For Cruisetopic / Krociere.al of Travelservice sh.p.k., the protection of your personal data is a principle that goes beyond legal obligations. The commercial offers we provide are designed to meet your needs and offer the best and most convenient service for you.
Cruisetopic / Krociere.al of Travelservice sh.p.k. the data controller in accordance with the applicable laws (ART. 13 Legislative Decree 30.06.2003, no. 196, the Law 9887/2008 and the EU), in a clear and transparent manner, is committed to protecting the privacy of users and is responsible for the security of customer data. This policy stipulates the following: What personal user data is collected and processed in connection with your relationship with us as a customer and through your use of our websites, Smartphone Apps and web services.
What personal data we collect
Personal data means any information about you that enables us to identify you, such as your name, contact details, booking reference number, payment details and information about your access to our website. Specifically, we may collect the following categories of information:
First name and Surname; residential address; email address; telephone number; passport number; or ID card details; Information including name, nationality, country of citizenship, date of birth, age, gender, passport or ID card number, expiry date and country of issue; Travel history, including information relating to Cruises and services booked such as booking number and itinerary information, which may include the name of the cruise line, hotel and/or vessel, port of destination, port of arrival, date and time of departure and/or check-in, date and time of arrival and/or check-out, meal preferences, luggage and stopover information; User contacts (such as contact details of people you add to your bookings or itineraries or inform of your bookings or itineraries through our services and products) Information provided about your travel preferences (such as your nearest airport and/or port of departure, seating or room preferences, meal preferences, communication preferences and other preference information provided to us by you); Information about your purchases of products and services from our trusted partners User posted content (including travel tips and any personal information included by you about yourself or others, or content posted by you; Information about your use of our site, account information (such as login credentials, including email address and password, and account settings) web and/or app as well as social media data; Communications exchanged with us or addressed to us via letters, email, chat service, phone calls and social media Billing information (such as credit card, debit card or other payment card information and billing address); Reviews posted by you (including any pseudonym under which you post your reviews or any personal information included by you about yourself or others in such reviews) Promotion information (if you choose to enter a contest, sweepstakes or similar campaign, we will collect any information you provide in connection with such activity, such as photos, images, captions or other content, in accordance with the terms and conditions provided at the time); Other information that you may provide (including other information you provide about yourself or others through our services or to which you provide us access through third party platforms); Medical conditions for passengers who have special medical requirements and/or dietary needs; Personal details about your physical or mental health, alleged commission of crimes or criminal convictions are considered "sensitive" personal data under applicable data protection laws. We will only process such data if you have given your explicit consent, or it is necessary (e.g. if you require special assistance), or you have deliberately made it public. You may choose not to provide some of the personal information described above. However, please be aware that many of our services require some personal information in order to be used; therefore, if you choose not to provide us with the personal information needed to provide you with a particular service or feature of that service, you may not be able to use that service or feature. We do not proactively collect any sensitive personal information, such as health-related information. However, our services do include text boxes designed to allow you to describe certain details about your travel preferences or special requests that you wish to inform Cruisetopic or the Cruisetopic Companies or Tour Operators and Travel Agencies with whom we work. Please note that the information you voluntarily provide in these boxes may reveal to us or to the Cruisetopic companies or Tour Operators and Travel Agencies with whom we cooperate and with whom we share information certain information that could be considered as sensitive personal information according to the legislation in force (for example, information relating to special dietary requirements or accommodation for the disabled). Sensitive personal information provided voluntarily by you is processed on the basis of your consent, which you may revoke at any time by contacting us at email@example.com
Personal information generated by us. When you use our services, we generate certain personal information about you, such as through automated data collection and through inferences based on the information we collect about you and your activity. We may automatically collect information about your interactions with the services or communications you receive (such as emails) using specific technologies, such as cookies and other technologies. We generate the following categories of personal information about you: (i) Device information: When you visit or use our services, we automatically collect certain information about your device (e.g., mobile device or computer), including information about hardware and software, device configuration and nearby networks. Such data may include data about the browsers, operating systems and other software installed on your device, IP address or other device identifier, country of origin, region and language settings, as well as information about domain servers and network or wireless access points near your device. (ii) Usage and performance information: We also automatically collect personal information about your use of the services and products, including information about the searches you perform, statistics about the travel itineraries you share with us, how you interact with the features of the services and products and the links you click on, your preferences, access times, referral URLs, and the performance of our services and products. (iii) Location Information: when you use our services and products, we automatically collect information about your approximate location (such as your city) or, with your consent, real-time geographic location data from your computer or mobile device via GPS, Bluetooth, and IP address, along with crowd-sourced Wi-Fi hotspots and repeater locations, if you use location-based features and activate geolocation services on your device and computer. We may use and retain this information to provide and improve certain features of our services, for example, to customise our services and products as needed to more effectively handle your requests (e.g., to help you find the nearest hotel).
Personal information we obtain from third parties. We may also receive certain categories of personal information from third parties, such as third party websites, applications, social media networks and services (individually, a "third party platform"), our group companies, travel partners and other third parties, including individuals who have shared their travel itineraries with you through our Site. If you are already an application user, we combine this information with information we collect through our services and use and share it for the purposes described below. The categories of personal information we may obtain from third parties include: Your name; Email address or other contact information; Social media related data, if you connect to our Services using a third party social media platform or interact with us by commenting or liking our content or social pages, we may receive information from such third party social media platform about such interactions and from your profile on the social media used (e.g. name, age, gender, photograph and other personal information relating to that account); Details related to browsing, purchasing, usage and advertising, including information about restaurants or accommodations and bookings made through Cruisetopic or the Cruisetopic Companies or Tour Operators and Travel Agencies we work with here (e.g., if you book a cruise trip through Cruisetopic or the Cruisetopic Companies or Tour Operators and Travel Agencies we work with here, we may receive the generic geographic location of your destination and use this information to provide recommendations for your flight or type of travel or other accommodations or complementary services) how you use third party websites, applications and services; and demographic information about users of our services.
What we use personal data for, why and for how long
User data may be used for the following purposes:
Providing the requested products and services: we use the information you provide to perform the services you have requested in connection with the Cruise(s) and/or Additional Flight(s), including cruise and/or flight change requests;
We will only process your personal data if we have a legal basis to do so. The legal basis will depend on the reasons why we have collected and need to use your personal data. In most cases we will need to process your personal data in order to process your booking, enter into the travel contract with you and perform the relevant contract. We may also process your personal data for one or more of the following reasons: To comply with a legal obligation (e.g. immigration or customs requirements); You have consented to the use of your personal data (e.g. for marketing purposes); To protect the health of you or another person (e.g. in the event of a medical emergency); Only persons 16 years of age or older may provide consent. For children under this age, parental or legal guardian consent is required. We will not retain data for longer than is necessary to fulfil the purpose for which it was processed. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes by other means. We must also consider the periods for which we may need to retain personal data in order to comply with our legal obligations or to investigate complaints, claims and defend our legal rights in the event of a claim. When we no longer need your personal information, we will securely delete or destroy it. When we process your personal information, we rely on the following legal bases:
· Fulfilment of the contract we have with you (for example, if you use our services to book a cruise, we process your information to enable our partner shipping company to complete and administer that booking).
· Fulfilment of legal obligations to which we are subject (e.g. when we are obliged to comply with legitimate requests from competent authorities, such as law enforcement agencies).
· To fulfil our legitimate interests (e.g. to personalise your experience with our services, to propose online advertising and for fraud detection), provided that such processing does not outweigh your rights and freedoms. The processing must also be in accordance with other applicable legal bases for data processing, especially any provisions of local legislation.
When we use personal information to satisfy our legitimate interests, we take steps to ensure that your rights to your personal information are not violated. For more information on the measures we take to ensure that these rights are not violated, you may contact us using the contact
details provided in the contact section. You also have the right to object to such processing as outlined in the Rights of the Data Subject section below.
Consent. In the event that the legal basis described above does not apply to the processing of your personal information by us, we will ask for your consent for that precise purpose in accordance with applicable law (e.g. for sending direct messages by electronic means, such as e-mail, without exception for obtaining consent).
Security of personal data
Transfer of personal data
Personal information about you is transferred to, or accessed by, entities located in Europe. All these entities are located in countries with a level of protection of personal information equivalent to that of your own country.
We have established security arrangements to provide adequate protection during transfers of certain information, in accordance with applicable legal requirements. For more information about the security arrangements we have put in place, users may contact us using the contact details provided in the contact section.
Cookies and site tracking
Rights of the data subject
You have the right at any time, pursuant to applicable legislation and EU law, including in relation to profiling activity, to:
If the data are not collected from the data subject, all available information on their origin.
You may at any time object to the sending of communications related to marketing and profiling activities by clicking on "unsubscribe" at the bottom of the e-mail you receive or by forwarding your request to the addresses shown below. firstname.lastname@example.org
E-mail. The user may at any time object to the sending of communications related to marketing and profiling activities by clicking on "unsubscribe" at the bottom of the e-mail received or by forwarding a request to the addresses indicated below. email@example.com . If the user has an account, he/she can unsubscribe from marketing e-mails also in his/her account settings. Please note that even if you unsubscribe from marketing communications from any or all of our services, we will still send you service communications as future confirmations of bookings you have made.
Push notifications (on mobile devices). Users can use the settings on their mobile device to enable or disable push notifications from the application.
Geographical location of the application. As explained in more detail above, we collect information about your location if you enable location services from your mobile device settings or, with your consent, as required by law. You may change the privacy settings on your device at any time to disable the sharing of this location information with our services. By choosing to disable location services, some features of our services may be affected. If you have specific questions about your device's privacy settings, we recommend that you contact the manufacturer of your device or your mobile service provider for assistance.
Sharing with Third Parties. As outlined above, we share your information with Shipping Companies or Tour Operators and Travel Agencies for their own purposes or we work with such partners to support their marketing activities. You may choose not to share your information with: (i) Our group companies, for their own marketing purposes; (ii) Shipping Companies or Tour Operators and Travel Agencies, for their own marketing purposes (including sending marketing communications and providing targeted advertising, promotions and other offers); (iii) Other third parties - business partners who use the information for their own marketing purposes
The user may cancel such sharing by modifying the preferences in their account. The user may also send us such cancellation requests in the manner described in the contact
Accessing and Correcting Information. If you have created an online account with us and wish to update the information you have provided to us, you may access your account to view and update your information. You may also contact us as described in the contact section below.
Legal Rights. Where required by local law, you may have the following rights in relation to your personal information: the right to access the personal information we hold about you and, in certain situations, the right to have that information corrected or updated, deleted, restricted or delivered to you or third parties in a usable electronic format (the right to data portability). Where applicable, you may also object to the way we use your personal information if the legal basis for processing such information is our legitimate interest. Where we use your personal information based on your consent, and where required by local law, you have the right to withdraw that consent at any time. Where you have consented to receive direct marketing communications from us, and where required by applicable law, you may withdraw that consent at any time.
Should you wish to exercise the legal rights you may have under applicable law, you should contact us as described in the contact section. To enable us to process your request more efficiently, you should provide the e-mail address used to access your account. If you do not have an account, please provide the e-mail address used to make requests or to use our services.
Where applicable, you may also have the right to lodge a complaint with your local data protection authority.
What are cookies?
A 'cookie' is a piece of information sent by a server to a browser, which enables the server to collect information from the browser and vice versa. A cookie helps a website recognise a user's device if the site is visited again. Cookies are used for a variety of purposes, including to help remember login credentials and preferences, to analyse the performance of a site to improve its usability, and to enable the suggestion of content deemed of interest to a specific user. Cookies are normally anonymous and cannot be linked to a user's personal data. First-party cookies are associated with the domain name of the page you are visiting and allow you to be identified by cross-referencing with a database. They can only be assigned at the explicit request of the user for the purpose of allowing immediate identification to access restricted areas without having to manually enter login credentials (user and password). The user's identity is never, in any case, directly included in the cookie and cannot be intercepted. Every time the site is accessed, irrespective of the presence or absence of a cookie, the type of browser, operating system and host is recorded together with the source URL of the visitor/user, as well as information on the page requested. This data may be used in aggregate and anonymous form to carry out statistical analyses on the use of the website.
What kind of cookies do we use?
What happens to cookies that have been downloaded in the past?
Cookies are read and written only according to the preference level indicated in the cookie setting tool. Cookies that were present before you changed your settings remain on your computer and can be removed using your browser settings.
Additional information on the cookie setting tool
A specific cookie is used to remember a user's preferences within the cookie setting tool. If all cookies are deleted, therefore, you must update your preferences again when you visit the site again. If you use a different device, computer or browser than the one you normally use, you must set your preferences again.
Can we know if a user opens the e-mails sent to him?
Emails (newsletters) sent by Cruisetopic can communicate information about the opening and use (clicks) of an email/newsletter. This information can be used for different purposes, such as content analysis (to understand which messages have aroused the most interest). The data is lost the moment the e-mail is deleted: from that moment on, no more additional data can be collected: those already collected will simply be retained.
Managing Cookies in Browsers