X

About

Privacy Policy Cookies Policy

Our policies regarding collection of information from guests and site visitors

Privacy Policy

Updated: January 1, 2020

Who We Are

At Sixthman Ltd., our mission is to provide the best possible festival cruise and event experiences for our guests. This mission covers all of our activities including the products and experiences we offer during our festival cruises and events, at the destinations we visit during our festival cruises and events, and in our online community through our websites and interactive features, including applications, widgets, blogs, social networks, social network "tabs," and other online or mobile offerings (which we collectively call the "Services"). Our Services are provided by Sixthman Ltd. and our partner brand, Norwegian Cruise Line, which operates the majority of our festival cruises (we refer to Sixthman and Norwegian Cruise Line together as the "Company," "we," "our," or "us").

This privacy policy describes what data we collect online and offline and how we use, share, and secure that data. It also describes your choices regarding use, access, and correction of your personal data. Personal data is information, or a combination of different types of information, that could allow you to be identified.

We encourage you to review our privacy policy and click on the available links if you want additional information on a particular topic.

Data We Collect

When you attend an event or take a festival cruise with us, register to attend an event or take a festival cruise with us, set up an account with us through one of our websites, request information about our Company, communicate with us, visit one of our websites, apply for employment with us, sign up for our promotions, contests, or sweepstakes, or access our Services through various other methods, we collect data about you and your visit.

Data we collect directly from you or other sources

We collect the following categories of data either directly from you or from our business partners or third parties and in accordance with applicable law:

  • Personal details (e.g., name, salutation, title, date of birth, place of birth, gender, photographs and images)
     
  • Contact details (e.g., email address, telephone number, mobile number, address, and emergency contact information)
     
  • Health details, where applicable
     
  • Travel / vacation preference details (e.g., flight number, hotel booking, cabin number, special occasion dates, special accommodations, loyalty program information, dietary preferences, travel companions and family members)
     
  • Your location, activities, and transactions on board Norwegian Cruise Line’s ships
     
  • Government-issued documents (e.g., passports, alien resident cards, visas, residency permits, social security numbers, driver’s licenses, and redress numbers)
     
  • Details regarding your use of websites and applications (e.g., usernames, passwords, security answers, geolocation information, details regarding your interaction with our websites, applications and emails we send, such as whether you opened the email we sent, which may permit us to recognize you across multiple devices)
     
  • Financial details (e.g., credit card information, transactional history and purchases, amount paid for Services, bank information, income, and business information)
     
  • Details of your play and spend at casinos, loyalty rewards and, if you apply for credit for use at Norwegian Cruise Line’s onboard casinos, credit-related information
     
  • Information available via public records and publicly available content on social media platforms
     
  • Details regarding your interactions with our call centers, including recordings of your calls
     
  • Employment application details (e.g., name, employment history, telephone number, address, email address, education history, reference details, military service, and immigration status)


Data collected when you create an account with us, purchase our products or use our Services may include data about yourself and those traveling or attending an event with you. By providing us with personal data of any third party, you confirm that you have the authority to do so on their behalf and have provided them with the information set forth in this privacy policy.

We operate closed circuit television ("CCTV") cameras on Norwegian Cruise Line’s ships, including at all access points and throughout public areas. These CCTV cameras record continually and images of you may appear in these recordings.

Please be aware that Norwegian Cruise Line has photographers on board taking photographs for guests to purchase. If you would not like to be photographed, please let the photographers know and they would be happy to take reasonable steps to comply with your request. Please note that we are unable to guarantee that you will not be included in photographs on an incidental basis.

Data we collect automatically

When you access our websites or otherwise receive Services, and to the extent permissible under applicable law, we automatically collect some categories of data from you, including data collected using cookies, embedded scripts and other device identifying technologies (“Cookies and Tracking Technologies”). Further information about our use of Cookies and Tracking Technologies and your choices are available in our Cookie Policy. We do not respond to Do Not Track signals. To learn about Do Not Track and for information about how to opt out of receiving targeted advertising, please visit our Cookie Policy.

Special categories of personal data

Some of the categories of data that we collect in connection with the provision of our Services or through the employment application process may constitute special categories of personal data (also known as sensitive personal data). In particular, we may collect personal data revealing racial or ethnic origin, religious, philosophical, or political beliefs, sexual orientation, or data concerning health, such as medical history or dietary restrictions, if in connection with our provision of Services or through the employment application process.

We collect this information when you choose to provide it to us or to a service provider such as a travel agent or through the employment application process. We use this information to provide a service you request, such as medical care on board one of our festival cruises, or special dietary accommodations, or in connection with your application for employment.

If, while traveling with us or attending an event, you allege a personal injury or submit a claim after alleging a personal injury, we may collect personal data concerning the alleged incident, including healthcare information.

Optional facial recognition technology

On participating ships and with your consent, Norwegian Cruise Line may use facial comparison technology in order to facilitate and expedite your embarkation and/or disembarkation by taking your photograph and matching it against the photograph they collected from you during embarkation. When there is a match, you will be able to board the ship or be checked out of your festival cruise.

Separately, Norwegian Cruise Line may securely provide your disembarkation photograph to U.S. Customs and Border Protection (“CBP”), who uses its own facial comparison technology to match the photograph against images of you that CBP already has on file from your passport, other travel documents or prior CBP border inspections. Once Norwegian Cruise Line receives verification of your identity from CBP, they will delete your disembarkation photograph immediately. Norwegian Cruise Line does not retain your facial recognition data beyond the duration of your festival cruise or use it for any other purpose other than those described above. If you are a U.S. citizen, CBP will maintain your photograph for no more than 12 hours. For certain non-U.S. citizens, the U.S. Department of Homeland Security (DHS) will store your photograph for a longer period. For more information on how CBP uses your biometric data, please visit www.cbp.gov/travel/biometrics.
 

How We Use Personal Data

We may use your personal data for the following purposes:

  • Identify and authenticate you: We use your identification data to verify your identity when you access and use our Services and to ensure the security of your personal data. We do this to comply with our contractual obligations to you.
     
  • Provide emergency and security services: We provide you with emergency and security services to protect your vital interests or based on our legitimate interest of providing the services needed in case of urgent emergency or security situations on board our festival cruises or at one of our events.
     
  • Provide you and your group with Services: We process your personal data to provide the Services you or your organization have requested. We do this to comply with our contractual obligations to you or your organization. For multi-guest bookings, Norwegian Cruise Line allows all guests on the reservation to access and administer booking-related personal data of the guests on the same reservation in furtherance of our legitimate interest of allowing guests to conveniently administer their reservations.
     
  • Advertise and market our Services: We may use your personal data, where permitted, to build a profile about you and place you into particular marketing segments in order to understand your preferences better and to appropriately personalize the marketing messages we send to you. It is in our legitimate interest to provide more relevant and interesting advertising messages. We may contact you with marketing communications via direct mail, phone call, email, text messages, or via notifications from applications. Where necessary, we will obtain your consent before contacting you with such marketing communications.
     
  • Communicate with you: We may use your personal data when we communicate with you via direct mail, phone call, email, text messages, or via notifications from applications, for example if we are providing information about changes to our terms and conditions, in response to a question you submitted, or to notify you of changes to your festival cruise or event itinerary. It is in our legitimate interest to provide you with appropriate responses and provide you with notices about our Services.
     
  • Comply with our obligations under applicable laws: We may process your personal data to comply with applicable legal requirements, for example, we may provide certain information to governmental and recognized law enforcement agencies, such as providing personal data to the Transportation Security Administration and port agents in connection with commercial air travel you book through us, or to comply with other legal or regulatory requirements, where explicitly required by law.
     
  • Customize your experience: When you use the Services, we may use your personal data to improve your experience of the Services, such as by providing interactive or personalized elements on the Services and providing you with content, offerings, and experiences based on your interests, including shore excursions or events. Where necessary, we will obtain your consent before using your personal data in this way.
     
  • Exercise our rights: We may use your personal data to exercise our legal rights where it is necessary to do so, for example to detect, prevent, and respond to legal claims, intellectual property infringement claims, or violations of law or our applicable contract terms and conditions.
     
  • Prevent fraud and comply with legal obligations: We may process your personal data to, for example, (i) carry out fraud prevention checks, which include building fraud-related profiles, making decisions on that basis by fraud prevention experts, and using CCTV images to prevent and detect fraud in Norwegian Cruise Line’s casinos; or (ii) comply with other legal or regulatory requirements, where explicitly required by law.
     
  • Ensure the safety of employees and guests: We may process your personal data to ensure the safety and security of all guests on board Norwegian Cruise Line’s ships or at our events. For example, we may check your information against a publicly available criminal record database in order to protect the safety of our guests and team members.
     
  • Evaluate you for potential employment: We may process your personal data if you apply for a position as a team member with us, including by verifying any entitlements, monitoring equal opportunity employment, performing medical screenings (in some cases) and by making inquiries into any criminal and/or credit history based on our legitimate interests, to the extent necessary and where permitted under applicable laws and regulations.


Customer Testimonials

We may post guest testimonials on our websites and social media pages which might contain personal data. Prior to posting the testimonial, we obtain guests’ consent via web form, email, or social media message to post their names, usernames, festival cruise dates, photos, videos, event, and travel destinations along with their testimonial, as applicable. If you wish to update or delete your testimonial, you can contact us via the methods described under “How to Contact Us.”

How We Disclose Personal Data

We may share your personal data with third parties under the following circumstances, as permitted under applicable laws and regulations:

  • Service providers and business partners: We may share your personal data with our service providers and business partners that perform marketing services and other business operations for us or with which we have joint or cooperative marketing arrangements. For example, we may partner with other companies, vendors or travel agents to organize and facilitate your travel, facilitate and host our land-based events, arrange hotel, flight or transportation accommodations, process your payments, including charging purchases to onboard accounts, provide onboard services, provide port services and excursions, facilitate targeted marketing and other communications by mail or email, facilitate services related to casinos, such as background checks and credit checks when you apply for casino credit, maintain guest records, and analyze data. These companies are authorized to use your personal data only as necessary to provide these services to us. Certain brands may cooperate with financial institutions to offer co-branded products or services to you, such as Norwegian Cruise Line’s co-branded credit card; however, they will do so only if permitted by applicable law. Travel agents may or may not process your information on our behalf. To the extent you engage with a travel agent that is collecting information for their own use, we recommend you check your travel agent’s privacy policy for details as to how they may process your personal data. If you booked your festival cruise through a travel agent and purchase future cruise credits while onboard, we may inform your travel agent of the future cruise credits so that they may contact you with reminders to timely use the credits. Some products, services, excursions, and activities are provided by third parties. We may share sufficient personal data about you with these partners, before, after, or during your festival cruise or event in order to improve Services to you. These companies have their own privacy policies which you should refer to if you choose to use their services.
     
  • Where required by law: We may provide certain personal data to governmental and recognized law enforcement agencies as required by law or other third parties where we believe necessary to comply with a legal obligation. We are required to cooperate with government and law enforcement agencies and public authorities of any country in your itinerary, including customs and immigration authorities. Personal data about you may be shared with these agencies (such as customs and the U.S. Department of Homeland Security) prior to boarding a festival cruise, during your festival cruise, or after disembarkation for security or immigration purposes.
     
  • To protect our rights or the rights of a third party: We may share your personal data to identify, investigate, contact, or bring legal action against an individual who may be causing injury to or interference with our rights or property or the rights or property of a third person if we believe in good faith that disclosing this personal data is necessary or advisable. We may share your personal data with third parties to prevent or detect fraud with respect to Norwegian Cruise Line’s casinos and our general payment transactions. Personal data about you may also be shared with governmental and recognized law enforcement agencies in order to prevent and detect crime as well as to safeguard children and vulnerable adults.
     
  • In the context of a transaction: We may share your personal data with potential transaction partners, service providers, advisors, and other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell or transfer all or a portion of our assets or business, to the extent permitted by applicable law. Should such a sale or transfer occur, we will use reasonable efforts to obligate the entity to which we transfer your personal data to use it in a manner that is consistent with this privacy policy.
     
  • With your family members, friends and groups: When you book a festival cruise or event within a group or charter, we may share with the group leader certain booking or registration-related personal data about you, such as your contact information so that they may contact you with group activities. If you make a multi-guest reservation, all of the guests who are part of the reservation will be able to access the booking-related personal data of the other guests on the same reservation. This means that a guest on your same reservation will be able to (1) complete online check-in for you and others in your reservation, (2) view your boarding pass, and the boarding pass of others in your reservation, (3) pay for a product or activity for you or others in your reservation, using their own onboard expenses account or their own payment methods; and (4) update your contact information. If you have any questions or concerns about the processing of data for multi-guest reservations, please contact us via the methods described under “How to Contact Us.”
     
  • Sixthman Ltd. family companies: Sixthman Ltd., NCL Corporation Ltd., NCL (Bahamas) Ltd., Norwegian Cruise Line Group UK Limited, Oceania Cruises S. de R.L., Seven Seas Cruises S. de R.L., and the brands, Sixthman, Norwegian Cruise Line, Oceania Cruises and Regent Seven Seas Cruises, are owned by Norwegian Cruise Line Holdings Ltd., and we work closely with other businesses and companies in the Norwegian Cruise Line Holdings Ltd. family. We may share certain personal data about you with other companies in the Norwegian Cruise Line Holdings Ltd. family, including your buying and browsing history on the Services, contact details such as names, email addresses, and addresses, dates of past festival cruises or events with one of our family brands, your use of products and services including casinos, and inquiries you have made about or products and services, for the purposes set forth above. We may also share your personal information to enable family companies to market to you, where permitted by applicable law. Where necessary, we will obtain your consent before sending such marketing communications.

 

Information Security

We implement physical, technical, and organizational security measures designed to safeguard the personal data we process. These measures are aimed at providing ongoing integrity and confidentiality of your personal data. We evaluate and update these measures on a regular basis.

The Company takes reasonable precautions in order to attempt to ensure the safety and security of our customers’ online transactions. Billing information is encrypted and transmitted through SSL (Secure Sockets Layer) technology. SSL is the industry standard for securing Web-messaging transactions.

Data Retention

We retain your personal data for as long as we have a relationship with you or in accordance with applicable law, and such relationship includes any request to receive marketing or other promotional materials from us or membership in our loyalty programs. When deciding how long to keep your personal data after our relationship with you has ended, we take into account our legal obligations, including requirements of regulators and governmental agencies that have authority over us. We may also retain records to investigate or defend against potential legal claims.

We will delete or anonymize your personal data at the end of the retention period. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.

Managing Your Privacy Settings

All marketing emails, text messages, and other electronic messages you receive from us will include specific instructions on how to unsubscribe, and you may unsubscribe at any time from our marketing by taking one the following steps:

(1) Follow the instructions provided in any Company message

(2) Click on the following link to update your preferences: Sixthman  

(3) Send mail to the following address:

Norwegian Cruise Line Holdings Ltd.
Legal Department: Privacy Team
7665 Corporate Center Drive
Miami, Florida 33126
0333 2412319

Children

Our products and Services may be used by, or collect personal data about, children under the age of 16 only with the involvement of and, as needed, consent from the child’s parent or guardian. To the extent we process personal data about children, we do so for the purposes described in the consent request and to provide the requested services.

If you have reason to believe that we have collected personal data from someone under 16 years of age in connection with our Services without adequate involvement from the child’s parent or guardian, please let us know by contacting us via the methods described under “How to Contact Us.”

Country/Region-Specific Disclosures

1. California:

You can find more information about how we process the personal data of California residents by reviewing our California Resident Privacy Notice here.

2. European Union:

You have certain rights regarding your personal data, subject to local European Union data protection laws. These include the following rights:

  • access your personal data
  • rectify the data we hold about you
  • erase your personal data
  • restrict our use of your personal data
  • object to our use of your personal data
  • receive your personal data in a usable electronic format and transmit it to a third party (right to data portability)
  • lodge a complaint with your local data protection authority.


If you would like to discuss or exercise these rights, please contact us via the method described under “How to Contact Us.” We encourage you to contact us to update or correct your data if it changes or if the personal data we hold about you is inaccurate. We will contact you if we need additional data from you in order to honor your requests.

Third Parties We Don’t Own or Control

Our websites, applications, including mobile applications, and social media sites include links to other websites whose privacy practices may differ from our practices. If you submit personal data to any of those sites, your information is governed by their privacy policies. We are not responsible for the privacy practices or the content of any sites to which our websites, applications, including mobile applications, and social media sites provide links. We encourage you to carefully read the privacy policy of any website you visit.

Social Media Features

Our websites include social media features, such as the Facebook "Like" button, and widgets, such as the "Share" button, or interactive mini-programs that run on our websites (the "Features"). These Features may collect your Internet protocol address or which page you are visiting on our websites and may set a cookie to enable the Feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our websites. Your interactions with these Features are governed by the privacy policy of the company providing it.

International Data Transfers

We are headquartered in the United States but have global operations and affiliates. Accordingly, your personal data may be transferred to, stored, and processed in various countries, including those that are not regarded as ensuring an adequate level of protection for personal data under European Union law or by the European Commission. We have put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your data is adequately protected. For more information on the appropriate safeguards in place, please contact us at the details below.

How to Contact Us

If you have any questions, comments, or concerns about how we handle your personal data, then you may contact us at PrivacyTeam@nclcorp.com and we will try to resolve your concern.

If you are located in the European Union, please contact our Data Protection Officer by clicking here. If you are located in Germany, you may also contact our representative in Germany by clicking here. We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to make a complaint to the data protection authority of your country of residence.

Privacy Policy Updates

We may update this privacy policy from time to time without prior notice. You can determine when this privacy policy was last revised by checking the updated date. We encourage you to periodically review this privacy policy to ensure you understand our privacy practices.

If you have a registered account, we may notify you of any changes to our privacy policy via email and we may ask you to affirmatively acknowledge and consent to the changes the next time you use our Services.

If we make any revisions that materially change the ways in which we process your personal data, we will notify you of these changes before applying them to that personal data.