Updated: December 28, 2022
At Sixthman Ltd., our mission is to provide the best possible festival cruise and event experiences for our guests. This mission applies to all our activities including the products and experiences we offer during our festival cruises and events, at the destinations and ports of call we visit during our festival cruises and events, and online through websites and interactive features, including applications, widgets, blogs, social networks, social network "tabs," and other online or mobile offerings (which we collectively call the "Services"). Our Services are owned and/or operated, either directly or through our service providers and business partners, by Sixthman Ltd. and our partner brand, Norwegian Cruise Line, which operates the majority of our festival cruises (we refer to Sixthman and Norwegian Cruise Line together as the "Company," "we," "our," or "us").
When you attend an event or take a festival cruise with us, register to attend an event or take a festival cruise with us, set up an account through one of our websites, request information about our Company, communicate with us, visit our websites, apply for employment with us, sign up for our promotions, contests, sweepstakes, or webinars or access our Services through various other methods, we collect data about you and those interactions.
Data we collect directly from you or other sources
We may collect the following categories of data either directly from you or from our business partners or third parties and in accordance with applicable law:
We operate closed circuit television ("CCTV") cameras on Norwegian Cruise Line’s ships, including at all access points and throughout public areas. These CCTV cameras record continually and images of you may appear in these recordings.
Please be aware that Norwegian Cruise Line has photographers on board taking photographs for guests to purchase. If you would not like to be photographed, please let the photographers know and they would be happy to take reasonable steps to comply with your request. Please note that we are unable to guarantee that you will not be included in photographs on an incidental basis.
Data we collect automatically
Special or sensitive categories of personal data
Some of the categories of data that we collect in connection with the provision of our Services or through the employment application process may constitute special categories of personal data (also known as sensitive personal data). In particular, we may collect personal data revealing racial or ethnic origin, religious, philosophical, or political beliefs, sexual orientation, or data concerning health, such as medical history or dietary restrictions, if in connection with our provision of Services or through the employment application process.
We collect this information when you choose to provide it to us or to a service provider or third party such as a travel agent or through the employment application process. We use this information to provide a service you request, such as medical care on board one of our festival cruises (whether in person or through our telehealth services), or special dietary accommodations, or in connection with your application for employment.
If, while traveling with us or attending an event, you allege a personal injury or submit a claim after alleging a personal injury, we may collect personal data concerning the alleged incident, including healthcare information.
Optional facial recognition technology
On participating ships and with your consent, Norwegian Cruise Line may use facial comparison technology to facilitate and expedite your embarkation and/or disembarkation by taking your photograph and matching it against the photograph they collected from you during embarkation. When there is a match, you will be able to board the ship or be checked out of your festival cruise.
Separately, Norwegian Cruise Line may securely provide your disembarkation photograph to U.S. Customs and Border Protection (“CBP”), who uses its own facial comparison technology to match the photograph against images of you that CBP already has on file from your passport, other travel documents or prior CBP border inspections. Once Norwegian Cruise Line receives verification of your identity from CBP, Norwegian Cruise Line will delete your disembarkation photograph immediately. Norwegian Cruise Line does not retain your facial recognition data beyond the duration of your festival cruise or use it for any other purpose other than those described above. If you are a U.S. citizen, CBP will maintain your photograph for no more than 12 hours. For certain non-U.S. citizens, the U.S. Department of Homeland Security (DHS) will store your photograph for a longer period. For more information on how CBP uses your biometric data, please visit www.cbp.gov/travel/biometrics.
COVID-19 and global health data
For the health and safety of our guests and crew, we may process additional personal data during a pandemic or other global health crises. Prior to your festival cruise or event, you may be asked to undergo COVID-19 testing and provide us with proof of a negative result, disclose your vaccination status, and/or have your temperature taken. Temperature readings may be collected via thermal imaging cameras located on the gangway.
If we are made aware that an individual is exhibiting symptoms of COVID-19, we may evaluate our transaction data and photographs taken during your cruise and may run facial recognition technology on our CCTV footage to notify the persons who were in close proximity with the affected individual and take appropriate action to mitigate the spread of COVID-19. Such steps may include medical examinations, testing, containment, and/or disembarkation of the affected persons.
We may use your personal data for the following purposes:
We may publish guest testimonials on our mailings, brochures, websites, and social media pages. Prior to publishing the testimonial, we obtain guests’ consent to publish their names, usernames, festival cruise dates, photos, videos, event, and travel destinations along with their testimonial, as applicable. If you wish to update or delete your testimonial, you can contact us via the methods described under “How to Contact Us.”
We may share any of the categories of personal data described above with third parties under the following circumstances, as permitted under applicable laws and regulations:
We implement physical, technical, and organizational security measures designed to safeguard the personal data we process. These measures are aimed at providing ongoing integrity and confidentiality of your personal data. We evaluate and update these measures on a regular basis.
The Company takes reasonable precautions to attempt to ensure the safety and security of our customers’ online transactions. Billing information is encrypted and transmitted through SSL (Secure Sockets Layer) technology. SSL is the industry standard for securing Web-messaging transactions.
We retain your personal data for as long as we have a relationship with you or in accordance with applicable law, and such relationship includes any request to receive marketing or other promotional materials from us or membership in our loyalty programs. When deciding how long to keep your personal data after our relationship with you has ended, we take into account our legal obligations, including requirements of regulators and governmental agencies that have authority over us. We may also retain records to investigate or defend against potential legal claims.
We will delete or anonymize your personal data at the end of the retention period. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.
Our marketing emails, text messages, and most other electronic messages you receive from us will include instructions on how to unsubscribe, and you may unsubscribe at any time from our marketing by taking one the following steps:
Norwegian Cruise Line Holdings Ltd.
Legal Department: Privacy Team
7665 Corporate Center Drive
Miami, Florida 33126
Our Services may be used by, or collect personal data about, children under the age of 16 only with the involvement of and, as needed, consent from the child’s parent or guardian. To the extent we process personal data about children, we do so for the purposes described in the consent request and to provide the requested Services.
If you have reason to believe that we have collected personal data from someone under 16 years of age in connection with our Services without adequate involvement from the child’s parent or guardian, please let us know by contacting us via the methods described under “How to Contact Us.”
California Civil Code Section 1798.83 gives California residents the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal data, such as name, email, and mailing address and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties' direct marketing purposes and (b) the names and addresses of all such third parties. To request the above data, please contact us by email to [email protected] or write us at: Attn: Legal Department: Privacy Team, Norwegian Cruise Line Holdings Ltd., 7665 Corporate Center Drive, Miami, FL 33126. We will respond to such requests for data access within 30 days following receipt at the email or mailing address stated above. Please note that we are only required to respond to each customer once per calendar year.
If you are located in the European Union, the EEA, the United Kingdom, or Brazil, you have certain rights regarding your personal data, subject to local data protection laws. These include the following rights:
If you would like to discuss or exercise these rights, please click here.
We are headquartered in the United States but have global operations and affiliates. Accordingly, your personal data may be transferred to, stored, and processed in various countries, including those that are not regarded as ensuring an adequate level of protection for personal data under the laws in certain jurisdictions, such as the European Union, UK, Japan, and Israel. We have put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your data is adequately protected. For more information on the appropriate safeguards in place, please contact us at the details below.
To exercise any privacy rights you have under applicable law, please click here. We will contact you if we need additional data from you to honor your requests.
If you have any questions, comments, or concerns about how we handle your personal data, please contact us at [email protected] and we will try to resolve your concern.
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If you believe that we have not been able to assist with your complaint or concern, you can contact our Data Protection Officer or our representative in Germany by writing to [email protected] or clicking here. You may have the right to make a complaint to the data protection authority of your country of residence.
If we make any revisions that materially change the ways in which we process your personal data, we will notify you of these changes, for example by sending an email to the email address we have on file, before applying them to that personal data.
Browsers such as Safari on iOS require you to accept our cookies before entering. Click continue to accept cookies and enter the contest.