ROYAL CARIBBEAN’S PRIVACY NOTICE
SECTION I: Section for global application
1. Who We Are
1.1 References to “We”, “Us”, or “Our” in this Privacy Notice, mean the following data controllers, who determine how (and for what purposes) your personal data is used:
i. Royal Caribbean Cruises Ltd., 1050 Caribbean Way, Miami, Florida 33132, USA if:
i. you use Our websites, mobile application(s), or shipboard kiosks outside of the European Economic Area (EEA) and the United Kingdom (UK);
ii. you call one of Our call centres which is based outside of the EEA and the UK;
iii. your personal data is processed on Our Royal Caribbean International vessels; or
iv. you book a cruise through one of Our entities based outside of the EEA, the UK or Switzerland.
ii. Celebrity Cruises Inc.,1050 Caribbean Way, Miami, FL 33132, USA if:
i. you use Our Websites, mobile application(s), or shipboard kiosks outside of the EEA;
ii. you call one of Our call centres which is based outside of the EEA and the UK;
iii. your personal data is processed on Our Celebrity vessels; or
iv. you book a cruise through one of Our entities based outside of the EEA, the UK or Switzerland.
iii. RCL Cruises Ltd., Building 3, The Heights, Brooklands, Weybridge, Surrey KT13 0NY, UK if:
i. you use Our websites inside the EEA, Australia, and New Zealand or the UK;
ii. you call Our call centres based in the EEA or in the UK; or
iii. you book a cruise through one of Our entities based inside of the EEA, the UK or Switzerland.
d) Royal Caribbean Cruises Service (China) Company Limited, F15 358 Dongdaming Road, Hongkou District, Shanghai, P.R., China if:
i. you use Our websites, WeChat mini program, Our official stores on third-party platforms, or mobile application(s) inside China;
ii. you call Our call centre based in China;
iii. you book a cruise through one of Our entities based inside China.
2. Acknowledgement / Privacy Notice Highlights
2.1 Your use of and interaction with Our websites, mobile application(s), and/or other digital platforms owned or operated by Us (collectively, “Our Digital Platforms”), including any related services, and Our electronic communications and your solicitation or use of Our products, goods, or services (collectively, “Services”) constitutes your acknowledgment that you understand the terms of Our Privacy Notice and that you consent to the use of any Cookies on Our Digital Platforms and/or communications. Please review the Cookies and other technologies section of this Notice for additional information on Our use of and how you can manage Cookies.
2.2 Your privacy is very important to Us and We want to be open with you about how We use your personal data – that is the information that identifies you as an individual – to make sure that you have the best possible cruise experience. In this privacy notice We explain:
a) what information We collect about you;
b) what We may do with it; and
c) what your rights are.
2.3 We want you to understand how We use your personal data, how We keep it safe and what your rights are. Summarized below are the main circumstances in which We use Your personal data:
a) We collect your personal data when you use Our Digital Platforms or call Our call centres. For example, We collect:
i. your contact details and other personal information (which may sometimes include sensitive personal data, such as special needs and dietary requirements);
ii. details about your bookings and how you travel with Us;
iii. your travel profile and marketing preferences; and
iv. information on how you use Our Digital Platforms and interact with Our emails.
b) We use your personal data to understand what you might be interested in and to make Our emails, texts, social or digital media, and offers relevant to you – We build a profile of your travel patterns and interests to do this.
c) We need to use your personal data to give you the best possible onboard experience – When you book with Us, We need your personal data to deliver a great cruise vacation. We also process your personal data for customer service purposes and where required by law.
d) We use your personal data to ensure the security of everyone onboard and to manage threats to health from, for example, communicable illnesses, such as Norovirus.
e) To provide Our services to you, We may need to share your personal data with and receive personal data about you from:
i. Our global brands. Royal Caribbean International, Celebrity Cruises, and Silversea Cruises and Our affiliates and subsidiaries (hereinafter “Royal Caribbean Group”);
ii. Travel partners. When we refer to “Travel Partners” in this Privacy Notice, We mean third parties who promote and take bookings for Our cruises and other products and services. This includes travel agencies and the individual travel agents who work for those agencies or for themselves;
iii. Suppliers. When We refer to “Suppliers” in this Privacy Notice, We mean the third parties We have engaged who provide Us with products and services that enable Us to run Our business. This includes third parties who help Us to deliver your cruise vacation, such as transport and accommodation vendors, media and marketing vendors, port agents, and who assist Us to run Our business, such as accountants, consultants, payment providers, auditors, IT service and platform providers, insurance providers, and legal advisers (together, “Suppliers”); and
iv. Business partners. When We refer to “Business Partners”, We mean third parties We have engaged to complement the cruises or other products and services We provide to you, such as tour operators.
3. Personal Data
3.1 Who’s responsible for your personal data.
As a data controller, We are responsible for the personal data you provide to Us and will only share such personal data with the Royal Caribbean Group, Suppliers, and Business Partners if We have a legitimate reason permitted by law, or we have your consent.
3.2 What personal data do We collect or receive.
The following are examples of the categories of your personal data that We process alongside information on how and/or when We get that personal data:
Categories of personal data | When/How We get it |
Personal, contact, ID and payment details – Your full name and contact details (first name, middle name, last name, nickname, suffix, email address, phone number, postal address, country of residence, emergency contact details), age, date of birth, gender, passport details, photograph, video footage (including CCTV footage), job title, visa details, dietary requirements, nationality, marital status, country of birth, payment card details and any publicly available content on social media platforms. | You provide some of these details to Us if you book a cruise, sign up to receive Our emails, join Our loyalty programs, use Our Digital Platforms or interact with Our social media accounts (including by entering competitions). You might also provide these details to Us if you contact one of Our call centres. Where you book through a Travel Partner, We may receive these details from the Travel Partner. If another person books a cruise or contacts Us on your behalf, We will receive these details from them. We may also receive video footage of you from the CCTV cameras onboard Our ships. |
Sensitive personal data – We may collect details relating to your health or medical conditions, including details of any accessibility requirements, allergies or other health-related requests. We also may collect details of your meal preferences which may tell Us about allergies or other dietary requirements, or potentially indicate your religion or beliefs. | You provide some of these details to Us if you tell Us about medical conditions when you book with Us, check in for your cruise, request guest access or other accessibility services, visit one of Our medical facilities during a cruise and/or sign up to a shore excursion, tour or entertainment onboard a cruise. You might also provide these details to Us if you contact one of Our call centres. Where you book through a Travel Partner, We may receive these details from the Travel Partner. If another person books a cruise or contacts Us on your behalf, We may receive these details from them. Before your cruise, We may collect certain information about your medical history (including details of vaccinations) and current state of health to make sure that you are healthy enough to cruise and to try to identify symptoms of communicable illnesses. We may collect information at the point of purchase of your cruise ticket, through the online check in process, and/or via the app. We may ask you additional questions about your health at the terminal prior to embarkation, and We may require that you undertake a medical examination, undertake a test to identify whether you have a communicable illness, test your body temperature and/or provide documentation about your health, all to ensure that you are healthy enough to travel. We may also repeat some or all of these screening measures at debarkation and/or embarkation in ports of call, and at the point of debarkation at the end of your cruise. We may also use personal data collected directly by Our systems to identify individuals who have been in close contact in circumstances where there is a threat to health such as a communicable illness. We may capture this information when, for example, you scan your SeaPass card to purchase a drink at a café onboard or through the CCTV footage captured onboard. Otherwise, we may require or request that you wear a wearable device to support contact tracing onboard. |
Your photograph and your image – We may collect a facial photograph of you before your cruise or during your cruise or images collected through CCTV cameras onboard Our ships. | We use your image for safety and security purposes, as described in 6(2)(c) below. If We have your consent to do so, We use the photo you provide to identify you during the embarkation process, to make boarding quicker, and We may allow Business Partners to access this data to verify your identity (e.g., where you request that Our onboard photographers prepare and send you photos of you and those people you are travelling with). We use CCTV onboard our ships for safety and security purposes such as to find missing persons or for contact tracing purposes. We also use enhanced software to analyse the CCTV footage which may use facial recognition techniques or other tools to identify characteristics, such as the colour of a person’s clothing. We may use information from these systems to understand guests’ flows of movement around the ship, which areas on the ship are busiest (where, for example, it might become more difficult for guests to maintain a social distance if required). |
Loyalty account details – a unique ID for your loyalty account, points balance, account activity, life milestones (e.g., anniversary date), and, when combined with certain other of your personal information, your loyalty tier. | We create these details for you when you join one of Our loyalty programs and update them as you credit bookings and other activity to your loyalty account. |
Booking records – Details of past and future bookings with Us (including booking ID, cruise type, date of cruise, ship, passengers on your booking, destination, duration, price paid, cabin information and the date of booking) and bookings with Suppliers (including flight dates, flight number, airport destination, airline and frequent flyer ID). | We compile this personal data from Our records when you book with Us. We also receive this personal data from Suppliers if you book with them. |
Details about your travel patterns and preferences – The destinations that you travel to with Us, the length and the type of your vacation with Us including whether you travel with household members (e.g., family vacations), your propensity to book certain types of vacations or destinations or to re-book with Us within a specific timeframe and the marketing segments that We add you to. | We compile this information from your booking records and Our profiling and personalized marketing activities – see Profiling and personalized marketing below. |
Your marketing and data processing preferences – Whether you want to receive marketing communications from Us and how you would like Us to contact you. | We keep a record of your marketing preferences when you tell Us about these, including the options you select in your guest account. |
Technical information related to use of Our Digital Platforms – Details about the browser, device and internet connection that you use when you browse Our Digital Platforms, technical information, including your IP address, MAC address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. For example, Our Digital Platforms can tell whether you are using a mobile phone or a desktop computer. | We compile this information from your booking records and Our profiling and personalized marketing activities – see the Profiling and personalised marketing section of this Notice for additional information. Your device provides this information when you use Our Digital Platform whether or not you are signed into your account or have accepted cookies. |
Cookies – Our Digital Platforms store small text files on your device that identify your browser. See the Cookies and other technologies section of this Notice for additional information. | We compile this information from your booking records and Our profiling and personalized marketing activities – see the Profiling and personalised marketing section of this Notice for additional information. When you visit Our Digital Platforms and use Our services that means We need to identify you (e.g., where you book a cruise, sign into your account, where you want Us to identify you as a member of Our loyalty programs and where We need to remember your preferences). Cookies can also be set when you open Our emails. |
Information about your interactions with Our websites – As well as the technical information above, We collect information about your visits to Our websites, including the full web addresses that you access, your path of clicks, through and from Our site (including date and time and whether you used a search engine), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call Our customer service number. | When you browse Our websites. |
Information about your interactions with Our emails – We use elements embedded in Our emails (e.g., images and clear images) that let Us know whether you have opened or read an email. If you follow links in Our emails, We may also set cookies on your system if you have enabled cookies. This information also tells Us about your propensity to engage with Our emails. | When you open and interact with email that We have sent you (unless you have opted out). We compile information about how you interact with Our emails from Our profiling and personalized marketing activities – see the Profiling and personalised marketing section of this Notice for additional information. |
Information about the purchases you make onboard We collect information about your purchases along with the loyalty number and transaction information to enable you to purchase products and/or activities as well as to obtain loyalty benefits. | If you make purchases with Us prior to or during your cruise, We collect these details at the point of payment including through Our Digital Platforms, call centres, or from your SeaPass (if the purchase is made onboard). |
Details relating to your use of onboard casinos We track details of your play and spend in onboard casinos (including offer codes, your customer ID, spend, loyalty rewards details and gaming habits). We sometimes use these details to identify guests that may be interested in casino gaming. | If you choose to use casinos onboard during your cruise, We collect these details when you play, including when you use your SeaPass card when you play. If you apply for credit for use at Our onboard casino, We will receive credit related information from Our credit check service provider. |
Information relating to third party promotions and offers We work with Business Partners so that you are able to use promotions and offers. To enable you to use these offers and promotions, We verify your details against those provided by Business Partners (such as the voucher number and expiration date). | We receive these details from Business Partners if you have opted to receive promotions from them. |
3.3 How We use your personal data and who We share it with.
This section explains how We use the personal data listed above and who We share it with.
We use your personal data:
a) To manage your bookings with Us and to provide the services or membership benefits that you request before, during and after your cruise: We need to use your personal data to deliver Our services to you when you book a cruise. For example, when you travel with Us We need your personal data to send you a booking confirmation, to manage changes to your booking, to check you in when you board Our ships and to keep track of you onboard, to deliver your benefits for Our loyalty programs, to provide you with further products and services onboard (for example when you book shore excursions, tours or onboard entertainment and when you make purchases in Our shops, restaurants, and casinos).
b) To help you contact Our customer support services: When you get in touch with Our customer support services (whether through the Digital Platforms or otherwise), We will process your personal information so that you receive the best customer service possible.
c) For your safety: Your safety is important to Us, and We use your details to safeguard it. For example, We transfer a record of the personal data you provide during the booking process onto your cruise ship for use if you require medical assistance. Additionally, We check booking details against law enforcement registers and Our internal records for the safety of all customers. With your consent to do so, we compare any photo you provide before your cruise with images taken during embarkation to help identify you and to speed up the boarding process for you. We also use closed-circuit television (“CCTV”) cameras onboard Our ships, and We may match images against the photograph We have of you if We need to identify you. We equip Our security staff with body cameras for your safety. If circumstances allow, We will notify you before We begin recording with a body camera.
d) To ensure the health and safety of all those onboard: This includes you and your travelling companions, Our employees and other third parties, such as service providers. We may put in place measures to help Us to manage threats to health such as those posed by, for example, communicable illnesses, and through these measures, We may collect and process your personal data, including certain sensitive personal data relating to your health.
e) To make Our Digital Platforms easy to use and enhance your cruise-planning experience: The personal data We collect when you use Our Digital Platforms helps Us to make sure that Our Digital Platforms work well (for example, so that We know it is you when you sign into your account). We’re often improving Our Digital Platforms and content therein to enhance your cruise-planning experience, and data about how you use Our site helps Us to do that. We also use this data to help Us understand interest in the different sections of Our Digital Platforms and the products and services that We sell online. We also use your data to make the cruise booking process more convenient. For example, We can remember what you have searched for so you can pick up where you left off. We also use your information to fix operational problems with the Digital Platforms such as software bugs and to maintain the safety and security of the Digital Platforms.
f) To manage your relationship with Us as a consumer and to deliver personalized service: When you sign up via Our Digital Platforms or make a booking, We create a consumer profile of you in Our systems. This is your digital profile that brings the personal data that We maintain and identifies you across Royal Caribbean Group. Your consumer profile lets Us deliver a personalized experience when you search for cruises, book and travel with Us or contact Us by phone or email. We also use your consumer profile to personalize the marketing communications that We send you. We also sometimes use your details to ask for feedback on Our services.
g) To process payments and invoicing: When you make a purchase through the Digital Platforms (whether in relation to a cruise or certain products or services such as shore excursions), We will process your payment details to process the transaction.
h) For marketing and promotional purposes: We use your contact details for Our marketing and promotions, including to send you information about the products and services that We and Royal Caribbean Group offer. We also use your personal data to personalize Our marketing communications to make them more relevant for you and to measure engagement with Our marketing campaigns. See Direct Marketing and Profiling and personalized marketing below for more information, including on how to update your preferences and opt out. We use personal data for additional marketing and promotional activities relating to onboard casinos by tracking guest play to: (i) deliver related loyalty program benefits; (ii) rank players; (iii) send casino-related direct marketing messages; (iv) grant credit to groups playing casinos; and (v) better understand how players use the onboard casinos.
i) For compliance with Our legal obligations: We are sometimes subject to certain legal requirements to collect, retain, and disclose your personal data, for example for customs agencies or port authorities to allow Our ships to dock, or where We need to cooperate with law enforcement agencies, including in relation to criminal investigations and public health matters. We may be required to share personal data relating to your health with public authorities or health agencies, in the event that they are working, or example, to control risks to public health posed by communicable illnesses. Pursuant to the United States’ Stored Communications Act (the SCA), We may be considered a provider of electronic communication services for certain services We offer through the Digital Platforms (because We provide users of the Digital Platforms the ability to send or receive wire or electronic communications). In such instances, We will not turn over records or other information pertaining to you unless compelled to do so by a Court of competent jurisdiction pursuant to the provisions of the SCA.
j) For Our business operations: We may use your personal data for business management activities, including to assist with incident management and to enable Us to conduct reporting. Reports help Us to monitor Our performance and the performance of Suppliers. Additionally, We keep records to assist with any complaints you may have or in the event of a legal claim. We also process your feedback to improve Our products and services.
k) We may share your personal data with the following recipients for the purposes listed above:
i. Other members of Royal Caribbean Group – We are a global business, and We may need to share your personal data with other members of Royal Caribbean Group for the purposes above.
ii. Travel partners – When you book through a Travel Partner, We will need to share details of your booking with that partner. Travel Partners may process your information on Our behalf or may make decisions themselves about how and why to process your information. Our privacy notice does not cover the information collected by Travel Partners and does not cover how Travel Partners use that information. We recommend that you check your Travel Partner’s own privacy policy for details as to how they may process your personal data.
iii. Suppliers – We may need to share your personal information with Suppliers. For example, We use travel booking systems to provide flight availability and cost details, and to book flights if required by you in connection with your cruise.
iv. Business partners – We may need to share your personal information with Business Partners. For example, we may need to share your information with tour operators so they can provide you their products and/or services.
v. Ports, customs and other government authorities, law enforcement agencies, courts, and parties to litigation – We may need to share your personal data where required under the laws of countries in which We operate. Local ports and customs authorities require passenger details to process Our ships in the ports at which they call. Law enforcement agencies may also require access to personal data, including in connection with criminal investigations, or We may be ordered to disclose personal data by a court or in connection with legal proceedings. We may also share your personal data with other third parties such as trade associations and regulatory bodies, for consumer protection purposes in the event We or our partners cannot fulfil the contracted travel services. In the event We do share such data, the trade association and/or regulatory body may contact you to discuss your options and/or provide support.
vi. Health authorities and healthcare providers – We may share your personal data with third parties in your country of origin or in the countries of your travel destination as required by government authorities or in the interests of your health and well-being. This information may include information collected through health checks and certain health authorities may use the information shared to contact you.
vii. Other third parties – We may share your personal data with other third parties at your request. Our Digital Platforms may provide links to websites or other digital tools that We believe may be useful to you in addition to advertisements placed by third parties. These may lead you to websites or digital tools operated by third parties operating under their own privacy policies. We encourage you to review those privacy policies, as We have no control over those third parties nor the information you may submit to those third parties.
l) Calling Our call centres:
In certain circumstances, We may re-route calls from Our call centres which are based inside the EEA or in the UK to call centres based outside of the EEA or the UK. In these circumstances, We will let you know at the beginning of your call that your call is being rerouted. See International transfers below for more details about how We safeguard your personal data when We transfer it abroad.
3.4 Direct marketing.
a) Marketing communications from Us: We may contact you for marketing purposes, including to tell you more about Our services, share news or tell you about promotions from time to time. You are in control of the emails and texts that you receive, and you can update your preferences or opt out at any time via your Guest Account, following the links in Our emails or by contacting Us using the details provided below. Even if you have opted out of marketing messages, We will still need to contact you in relation to your bookings with Us.
b) Marketing communications from other members of Royal Caribbean Group: Some of the services and activities provided onboard Our ships are managed by other members of Royal Caribbean Group. These members may contact you about those services and activities – including information and promotions relating to onboard casinos – if you have opted-in to receive marketing communications from Royal Caribbean Group or where permitted by applicable law. You can opt out at any time using the same options above.
3.5 Profiling and personalised marketing.
a) Profiling overview: We think it is important for Us to understand the types of vacations that Our consumers are interested in so that We can make Our marketing relevant and targeted. To do this, We use your personal data to build a profile for you that lets Us work out which of Our marketing segments is the best fit for you.
b) The personal data We use: From the personal data that We hold about you, which includes the personal data We receive from Suppliers and Business Partners, Our model may consider your age, gender, household or travel composition, postcode, how you have interacted with Our websites and marketing emails and your booking history (including your destinations, the ships you have sailed on and your chosen accommodation). We do not always use all of these data categories if We do not have the information about you or it is not relevant for Our marketing activities.
How We build your profile and what We learn from it:
i. Statistical analysis: We use the data above as inputs for a proprietary statistical model, the output of which can tell Us about your previous or likely future booking behaviour, for example:
○ the value or likely value of the bookings you make with Us;
○ whether you tend to re-book within 12 months of your last cruise and the destinations that you tend to book; and
○ the extent to which you engage with Our marketing emails.
ii. Marketing segments: We try to match every consumer with one or more pre-defined segments that allow Us to broadly tailor Our marketing messages for the right audience. We define Our segments using anonymized demographic data based on broad characteristics and behaviours, such as age, household income, or location. You will share a segment with other consumers, so this process is generally not highly individualized.
Here’s an example: Let’s say you have just signed up on Our websites (giving Us your contact details) and you have never booked a cruise before. Over the next few days, you search for cruises that are generally popular with families (giving Us website interaction data). We might use that data to add you to one of Our family segments so that you get relevant emails from Us.
iii. What this means for you: Tailoring Our marketing campaigns to your profile or segment means you should receive more relevant communications from Us. That’s good for Us because We think you are more likely to book a vacation that matches your requirements. We hope that’s good for you, too, because it helps you to find the vacations that you are interested in. We might also send you special offers on your birthday.
iv. Targeted advertising on third party social media platforms and websites: We may share your personal data – including your name, email address, address and date of birth – with third party social media platforms, including Facebook, and websites for the purposes of allowing those platforms to display targeted advertisements to you. You can ask Us not to share your personal data with these platforms (see 9.7, below), but you will need to contact the platform with any requests in relation to how the platform uses your personal data because We generally do not control that.
v. You can opt out: You are in control of your personal data. You can update your marketing preferences or opt out of marketing at any time using your Guest Account or, where you do not have a Guest Account, by either clicking a link in an email marketing communication, replying STOP to an SMS text message or by calling the sender of any marketing communication. See the Cookies and other technologies section of this Notice for information on how you can opt out of targeted advertising, including the sharing of personal data in furtherance thereof.
3.6 Cookies and other technologies.
We use cookies and other technologies that function similar to cookies, including, without limitation, pixels, tags, and web beacons (collectively, “Cookies”), when you interact with Our website, Our applications, other digital platforms owned or operated by Us (collectively, “Our Digital Platforms) and Our electronic communications.
a) What Are Cookies? Cookies are small files that may be placed on your computer, mobile device, or other devices that collect and transmit information, including information that may be interpreted as personal information, when you visit, browse, or otherwise interact with Our Digital Platforms, request or use services provided through such platforms, and/or interact with Our electronic communications.
Other similar technologies, including, without limitation, pixels, tags, and web beacons, function similar to cookies in that they are able to collect and transmit information.
b) How We Use Cookies. We categorize the Cookies We use based on how they function.
There are Cookies that are necessary to the operation of Our Digital Platforms, Cookies that help us understand their performance, Cookies that make them more functional for Us and you, and Cookies that can deliver you a more personalized experience, including those that deliver relevant advertisements based on your interests.
Cookies may be set by Us or by third parties. We choose Our third parties carefully and generally place terms and conditions that control their collection, storage, and use (collectively, “Use”) of personal information We make available to them, including information obtained via third party Cookies on Our Digital Platforms; however, for certain third parties such Use may be subject to the third party’s policy(ies), including their privacy policy, applicable terms and conditions, or the their legal basis(es) for Use which do not otherwise afford Us such control. In these instances, We provide you the opportunity to disable such Cookies (see “How You Can Manage Cookies” below).
c) Categories of Cookies We Use
i. Required Cookies. Required Cookies are necessary to the operation of certain of Our Digital Platforms. These Cookies are generally set in response to your use of the platform, including requests for services made by you through the website, such as setting your privacy preferences, logging into your accounts, and/or completing fields/forms, etc.
Required Cookies may not be blocked through Our Digital Platforms. You may, however, set your browser to block and/or report these Cookies; any such blocking, including refusing to accept a request to place a Cookie, may affect the operation of Our Digital Platforms.
ii. Performance Cookies. Performance Cookies may be set by Us and/or third parties to monitor the performance of Our Digital Platforms. These Cookies permit us to measure and improve the performance of Our websites, including an understanding of which areas of a platform are most popular and how users arrive to and navigate around the platform. For example, which of Our webpages are most popular and how users get to certain webpages.
iii. Functional Cookies. Functional Cookies may be set by Us and/or third parties to add enhanced functionality to certain of Our Digital Platforms such as recognizing you when you return to Our Digital Platforms and remembering your choice of language. If these Cookies are disabled, access will be limited to such functionality(ies).
iv. Social Media Cookies. Social Media Cookies may be set by Us and/or third parties to enable you to share Our content with others. These Cookies are able to build a profile of your interests by tracking your activities across Our Digital Platforms and those of others, including websites. If these Cookies are disabled, access will be limited to such sharing.
v. Advertising Cookies. Advertising Cookies may be set by Us and/or third parties to enable the delivery of more relevant advertisements, including on third party websites. These Cookies are able to build a profile of your interests by tracking your activities across Our Digital Platforms and those of others, including websites. If these Cookies are disabled, you will receive less targeted advertising.
d) How You Can Manage Cookies.
i. Managing Cookies via Our Digital Platforms. Our Digital Platforms utilize default Cookie settings. However, when you first visit certain of Our Digital Platforms you will be presented with a Cookie settings banner which offers you the opportunity to change those default settings, including the enabling and/or disabling of certain categories of Cookies. Note, this will only affect Cookies used on the Digital Platform you are interacting with, not other of Our Digital Platforms nor the digital platforms of third parties.
You may change your Cookie settings at any time by using Cookie settings banner or the “Cookie Preferences/Do Not Sell/Share My Personal Information” link on our website.
ii. Managing Cookies via Computer, Device, etc. You can manage Cookies via your web browser, application, or other digital platform or via settings on your devices. Below is a link to an article entitled “How to Enable and Disable Cookies on Every Web Browser [Guide]” hosted on a third-party website.
https://allaboutcookies.org/how-to-manage-cookies
The link is provided for informational purposes only and is subject to the privacy policy, terms and use, and related terms and conditions of the website domain owner. We make no representations or warranties as to the accuracy of the information therein and disclaim any liability related thereto.
3.7 Data retention.
We retain your personal data only for as long as necessary: (i) for the purposes set out in this privacy notice; (ii) to provide Our products and services to you; (iii) to comply with Our legal obligations (e.g., to comply with tax or accounting rules or in connection with legal proceedings); or (iv) to comply with Our usual business data retention policies.
3.8 Acting on someone else’s behalf.
If you give Us information about another person (or persons), such as another guest, We will understand this to mean that they have appointed and authorized you to act on their behalf. This includes providing consent (to the extent this is required) to:
○ Our processing their personal data, and
○ your receipt of any information protection notices on their behalf.
We may ask you to provide evidence that you have been appointed and authorized to act on behalf of the other person (or persons).
3.9 Multi-guest reservations and linking reservations.
If you make a multi-guest reservation, all of the guests who are part of the reservation will be able to access the personal data of the other guests on Our Digital Platforms.
Our Digital Platforms will allow your reservation – as well as your personal data therein – to be associated to another user’s guest account provided you have furnished certain credentials or unique identifiers to them. We call this “linking”. If your reservation is linked by another user of Our Digital Platforms, We will allow the user who has linked your account to (1) complete online check-in for you and others in your reservation, (2) view your boarding pass, and the boarding pass of others in your reservation, (3) pay for an onboard or shore product or activity for you or others in your reservation, using their own onboard expense account or their own payment methods, and (4) view eDocs associated to your reservation. However, they will not be able to modify or cancel your reservation, view your folio or use a digital key to access your stateroom.
3.10 Children.
Our Digital Platforms seek to promote Our cruise vacations for sale to adults. We do not knowingly solicit personal data from children, unless permitted by applicable law. If a parent or guardian becomes aware that his or her child has provided Us with information without their consent, he or she should contact Us using the contact details below. We will delete such information from Our files.
SECTION II: Jurisdiction-Specific Disclosures & Rights
4. Disclosures and rights for residents of certain states within the United States
4.1 Applicability.
This section applies to you if you are a resident of the states of California, Colorado, Connecticut, Nevada, Oregon, Texas, Virginia, Utah or a state with similar laws requiring the below.
4.2 Disclosures.
a) Personal information. See Section 3, above, regarding the categories of personal data We may collect, the purposes for which We may use, and with whom we share that personal data, including for Our business purposes
b) Sensitive information. Certain personal information within Section 3.2, above, may be construed as sensitive personal data under certain State laws. The definition of sensitive personal data varies by State but generally includes, information concerning your health, racial or ethnic origin, sex life, sexual orientation, citizenship or immigration status, biometric data, and precise geolocation data. In some States it also includes identification numbers (e.g., social security, drivers’ license, and passport numbers) and payment card and financial account numbers in combination with information that permits access to same. We strive to collect and process only the minimum amount of sensitive personal data necessary for the purposes set forth in Section 3.3. As such, we generally cannot limit the collection and processing of sensitive personal data.
c) Sale of personal data. The concept of “sale” varies by State but generally includes situations where We sell your personal data for monetary or other valuable consideration or provide your personal data to certain third parties who can use the data solely for their own commercial use. We choose Suppliers and Business Partners carefully and generally place terms and conditions with them with that control their collection, use, and storage (collectively, “Use”) of personal information We make available to them; however, for certain Suppliers or Business Partners such Use may be subject to the their policy(ies), including their privacy policy, applicable terms and conditions, or the their legal bases for Use which do not otherwise afford Us such control..
d) Targeted advertising/Sharing of personal data. The concept of targeted advertising varies by State but generally includes situations where advertising is delivered to you based on your personal data that has been collected from your activity across websites other than our website. Under California law, targeted advertising is generally referred to as cross-context behavioural advertising and includes the “sharing” of personal data in furtherance thereof. As more fully set forth in Section 10, we may engage in forms of targeted advertising, as that term is defined under applicable State laws.
e) Financial incentive. Certain programs and activities we solicit you to participate in may be construed under certain State laws as offering a “financial incentive” for you to share your personal data with Us. Your participation in any such program or activity is voluntary and is subject to the applicable terms and conditions. You may opt out of such program or activity at any time.
4.3 Your rights.
a) Right to opt out. You have the right to opt out of: (i) the sale of personal data; and (ii) targeted advertising, including the sharing of personal data for that purpose.
To opt out of (i) and/or (ii) you can use the Cookies settings banner or the Cookie Preferences/Do Not Sell/Share My Personal Information link on our website. See the Cookies and other technologies section of this Notice for additional information.
b) Additional rights. You also have the right to ask Us to:
○ provide you access to your personal data;
○ correct your personal data*; and/or
○ delete your personal data.
* You can use your guest account to edit your personal data, including correcting any inaccuracies, updating your marketing preferences, etc.
Click on the respective link to submit your request: Guest Data Subject Request Form or Marketing Subscriber Data Subject Request Form
We do not discriminate against anyone lawfully exercising their rights under this Section, and we reserve all rights and remedies related to the exercise of same.
4.4 Disclaimer.
References to and descriptions of State law are for informational purposes only, represent Our interpretation of same, and is not intended to nor does constitute legal advice.
5. Disclosures and rights for residents of the European Union/United Kingdom
5.1 Applicability.
This section applies to you if:
a) you use Our Digital Platforms while in the EEA or in the UK;
b) your data controller is RCL Cruises Ltd. (to determine your data controller, see Section 1 above);
c) your personal data is processed on one of Our ships.
5.2 Legal basis for Our use of your personal data and legitimate interests.
a) Legal basis: We only process your personal data to the extent that at least one of the following applies:
i. you have consented to the processing of your personal data for a specific purpose – We process your sensitive personal data and send you electronic direct marketing communications based on your consent for Us to do that;
ii. the processing is necessary for Us to perform Our contract with you (e.g., to provide your cruise) or for use to take steps at your request before We enter into the contract;
iii. where We need to process your personal data to comply with a legal obligation that We are subject to;
iv. where We need to process your personal data to protect your vital interests (or somebody else’s), including where you are physically or legally incapable of giving consent, for example in case of a medical emergency
v. where it is necessary for reasons of public interest in the areas of public health, including protecting against serious cross-border threats to health;
vi. the processing is necessary for Us to establish, exercise or defend a legal claim; or
vii. the processing is necessary for the purposes of Our legitimate interests or a third party’s legitimate interest.
b) Legitimate interests – We rely on several legitimate interests for using and sharing your personal data, including:
i. improving Our products and services;
ii. understanding how customers travel with Us;
iii. marketing and promotional activities;
iv. identifying and pursuing new ways to develop and grow Our business; and
v. ensuring the security and safety of Our guests and employees.
5.3 International data transfers.
We are a global business and as such We may need to share your personal data with other members in Royal Caribbean Group for the purposes as outlined in this privacy notice. This means that We may transfer your personal data outside of the EEA or in the UK (including to the United States as this is where the servers that We use for Our business and on which your personal data is stored are located). Sometimes transferring your personal data outside the EEA or the UK will be necessary for Us to perform Our contract with you (e.g., to provide your cruise). We use the European Commission’s Standard Data Protection Clauses (also known as Model Clauses) and the UK’s International Data Transfer Agreement, and International Data Transfer Addendum (the ‘UK Addendum’) to provide safeguards for your personal data that is transferred outside the EEA or the UK so you can rest assured that Royal Caribbean Group seeks to adhere to the strict European and UK standards of data security and usage.
5.4 Your rights.
You have the right to ask Us to:
a) provide you with access to the personal data that we hold about you;
b) correct your personal data;
c) erase your personal data;
d) restrict our processing of your personal data;
e) object to our processing of your personal data;
f) request that we move your personal data to another organization; or
g) object specifically to us using your personal data for profiling for direct marketing purposes.
Click on the respective link to submit your request: Guest Data Subject Request Form or Marketing Subscriber Data Subject Request Form. Please use the ‘Submit an inquiry’ button in these forms to exercise your rights under 5.4(f) and (g) above. Note, requests are subject to Us verifying your identity.
You also have the right to make a complaint about how We process your personal data to your data protection supervisory authority.
Where you have specifically consented to Our use of your personal data, you have the right to withdraw that consent at any time. Please contact Us if you want to do this. You may submit your request via these forms: Guest Data Subject Request Form or Marketing Subscriber Data Subject Request Form, or you may submit your request at [email protected].
6. Disclosures and rights for residents of the People’s Republic of China
6.1 Applicability.
This section applies to you if:
a) You use the digital platforms of Royal Caribbean Cruises Service (China) Company Limited;
b) You call our call centre based in China;
c) Your data controller is Royal Caribbean Cruises Service (China) Company Limited.
6.2 Legal basis for Our use of your personal data.
We only process your personal data under the following circumstances:
a) where your consent is obtained;
b) where it is necessary for the conclusion or performance of a contract to which You are a party, or for the implementation of human resources management in accordance with the labour rules and regulations formulated in accordance with the law and the collective contract concluded in accordance with the law;
c) where it is necessary for the performance of statutory duties or statutory obligations;
d) where it is necessary for the response to a public health emergency or for the protection of the life, health and property safety of a natural person in an emergency;
e) where it is necessary to process the personal data You disclosed or other personal data that has been legally disclosed within a reasonable scope in accordance with the provisions of this Law; and
f) other circumstances prescribed by laws and administrative regulations of China.
6.3 Disclosures.
a) Personal information: See Section 3.2, above, regarding the categories of personal data We may collect, the purposes for which We may use, and with whom We share that personal data, including for Our business purposes.
b) International data transfers: We are a global business and as such We may need to share your personal data with other members in Royal Caribbean Group for the purposes as outlined in this Privacy Notice. This means that We may transfer your personal data outside of the People’s Republic of China (“China”) to Royal Caribbean Cruises Ltd. (including to the United States as this is where the servers that We use for Our business and on which your personal data is stored are located). The international transfer is either for purposes of contract conclusion or performance or is based on consent or other legal basis specified under Chinese law.
We only transfer Your personal data to the extent necessary for fulfilling the purposes of processing. If you have any questions with such international transfer, or if You want to exercise Your data subject right, You may send an email to [email protected].
6.4 Your Rights.
In accordance with applicable law, You have the right to (1) access and copy your personal data; (2) if it is found that the personal data is inaccurate or incomplete, it may request correction or supplementation; (3) request the deletion of your personal data in accordance with relevant laws and regulations; (4) change the scope of your authorization and consent or withdraw your consent; (5) require the transfer of personal data to the designated recipient on the premise of complying with relevant provisions; (6) request an explanation of the rules for the processing of personal data.
* You can use your guest account to edit your personal data, including correcting any inaccuracies.
Click on the respective link to submit your request: Guest Data Subject Request Form or Marketing Subscriber Data Subject Request Form
SECTION III: Updates to Privacy Notice and Contact Information
7. Changes to this Privacy Notice.
This Privacy Notice may be updated from time to time for any reason. Updates to Our Privacy Notice will be posted to the Digital Platforms.
In the event We are involved in a merger, acquisition, or sale of all or a portion of Our assets, you will be notified via email and/or in a prominent notice on Our Digital Platforms of any change in ownership or uses of this information, as well as any choices you may have regarding this information.
8. Contact us and complaints.
If you require any other information about any part of this notice, you can contact Our Data Protection Officer at RCL Cruises Ltd. at Building 3, The Heights, Brooklands, Weybridge, Surrey KT13 0NY, UK, or via email to [email protected], or by submitting a request via the respective links below:
Click on the respective link to submit your request: Guest Data Subject Request Form or Marketing Subscriber Data Subject Request Form
Effective Date: September 30, 2024