(pursuant to Art. 13 of Regulation (EU) 2016/679)
1. Introduction and Data Controller
For Cruisetopic / Krociere by Digitaltrend Italia Srl (hereinafter "Cruisetopic" or the "Company"), the protection of your personal data is a fundamental principle. This notice describes clearly and transparently which personal data we collect, for what purposes we process them, and what your rights are in this regard.
The Data Controller is Digitaltrend Italia Srl, with registered office in Milan, Viale Piceno n. 6, owner of the Cruisetopic brand.
You can contact the Controller for any matter relating to the processing of your personal data at the email address: privacy@cruisetopic.net.
Cruisetopic operates primarily as a travel intermediary, acting between the Customer and the Shipping Companies, Tour Operators, airlines, and other tourist service providers (hereinafter "Partners"). In this context, your data is necessarily communicated to these Partners, who act as independent Data Controllers for the provision of the services purchased by you. We invite you to consult the privacy policies of each Partner to understand how they will process your data.
2. What Personal Data We Collect and Process
We collect and process various categories of personal data, provided directly by you or collected automatically during the use of our services:
A. Personal and contact data: Name, surname, residential address, e-mail address, telephone number, gender, date and place of birth, tax code.
B. Identification and travel documents: Details of passport or identity card (number, expiry date, place of issue) necessary for travel bookings and mandatory communications to authorities.
C. Booking and travel details: Information on the chosen itinerary, cabin type, preferences expressed (e.g., meal preferences), and any other data necessary for the execution of the travel contract.
D. Payment and billing data: Credit/debit card details (managed through secure systems), bank details, billing address, and history of transactions carried out.
E. Special categories of data (Sensitive Data): In some cases, to guarantee your safety or fulfill specific requests, we may process data relating to your health (e.g., physical disabilities, medical conditions requiring special assistance, specific dietary needs for medical or religious reasons). This data is processed only with your explicit consent.
F. Content generated by the user: Reviews, comments, or photos shared by you regarding your travel experience.
G. Browsing data: IP address, device type, browser used, pages visited, and other statistical information collected through cookies (see the specific Cookie Policy).
3. Purpose and Legal Basis for Processing
Your personal data is processed for the following purposes:
| Purpose of Processing | Legal Basis (pursuant to Art. 6 and 9 GDPR) |
| A. Booking management and provision of travel services: Acquisition of information necessary for the booking, issuance of tickets, management of relationships with Partners. | Execution of a contract or pre-contractual measures. |
| B. Service communications: Sending confirmation emails, updates on travel schedules, communications regarding any changes or cancellations. | Execution of a contract. |
| C. Management of special assistance requests: Processing of health data to ensure necessary assistance during the cruise. | Explicit consent of the interested party. |
| D. Compliance with legal, accounting, and tax obligations: Conservation of invoices, mandatory communications to the Public Security authorities and port authorities. | Compliance with a legal obligation. |
| E. Marketing and Newsletter: Sending promotional communications, offers on cruises and travel packages via e-mail or SMS. | Consent of the interested party. |
| F. Profiling and behavioral advertising: Analysis of preferences and browsing habits to offer personalized suggestions and targeted advertising. | Consent of the interested party. |
| G. Prevention of fraud and improvement of services: Analysis of site use to ensure security and optimize the user experience. | Legitimate interest of the Controller. |
4. Nature of Data Provision
The provision of data for the purposes referred to in points A, B, and D is mandatory. Failure to provide it will make it impossible for Cruisetopic to finalize the booking and provide the requested services.
The provision of data for the purposes referred to in points C, E, and F is optional. Failure to provide consent will not prevent the purchase of the trip but will not allow us to manage special requests or send you personalized offers.
5. Processing Methods and Data Retention
The processing is carried out using manual, computer, and electronic tools, with logic strictly related to the purposes mentioned above and, in any case, in such a way as to guarantee the security and confidentiality of the data.
Personal data is kept for the time strictly necessary to achieve the purposes for which it was collected:
Booking data: For the entire duration of the contract and, subsequently, for 10 years for administrative and tax purposes.
Marketing and profiling data: Until consent is withdrawn or for the maximum period allowed by the supervisory authorities.
Health data: Until the end of the trip, unless there is a specific legal need for longer conservation.
6. Communication and Transfer of Personal Data
Your data may be shared with:
Service Providers (Partners): Shipping Companies, airlines, hotels, insurance companies, and other subjects involved in the provision of the holiday.
Subjects providing services to Cruisetopic: IT consultants, marketing agencies, payment management companies, accounting firms.
Authorities: Port, airport, customs authorities, and police forces, when required by law.
Your data may be transferred to countries outside the European Economic Area (EEA) if the cruise itinerary includes such destinations or if the Partners have headquarters outside the EU. In such cases, Cruisetopic ensures that the transfer takes place on the basis of adequacy decisions, standard contractual clauses, or other appropriate guarantees.
7. Rights of the Interested Party
Pursuant to Articles 15-22 of the GDPR, you have the right to:
Right of access (art. 15): Know which data we process and receive a copy of it.
Right of rectification (art. 16): Request the correction of inaccurate or incomplete data.
Right to erasure (art. 17): Request the deletion of data ("right to be forgotten") in certain circumstances.
Right to restriction (art. 18): Request the suspension of processing in specific cases.
Right to data portability (art. 20): Receive your data in a structured and commonly used format to transfer it to another controller.
Right to object (art. 21): Object to processing based on legitimate interest or for direct marketing purposes.
Right to withdraw consent: Withdraw consent at any time, without prejudice to the lawfulness of processing based on consent before withdrawal.
Right to lodge a complaint (art. 77): Lodge a complaint with the competent supervisory authority.
You can exercise your rights by sending a request to the e-mail address: privacy@cruisetopic.net. We will respond to your request without undue delay and, in any case, no later than one month from receipt.
8. Cookie Policy
This site uses cookies to improve the service and offer useful features. For a detailed description of the cookies used and how to manage consent, we invite you to consult our full Cookie Policy, available via a link in the "footer" of the site.
9. Changes to this Information
We reserve the right to update this information to adapt it to new regulations or changes in our data processing practices. The updated version will be published on this page with an indication of the effective date. If the changes are substantial, we will inform you by appropriate means.