- What Data Do We Collect?
- How do we collect your data?
- How Will We Use Your Data?
- Will Your Data Be Shared with Anyone?
- How Do We Store Your Data?
- Third Party Privacy Policies.
- Data Transfer to Our Partner Service Providers.
- Children’s Privacy.
- Privacy Rights for Californian Residents.
- What Are Your Data Protection Rights?
- International Transfer of Data.
- Data Breach.
- Questions, Comments, Contact Information.
- Notice to EU Subjects.
1. What Data Do We Collect?
Our Company may collect the following data:
- Personal identification information (Name, email address, phone number, etc.)
- Cookies and Usage Data
- Analytics Data
1.1 Usage Data
We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”).
This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
1.2 Tracking & Cookies Data
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies: We use Session Cookies to operate our Service.
- Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
- Security Cookies: We use Security Cookies for security purposes.
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
1.4 Log Information
Like most websites, ours uses log information to track system activity. These files include IP addresses, browser type, Internet service provider (ISP) and other technical information relating to your use of our website. Our systems and our web hosting service provider use this information to analyze usage patterns, observe trends, administer the site, track user movements in the aggregate, and gather broad demographic information for aggregate use.
1.5 Aggregated Information
2. How Do We Collect Your Data?
Some information is explicitly provided to us by you, while other information, such as your IP address, is gathered automatically as you use our services. You may voluntarily provide certain personal identifying information to us in connection with your use of our interactive web portals, your purchase of travel-related products, any signup incentives or promotions you elect to participate in, newsletter or other subscriptions, and services (all of which will be referred to as “Personal Information”). If you choose to provide us with Personal Information by opting in, you consent to our collection of that information and to the transfer and storage of that information on our servers. Personal Information includes all information you voluntarily provide to us, whether in person, by telephone, mail or e-mail, or in any other way via our website.
Since you provide our company directly with most of the data we collect, we collect and process additional data when you provide it to us through:
- Register online for any of our products or services.
- Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
- Use or view our website via your browser’s cookies.
- Using Analytics Tools
- Use the contact form
- Contact us via email
- Send us a message via our website (e.g. “activate”)
3. How Will We Use Your Data?
We may use your Personal Information to provide you with service-related information, including providing you with responses to requests for our services as well as managing your account, processing bills, and/or personalized mailings (electronic or otherwise) or other communications that you consent to receive, and to prevent potentially prohibited or illegal activity, resolve disputes and collect fees.
Our Company collects your data:
- to provide and maintain the service
- to notify you about changes to our service
- to allow you to participate in interactive features of our service when you choose to do so
- to provide customer care and support
- to provide analysis or valuable information so that we can improve the service
- to monitor the usage of the service
- to detect, prevent and address technical issues
- to send you a newsletter or other updates (explicitly agreed to receive)
4. Will Your Data Be Shared with Anyone?
In some cases we may process or share data based on the following legal basis:
We process your data:
- If you have given us specific consent to use your personal data for a specific purpose.
- If it is reasonably necessary to achieve our legitimate business interests.
- If we have entered into a contract with you, we may process your personal data to fulfill the terms of our contract.
- If we are legally required to share your information in order to comply with applicable law, governmental requests, a judicial proceeding court order or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements)
- In case we believe it is necessary to investigate, take actions or prevent potential violations of our policies suspected fraud, situations involving potential threats to the safety of any personal illegal activities, or as evidence in litigation in which we are involved.
5. How Do We Store Your Data?
6. Third Party Privacy Policies.
7. Data Transfer to Our Partner Service Providers.
In this section, we inform you when and how we share information about you with external partner service providers. Before we pass on your data to our partners, we will ask you for your express consent. For EU-Subjects we are entitled to pass on your data in accordance with Art. 6 para. 1 sentence 1 letter a) EU-GDPR.
In addition, the transfer of data to external partners also corresponds to our legitimate interests in the sense of Art. 6 para. 1 sentence 1 letter f) EU-GDPR, since we must in particular use external software service providers to provide you with our online services.
When we work together with external service providers, a so-called order processing based on Art. 28 EU-GDPR takes place regularly. For this purpose, we conclude appropriate agreements with our partners, which guarantee a legally compliant handling of your data.
We use only carefully selected contract processors for processing your data. These are bound to our instructions and are regularly checked by us. We only commission external service providers who have ensured that all data processing procedures are carried out in accordance with data protection regulations.
Cruisewatch uses Hubspot, a service of Hubspot Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141, USA, on its websites for analysis purposes. Hubspot is certified under the EU-US Privacy Shield and also the Standard contractual clauses according to Directive 95/46/EC.
We have a vested interest in using an external CRMS to make our internal business processes as effective and error resistant as possible. We are therefore entitled to transfer data to Hubspot pursuant to Art. 6 paragraph 1 sentence 1 letter f) GDPR.
When using our website, so-called “web beacons” may be used and “cookies” may also be set, which are stored on your computer and enable us to analyse your use of the website. Hubspot will use the information collected (e.g. IP address, geographic location, browser type, length of visit and pages viewed) to generate reports on the visit and the pages viewed on behalf of Cruisewatch.
If you subscribe to the Cruisewatch newsletter as well as download other documents, Hubspot may also use your additional information (mainly name/email address) to personally identify your visits to Cruiswatch and, if necessary, provide you with targeted information about topics you prefer.
When you provide us with personal information, it may be transferred to Hubspot’s servers in the United States. Hubspot is committed to complying with the provisions of the Privacy Shield Agreement and Standard contractual clauses according to Directive 95/46/EC. Hubspot stores your information only to provide us with the CRMS service and does not share your information with third parties.
You can find more information on this at https://legal.hubspot.com/de/privacy-policy. In accordance with the European Commission’s decision of 12.07.2016, data transmission to the USA in compliance with the provisions of the agreement offers an adequate level of protection within the meaning of Art. 45 EU-GDPR.
8. Children’s Privacy.
Cruisewatch does not sell our services for purchase by children. This is a general audience website and does not offer services directed to children. Should a child whom we know to be under 18 send Personal Information to us, we will use that information only to respond directly to that child to inform him or her that we must have parental consent before receiving his or her personal information.
Cruisewatch processes personal data (name, first name, email address) from you for the purpose of sending you our regular newsletters as well as for its own marketing purposes.
The legal basis for this is your consent according to Art. 6 para. 1 lit. a and Art. 7 EU-GDPR as well as § 7 para. 2 No. 3 UWG.
With your newsletter order, you confirm that you would like to receive this in the future at the e-mail address you have provided and that you are identical with the person signing or returning the newsletter. For verification purposes, you will receive a separate e-mail with which you must confirm your newsletter order. Without this renewed confirmation you will not receive a newsletter.
Your data will be transferred to our software service provider Mailjet (Mailgun Technologies, Inc., 112 E Pecan St #1135, San Antonio, TX 78205 USA) for mailing purposes. There is no transmission to other third parties or to third countries. Your data will be stored for as long as you wish to receive the newsletter. You have the right to information, to correction, to deletion (“getting forgotten”), to restriction of processing, a right to object at any time, a right to data portability as well as a right to revoke your consent. In the event of a revocation, you will no longer receive a newsletter from us. In these cases, it is best to contact us via e-mail ([email protected]), by telephone or by letter. You will receive a response immediately upon receipt. In addition, you can easily unsubscribe from the newsletter via a link in each newsletter.
10. Privacy Rights for Californian Residents.
12. What Are Your Data Protection Rights?
Cruisewatch would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
(Please note that not all rights may apply to you and depend on which law you may be subject to.)
- The right to access – You have the right to request Our Company for copies of your personal data. We may charge you a small fee for this service.
- The right to rectification – You have the right to request that Our Company correct any information you believe is inaccurate. You also have the right to request Our Company to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that Our Company erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that Our Company restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to Our Company’s processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that Our Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: [email protected]
Or write to us:
B&S Media GmbH
13. International Transfer of Data.
Our servers are located in the United States. If you are accessing our Services from outside the US, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information, in the United States, and other countries.
The European Commission’s Standard Contractual Clauses are regulating the transfer of personal information between our group companies and between us and our third-party providers, which require all such recipients to protect personal information that they prove from the EA in accordance with European data protection laws. Our Standard Contractual Clauses can be provided upon request. We have implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.
In particular, the company complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Dep. of Commerce regarding the collection, use and retention of personal information transferred from the EU to the U.S. and has certified its compliance with it. This company is committed to subjecting all personal information received from EU-member countries, in reliance on the Privacy Shield Framework, to the Framework’s Principles.
To get more information about the Privacy Shield Framework visit: https://www.privacyshield.gov/welcome
With respect to personal data received or transferred according to the Privacy Shield Framework, Cruisewatch is subject to the regulatory enforcement powers of the U.S. FTC. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
14. Data Breach.
A privacy breach occurs when there is unauthorized access to or collection, use, disclosure or disposal of personal information. You will be notified about data breaches when Cruisewatch believes you are likely to be at risk of serious harm. Cruisewatch will promptly investigate the matter and notify the applicable Supervisory Authority not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
15. Questions, Comments, Contact Information.
16. Notice to EU Subjects.
In some regions, like the European Economic Area, you have specific rights that allow you more access and control over your personal information. These rights may include the right to request access and obtain a copy of your personal information, to request rectification or erasure; to restrict the processing of your personal information; and if applicable, to data portability. In certain cases, you may also have the right to object to the processing of your personal information.
In case that we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.
If you are a resident in the European Economic Area and you believe we are processing your personal information unlawfully, at any time you have the right to complain to your local data protection supervisory authority. You can look up their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Sensitive Data. Some of the information you provide us may constitute sensitive data as defined in the GDPR, including identification of your race or ethnicity on government-issued identification documents.
Legal Bases for Processing. Cruisewatch is required to collect certain information from its users, including some information that may be considered sensitive data, to comply with its obligations under applicable laws. We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal bases under which we process your personal information, contact us at [email protected]
16.1 Processing Purpose: To provide our service
Legal Basis: Our processing of your personal information is necessary to perform the contract governing our provision of the Cruisewatch service or to take steps that you request prior to signing up for the Service.
16.2 Processing Purpose: To communicate with you, to optimize our platform, for compliance, fraud prevention, and safety
Legal Basis: These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impacts on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by any adverse impact on you (unless we have your consent or are otherwise required or permitted to by law).
16.3 Processing Purpose: To comply with law
Legal Basis: We use your personal information to comply with applicable laws, including requirements for government-issued identification for purposes of international travel.
16.4 Processing Purpose: With your consent
Legal Basis: Where our use of your personal information is based upon your consent, you have the right to withdraw it anytime in the manner indicated in the Service or by contact us at [email protected]
Retention. We will only retain your personal information for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information you have provided, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances we may anonymize your personal information (so that it can no longer be associated with you), in which case we may use this information indefinitely without further notice to you.
Your Rights. Under the GDPR, you have certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out. Stop sending you direct marketing communications which you have previously consented to receive. We may continue to send you Service-related and other non-marketing communications.
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You can submit these requests by email to [email protected] We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at [email protected] or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
Your online privacy is highly important to us and we welcome your comments or questions.
Last Updated: January 18 2021.