2018 BOOKING CONDITIONS PRIVACY NOTICE
(9) To carry out credit checking. services and operations and develop new and changed products, services and operations.
(10) To help us detect and take action against security breaches, fraud and other crimes, and other risks to Us.
(11) For us to take legal or administrative action, including to collect debts, resolve disputes with You, and to deal with regulators.
Our legitimate interest in assessing Your credit-worthiness before offering or committing to provide you with credit.
Our legitimate interest in addressing security breaches, frauds and other crimes or risks that may affect our business.
In the case of personal data: Our legitimate interest in enforcing our contract with You and in resolving any disputes with You and in dealing with regulators.
In the case of special category data: as necessary for us to establish, exercise or defend legal claims.
(12) To contact you by email.
For prospective customers: Normally we will ask for your consent and will not contact you by email if you have specifically withheld or withdrawn Your consent to this. See above, “How We may contact You”.
For existing customers: It is lawful for us to contact You by email provided that We give you an easy method to unsubscribe.
You can stop Us contacting you by email at any time by contacting
uk-marketing@vikingrivercruises.com
(13) To contact you by telephone We will ask for your explicit consent, and will not contact you by telephone unless we have your consent, unless covered by legitimate interest.
(14) To transfer your personal data overseas (see below).
(15) To use other people’s personal data that You provide to Us.
Normally we will ask for your explicit consent and may be unable to process Your personal data unless We have Your consent.
Our legitimate interest in providing our service to you. We do ask you to ensure that you have the other people’s permission for you to share their personal data, and that you make them aware that you have shared it with Us for use as described in this Privacy Notice.
(7) Our IT service providers who provide, maintain, improve, manage, optimise or fix the IT facilities that We use or rely on in our business, including computing devices, computer networks, connectivity, telecommunications, software, our Website.
(8) Our online service providers, who provide marketing and advertising placement services for Us, including providers of search engines, analytics services, behavioural marketing services, and online applications and services including social media.
(9) Our professional service providers, such as accountants, auditors and insurance brokers.
(10) Credit reference agencies that we use to assess Your credit score where this is a condition of Us entering into a contract with You.
(11) Your and Our insurers and their agents, and Your and Our medical staff and legal advisers.
(12) Any third party company or companies in the event that We go through a business transition, such as a merger, being acquired by another person or company, or selling a portion of Our assets.
We reserve the right to disclose Your personal data to other third parties if We have lawful grounds to do so, or are under a legal obligation to disclose or share it with them, or in order to established, exercise or defend Our legal rights, or to protect the rights, property, or safety of the Company. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
OUR TRANSFER OF YOUR PERSONAL DATA ABROAD
As stated above, in some cases We will transfer Your personal data to a location that is outside the United Kingdom, and even outside the European Economic Area.
The European Commission decides, for the purposes of Data Protection Legislation, whether or not states outside the European Economic Area have “adequate” safeguards for personal data.
HOW LONG WE RETAIN YOUR PERSONAL DATA We will hold Your personal data until we find your contact details are not current, or you can’t be reached after 6 months of trying, or we are notified that you are deceased, or you or a regulator ask Us to stop processing Your personal data.
DISCLOSURE OF YOUR PERSONAL DATA For as long as We have access to your personal data, We may share any of it with any of the following to the extent that they need to have access to Your personal data in order to perform their role:
(1) Anyone within Our organisation which includes, without limitation, Our sales and marketing teams, and our finance team.
(2) Other companies in Our group, such as Our parent company, Viking River Cruises (Bermuda) Ltd. When we store and use Your personal data in electronic format, we use IT systems that are operated by Our parent company, and located in the United States.
(3) Selected third parties who help us to perform Our contract with you. This includes third parties who help us directly (such as airlines and service providers on the ship, which operate globally and both in the United Kingdom and your intended cruise destination(s)), and third parties who help us indirectly (such as our IT service providers, marketing mailing houses who may create and/or distribute Our marketing materials to You). We do not share Your personal data with third parties for their own marketing purposes. We may provide you with services from third party suppliers.
(4) Your travel agent.
(5) Our banks and other payment processing service providers who process Your payments to Us.
(6) The Governments and authorities of the United Kingdom and other jurisdictions, and in particular their border control, security, anti-terrorism and related functions.
• In the case of the United States, it is not currently considered to provide adequate safeguards, although its Government operates Privacy Shield and members of that scheme are considered to have “adequate” safeguards.
• If Your intended cruise destination(s) is/are outside the European Economic Area, the relevant state(s) may not provide adequate safeguards.
We can lawfully make necessary transfers of your personal data to these overseas locations if we have your explicit consent. If we ask you for your explicit consent, it may be the case that we will be unable to make the necessary transfer(s) of your personal data to these overseas locations unless we obtain your consent. This may impact on Our ability to process Your personal data using Our electronic systems, and/or it may result in you being denied entry to your intended cruise destination(s).
YOUR RIGHTS UNDER THE DATA PROTECTION LEGISLATION: (1) You have the right to access personal data that We hold about You. Your right of access can be exercised in accordance with the Data Protection Legislation. You can submit a data access request at any time. In order to do this, please contact Us at
data.protection@
vikingcruises.com.
(2) If You become aware of any inaccuracies in Your personal data which We process on Your behalf, You have a right to ask us to rectify the inaccuracies. On receiving Your request We will either fulfil it or explain why We have decided not to.
(3) To the extent that (a) We no longer need to use Your personal data (e.g. You no longer wish to receive marketing from Us, or You tell us that no longer wish to go on cruises) for purposes described in our Notices, or (b) We rely on Your consent and You have withdrawn it, or (c) You object to our legitimate interests for using Your personal data and no exception applies to permit Us to keep using it, or (d) it is established that We did not have the lawful right to process Your personal data, or (e) the law requires us to erase Your personal data, You may ask us to erase Your personal
data. If we erase Your personal data, Your ability to use our services will be affected, as described above.
(4) You have the right to ask Us not to process Your personal data for marketing purposes (including profiling). You may unsubscribe at any time by emailing Us directly at
data.protection@
vikingcruises.com.
(5) You have the right to object to Our processing of your personal data to the extent that (a) We use the personal data on grounds of Our legitimate interests and no exception applies to permit us to keep using it, or (b) We use it for direct marketing purposes, or (c) We use it for scientific or historical research purposes or statistical purposes and no exception applies to permit Us to keep using it.
(6) You have the right to ask us to restrict Our processing of your personal data to the extent that (a) You have questioned the accuracy of the personal data and We are still checking its accuracy, (b) it is established that We did not have the lawful right to process the personal data, (c) We no longer need to use Your personal data for the purposes We collected or used it for but You need it to be preserved for the purposes of legal claims, or (d) You have exercised Your right to object to Our use of your personal data and no exception applies to permit us to keep using it.
(7) You have the right to request that We provide to You, or to another data controller on Your behalf, a copy of any of Your personal data which We process using automated means based on your consent, so that You may reuse such personal data for Your own purposes on alternative services.
(8) You have the right not to be subject to automated processing which significantly affects You, unless We need to carry out the automated decision-making to enter into or perform Our contract with You, or We are authorised by law to use the personal data for automated decision- making, or We have Your explicit consent.
(9) You have the right to complain to the Information Commissioner (
http://www.ico.gov.uk/) if You have any concerns in respect of the handling of Your personal data by the Company.
If You would like to exercise any of the above rights, including to withdraw Your consent (where Our processing of Your personal information relies on Your consent), please contact Us at
data.protection@
vikingcruises.com.
OUR PROTECTION OF YOUR PERSONAL INFORMATION We have taken reasonable steps to put in place appropriate security measures to protect Your personal data when it is processed by Us or on our behalf.
We do not accept any responsibility for the policies of third party Data Controllers, such as providers of search engines and social media services. Your use of such third parties, their websites and services is at Your own risk. Please check the third parties’ Privacy Notices before You submit any personal data to them.
CHANGES TO PRIVACY NOTICE We reserve the right to make changes to this Privacy Notice from time to time. If this Privacy Notice changes in any way, We will place an updated version on our Website. Regularly reviewing our Website ensures that You are always aware of what information We collect, how We use it and under what circumstances, if any, We will share it with other parties.
If You do not agree to the changes that we make from time to time, please tell us via
data.protection@
vikingcruises.com. If material changes are made to this Privacy Notice, We will notify You by placing a prominent notice on the Website.
YOUR COMMENTS ARE APPRECIATED If You have any questions or comments regarding the Privacy Notice, You can send Us an email at data.
protection@vikingcruises.com.
01/01/2018
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50
