Privacy Policy
Effective date: October 20, 2025
​
This Privacy Policy explains how Cruise Navigators ("Cruise Navigators," "we," "us," or "our") collects, uses, discloses, and safeguards personal information when you visit our website, communicate with us, or use our services. If you do not agree with this Policy, please do not use our services.
​​
1. Who we are
-
Legal entity: Cruise Navigators, LLP
-
Registered address: 865 East Baseline Rd #1025, Gilbert, AZ 85233, United States
-
Primary website: cruisenavigators.travel
-
Contact email: joe.hillock@cruisenavigators.travel
-
Data protection contact: Privacy Lead
We operate a cruise-focused travel agency based in Gilbert, Arizona. We help clients plan and book cruises and related travel services.
​
2. Scope
This Policy applies to personal information we process about:
-
Visitors to our websites and pages that we control.
-
Prospective and current clients who inquire about, purchase, or receive our services.
-
Individuals who receive marketing from us or interact with our content.
-
Individuals whose data we process as part of providing travel services, for example additional travelers named in a booking.
This Policy does not apply to third-party websites, platforms, or services that we do not control. We are not responsible for their privacy practices.
​
3. Children’s privacy
Our website and services are not directed to children under 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If you believe a child under 13 has provided personal information to us, contact us and we will take appropriate steps to delete the information. If you are located in a jurisdiction with a higher age of consent for online services, we will comply with the applicable requirement.
​
4. Personal information we collect
​
4.1 Information you provide directly
-
Contact data such as name, email address, phone number, mailing address.
-
Traveler profile data such as date of birth, gender, citizenship, passport information if provided in the future, known traveler numbers, loyalty program numbers, special occasion notes, preferences for dining or cabin type, accessibility requirements, and allergy information needed to arrange travel.
-
Booking and payment data such as itinerary details, reservation numbers, insurance selections, payment method tokens provided by our payment processor, billing address, and related notes. We do not store full card numbers. Card data is handled by our payment processors.
-
Communications and content such as emails, messages, call notes, survey responses, and testimonials.
-
Documents you upload to help us book travel. We do not currently request passport images. If we begin collecting passport images in the future, we will update this Policy and use secure upload methods.
4.2 Information collected automatically
When you access our website or emails, we and our partners may collect:
-
Device and usage data such as IP address, browser type, operating system, referring URLs, pages viewed, links clicked, and timestamps.
-
Cookie, pixel, and similar identifiers that help us recognize your browser or device, remember preferences, measure engagement, and personalize content.
-
Location data derived from your IP address or device settings. You can control location settings on your device or browser.
4.3 Information from third parties
-
Travel suppliers and partners such as cruise lines, tour operators, insurance providers, and consolidators share booking status, confirmations, schedule changes, loyalty numbers, and service issues related to your trip.
-
Marketing and analytics partners such as advertising networks and analytics providers share audience segment data and aggregated performance metrics.
-
Social media platforms if you interact with our content or connect with us through those services.
​
5. How we use personal information
We use personal information to:
-
Provide, operate, and improve our services and website.
-
Plan and book travel, including communicating with travel suppliers on your behalf.
-
Verify identity and prevent fraud or abuse.
-
Communicate with you about inquiries, quotes, holds, bookings, changes, cancellations, and support.
-
Send administrative messages such as confirmations, invoices, and policy updates.
-
Provide marketing communications and personalized offers. You can opt out at any time.
-
Conduct analytics, measurement, and research to understand performance and improve user experience.
-
Comply with legal obligations and enforce our agreements.
Legal bases for processing for individuals in the EEA, UK, or Switzerland include consent, contract performance, legitimate interests, legal obligation, and vital interests where appropriate.
6. Payment processing
We use third-party payment processors to handle credit and debit card transactions. Card information is submitted directly to these processors and is not stored on our servers. Our processors use security controls that align with PCI DSS requirements. You can request the identity of our current payment processor at any time.
7. Cookies and similar technologies
We use cookies, pixels, tags, and similar technologies on our website and in our emails. We display the Wix cookie banner to obtain and manage your consent where required. You can change your preferences at any time using the banner’s settings or your browser controls. Disabling some cookies may affect site functionality. For more detail, see our separate Cookie Notice or contact us.
8. Sharing personal information
We share personal information with:
-
Travel suppliers and partners such as cruise lines, tour operators, shore excursion providers, insurance providers, air and hotel suppliers, GDS or distribution platforms, and consolidators as needed to quote, book, service, and manage your travel. Examples of cruise lines include Royal Caribbean, Princess, Holland America, Celebrity, MSC, Carnival, Norwegian, and Virgin Voyages.
-
Service providers who help us operate our business, for example website hosting, CRM and email services, analytics, marketing platforms, form tools, cloud storage, customer support tools, and IT security vendors.
-
Our host agency and distribution partners, such as Travel Planners International, when needed to facilitate bookings or access negotiated rates.
-
Payment processors to process transactions.
-
Business partners when we jointly market or co-sponsor offerings, where permitted by law.
-
Authorities, regulators, and law enforcement where required by law, lawful request, or to protect rights, safety, or property.
-
Successors to our business in the event of a merger, acquisition, asset transfer, financing, or bankruptcy.
We do not sell your personal information for money. Some uses of cookies and advertising technology may be considered sharing or a sale under certain state privacy laws. See Section 12 for your rights and choices.
​​
9. International data transfers
We are based in the United States and process personal information in the United States. We and our service providers may transfer personal information to countries that may have different data protection laws than your country. Where required, we use appropriate safeguards such as standard contractual clauses.
10. Data retention
We retain personal information for as long as needed to provide services and fulfill the purposes described in this Policy, including to comply with legal, tax, and accounting obligations, and to resolve disputes. Typical retention periods are:
-
Inquiry and consultation records: 3 years from last interaction.
-
Booking records: 7 years from completion or cancellation of travel.
-
Payment and invoice records: 7 years to meet tax and accounting requirements.
-
Marketing preferences: retained until you opt out or request deletion, then maintained on a suppression list to honor your choice.
We may retain de-identified or aggregated information for analytics.
11. Security
We use administrative, technical, and physical safeguards designed to protect personal information. These controls include access controls, encryption in transit, secure configurations, employee confidentiality obligations, and vendor due diligence. No method of transmission or storage is perfectly secure. We cannot guarantee absolute security.
12. Your privacy rights and choices
Your rights may vary depending on your location. Subject to verification and exceptions, you may have the right to:
-
Access and obtain a copy of personal information we hold about you.
-
Correct inaccurate or incomplete personal information.
-
Delete personal information.
-
Opt out of marketing communications at any time using unsubscribe links or by contacting us.
-
Opt out of targeted advertising, sale, or sharing of personal information where these concepts are defined by law.
-
Restrict or object to certain processing where applicable.
-
Withdraw consent where we rely on consent.
-
Port certain data to another organization.
How to exercise your rights:
-
Email: joe.hillock@cruisenavigators.travel with the subject line "Privacy Request".
We will verify your identity before fulfilling requests. You may appoint an authorized agent to submit a request on your behalf where permitted by law. We will not discriminate against you for exercising your rights.
12.1 California privacy rights
If you are a resident of California, you may have additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA). These may include the right to know categories and specific pieces of personal information, the right to delete, correct, and to opt out of sale or sharing, and the right to limit the use of sensitive personal information. We use sensitive personal information such as passport or government ID numbers, date of birth, and health related preferences only to provide services and as permitted by law. To exercise your rights, use the methods listed above. To opt out of targeted advertising cookies where applicable, adjust your preferences through the Wix cookie banner or your browser settings.
12.2 Virginia, Colorado, Connecticut, and Utah rights
Residents of Virginia, Colorado, Connecticut, and Utah may have rights to access, correct, delete, opt out of targeted advertising, the sale of personal data, and profiling in furtherance of decisions with legal or similarly significant effects. To appeal our decision regarding a request, contact us and include "Appeal" in the subject line.
12.3 EEA, UK, and Switzerland
If you are in the European Economic Area, United Kingdom, or Switzerland, you may have rights under GDPR, including the rights of access, rectification, erasure, restriction, objection, and portability. You also have the right to lodge a complaint with a supervisory authority. Where we rely on consent, you can withdraw it at any time. Our lawful bases include contract performance, legitimate interests, legal obligations, and consent.
13. Marketing communications
You can opt out of marketing emails by using the unsubscribe link in the message or by contacting us. We may still send you non-marketing communications related to your bookings or our ongoing business relationship.
We do not send SMS messages at this time.
14. Do Not Track and Global Privacy Control
Some browsers transmit Do Not Track signals. Our website does not respond to Do Not Track at this time. Where required by law, we honor the Global Privacy Control signal for opt out of sale or sharing for targeted advertising to the extent it applies to our site.
15. User-generated content and reviews
If you submit testimonials, reviews, photos, or other content, we may display this content on our website, social media, or marketing materials with your permission. Do not share content that includes personal information of others without consent.
16. Third-party links and services
Our website may include links to third-party sites, apps, and services. A link does not mean we endorse or have reviewed their privacy practices. Review the privacy policies of those third parties before providing information to them.
17. AI and automated tools
We may use automated tools to assist with tasks such as spam filtering, fraud detection, personalization, and customer support. Decisions that produce legal or similarly significant effects are made by people, not solely by automated means.
18. Changes to this Policy
We may update this Policy from time to time. The updated version will be posted on our website with a new effective date. Material changes will be highlighted or otherwise brought to your attention.
19. Contact us
Questions or requests about this Policy can be sent to:
-
Mail: Cruise Navigators LLP, Attn: Privacy, 865 East Baseline Road, #1025, Gilbert, AZ 85233
20. State privacy disclosures
The sections below summarize the categories of personal information we collect and disclose for business purposes as defined by certain state laws.
20.1 Categories collected and disclosed
Below is a narrative summary of the categories of personal information we collect and disclose for business purposes, with examples and whether the information may be considered a sale or sharing for targeted advertising under certain state laws.
-
Identifiers
-
Examples: Name, email, phone, IP address, device identifiers.
-
Collected: Yes.
-
Disclosed for a business purpose: Yes, to service providers and travel suppliers.
-
Sold or Shared for targeted advertising: Advertising cookies may be considered sharing in some states.
-
-
Customer records
-
Examples: Billing address, payment token, booking ID.
-
Collected: Yes.
-
Disclosed for a business purpose: Yes, to payment processors and suppliers.
-
Sold or Shared for targeted advertising: No.
-
-
Protected classification data
-
Examples: Date of birth, gender, citizenship where needed for travel.
-
Collected: Yes.
-
Disclosed for a business purpose: Yes, to suppliers.
-
Sold or Shared for targeted advertising: No.
-
-
Commercial information
-
Examples: Quotes, bookings, itineraries, purchase history.
-
Collected: Yes.
-
Disclosed for a business purpose: Yes, to suppliers and service providers.
-
Sold or Shared for targeted advertising: No.
-
-
Internet or network activity
-
Examples: Pages viewed, links clicked, cookie IDs.
-
Collected: Yes.
-
Disclosed for a business purpose: Yes, to analytics and advertising partners.
-
Sold or Shared for targeted advertising: May be considered sharing in some states.
-
-
Geolocation (approximate)
-
Examples: Approximate location derived from IP address.
-
Collected: Yes.
-
Disclosed for a business purpose: Yes, to analytics partners.
-
Sold or Shared for targeted advertising: May be considered sharing in some states.
-
-
Sensitive personal information
-
Examples: Passport and government ID data (if provided in the future), Known Traveler Number, and health-related preferences for accessibility or allergies.
-
Collected: Yes, if provided by the traveler and when necessary to arrange travel.
-
Disclosed for a business purpose: Yes, to travel suppliers as needed for travel.
-
Sold or Shared for targeted advertising: No.
-
20.2 Purposes for collection and disclosure
We collect and disclose personal information to provide and manage services and bookings, communicate with customers and deliver support, maintain security and prevent fraud, perform analytics and research to improve our services, carry out marketing and advertising where permitted, and comply with laws and enforce our agreements.
20.3 Retention periods
See Section 10 above.
21. Additional notices for Canadian residents
If you are in Canada, you may have rights under federal and provincial laws, including the right to access and correct your personal information. You may contact us to submit a request or to ask about our use of service providers outside Canada.
​
23. Definitions
-
"Personal information" means information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be linked with a particular individual or household.
-
"Sensitive personal information" includes data that receives heightened protection under certain laws, such as government IDs, precise geolocation, health information, and account credentials.
-
"Service provider" means an entity that processes personal information for a business purpose under contract and is restricted from using it for other purposes.