Privacy Notices

Fred. Olsen Cruise Lines (FOCL) recognises the importance of protecting your privacy. Please be assured that we follow a strict policy of not selling or trading any personal or sensitive information about our customers or prospective customers to any company, organisation or person outside of the Fred. Olsen Group or our associated companies.

Fred. Olsen Cruise Lines are committed to protecting the privacy of everybody that travels with us. This privacy notice is our way of being transparent to you on how we use your personal data when you book with us.

Categories of Personal Data We Process

In order for us to facilitate your booking we require the following personal information about you and all persons on the booking:

  • Name; as on passport
  • Address
  • Phone Number(s)
  • Email
  • Payment method information
  • Nationality
  • Passport Number
  • Passport Expiry Date
  • Passport Issue Date
  • Place of Passport Issue
  • Date of Birth
  • Place of Birth
  • Gender
  • Photograph
  • Emergency contact
    • Name
    • Contact details
    • Relationship to the traveller
  • Travel Insurance Company, Policy Number & 24 hour medical emergency number

We are also obligated to obtain personal data of a special category such as health and medical information and information that could reveal your race or ethnicity, such as nationality.

We request the name and phone number of an emergency contact and their relationship to you. We realise that your emergency contact may not have heard of Fred. Olsen previously and so we ask you to inform them that you will be sharing their information with us. If they have any queries they can contact us using the details we have provided in this notice.

You are required to provide this information to us before we can confirm your booking and accept you on the cruise. If you fail to provide us with this information then you will not be able to board the Ship.

Receiving Data Through Third-Parties

We are proud to have a wide network of travel agents and travel partners. If you book through a travel agent we will receive your data through the travel agent of your choosing. If you have concerns that we may have received your information in error or would like to find out where we have received your information from, please contact us using the details in this notice.

Purposes of processing your personal data legal basis

We process your data for a variety of purposes both shoreside and when you are onboard with us. The table below informs you of our intended purposes and the legal basis we use to process your data.

Shoreside

Purpose

Legal Basis

To confer protection under ABTA and the Air Travel Organiser’s Licence (ATOL) Scheme, where applicable 

Contractual Obligation

Processing your booking and payment information

Contractual Obligation

Obtaining medical information and passport information

 

Contractual obligation with explicit consent

Your explicit consent is obtained through the provision of this information from yourself directly or the third party passing us this information. You can withdraw or decline consent however you will not be able to board our Ship without providing us with this information

Contacting you with information relating to your booking including itinerary changes and costs

Contractual Obligation

Arranging flights or hotels

Contractual Obligation

Amending and transferring your booking at your request

Contractual Obligation

Contacting you from call centre if phone is cut off or call back requested

Legitimate Interest

Transferring your call to Holiday Extras in the event you require travel insurance or any other additions

Legitimate Interest

Contacting you with information on additional services relating to your cruise. For example: information on tours, upgrades, Ocean’s Club and special events

 

Legitimate Interests

Contacting you via email, phone and post about Fred. Olsen Cruises

We will always give the option to opt-out of this at the point we capture your information and in every subsequent communication with you

Legitimate Interests

Call recording

Legitimate Interests

 

Using aggregated data to identify trends in bookings and for business reporting purposes

 

 

Legitimate Interests

Contacting you or your emergency contact in the event of an emergency

Vital Interests

Processing feedback and complaints

Legitimate Interest

 

Onboard

Purpose

Legal Basis

Uploading your information to the passenger management system

 

Contractual Obligation

Providing information to Immigration Authorities, customs and port inspection, Interpol and Police

Legal Obligation

Preparing and sharing manifests and security lists for port agents and port authorities at the designated port-of-call

 

Legal Obligation

Retaining financial records of spend on board

Legal Obligation

Fulfilling specialist dietary requirements

Vital Interests

Providing medical care

Vital Interests

Sharing medical consultation

Consent

Consent is requested and captured at the point of the medical consultation

You can decline consent however this could limit your access to medical resources

Contacting you or your emergency contact in the event of an emergency

Vital Interests

Storing passenger information in crew accessible areas at muster stations

Legitimate Interest

 

Filling in a Spa consultation form prior to treatment (contains medical information)

 

Legitimate interests with your explicit consent captured by you filling in the handwritten form

You may withdraw your consent to provide us with this information however this will affect your ability to receive treatments at our Spa onboard

 

Communicating with you about information that directly relates to you. We do this using onboard mailing to your cabin

Contractual Obligation

 

We offer a facility that allows you to book or find out more information on future cruises

Legitimate Interests

CCTV

Legitimate Interests

Processing your image with a time stamp to validate the correct person is embarking and disembarking  the Ship

Legitimate Interests
Taking photos and videos of guests and crew to produce photographs, images and media including Marketing Brochures, Social Media & Cruise Videos

Legitimate Interest

Please inform a member of staff if you do not wish to be featured in these

Recording financial details to settle onboard accounts

Legal Obligation

Recording feedback and complaints

Legitimate Interests

Health & Safety reporting

Legal Obligation

Little Skippers – kids club

Consent

Recipients of your information

We share information for a variety of reasons in order for us to deliver our cruise and services, to enhance, improve, develop and promote our services, and otherwise conduct our business. The list below provides information on the types of third parties that we share information with.

  • The Civil Aviation Authority, ABTA Limited (ABTA), PT Trustees Limited, trustees of the Air Travel Trust, Port Agents and Port Authorities
  • Travel partners and providers such as travel agencies, airlines and tour providers (if you book a tour through us)
  • Specialist service providers, such as contact tracing solution provider(s) to support infectious disease control
  • Specialist medical service providers in the event you require a specialist treatment e.g. medical care
  • Health service providers, including NHS Agencies, such as GPs, hospitals and ambulance services
  • Government and public agencies, such as the Department of Health and Public Health agencies
  • Holiday Extras: if you need travel insurance – you will provide your information to Holiday Extras and provide us with the policy number
  • Fred Olsen Business Travel; if you require additional travel to board the Ship
  • Mailing houses; we transfer your name and address to mailing houses to send out brochures
  • Selected third parties and service providers, including photographers and videographers, marketing agencies, marketing research agencies, PR agencies and data hosting service providers, so that we can develop, enhance and promote our services and provide you with information and marketing messages about products and services you may enjoy
  • Our affiliates and companies in the Fred. Olsen family of companies, who may use your information in the same way as we can under this notice
  • Third parties as legally required to comply with law and law enforcement, to enforce our terms, to protect the security or integrity of our services, and to exercise or protect the rights, property, and safety of us and other third-parties.

We travel all over the world and the recipients of your personal information can be in any one of the ports we can call at around the world. When docking and liaising with a recipient in Europe, the EEA and countries on the European Commission’s data protection ‘adequacy’ list; we use the countries own data protection regulation as the safeguard for your data over and above the technical and organisational measures we have put in place to secure your data. For recipients outside of this list we use either our contractual clauses or the fulfilment of our contract with you as the appropriate safeguard.

We will never sell your data to any third party.

Retention of your personal data

We retain the data relating to your booking for a minimum of 6 years from the end of the relevant cruise.

Information relating to the monetary value of your booking including financial transactions conducted onboard will be retained for a minimum of 7 years from the date of the transaction.

We retain medical information that we collect if you visit our onboard medical facility for 8 years from the end of the relevant cruise.

The limited information utilised by the onboard contact tracing system is deleted after one month following the end of the relevant cruise, unless a government, health service or public health agency requires a longer retention period.

These retention periods are not inclusive of how long the recipients of your personal information may retain your data for.

Your Rights

We are always happy to fulfil any one of your rights. Your rights with respect to the personal data that we process on you are:

  • Right to information on how your data is processed
  • Right of access to the personal data we hold on you
  • Right to rectify any inaccurate data we process on you
  • Right to object to us processing your personal data
  • Right to erasure of your data
  • Right to data portability
  • Right to lodge a complaint with a data protection regulator
  • Right not to be subject to automated decision making

You can invoke any of your rights at anytime using the contact details listed in this notice. Please be aware that we can ask for identification documents to confirm we are disclosing information to the correct person. If you elect a representative to invoke these rights on your behalf we will request that the representative can demonstrate they have the authority to act on your behalf and their identity.

We do not conduct any automated decision making or profiling when you make a booking with us.

We do conduct some profiling for marketing purposes.

Data Controller

Fred. Olsen Cruise Lines is a data controller. We collect and process data for a number of purposes outlined in this notice. If you ever need to contact us you can by using the details below:

Address: Fred. Olsen House, White House Road, Ipswich, Suffolk, IP1 5LL

Phone: (+44) 01473 292 200

If you have a specific query relating to how we process your personal data you can contact our Data Protection Officer on:

Email: dataprotection@fredolsen.co.uk

Our European Representative

We have appointed a European representative to act on our behalf regarding EU General Data Protection Regulation compliance, and to deal with any supervisory authorities or individuals based in the EEA.

Our European representative is:

Natural Power Consultants (Ireland) Limited

Address: Suite 6, The Mall, Beacon Court, Sandyford, Dublin 18, D18 A3W8, Ireland

Phone: +353 1 697 1344

Email: eu_representative@naturalpower.com

This is an addendum to Fred. Olsen Cruise Lines Booking Notice which contains our privacy notice.  It explains how Fred. Olsen Cruise Lines (as Data Controller) may use your personal data, specifically in relation to the Covid-19 (Coronavirus) Pandemic and to support the NHS Test & Trace scheme in England and NHS Scotland’s Test and Protect service.

To operate safely and effectively, we may need to ask you for sensitive personal information that you have not already supplied, or use data you have already provided, including whether you have any underlying illnesses or are what is classed as vulnerable.

If we already hold information regarding vulnerability, we may share this for vital health reasons, emergency planning purposes and to protect your vital interests by sharing with services both inside and outside Fred. Olsen Cruise Lines.

Your personal data

Personal data relates to a living individual who can be identified from that data.  Some of your personal data is classed as 'special category personal data' because this information is more sensitive e.g. health information, ethnicity and religion etc.

Why we may need to share your personal data

Covid-19 poses serious health risks and we may, therefore, share your information with public authorities, emergency services, and other stakeholders as necessary, and only when necessary, in a proportionate and secure manner.  Contact with you to obtain consent before sharing will not be required for all the reasons described in this notice.  Please be assured that protection of personal data remains a priority at this time after the health and safety of everyone.
We will only share your personal information where the law allows, and we always aim to share the minimum data necessary to achieve the purpose required.  Further, the information will only be used for the purposes listed and retained for limited specific times.

The General Data Protection Regulation and Data Protection Act 2018 allow us to share information for a wide variety of reasons. These are known as our 'legal bases to process data'.

Data protection laws are written to facilitate valid information sharing, especially in times of emergency which often requires more collaborative working.  The legal bases for processing data at Fred. Olsen Cruise Lines while Covid-19 continues to present significant health risks are as follows:

  • Protect the public
  • Satisfy legal and regulatory requirements 
  • Provide extra support for individuals with a disability or medical condition
  • Safeguard children and individuals at risk

Elements of data protection law applicable at this time

Fred. Olsen Cruise Lines will apply the following sections of the General Data Protection Regulation and Data Protection Act 2018 (other elements may be applied dependent upon emerging events):

GENERAL DATA PROTECTION REGULATION

Article 6 – Lawfulness of Processing

  • Article 6.1(c)- processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Article 6.1(d)- processing is necessary in order to protect the vital interests of the data subject or of another natural (living) person.

Article 9 – Processing of special categories of personal data

  • Article 9.2(c)- processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent
  • Article 9.2(g)- processing is necessary for reasons of substantial public interest 
  • Article 9.2(h)- processing is necessary for the purposes of preventative or occupational medicine, where is it necessary for the provision of social care, the provision of health care or treatment or for the management of a health or social care system
  • Article 9.2(i) - processing is necessary for reasons of public interest in the area of public health, such as protecting against cross-border threats to health or ensuring high standards of quality and safety of health care

DATA PROTECTION ACT 2018

SCHEDULE 1, (Special categories of Personal Data), Part 1 Conditions relating to Employment, Health and Research etc

This condition is met if the processing

  1. a) Is necessary for the reasons of public interest in the area of public health and
    b) Is carried out - 
  2. by or under the responsibility of a health professional, or
    II. by another person who in the circumstances owes a duty of confidentiality under an enactment or rule of law 

SCHEDULE 1, (Special categories of Personal Data), Part 2, Substantial Public Interest Conditions

Paragraph 16, Support for individuals with a disability or medical condition

This condition is met if the processing

  1. d) can reasonably be carried out without the consent of the data subject
  2. e) is necessary for reasons of substantial public interest

(1) This condition is met if the processing is

  1. a) necessary for the purposes of
  2.  protecting an individual from neglect or physical, mental or emotional harm, or
    II. protecting the physical, mental or emotional well-being of an individual,
  3. b) the individual is
  4.  aged under 18, or
  5. aged 18 or over and at risk,
  6. c) the processing is carried out without the consent of the data subject for one of the reasons listed in sub-paragraph (2), and
  7. d) the processing is necessary for reasons of substantial public interest.

(2) The reasons mentioned in sub-paragraph (1) c) are —

  1. a) in the circumstances, consent to the processing cannot be given by the data subject
  2. b) in the circumstances, the controller cannot reasonably be expected to obtain the consent of the data subject to the processing

(3) For the purposes of this paragraph, an individual aged 18 or over is "at risk" if the controller has reasonable cause to suspect that the individual —

  1. a) has needs for care and support,
  2. b) is experiencing, or at risk of, neglect or physical, mental or emotional harm, and
  3. c) as a result of those needs is unable to protect himself or herself against the neglect or harm or the risk of it.

Your rights

You have several rights with respect to your personal data.  You can find full details on the Information Commissioner’s Office website.  Any requests regarding your rights should be submitted to the Data Protection Officer.  There may be a delay in responding fully to all requests within one calendar month, but we will strive to keep requestors updated with the progress of their request.

Contact

For any questions regarding the above, please contact our Data Protection Officer at: dataprotection@fredolsen.co.uk

This notice provides you with information on how we use data for marketing. We are committed to fair and transparent processing of people’s data and always offer the option to opt-out of our marketing communications.

Data Controller

Fred. Olsen Cruise Lines is a data controller. We collect and process data for a number of purposes outlined in this notice. If you ever need to contact us you can by using the details below:

Address: Fred. Olsen House, White House Road, Ipswich, Suffolk, IP1 5LL

Phone: (+44) 01473 292 200

If you have a specific query relating to how we process your personal data you can contact our Data Protection Officer on:

Email: dataprotection@fredolsen.co.uk 

How we market

There are a few mediums through which we conduct marketing activities that require our use of people’s personal data. These are:

  • Online
  • Email
  • Postal
  • Telephone
  • Competitions and prize draws

We have detailed the way we use data to conduct these marketing activities below. We also market through press releases, billboard and publications but these do not require us to process our customers’ or prospective customers’ personal data.

 

Online

Social Media

What we do

We are on Facebook @fredolsencruiselines, Twitter @FredOlsenCruise, and Instagram @fred.olsencruiselines. We use these channels to promote our brand and connect with our customer base and, from time to time, advertise to potential future customers.

Some of these marketing channels allow us to place advertisements on the platform. There are several ways this can be achieved, listed below:

  1. Uploading a post and paying to ‘boost’ the post to a specific demographic of people

With this method we do not see any of the personal information you have shared with the social media organisation but if the personal information you have shared matches the criteria for our demographic you will see the advert.

  1. Uploading emails to the social media platform

Using this method of social media advertising we use the social media platform’s marketing engine to analyse email addresses that we upload to find similar profiles to the ones associated with the emails that we have uploaded. This practice is commonly known as ‘look-a-like’ modelling as it allows us to find potential new customers based on information on existing customer profiles.

  1. Tracking pixel

Some social media platforms enable the ability for organisations to place a cookie or ‘pixel’ on the organisation’s website. This allows us to see the success of our social media advertising campaigns and also allow us to reach a wider audience through our advertising. We obtain your consent to place this cookie on your browser. Please refer to our cookie notice to understand how we use cookies and how you can withdraw your consent.

When we advertise through social media we never directly receive any of the information that you have submitted to the social media platform. We use the social platform as a catalyst to find the most appropriate people to present our advertisements to.

We strongly recommend that you review the privacy information of the social media platforms that you use and your privacy settings for the platform.

 

Web Advertising

What we do

We use online adverts to display on the internet when you browse. The placement of these adverts relies on cookies which are small files placed on your browser that personalise your internet browsing experience. The cookie obtains behavioural data about areas of the website you browse, links you click on and pages you visit.

We only place these cookies with your consent. Please refer to our cookie notice to understand how we use cookies and how you can withdraw your consent.

Email Marketing

What we do

We obtain email addresses through customers that book with us, enquire about our offering and from people who ask to receive news, updates and offers from us. Enquiries and bookings can come directly to us or through one of our associate Travel Agents. The Travel Agent should always make you aware that they are transferring your data to us. We can always tell you what source we received your data from and you will be able to opt-out of receiving email marketing communications when you provide your data to us and on every subsequent email communication using our unsubscribe link.

When we undertake an email marketing campaign, we design our marketing materials and select the email recipients we believe the communication would be most relevant to. As part of this process, we remove those addresses, known as having opted out email communications. We then load the email addresses into our third-party email communication platform. This platform offers a second stage of removing anyone opted out. Once this process has been completed we send the email out. We have a Non-Disclosure Agreement (NDA) with our email communication platform (Evomail).

The email communication platform also enables us to track how many unsubscribes, opens and link clicks (if there are website links in the email) have occurred.

We email market to people who have enquired with us or have made bookings previously. From time to time, we purchase lists of potential customers’ email addresses. We use the ‘soft opt-in’ provision of the Privacy and Electronics Communications Regulations (PECR) as our legal basis to conduct our marketing activities in this way, in-line with our legitimate interests as a data controller.

 

Postal Marketing

What we do

There are two methods we use to run a postal marketing campaign.

  1. Mailing to people we have the address for
  2. Mailing to people whose address we do not have; commonly known as ‘door drops’

Mailing to people we have the address for

We send out postal marketing communications to people whose addresses we have on file to promote additional options for existing bookings or our direct mail to promote our cruise programme and offers.

In order to deliver our mail to you we use a few different third parties. Often we print the name of the desired recipient and their address directly on our brochure, magazine or general mailer. To do this we use a specialist third party printing organisations to print this information directly onto the item we are sending out.

As part of this process, we use a postage consolidator. We send data to this third party so that they may process it, before printing, to increase postage efficiencies and reduce postage costs. The postage consolidator we use is Onepost.

We obtain guarantees to ensure that all third parties that we send personal data to comply with data protection regulations and our information security standards.

Mailing to people whose address we do not have

We are always interested in expanding our customer base and we use unsolicited mail as method to achieve this. When we decide to carry out an unsolicited mailing campaign we determine which area we would like to send our communications to using common providers that work off aggregated data sets such as Whistl.

When doing this type of marketing we do not base the strategy on personal data but may use information that we have obtained through bookings to determine the best geographical location to send out mailers to.

 

Telephone Marketing

On the Fred. Olsen Cruise Lines website we offer users the chance to request a call back. This requires the user to provide their name and telephone number in order for a member of our Reservations Department to outbound call and assist with the enquiry. This service is provided by Optilead.

We utilise marketing specific telephone numbers on promotional material to enable us to track response to specific campaigns. We also capture inbound call numbers for business intelligence reporting purposes this is a service provided to us by ResponseTap and Daisy Communications.

If we are unable to take your call we will call you back on the number that you have called on. If you have booked or enquired with us previously we can contact you about related products. You can always opt-out of telephone calls.

 

Competitions and Prize Draws

What personal data do we collect?

When you enter a competition or prize draw, you will be asked to provide your name and your email address, along with any other information required for entry into the competition or prize draw. Occasionally we will also ask you for your phone number and your postal address.

Why do we collect this information?

We collect your personal information when you enter a competition or prize draw directly ourselves or through a third party on our behalf, such as Global Radio Services Limited.

Collection of personal information through a third party typically occurs where the third party is hosting the competition or prize draw, for example on their own website. The third party will collect your personal information in order to allow you to enter into the competition or prize draw, and provide a copy of your information to us.

The third party may process your personal information for its own purposes, so before entering a competition or prize draw, please read the third party’s privacy notice and terms and conditions.

We use your information to manage applications, administer the competition or prize draw and send news, updates and offers from Fred. Olsen Cruise Lines to you, if you opted to receive them,

We collect and process this information on the basis of your legitimate interests in participating in the competition or prize draw, and your consent to receive news, updates and offers.

How long do we retain your information?

We keep the data required to administer the competition or prize draw only for as long as it is needed.

If you have asked us to send you news, updates and offers, we keep your name and email address until you opt out of that service. You can opt out at any time by contacting emailresponse@fredolsen.co.uk.

 

Your rights and our commitment to ethical marketing practices

We are committed to ensuring that we only market through ethical practices. We uphold your rights with respect to privacy and data protection. These rights are:

  • Right to information on how your data is processed
  • Right of access to the personal data we hold on you
  • Right to rectify any inaccurate data we process on you
  • Right to object to us processing your personal data
  • Right to erasure of your data
  • Right to data portability
  • Right to lodge a complaint with a data protection regulator
  • Right not to be subject to automated decision making

You can invoke any of your rights at any time using the contact details listed in this notice. Please be aware that we can ask for identification documents to confirm we are disclosing information to the correct person. If you elect a representative to invoke these rights on your behalf we will request that the representative can demonstrate they have the authority to act on your behalf and their identity.

Retention

We retain marketing data until such time as when requested to remove data or if the marketing department feel in their professional opinion it is best to remove marketing data.

Obligation to provide information

You are not obligated to provide your information for marketing purposes. However, we will use the information you disclose, when booking or enquiring with us, for marketing purposes.

Opt-out

You are always able to opt-out of marketing communications in the following ways:

  • For email marketing – at the time we capture your email and on the unsubscribe line at the bottom of the email
  • For telephone marketing – on the phone call
  • Social media marketing – settings on the social media platform
  • Postal marketing – on the mailer that has been sent there is information on how to opt-out

If you have any questions relating to opting out please contact us using the details we have provided in this notice.

Obtaining data through third parties

In such circumstance we obtain personal data through a third party we will be able to tell you our source of your data.

Fred. Olsen are committed to protecting the privacy of everybody that travels with us. This privacy notice is our way of being transparent to you on how we use your browsing data when you visit our website. We use cookies on our website which can collect personal data as you browse our website.

Data controller

Fred. Olsen Cruise Lines the data controller. We collect and process data for a number of purposes outlined in this notice. If you ever need to contact us you can by using the details below:

Address: Fred. Olsen House, White House Road, Ipswich, Suffolk, IP1 5LL

Phone: (+44) 01473 292 200

If you have a specific query relating to how we process your personal data you can contact our Data Protection Officer on:

Email: dataprotection@fredolsen.com

Categories of personal data we process

Here is a list of personal data that we collect when you visit our website.

Cookies:

  • Internet Protocol (IP) address
  • Device type
  • Browser type
  • Web pages visited
  • Links clicked
  • Phone number
  • Website navigation
  • Social media profile information

We also obtain data on our web forms for taking enquiries and bookings, you can find out more about how we use this data in our Bookings and Marketing privacy notices. Below is a list of cookies we use and their purpose:

Necessary Cookies

 

Name Cookie Name Purpose
Simpeclick overlay_5a96a50f6c723f146ce6857e overlay_5a96d8790d2c04139cdd8164 This cookie is used to prevent an overlay showing multiple times during the users session.
Simpeclick agencyModal Remembers that you have seen the agency user modal for the current session so it is not shown again. This cookie is deleted when you close your browser.
Simpeclick AlertViewed-5a9fd98480b43c477aff5ed This cookie is used to adhere to the users request to hide and alert and to prevent it being shown again unless the alert is amended.
Simpeclick ASP.NET_SessionId This cookie is essential for the website to recognise you as a unique visitor amongst all people currently on the site, and to enable the site to respond to your browsing choices. This cookie is deleted when you close your browser. 
Simpeclick b1P This cookie contains a number which identifies which of our load-balanced servers you are accessing in order to view our website. This helps to ensure your connection to our website is not interrupted during your visit. This cookie is deleted when you close your browser.
Simpeclick cookieconsent_dismissed
Records if your consent to our cookies has been explicitly given by closing the cookie notification bar, or if your consent is only presumed at this point. Once consent has been given, the cookie will record this for one year.
Simpeclick ExitIntent In the booking engine, sets this to true if the exit intent popup has been shown, so it is not shown again during the current session
Simpeclick lastviewedcabinfare  
Simpeclick remember-me.token This cookie remebers your travel agent login information when you wish for us to remember you so that you do not need to continue entering your details. 

Simpeclick

session.id

session.id.oceans

session.id.rivers

 These cookie is essential for the website to recognise you as a unique visitor amongst all people currently on the site, and to enable the site to respond to your browsing choices. This cookie is deleted when you close your browser.
Simpeclick simpleclick_config_cookies This cookie enables us to controm which cookies are set for the user depending on which category the user has consented / not consented to.
Incapsula

incap_ses_#_#

visid_incap_#

 These cookies are used by a third party service in order to filter any malicious requests.
Live Person

LPSID-#

LPSID

LPSessionID

IpTabId

IpTestCookie#

IpLastVisit-#

LPVisitorID

 Used by Live Person, these cookies check if the user's browser supports cookies and for the real time messaging platform to recognise active mesages and returning visits. 
Facebook

fr

 Used by Facebook to support Facebook login for My Cruises
Google+

APISID
SSID

 Used by Google to support Google+ login for My Cruises
Feefo

 

feefo.translations

feefo.translationsUpdatedAt

 These cookies detect the language of the users PC to display reviews accordingly. 
CloudFare __cfduid

 

 Used by a third party service to identify trusted website traffic.

 

 

Preference cookies

Name Cookie Name Purpose
SimpleClick

Accordions

Homepage_SocialFeed

 

 These cookies remembers and records the open/close of accordions and social tabs on the website. These cookies are deleted when you close your browser.
SimpleClick

HideRecentlyViewed

 Remembers a user's preference to hide the recently viewed cruises section on the website.
SimpleClick

session_code

 This cookie is used as an identifier which tracks what cruises you view and how many times in order for us to highlight cruises you may also like.
SimpleClick

ViewedCruises

 Tracks the cruises being viewed to allow us to surface cruises that have also been viewed by users on the cruise details pages

 

Statistic cookies

Name Cookie Name Purpose
Google Analytics

 _ga

 _gat_UA-2014671-1

 _gat_gtag_UA_2014671_1

 _gid

 collect

 G_ENABLED_IDPS

 These cookie helps us to improve the content on our website by giving us tracking information. For example (and not restricted to), the number of times a user has visited, which search engine you came from and the keyword you used.
Share This

 __unam

 __sharethis_cookie_test__

 Associated with the ShareThis social sharing widget placed in a site to enable sharing of content across various social networks. It counts clicks and shares of a particular webpage.
Response Tap

 adiErr

 adiLP

 adiS

 adiV

 adiVi

JSESSIONID

 Used to collect anonymous information about the visitors who call us using the telephone numbers on the website. To learn more about ResponseTap please visit www.responsetap.com.
VE Interactive

 __ssid

 {Guid}

 This cookie may collect the following information and store it against an anonymous user ID: Product code from merchant sites the visitor has browsed and other information relevant to shopping behaviour on mainstream shopping sites. This information is used to serve targeted adverts to the visitor on an anonymous basis.

 

Marketing cookies

Name Cookie Name Purpose
Adalyser

 __adal_ca

 __adal_cw

 __adal_id

 __adal_ses

 adal_out_queue_adalyserTracker_get

 tracking/track/v3/p

 These cookies are used for TV tracking to store campaign and visit data.
Google Adwords

 ads/ga-audiences

 pluto

 pluto2

 fastclick

 Used by Google Adwords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. Pluto2 is a temporary cookie that is created in the case when no PLUTO cookie is set AND the user hits the advertiser site where a Re-Targeting pixel has been executed. Pluto is used to track preference information. Fastclick tells the delivery system that the browser had opted out of the network.
 

sentisum_session

 Persistent cookies are the cookies that are preserved through browser shutdowns. This means, even if you close this page today and ever return there in future, the website will know you’re a returning visitor. This may be used for “remember me” features, as well as persistent user tracking. These cookies, especially if set by third party organisations, are powerful tool for monitoring your activities across all the websites you visit.
Facebook

 tr

 act, c_user, datr, dpr, js_ver,   presence, sb, wd, xs

 Facebook uses cookies for a vast range of purposes, from functionality and performance, to advertisements and measurements. 
Doubleclick

 _drt_
 id

 IDE

 test_cookie

 This cookie is used by Google AdSense DoubleClick for online advertising frequency capping and avoiding the duplication of ads on a page, meaning a user will not have to view the same ad over and over again. Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user
Yahoo

 B

 Collects anonymous data related to the user's website visits, such as the number of visits, average time spent on the website and what pages have been loaded. The registered data is used to categorise the users' interest and demographical profiles with the purpose of customising the website content depending on the visitor.
Google Preferences

NID

PREF

 These cookies allow our websites to remember information that changes the way the site behaves or looks, such as your preferred language or the region you are in. 
Google+

APISID

SSID

 These cookies are used in conjunction with the Google+1 button to enable you to share information publicly, as part of your Google Profile.

Google security

 

SID
SAPISID
HSID

 Google use these which contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time. The combination of these two cookies allows Google to block many types of attack, such as attempts to steal the content of forms that you complete on web pages.

 

 

Receiving Data Through Third-Parties

We use third-party cookies to obtain some of the personal data listed above. The third party collects the data via a cookie and we obtain the data that has been collected through our website management platforms.

Purposes of processing your personal data legal basis

The cookies that we place that capture personal data are placed with your consent. We use your consent as the lawful basis for us to process data that is collected by a cookie. You may withdraw your consent at anytime by going to the cookies settings link in the website footer, removing the cookies placed from your browser settings and preventing cookies from being set in your browser settings. Please note that we have to store a cookie to confirm your preference. This will contain no other data than your cookie preference.

We process cookie data for the following purposes:

  1. Analysing website performance
  2. Ensuring our advertisements reach the right people
  3. Tailoring our website to our visitors
  4. Judging the effectiveness of online advertisements
  5. Recording website visitor locations

Recipients of your information

Once we have captured information through a cookie the data largely stays in our website platform management solutions. Occasionally we share anonymised data with our marketing and PR company Total Media based in the UK.

Your Rights

We are always happy to fulfil any one of your rights. Your rights with respect to the personal data that we process on you are:

  • Right to information on how your data is processed
  • Right of access to the personal data we hold on you
  • Right to rectify any inaccurate data we process on you
  • Right to object to us processing your personal data
  • Right to erasure of your data
  • Right to data portability
  • Right to lodge a complaint with a data protection regulator
  • Right not to be subject to automated decision making

You can invoke any of your rights at anytime using the contact details listed in this notice. Please be aware that we can ask for identification documents to confirm we are disclosing information to the correct person. If you elect a representative to invoke these rights on your behalf we will request that the representative can demonstrate they have the authority to act on your behalf and their identity.

Where requests for data are collected through cookies we will need to ask specific questions before responding to the rights above. We are dedicated to being fair and transparent in the data that we process.

Provision of personal information and automated decision making

It is not mandatory for you to allow cookies before entering and browsing on our website. Some of the cookies we utilise use aggregated data in order to tailor the browsing experience. This is a form of profiling. You can opt-out of this type of profiling at any time by removing our cookies from your web browser and preventing cookies from being placed in the web browser settings.

Fred. Olsen Cruise Lines are committed to protecting the privacy of everybody that travels with us. This privacy notice is our way of being transparent to you on how we use your personal data when you use our mobile application.

Categories of personal data we process when using our mobile application

  • Device Type
  • Type of Operating System (OS)
  • IP Address
  • Location
  • Cabin Account
  • My Cruises Information

We process this data for the following purposes

  • Application optimization and improvement
  • Personalisation of application content
  • Sending promotional offers

Legal basis for processing

We process this data under the legal basis of our legitimate interest of providing a mobile application to you. When using the location settings the application will ask for your consent to use your location. This preference can be changed in your device settings. You will still be able to use the application without consenting to use location services however features that require you to enable location services will be limited.

Recipients

The data is used by Fred. Olsen Cruise Lines application developers, Simple Click Solutions Ltd to improve application performance.

Storage and Data Retention

The information listed above will be stored whilst you use the mobile application. We will retain statistical data about the applications usage for 24 months.

Your Rights

  • Right to information on how your data is processed
  • Right of access to the personal data we hold on you
  • Right to rectify any inaccurate data we process on you
  • Right to object to us processing your personal data
  • Right to erasure of your data
  • Right to data portability
  • Right to lodge a complaint with a data protection regulator
  • Right not to be subject to automated decision making

Provision of information

Unless preference are otherwise specified, your device will be required to provide this information prior to being able to use the application.

Existence of automated decision making and profiling

Statistical information is used to make decisions about how to optimise application performance.

Data Controller

Fred. Olsen Cruise Lines Ltd

Address: Fred. Olsen House, Whitehouse Road, Ipswich, Suffolk, IP1 5LL

Phone: +44 (0)1473 292 200

Email: dataprotection@fredolsen.co.uk

This privacy notice tells you what to expect us to do with your personal information when you visit one of our vessels (other than as a customer or guest) or contact us in relation to a visit for any purpose.  It also explains how we may use your personal data in relation to the Covid-19 (Coronavirus) Pandemic and to comply with government guidance to support the NHS Test & Trace scheme in England and NHS Scotland’s Test and Protect service.

Controller’s and Data Protection Officer’s details

Fred. Olsen Cruise Lines is a data controller. We collect and process data for the purposes set out in this notice. If you ever need to contact us our postal address is:

Fred. Olsen Cruise Lines limited

Fred. Olsen House

White House Road

Ipswich IP1 5LL

You can contact us on (+44) 1473 292 200 or email our Data Protection Officer at dataprotection@fredolsen.co.uk

The source of your information

The personal information we process about you is provided to us directly by you (or your organisation) because you wish to attend, or have attended, one of our vessels.

Your rights

Under data protection law, you have rights we need to make you aware of.  

Your rights with respect to the personal data that we process on you are:

  • Right to information on how your data is processed
  • Right of access to the personal data we hold on you
  • Right to rectify any inaccurate data we process on you
  • Right to object to us processing your personal data
  • Right to erasure of your data
  • Right to data portability
  • Right to lodge a complaint with a data protection regulator
  • Right not to be subject to automated decision making

Your data protection rights are detailed on the Information Commissioner’s website.

Please contact us at dataprotection@fredolsen.co.uk if you wish to make a request, or contact us on (+44) 01473 292 200.

Personal information we process

We ask all visitors to register before boarding a vessel and show a form of ID. The ID is for verification purposes only, we don’t record this information.

The information required in order to board a vessel is limited to your name, contact phone number, the name of your organisation (if applicable), mode of transport, your temperature and health screening questions.

Covid-19 poses serious health risks and we may, therefore, share your information with public authorities, emergency services, and other stakeholders as necessary, and only when necessary, in a proportionate and secure manner. 

The purpose for processing visitor information is for security, health and safety reasons.  We will only process your personal data for the purpose for which we collected it.

Elements of data protection law applicable at this time

We will apply the following sections of the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA) (other elements may be applied dependent upon emerging events):

GDPR Article 6 – Lawfulness of Processing

  • Article 6.1(c) - processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Article 6.1(d) - processing is necessary in order to protect the vital interests of the data subject or of another natural (living) person.
  • Article 6(1)(f) – processing is necessary for the purposes of the controller’s legitimate interests.

GDPR Article 9 – Processing of special categories of personal data

  • Article 9.2(c) - processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent.
  • Article 9.2(g) - processing is necessary for reasons of substantial public interest.
  • Article 9.2(h) - processing is necessary for the purposes of preventative or occupational medicine, where is it necessary for the provision of social care, the provision of health care or treatment or for the management of a health or social care system.
  • Article 9.2(i) - processing is necessary for reasons of public interest in the area of public health, such as protecting against cross-border threats to health or ensuring high standards of quality and safety of health care.

DPA SCHEDULE 1, (Special categories of Personal Data), Part 1 Conditions relating to Employment, Health and Research etc

DPA SCHEDULE 1, (Special categories of Personal Data), Part 2, Substantial Public Interest Conditions

If you do not provide all of the requested information, including temperature screening, then you may not be allowed to board a vessel and/or be asked to leave a vessel.

Sharing your information

We will not share your information outside our parent and/or group company with any third parties unless we are legally obliged to share the information, for example to a public health authority or government agency, or under a court order.

Retention of your personal data

Unless a claim or other legal reason exists, we keep visitor information for no more than three months.

Changes to this privacy notice

We reserve the right to update this privacy notice at any time.

How to lodge a complaint

If you have a complaint regarding the processing of your personal data, then please contact our Data Protection Officer.  You also have the right to lodge a complaint with the Information Commissioner’s Office at any time. Should you wish to exercise that right the full details are available at the ICO website.