can demonstrate they have the authority to act on your behalf and their identity.

Retention

We retain marketing data until such time as when requested to remove data or if the marketing department feel in their professional opinion it is best to remove marketing data.

Obligation to provide information

You are not obligated to provide your information for marketing purposes. However, we will use the information you disclose, when booking or enquiring with us, for marketing purposes.

Opt-out

You are always able to opt-out of marketing communications in the following ways:

• For email marketing – at the time we capture your email and on the unsubscribe line at the bottom of the email
• For telephone marketing – on the phone call
• Social media marketing – settings on the social media platform
• Postal marketing – on the mailer that has been sent there is information on how to opt-out

If you have any questions relating to opting out please contact us using the details we have provided in this notice.

Obtaining data through third parties

In such circumstance we obtain personal data through a third party we will be able to tell you our source of your data.

Fred. Olsen are committed to protecting the privacy of everybody that travels with us. This privacy notice is our way of being transparent to you on how we use your browsing data when you visit our website. We use cookies on our website which can collect personal data as you browse our website.

Data controller

Fred. Olsen Cruise Lines the data controller. We collect and process data for a number of purposes outlined in this notice. If you ever need to contact us you can by using the details below:

Address: Fred. Olsen House, White House Road, Ipswich, Suffolk, IP1 5LL

Phone: (+44) 01473 292 200

If you have a specific query relating to how we process your personal data you can contact our Data Protection Officer on:

Email: dataprotection@fredolsen.com

Categories of personal data we process

Here is a list of personal data that we collect when you visit our website.

Cookies:

• Internet Protocol (IP) address
• Device type
• Browser type
• Web pages visited
• Links clicked
• Phone number
• Website navigation
• Social media profile information

We also obtain data on our web forms for taking enquiries and bookings, you can find out more about how we use this data in our Bookings and Marketing privacy notices. Below is a list of cookies we use and their purpose:

Necessary Cookies

 

Name	Cookie Name	Purpose
Simpleclick	overlay_5a96a50f6c723f146ce6857e overlay_5a96d8790d2c04139cdd8164	This cookie is used to prevent an overlay showing multiple times during the users session.
Simpleclick	agencyModal	Remembers that you have seen the agency user modal for the current session so it is not shown again. This cookie is deleted when you close your browser.
Simpleclick	AlertViewed-5a9fd98480b43c477aff5ed	This cookie is used to adhere to the users request to hide and alert and to prevent it being shown again unless the alert is amended.
Simpleclick	ASP.NET_SessionId	This cookie is essential for the website to recognise you as a unique visitor amongst all people currently on the site, and to enable the site to respond to your browsing choices. This cookie is deleted when you close your browser.
Simpleclick	b1P	This cookie contains a number which identifies which of our load-balanced servers you are accessing in order to view our website. This helps to ensure your connection to our website is not interrupted during your visit. This cookie is deleted when you close your browser.
Simpleclick	cookieconsent_dismissed	Records if your consent to our cookies has been explicitly given by closing the cookie notification bar, or if your consent is only presumed at this point. Once consent has been given, the cookie will record this for one year.
Simpleclick	ExitIntent	In the booking engine, sets this to true if the exit intent popup has been shown, so it is not shown again during the current session
Simpleclick	lastviewedcabinfare
Simpleclick	remember-me.token	This cookie remembers your travel agent login information when you wish for us to remember you so that you do not need to continue entering your details.
Simpleclick	session.id session.id.oceans session.id.rivers	These cookie is essential for the website to recognise you as a unique visitor amongst all people currently on the site, and to enable the site to respond to your browsing choices. This cookie is deleted when you close your browser.
Simpeclick	simpleclick_config_cookies	This cookie enables us to controm which cookies are set for the user depending on which category the user has consented / not consented to.
Incapsula	incap_ses_#_# visid_incap_#	These cookies are used by a third party service in order to filter any malicious requests.
Live Person	LPSID-# LPSID LPSessionID IpTabId IpTestCookie# IpLastVisit-# LPVisitorID	Used by Live Person, these cookies check if the user's browser supports cookies and for the real time messaging platform to recognise active mesages and returning visits.
Facebook	fr	Used by Facebook to support Facebook login for My Cruises
Google+	APISID SSID	Used by Google to support Google+ login for My Cruises
Feefo	feefo.translations feefo.translationsUpdatedAt	These cookies detect the language of the users PC to display reviews accordingly.
CloudFare	__cfduid	Used by a third party service to identify trusted website traffic.

 

 

Performance cookies

Name	Cookie Name	Purpose
SimpleClick	Accordions Homepage_SocialFeed	These cookies remembers and records the open/close of accordions and social tabs on the website. These cookies are deleted when you close your browser.
SimpleClick	HideRecentlyViewed	Remembers a user's preference to hide the recently viewed cruises section on the website.
SimpleClick	session_code	This cookie is used as an identifier which tracks what cruises you view and how many times in order for us to highlight cruises you may also like.
SimpleClick	ViewedCruises	Tracks the cruises being viewed to allow us to surface cruises that have also been viewed by users on the cruise details pages
SimpleClick	my-cruises.remember-me	Allows a user to opt in to being persistently logged in to their My Cruises account between browser sessions.

 

Statistic cookies

Name	Cookie Name	Purpose
Google Analytics	_ga  _gat_UA-2014671-1  _gat_gtag_UA_2014671_1  _gid  collect  G_ENABLED_IDPS	These cookie helps us to improve the content on our website by giving us tracking information. For example (and not restricted to), the number of times a user has visited, which search engine you came from and the keyword you used.
Share This	__unam  __sharethis_cookie_test__	Associated with the ShareThis social sharing widget placed in a site to enable sharing of content across various social networks. It counts clicks and shares of a particular webpage.
Infinity	adiErr  adiLP  adiS  adiV  adiVi JSESSIONID	Used to collect anonymous information about the visitors who call us using the telephone numbers on the website. To learn more about ResponseTap please visit www.responsetap.com.

 

Marketing cookies

Name	Cookie Name	Purpose
Adalyser	__adal_ca  __adal_cw  __adal_id  __adal_ses  adal_out_queue_adalyserTracker_get  tracking/track/v3/p	These cookies are used for TV tracking to store campaign and visit data.
Google Adwords	ads/ga-audiences  pluto  pluto2  fastclick	Used by Google Adwords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. Pluto2 is a temporary cookie that is created in the case when no PLUTO cookie is set AND the user hits the advertiser site where a Re-Targeting pixel has been executed. Pluto is used to track preference information. Fastclick tells the delivery system that the browser had opted out of the network.
	sentisum_session	Persistent cookies are the cookies that are preserved through browser shutdowns. This means, even if you close this page today and ever return there in future, the website will know you’re a returning visitor. This may be used for “remember me” features, as well as persistent user tracking. These cookies, especially if set by third party organisations, are powerful tool for monitoring your activities across all the websites you visit.
Facebook	tr  act, c_user, datr, dpr, js_ver,   presence, sb, wd, xs	Facebook uses cookies for a vast range of purposes, from functionality and performance, to advertisements and measurements.
Doubleclick	_drt_  id  IDE  test_cookie	This cookie is used by Google AdSense DoubleClick for online advertising frequency capping and avoiding the duplication of ads on a page, meaning a user will not have to view the same ad over and over again. Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user
Yahoo	B	Collects anonymous data related to the user's website visits, such as the number of visits, average time spent on the website and what pages have been loaded. The registered data is used to categorise the users' interest and demographical profiles with the purpose of customising the website content depending on the visitor.
Google Preferences	NID PREF	These cookies allow our websites to remember information that changes the way the site behaves or looks, such as your preferred language or the region you are in.
Google security	SID SAPISID HSID	Google use these which contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time. The combination of these two cookies allows Google to block many types of attack, such as attempts to steal the content of forms that you complete on web pages.
Zoho SalesIQ	JSESSIONID	This cookie is generated by servlet containers like Tomcat and used for session management for the HTTP protocol
Zoho SalesIQ	LS_CSRF_TOKEN	This cookie is used for security purposes in order to avoid Cross-Site Request Forgery, (CSRF) for the AJAX calls made by the visitor
Zoho SalesIQ	fredolsenzohoadmin-_zldp	This cookie identifies the unique visitors for the website
Zoho SalesIQ	fredolsenzohoadmin-_zldt	This cookie identifies unique visits for a visitor in the website
Zoho SalesIQ	uesign	This cookie is used to manage the security of the applications.

 

 

Receiving Data Through Third-Parties

We use third-party cookies to obtain some of the personal data listed above. The third party collects the data via a cookie and we obtain the data that has been collected through our website management platforms.

Purposes of processing your personal data legal basis

The cookies that we place that capture personal data are placed with your consent. We use your consent as the lawful basis for us to process data that is collected by a cookie. You may withdraw your consent at anytime by going to the cookies settings link in the website footer, removing the cookies placed from your browser settings and preventing cookies from being set in your browser settings. Please note that we have to store a cookie to confirm your preference. This will contain no other data than your cookie preference.

We process cookie data for the following purposes:

1. Analysing website performance
2. Ensuring our advertisements reach the right people
3. Tailoring our website to our visitors
4. Judging the effectiveness of online advertisements
5. Recording website visitor locations

Recipients of your information

Once we have captured information through a cookie the data largely stays in our website platform management solutions. Occasionally we share anonymised data with our marketing and PR company Total Media based in the UK.

Your Rights

We are always happy to fulfil any one of your rights. Your rights with respect to the personal data that we process on you are:

• Right to information on how your data is processed
• Right of access to the personal data we hold on you
• Right to rectify any inaccurate data we process on you
• Right to object to us processing your personal data
• Right to erasure of your data
• Right to data portability
• Right to lodge a complaint with a data protection regulator
• Right not to be subject to automated decision making

You can invoke any of your rights at anytime using the contact details listed in this notice. Please be aware that we can ask for identification documents to confirm we are disclosing information to the correct person. If you elect a representative to invoke these rights on your behalf we will request that the representative can demonstrate they have the authority to act on your behalf and their identity.

Where requests for data are collected through cookies we will need to ask specific questions before responding to the rights above. We are dedicated to being fair and transparent in the data that we process.

Provision of personal information and automated decision making

It is not mandatory for you to allow cookies before entering and browsing on our website. Some of the cookies we utilise use aggregated data in order to tailor the browsing experience. This is a form of profiling. You can opt-out of this type of profiling at any time by removing our cookies from your web browser and preventing cookies from being placed in the web browser settings.

Fred. Olsen Cruise Lines are committed to protecting the privacy of everybody that travels with us. This privacy notice is our way of being transparent to you on how we use your personal data when you use our mobile application.

Categories of personal data we process when using our mobile application

• Device Type
• Type of Operating System (OS)
• IP Address
• Location
• Cabin Account
• My Cruises Information

We process this data for the following purposes

• Application optimization and improvement
• Personalisation of application content
• Sending promotional offers

Legal basis for processing

We process this data under the legal basis of our legitimate interest of providing a mobile application to you. When using the location settings the application will ask for your consent to use your location. This preference can be changed in your device settings. You will still be able to use the application without consenting to use location services however features that require you to enable location services will be limited.

Recipients

The data is used by Fred. Olsen Cruise Lines application developers, Simple Click Solutions Ltd to improve application performance.

Storage and Data Retention

The information listed above will be stored whilst you use the mobile application. We will retain statistical data about the applications usage for 24 months.

Your Rights

• Right to information on how your data is processed
• Right of access to the personal data we hold on you
• Right to rectify any inaccurate data we process on you
• Right to object to us processing your personal data
• Right to erasure of your data
• Right to data portability
• Right to lodge a complaint with a data protection regulator
• Right not to be subject to automated decision making

Provision of information

Unless preference are otherwise specified, your device will be required to provide this information prior to being able to use the application.

Existence of automated decision making and profiling

Statistical information is used to make decisions about how to optimise application performance.

Data Controller

Fred. Olsen Cruise Lines Ltd

Address: Fred. Olsen House, Whitehouse Road, Ipswich, Suffolk, IP1 5LL

Phone: +44 (0)1473 292 200

Email: dataprotection@fredolsen.co.uk

This privacy notice tells you what to expect us to do with your personal information when you visit one of our vessels (other than as a customer or guest) or contact us in relation to a visit for any purpose. 

Controller’s and Data Protection Officer’s details

Fred. Olsen Cruise Lines is a data controller. We collect and process data for the purposes set out in this notice. If you ever need to contact us our postal address is:

Fred. Olsen Cruise Lines limited

Fred. Olsen House

White House Road

Ipswich IP1 5LL

You can contact us on (+44) 1473 292 200 or email our Data Protection Officer at dataprotection@fredolsen.co.uk

The source of your information

The personal information we process about you is provided to us directly by you (or your organisation) because you wish to attend, or have attended, one of our vessels.

Your rights

Under data protection law, you have rights we need to make you aware of.  

Your rights with respect to the personal data that we process on you are:

• Right to information on how your data is processed
• Right of access to the personal data we hold on you
• Right to rectify any inaccurate data we process on you
• Right to object to us processing your personal data
• Right to erasure of your data
• Right to data portability
• Right to lodge a complaint with a data protection regulator
• Right not to be subject to automated decision making

Your data protection rights are detailed on the Information Commissioner’s website.

Please contact us at dataprotection@fredolsen.co.uk if you wish to make a request.

Personal information we process

We ask all visitors to register before boarding a vessel and show a form of ID. The ID is for verification purposes only, we don’t record this information.

The information required in order to board a vessel is limited to your name, contact phone number, the name of your organisation (if applicable), mode of transport, your temperature and health screening questions.

The purpose for processing visitor information is for security, health and safety reasons.  We will only process your personal data for the purpose for which we collected it.

Elements of data protection law applicable at this time

We will apply the following sections of the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA) (other elements may be applied dependent upon emerging events):

GDPR Article 6 – Lawfulness of Processing

• Article 6.1(c) - processing is necessary for compliance with a legal obligation to which the controller is subject.
• Article 6.1(d) - processing is necessary in order to protect the vital interests of the data subject or of another natural (living) person.
• Article 6(1)(f) – processing is necessary for the purposes of the controller’s legitimate interests.

GDPR Article 9 – Processing of special categories of personal data

• Article 9.2(c) - processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent.
• Article 9.2(g) - processing is necessary for reasons of substantial public interest.
• Article 9.2(h) - processing is necessary for the purposes of preventative or occupational medicine, where is it necessary for the provision of social care, the provision of health care or treatment or for the management of a health or social care system.
• Article 9.2(i) - processing is necessary for reasons of public interest in the area of public health, such as protecting against cross-border threats to health or ensuring high standards of quality and safety of health care.

DPA SCHEDULE 1, (Special categories of Personal Data), Part 1 Conditions relating to Employment, Health and Research etc

DPA SCHEDULE 1, (Special categories of Personal Data), Part 2, Substantial Public Interest Conditions

If you do not provide all of the requested information, including temperature screening, then you may not be allowed to board a vessel and/or be asked to leave a vessel.

Sharing your information

We will not share your information outside our parent and/or group company with any third parties unless we are legally obliged to share the information, for example to a public health authority or government agency, or under a court order.

Retention of your personal data

Unless a claim or other legal reason exists, we keep visitor information for no more than three months.

Changes to this privacy notice

We reserve the right to update this privacy notice at any time.

How to lodge a complaint

If you have a complaint regarding the processing of your personal data, then please contact our Data Protection Officer.  You also have the right to lodge a complaint with the Information Commissioner’s Office at any time. Should you wish to exercise that right the full details are available at the ICO website.