Search
Popular Searches:

Global Ports Holding Limited Privacy Information Notice (Nassau Cruise Port)

Introduction

Global Ports Holding Limited (“GPH”) respects your privacy and is committed to protecting your personal data. This privacy notice explains how we manage your personal data when you visit our website or use our Nassau port and outlines your privacy rights in accordance with the Bahamas Data Protection (Privacy of Personal Information) Act, 2003.

 

  1. Important Information and Who We Are

 

Purpose of the Privacy Notice

This privacy notice provides information on how GPH collects and processes your personal data during your interactions with us, including any data you may provide through our website or at our Nassau Cruise Port.

 

Controller

Global Ports Holding Limited (GPH), registered at 3rd Floor, 35 Albemarle Street, London, W1S 4JD, UK, is the controller responsible for your personal data in relation to the Nassau port (referred to as “GPH,” “we,” “us,” or “our” in this notice).

Contact Details

If you have any questions about this notice or our data privacy practices, please contact our Data Protection Officer (DPO) as follows

 

  • Full name of legal entity: Global Ports Holding Limited
  • Email address: dpo@globalportsholding.com
  • Postal address: 3rd Floor, 35 Albemarle Street, London, W1S 4JD (Please specify “For the Attention of the Data Protection Officer” on the envelope)

 

Changes to the Privacy Notice

This version was last updated on 31.10.2024. We may update this notice from time to time, and any significant changes will be communicated through our website, ensuring that your privacy rights are respected and upheld.

 

Third-Party Links

This website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

 

Please note that when booking through a travel agency or cruise company, they will complete your booking by entering the required data into our systems, acting as autonomous data controllers. This essentially means that the travel agency or cruise company independently decides how to process your personal data for activities under its competence and is responsible for the processing and appropriate data protection measures. For details on the processing activities involving your personal data, please contact your local travel agency or cruise company. Similarly, if you have booked additional services or packages involving cruise lines, these cruise companies are also separately considered data controllers regarding passenger data processed in the context of providing their services. You can access the privacy policies of the respective travel agencies or cruise companies via their own websites or offices.

 

  1. The Data We Collect About You

 

Personal Data

Personal data, or personal information, means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data: First name, maiden name, last name, username or similar identifier, marital status, title, date of birth, and gender.
  • Contact Data: Billing address, delivery address, email address, and telephone numbers.
  • Financial Data: Bank account and payment card details.
  • Transaction Data: Details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.
  • Surveillance Data: includes static or moving imagery via CCTV or surveillance systems as you pass through our ports.

 

  1. How is Your Personal Data Collected?

We collect personal data about you whenever you use our services (whether these services are provided by us or by other companies or agents acting on our behalf), including when you embark or disembark through our ports, use our website, or interact with us via email or by calling our contact center. In addition, we may receive personal information about you from third parties, such as:

  • Companies contracted by us to provide services to you;
  • Companies involved in your travel plans, including airlines, cruise companies, and customs and immigration authorities;
  • Companies that act as our third-party business partners with whom you have interacted and with whom you have consented to provide us with your data to receive marketing communications.

Please also note that when you provide us with data about others (e.g., details of passengers travelling with you, emergency contact data,), such as a co-traveller or minor, it is your responsibility to ensure that such individuals have authorized you to do so and that they are aware and have understood and accepted how our company uses their information (as described in this Privacy Notice).

Below you will find the main purposes for which your data is processed:

 

  1. Responding to your requests (via website, call center, or email)

 

You can submit your requests regarding our activities and services through various channels (phone, email, SMS, messaging systems, etc.). To respond to your request, we need to process your identity and contact data, as well as the content of your query. Without this data, we cannot provide you with the requested information. This processing is carried out to take steps at your request prior to entering into a contract or to answer your request in the context of our port services.

Additionally, using the different forms on the website, you can request to be contacted through different channels (phone, email, SMS, messaging systems, etc.). Please also note that if you contact us via our call center, phone calls may be recorded for legal purposes where required by local regulations. In other cases, if the recording of the call is not mandatory under local laws, with your consent, the calls may be recorded for the protection and reproducibility of verbal commitments and may be cross-checked with other reservation data. The call recordings may also be processed based on our legitimate interest to meet quality assurance and training purposes. If the call is being recorded, you will be notified at the beginning of the call.

 

  1. Completing and handling the embarkation process

 

To ensure smooth operations, we need to process your identity and contact data. We also register your booking and travel information, such as date and port of embarkation and disembarkation, vehicle information such as plate number, brand, and model of the vehicle. We process this information in order:

  • To maintain the safety and security of the ports for our passengers, colleagues, and stakeholders, including but not limited to control authorities, national security, detection and prevention of crime, and aviation security;
  • To monitor flows and demand throughout the ports to optimize resourcing and passenger experience;
  • To support the effective management of port operations and any incidents;
  • For investigative purposes or as evidence to support any formal follow-up to port incidents;
  • In response to a subject access request.

In this regard, please note that we may also send you communications to provide you with relevant documents and information, as well as to inform you about necessary steps you need to take prior to your trip. These updates may include changes to embarkation or disembarkation times, alterations or cancellations of shore excursions, changes or cancellations to the ship’s itinerary, and other last-minute information related to your booking (such as due to adverse weather conditions or unforeseen circumstances).

We process all the above data based on our contract with you and to fulfill our service activities. You also need to provide information about valid travel documents and visas, where applicable. Furthermore, some ports of call may require the use of facial-recognition technology to validate travel documents, and you might be required to provide biometric data to embark or disembark at such ports.,

 

  1. Sending you marketing communications

 

With your consent, we may process your identity and contact data, booking and travel information, preferences, and technical data related to online activity for marketing purposes. This includes sending you questionnaires/surveys, conducting market research, and direct marketing through email, WhatsApp, SMS, ordinary mail, phone calls, push notifications/pop-up banners on our app, instant messaging, via an operator, through our official social media pages, and other marketing activities. This may involve products and/or services related to our subsidiaries, other companies in our group, and our business partners (such as tourist activities, transportation services, luxury brands, travel agencies, insurance companies, etc.), as well as other third-party products and/or services.

Additionally, to enhance our efforts in providing you with relevant information and offers, we may also obtain personal data from our third-party business partners. This involves receiving or accessing databases from trusted partners to identify individuals who may be interested in our services and products and who have consented to share their data with us.

Please note that it is not mandatory to provide consent to receive promotional messages and offers from us or from third parties. However, without this consent, we will not be able to send you such communications that may be of interest to you.

Since the processing of your data for the purposes indicated above is based on your consent, you can withdraw this consent at any time by emailing marketing@nassaucruiseport.com. Any consent may be withdrawn at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

 

  1. Sending you personalized communications

 

With your consent, we may process your personal data from time to time. We may use this data to analyse your preferences, habits, behaviour, and interests in order to send you personalized commercial communications and conduct targeted promotional actions. Since this processing is based on your specific consent, you can withdraw it at any time by emailing us at the address provided in section 1 of this notice or through the dedicated consent management options depending on the channel used. Additionally, if you are based outside the EU/EEA, specifically in the United States, and with your consent, we may also process your identity and contact data, booking and travel information, preferences, and technical data related to online activity for marketing purposes. This includes promoting our products and services to third parties (e.g., by improving the performance of personalized advertising campaigns). We use both automated means (e.g., emails, text messages, social media advertising) and non-automated means (e.g., ordinary mail, phone calls) to personalize our communications. This involves analysing your travel preferences, experiences, consumption habits, and market surveys to enhance the range of services we offer and send you communications that may interest you. Please also note that, with your consent, we may engage in social media marketing activities. To target audiences who may be interested in our offers and communications, we perform profiling activities based on interactions, preferences, and behaviour. When you browse our website, we use cookies to track certain information about you, provided you consent to their use. This helps us make the website more intuitive and suggest products or services that may interest you. For more details about our use of cookies and other tracking technologies, please see the section below. Since this processing is based on your specific consent, you can withdraw it at any time by clicking the “unsubscribe” link at the bottom of our communications, if available, or by using the contact details provided in section 1 of this notice.

 

  1. Compliance with applicable laws

 

When you provide personal data to GPH, we are obligated to process it in accordance with applicable laws, which may include storing and reporting personal data to official authorities. This includes, for example, compliance with tax and fiscal laws, or tracking boarding and disembarking processes and communicating such information to authorities if required.

 

  1. Handling requests, complaints, and comments

 

We keep track of comments and complaints you make regarding our port services, whether on-site or after your visit, to respond appropriately to your requests. We process this data in connection with our provision of services to you or based on our legitimate interest to protect the interests and rights of our company in case of disputes. You may choose to make an anonymous complaint or comment, but please note that in some cases, this may hinder our ability to follow up or provide assistance. Additionally, we may use the content of your request, complaint, or comment to improve our port services. We limit the use of personally identifiable data as much as possible in this process. This processing is based on our legitimate interests in enhancing our services to ensure a positive experience for our visitors. We also retain this data to comply with our legal obligations, such as for accounting and tax purposes.

 

  1. Ensuring port security

 

We monitor individuals present at the port to ensure security and handle potential crisis situations. We record your identity and contact data, booking and travel information, and security-related information. We process this data based on our legitimate interest in maintaining public security and managing crisis situations. Providing this data is not mandatory, but refusal to provide it may affect our ability to accommodate you at the port. We also process some personal data for fraud prevention and detection, relying on our legitimate interest in preventing and detecting fraud.

CCTV related data processing activities We use closed-circuit television (CCTV) throughout the port, including at all access points and in public areas. CCTV cameras are continuously operational, and images of you may be captured. CCTV footage may include sound recordings as well. We perform this activity based on our legitimate interest for security purposes, such as recognizing, identifying, and maintaining records of incidents, facilitating investigations and remedies, protecting our rights and the rights of our visitors, enabling public health measures, preventing and detecting fraud, or complying with other legal or regulatory requirements. As CCTV cameras are present throughout the port, processing of your data for these purposes is mandatory.

In the event of a security incident, security officers may gather evidence from involved guests and staff to draft a report. If you are a witness, suspect, or victim, providing a statement is not mandatory. If CCTV footage is available during an incident, it may be extracted and stored for 1 years, or longer if necessary, depending on the specific case (e.g., investigation by authorities). Footage not extracted or used is retained for up to 30 days from the recording date.

 

  1. Disciplinary and precautionary measures

 

Please note that we have the authority to deny access to the port or require disembarkation of an individual whose presence may be deemed a potential risk to themselves, other individuals, or port operations, or when their behaviour may affect or compromise the comfort and safety of others. To manage such situations, we may process data necessary for this purpose, including identity and contact information, booking and travel details, security-related information, as well as information regarding the cause of the measure, based on our contract with the relevant individual and our legitimate interest.

 

  1. How long we store the data

 

In accordance with the principle of storage limitation, the personal data we collect is kept in a form that allows the identification of data subjects only as long as necessary for the purposes for which it was collected and processed, and in any case, no longer than specified by applicable laws.

Generally, information related to booked services and the contractual relationship with you will be retained for no longer than 1 year. Personal data collected based on your consent, specifically for marketing and profiling purposes, will be retained until you withdraw your consent.

In cases where the retention period is not specifically stated above, we have defined a Corporate Data Retention Policy which outlines the timeframe for data processing, at the conclusion of which all copies of personal data are either destroyed or anonymized using appropriate techniques that prevent the reidentification of the individual in question.

At the end of this period, all copies of personal data are either destroyed or anonymized using techniques that prevent reidentification of the individual.

For more information on our data retention periods and the criteria used to determine these periods, please contact our Data Protection Officer (DPO) at the email address provided in Section 1.

 

  1. Categories of Data Recipients and Personal Data Transfer

 

We may need to transfer this data to companies within the GPH Group or to other reputable third-party organizations, both within and outside of the Commonwealth of The Bahamas. Additionally, your personal data may be shared with recipients situated outside Commonwealth of The Bahamas. In all these scenarios, GBH ensures that any transfer of your data complies with the relevant data protection laws.

To ensure greater transparency, we have provided a list below of the main categories of recipients with whom your personal data may be shared:

 

  1. Group Companies

 

Depending on the country from which your embarking originates, and to ensure we provide you with tailored services, we may share your information with companies within our group. These companies process your data in full compliance with applicable data protection laws. Based on where your booking is made, your data may be handled by one of our group companies, acting as data processors following the instructions of the data controller.

In some instances, these companies may act as data controllers for specific processing activities (e.g., for onboard security as detailed in this notice). In such cases, a separate privacy notice will be provided specific to that activity.

Depending on the country from which your booking originates, and to ensure we provide you with tailored services, we may share your information with companies within our group. These companies process your data in full compliance with applicable data protection laws. Based on where your booking is made, your data may be handled by one of our group companies, acting as data processors following the instructions of the data controller. In some instances, these companies may act as data controllers for specific processing activities (e.g., for onboard security as detailed in this notice).

 

  1. Commercial Partners

 

Certain services that you book with us are delivered by our commercial partners. In such instances, we may need to share your data with these partners. However, rest assured that we only disclose the data necessary to fulfil your request, and we have robust agreements in place to ensure that our partners use your data solely for this purpose. If these partners act as independent data controllers, we recommend that you review their specific privacy policies to understand how they manage your personal data.
Our commercial partners typically operate in the following sectors:

  • Tourism (e.g., tour operators, local guides)
  • Transportation (e.g., bus, train, airplane, or other transport services based on the specific service required)
  • Insurance (e.g., when activating your insurance package during a cruise)
  • Service Providers (e.g., IT service providers, consultants), including those authorized to process data necessary to carry out services and who are bound by confidentiality obligations.

 

  1. Port Agents and Authorities

 

As a cruise port operator, we may be required to share certain information about our passengers with local port agents and authorities for immigration purposes. This data sharing can lead to transfers outside the EU/EEA if these entities are located abroad. Such data transfers are conducted under the legal obligations GPH has to provide information to the relevant authorities, and only the essential data is communicated.

 

  1. Your Data Rights

 

Under the Bahamas Data Protection Act, you have the following rights:

  • Access: Request access to your personal data to understand how it is being processed.
  • Correction: Ask us to correct inaccurate or incomplete data.
  • Deletion: Request the deletion of personal data if it is no longer needed for the purposes for which it was collected, subject to legal obligations.
  • Objection: Object to the processing of your personal data in certain circumstances, such as for marketing purposes.
  • Withdrawal of Consent: Where data processing is based on your consent, you can withdraw that consent at any time.

To exercise your rights, contact us at dpo@globalportsholding.com.

 

  1. Website Cookies and Other Tracking Technologies

 

Cookies are small text files that websites send to your computer or mobile device, which are then stored and used during subsequent visits. These cookies allow the website to remember your preferences and actions (such as login details, language settings, font sizes, and other display preferences) so that you don’t have to re-enter them each time you visit the site.

Cookies serve various purposes, including electronic authentication, session management, and storing information about your activities on the website. They can also contain a unique identifier that tracks your browsing behavior for statistical analysis or advertising purposes. Additionally, while browsing, you may receive cookies from third-party websites or servers not directly related to the site you are visiting.

Cookies come in different types based on their characteristics and functions, and they can remain on your device for varying periods. “Session cookies” are temporary and are deleted when you close your browser, whereas “persistent cookies” remain on your device until they expire or are manually deleted.

Depending on applicable laws, your consent may not always be required for cookies to be used on a website. For instance, “technical cookies,” which are necessary for electronic communication or to provide a service you requested, usually do not require consent. This includes browsing or session cookies that enable users to log in and functionality cookies that remember user choices, such as language settings or selected items for purchase.

Conversely, “profiling cookies,” which are used to create user profiles and send targeted advertising based on browsing behaviour, typically require explicit user consent, though this can vary by jurisdiction.

Our website uses the following types of cookies:

  • Technical cookies: Essential for the website’s functionality and to enable you to access its content and services.
  • Analytics cookies: Help us understand how users interact with the website and monitor traffic to and from the site.
  • Marketing/profiling cookies: Used to send targeted advertisements and to create user profiles based on browsing preferences.

In addition to cookies, we also use “pixels”—small code snippets embedded in the website. Pixels enable us and third parties to track user behaviour and gather information about how users engage with our website. They can monitor actions like page views and clicks, often for personalized advertising and website analytics.

 

  1. Sale of Personal Data

 

GPH does not engage in the sale of personal data.

However, as mentioned earlier, GPH may participate in targeted or personalized advertising, often referred to as interest-based or online behavioural advertising, which might include cross-contextual advertising. Under certain privacy laws, such practices could be considered a “sale” or “sharing” of personal data. These activities are conducted for both business purposes (such as delivering our cruise-related services) and commercial purposes (like marketing). If you wish to opt out of these practices, please refer to the section above on revoking consent, or visit our “Do Not Sell or Share My Personal Information” page.

 

  1. Changes to This Information Notice

 

We reserve the right to update, modify, add, or remove portions of this information notice at any time. When changes are made, the revised Information Notice will be posted on this page, the “Last update” date will be modified accordingly, and a banner will be displayed on the website to inform you of the changes.

Each updated version of the information notice becomes effective immediately upon publication on the website. If there are significant changes in how your personal data is processed, your acknowledgment may be required, in accordance with applicable legislation.

We encourage you to periodically review this document to stay informed of the current version. If you need access to a previous version of the information notice, please contact us using the details provided in Section 1 of this notice.

 

  1. Contact Us

 

GPH is committed to protecting your privacy and ensuring that all personal data processing complies with applicable data protection legislation. If you have any questions or concerns about how we handle your personal data, please reach out to us filling the personal data request form provided in our website.