Sunshine Cruise Holidays Ltd – Privacy Notice
Cruise1st is a trading name of Sunshine Cruise Holidays Ltd. We collect and process data about enquirers and guests to promote, deliver and improve our services. This Privacy Notice describes what personal data we collect, how we use that data, and how to ensure that our processing meets your expectations.
Why we process personal data
We process personal data about enquirers and guests before, during and after their holidays to provide their services and support our business interests, which include:
- Making enquirers and guests aware of news and offers from Sunshine Cruise Holidays Ltd and our partners;
- Providing services to our guests and recording what services we have provided;
- Managing the health, welfare, safety and security of our guests;
- Handling enquiries, complaints and investigations;
- Operating guest loyalty programmes;
- Monitoring and improving the quality of our services;
- Researching and understanding market needs to improve our marketing effectiveness;
- Working with our partners, such as other tour operators, to manage billing and improve the quality of their services.
We also process personal data about job applicants, current and former employees, service providers, travel agents and other groups of individuals in the course of employment and business operations, and this data is subject to our internal privacy policies.
What personal data we collect
Personal data you provide to us
We collect personal data you provide to us when you enquire or book with us, for example:
- Enquiry: Personal details (name, gender, age etc.), contact information (home address, phone number, email address etc.), details of your interests and communications preferences;
- Booking: Personal details, contact information, booking preferences, financial details (credit/debit card, bank details), travel documents (passport number), care needs (medical, dietary, mobility etc.), dining preferences, other travel details (vehicle registration, excursion bookings);
- Enquiries & Complaints: Personal details, contact information, enquiry or complaint details;
- Loyalty Programme: Personal details, contact information, communications preferences, holiday history;
- Health & Welfare: Medical, dietary and mobility details provided to us before, during or after the holiday;
- Security & Safety: Travel documents, facial photograph, incident reports or witness statements;
- Surveys & Market Research: Responses to post-holiday surveys and market research surveys.
Personal data generated by your interactions with us
Your interactions with us will result in personal data being created and stored by us. Examples include:
- Booking: Booking party details, reference numbers, travel itineraries, flight bookings, manifests, immigration details;
- Enquiries & Complaints: Enquiries or complaints and associated investigation and correspondence before, during or after a holiday;
- Loyalty Programme: Nights on board, cumulative spending;
- Health & Welfare: Medical reports, billing data, welfare reports, correspondence;
- Security & Safety: Accident/incident reports, witness statements, embarkation/disembarkation logs, CCTV recordings, police reports.
Personal data we create
We analyse the personal data we hold in order to improve the effectiveness of our direct marketing communications or to deliver our loyalty programmes. This can, in turn, generate personal data; for example, helping us to decide which marketing communications are likely to be of interest to you, or to determine your loyalty status.
Personal data from other organisations
We receive personal data from other individuals or third party organisations. For example, when making a booking we will receive details of all members of the booking party from the guest making the booking. We may receive personal data from third party organisations, from competitions or promotions where personal data has been provided as part of the competition or promotion, or from social media where personal data has been posted on our social media pages. We use publicly accessible data sources such as data brokers to maintain the accuracy of our enquirer and guest records, and may from time to time use external sources to help us to resolve disputes or recover unpaid accounts.
Sensitive personal data
We do not process sensitive personal data about you except where there is a legal reason to do so. Sensitive personal data can include:
- Health: We collect personal data about guest health as part of the booking process. This is used to facilitate the service provided to you.
- Sexual orientation: Enquirers and guests may from time to time choose to provide data to us relating to their sexual orientation or gender identity so that we can maintain their health, welfare and enjoyment of the services we provide (though we will not actively seek to collect such information).
We process personal data about children to provide the services that have been requested, but do not seek to collect personal data about children for any other purpose.
We may from time to time be asked to process personal data relating to criminal history of individuals, for example if we receive a request from law enforcement authorities, or when investigating security matters that might involve law enforcement.
How we process personal data
We use personal data with your consent, or where it is necessary in order to:
- Enter into a contract and deliver services for you;
- Comply with a legal duty;
- Protect your vital interests or the vital interests of those around you;
- For our own lawful interests or those of other organisations, provided your rights don’t override these.
We will only use personal data about you for the purpose(s) it was collected for or closely related purposes, and will inform you or seek your consent if we need to use it for other purposes.
If you enquire about our services, or engage in competitions or other promotional activities that we or our partners provide, we may ask your consent to provide you with news and offers about our services that you may find of interest. Depending upon your preferences, our communications with you may include:
- Email: We monitor our email communications, including where emails are undelivered and whether or not they appear to have been read. We may cease sending you email communications should we be unable to deliver email to you.
- Post: We may from time to time send postal communications including brochures, newsletters and offers. Where letters are returned to us, or where external data providers notify us of changes, we take steps to update our records. We may cease sending you postal communications if we believe we are no longer able to contact you at the address on file.
- Calls: Calls made to us, and calls received from us, may be recorded for the purposes of audit, training and the monitoring of services provided by us.
- Web: Visitors to our website may be tracked using analytics methods described in our Cookies Policy.
You may withdraw or amend your consent to receive news and offers at any time.
When you make a booking, we will collect personal data about you and other travellers in your group to effect the booking, including your names, genders, dates of birth, home addresses, phone, email, details of any medical, care or dietary requirements, specific preferences relating to the booking you have selected, and your payment details. We need this data to enter into a contract with you.
If you provide us with personal data about any other individuals included in a booking, you must have the authority of those individuals to provide their personal data to us for the purposes set out in this Privacy Notice, and will remain accountable for the information provided. It is the responsibility of the booking leader to ensure that personal data about the group members is accurate and up to date.
If you commence a booking through our website and provide your contact details as part of the booking process, but do not complete that booking, we may send you reminder emails to help you to complete the booking. This will not affect any preferences you have registered with us.
Managing your booking
After you book a holiday, you will be invited by email to access our online service where you will need to provide additional personal data about you and your travel party. This additional mandatory personal data including passport, insurance and emergency contact details for you and your booking group is necessary to complete your booking.
You may optionally book or purchase on-board products and services, excursions and other activities, which may require you to provide further personal data. We may have to share your personal data with other companies such as spa operators or travel operators in order to provide these to you.
Before your holiday, you will receive information about your booking by post or email.
After your holiday
Upon completion of your holiday, we will contact you to seek feedback on your experience to understand your satisfaction level so that we can improve the quality of services we offer, and to assess the performance of our staff and their associated rewards. For UK guests, we may provide your email address to third party review services such as Feefo for the purpose of managing your feedback.
Should you have queries before, during or after your holiday, then we will use information related to your holiday such as travel details, billing, on-board communications and other information we may have on record or which you or third parties may provide to us, to resolve your query.
We may also contact you with information following the holiday you have taken, or if there are queries relating to your payment or the services you have received.
Understanding your needs
The personal data you provide to us or which we obtain through your dealings with us may be analysed for the following purposes:
- To personalise our news, offers and services to your interests;
- To track the response to our marketing communication;
- To review, develop and improve the services we offer (including market research);
- For statistical analysis.
We also conduct identifiable and anonymous market research to provide longer-term insight into the effectiveness of our services and marketing, and to support our service planning and delivery.
Sharing personal data
Enquiries and bookings are processed in the European Union, where our systems may be accessed by Sunshine Cruise Holidays Ltd group staff and suppliers from outside of the European Union subject to strict security controls.
We contract other companies and individuals to perform certain activities on our behalf. Examples include:
- Fulfilling requests for brochures and promotional materials: printers, fulfilment service providers;
- Processing payments: banks, payment service providers;
- Sending postal mail and e-mail communications: postal services, couriers, e-mail service providers;
- Maintaining guest records and analysing data: customer insight agencies, credit agencies;
- Providing port services and excursions:
- Providing travel services: airlines, coach operators, travel agents.
These contractors have access to personal information needed to perform their functions, but are not permitted to use it for other purposes.
If you make a booking we may pass your personal information on to other relevant suppliers of your travel arrangements such as airlines, hotels and transport companies. Your personal information may also be passed to travel agents, security and credit checking companies, credit and charge card companies. We are required to co-operate with government and law enforcement agencies and the public authorities of any country in your itinerary, including customs and immigration authorities.
The following companies have dedicated privacy policies that you should also review. By booking with us you are consenting to the sharing of your personal data with the named companies below for the purposes of the provision of the product or service you have requested from us, and any auxiliary service provided by the named companies:
Transferring personal data to third countries
We collect and process personal data in the European Union (EU). We may need to process your personal data worldwide depending upon the destinations you travel to with us, for example if we have to provide personal data to immigration authorities, port agents or excursion operators in destination countries. This may involve sending your personal information between different countries, including countries outside the EU where controls on data protection may not be as strong as the legal requirements in the EU.
From time to time personal data may need to be shared with other Sunshine Cruise Holidays Ltd companies outside of the EU, or accessed by Sunshine Cruise Holidays Ltd companies from outside of the EU, in order to provide the services you request from us. We use legal mechanisms (‘standard contractual clauses’) and technical and procedural controls to safeguard personal data.
Your rights concerning your personal data
You have rights over how we use personal data about you, and can exercise those rights by contacting our Data Protection team on Sunshine Cruise Holidays Ltd Office 310 3rd floor, Manchester Digital World, 1 Lowry Plaza, The Quays, Salford, M50 3UB or call 01613002781, or email [email protected]. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal data for security, safety, fraud prevention reasons, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Withdrawing consent to processing
Where we have obtained your consent for processing of personal data about you, you have the right to withdraw your consent at any time. Where we process personal data about you in ways for which your consent is not required, for example to record your holiday history, you may ask us to cease processing, or restrict the nature of the processing, if you wish.
Accessing the personal data we hold about you
You may request a copy of the personal data we hold about you. This includes obtaining personal data about you in electronic form to provide to a third party should you wish to do so.
Ensuring the accuracy of personal data we hold about you
We will update or amend personal data we hold about you if you inform us of inaccuracies. We use publicly accessible data sources such as data brokers to maintain the accuracy of our enquirer and guest records.
Deleting personal data we hold about you
We retain personal data for the period required for processing, and where we are under an obligation to do so, for example billing data is retained in accordance with anti-money laundering and financial records keeping requirements.
We will delete personal data we hold about you if you ask us to do so, except where certain exemptions apply.
How to complain about our processing of personal data
If you have a concern or complaint about our processing of personal data, please contact our Data Protection team on Sunshine Cruise Holidays Ltd Office 310 3rd floor, Manchester Digital World, 1 Lowry Plaza, The Quays, Salford, M50 3UB or call 01613002781, or email [email protected].
If you are not satisfied with our processing of personal data, how we have responded to your complaint about the processing of personal data, or you believe our processing of personal data is not in accordance with the law, you have the right to complain to the Information Commissioner’s Office (ICO) by calling +44 (0)303 123 1113, or visiting https://ico.org.uk/concerns/
Securing your personal data
We take the security of your personal data seriously, and use security policies, standards, technologies and ongoing training to safeguard the personal data we process from improper access, use, alteration, destruction and loss.
Where we share your personal data with other companies as described above, we require those companies to process your personal data to an equivalent level of security.
This website is owned, managed and operated by Sunshine Cruise Holidays Ltd. Cruise1st is a trading name of Sunshine Cruise Holidays Ltd. Any personal information provided to Cruise1st is controlled by Sunshine Cruise Holidays Ltd.
This Privacy Notice explains how we collect, use and store personal information about you when you use this website.
We will try to provide you with links to high quality, reputable sites which we believe will be of interest and relevant to you, but please note that such third party sites are not under our control and we do not contribute to the content of such sites. When you click through to these sites you leave the area controlled by us. We cannot accept responsibility for any issues arising in connection with either the third party's use of your data, the site content or the services offered to you by these sites.
If you make payment on-line all of your personal information is encrypted using SSL ("Secure Sockets Layer"). SSL is an industry-standard protocol for encryption over the internet. This helps to protect your personal information from being read by anyone else.
As with any standard email, emails containing your personal data sent to or from us will not be encrypted.
How to contact us
Cruise1st is a trading name of Sunshine Cruise Holidays Ltd . Sunshine Cruise Holidays Ltd is registered in England & Wales number 03931005 and is registered as a data controller with the Information Commissioner’s Office number Z8390218.
All enquiries relating to data protection, including communications with our Data Protection team, should be sent to: Data Protection team on Sunshine Cruise Holidays Ltd Office 310 3rd floor, Manchester Digital World, 1 Lowry Plaza, The Quays, Salford, M50 3UB, or call 01613002781, or email [email protected]
Changes to this privacy notice
This privacy notice was last updated on 04/05/2018. When changes are made to this notice, we will publish the changed notice on our websites with details of the changes.