LAST UPDATED: May 1, 2018

This Privacy Policy (“Policy”) applies to information received by WOD on the Waves, LLC (the “Company”). This notice describes our privacy policy with respect to data collected via www.wodonthewaves.com , interactive features, applications, widgets, blogs, social networks and social network “tabs” and other online or wireless offerings that post a link to this Policy, whether accessed via computer, mobile device or other technology (together, the “Website”). This Policy explains what information we collect about you and what we do with it. The Company reserves the right to revise this Policy at any time. We will notify you of any material changes to the Policy by posting the new Policy here and by changing the “Last Updated” date at the top. You should periodically read this Policy to learn of any revisions.

What Information Do We Collect?

When you take a cruise with us, ask for information about the Company or our events, visit the Website, or get in touch with us through various other methods, we collect information about you and your visit. We collect credit card information from you where applicable, in order to facilitate your purchases. We collect individually-identifiable personal information (“Personal Data”) that you provide to us such as your name, e-mail address, street address and telephone number, and other information. You supply us this Personal Data when you take an action such as taking a cruise, requesting information, purchasing something, or doing some other action to voluntarily supply your Personal Data to us.

On our Website, we also collect in addition to Personal Data non-personally identifiable data, such as (but not limited to) the number of unique visitors, the frequency of visits to the Website, the Website pages viewed, the site the visitor arrived from and departs to, as well as the IP address of the computer a visitor uses to access the Website.

What Do We Do With The Information We Collect?

We use the Personal Data we collect to provide our services and engage in advertising and marketing activities. We use credit card and other financial information that you provide us to fulfill your order or request. The Company takes reasonable precautions to attempt to ensure the safety and security of our customers’ online transactions. Credit card numbers that you enter on our billing webpage are encrypted and transmitted through SSL (Secure Sockets Layer) technology. SSL is the industry standard for securing Web-messaging transactions.

On our Website, we use IP addresses and anonymous demographic information in the aggregate to share with advertisers and market researchers, and to improve the design of our Website so as to better serve our customers.

Do We Share The Information We Collect With Third Parties?

We share Personal Data as well as non-personally identifiable data with our business partners to provide our services, for market and industry research purposes, for advertising and marketing purposes, and for other reasons.

The Company may transfer any information in its databases, including but not limited to Personal Data, to an affiliate or third party as part of a transfer of business assets.

The Company may also release any data in order to comply with any legal process, including requests from law enforcement and government agencies, to enforce the Website Terms of Use and other agreements, and to protect customers and others. We may do so when we believe in good faith that disclosing this information is necessary or otherwise advisable, including, for instance, to identify, contact, or bring legal action against someone who may be causing injury to or interfering with the rights or property of the Company, another user, or anyone else that such activities might harm.

The Company may disclose Personal Data when it has reason to believe that disclosing this information is necessary to identify, investigate, contact or bring legal action against someone who may be causing injury to or interfering with (either intentionally or unintentionally) the Website or the Company’s rights or property.

Do We Use Cookies?

Yes. Cookies are small data files generated by web servers and stored in your computer for future access. We use them for a variety of reasons, such as to study visitors’ use of the Website and to improve their navigation of the Website. For example, a cookie can allow you to continue shopping without having to re-enter items already placed in the shopping cart. Most Web browsers accept cookies, but the “help” menu on your browser should give you options for preventing, accepting, or receiving notice of new cookies. You can configure your web-browser to disable cookies, but doing so may impair your use of the Website.

What About Third Party Links?

This Website may have hyperlinks to other websites. The Company is not responsible for their privacy practices or content. We urge you to review the privacy policy of any website that you visit.

Security

The Company strives to protect Personal Data and user privacy.  But we do not and cannot guarantee the security of any information you disclose online and you do so at your own risk. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, although we strive to protect your Personal Data, the Company does not and cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk. Once we receive your transmission, we use reasonable efforts to ensure its security on our systems.

Third Party Advertising

Any ads appearing on the Website are delivered to you by our advertising partners. Our advertising partners may use cookies. Cookies allow the ad network to recognize your computer each time the advertisers send you an online advertisement. In this way, ad networks may compile information about where you, or others who are using your computer, saw their advertisements and determine which ads are clicked on. This information allows an ad network to deliver targeted advertisements that the advertisers believe will be of most interest to you. The Company does not have access to or control of the cookies that may be placed on the computer of any users by the third-party ad servers or ad networks.

Notice To California Residents

Under California Civil Code Section 1798.83, California residents have the right to request in writing from businesses with whom they have an established business relationship (a) a list of the categories of Personal Data and other personal information, such as name, e-mail and mailing address and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes and (b) the names and addresses of all such third parties. We will respond to such requests for information access within 30 days following receipt at the e-mail or mailing address stated above. Please note that we are only required to respond to each customer once per calendar year.

Additionally, California law requires that we indicate whether we honor “Do Not Track” settings in your browser concerning targeted advertising. We do not currently alter our practices when a Do Not Track signal is received. To learn about Do Not Track and for information about how to opt out of receiving targeted advertising, please click www.aboutads.info/choices.

Notice about the European Union’s General Data Protection (“GDPR”) Rights

You may have certain rights under the European Union’s GDPR 2016/679.  The GDPR is a complex regulatory scheme and we do not intend to provide every detail here.  If interested you should read the GDPR and the relevant guidance provided by the applicable authorities for a fuller explanation.

The GDPR provides the right, where applicable, to (a) access, (b) publication, (c) erasure, (d) restrict processing, (e) object to processing, (f) data portability, (g) complain to a supervisory authority, and (h) withdraw consent.

Where applicable, the GDPR provides the right to confirm whether the Company has processed your Personal Data and, when the Company does, to access that data, together with certain other information including the purposes of the processing, the categories of Personal Data concerned, and the recipients of the Personal Data.  Where applicable, and providing that we do not affect the rights and freedoms of anyone else, we will supply you with one copy of your Personal Data.  The first copy is free.  We may charge a reasonable fee for additional copies.

Where applicable, the GDPR provides the rights to rectify any inaccurate Personal Data about you and, taking into account the purposes of the processing, to complete any incomplete data about you.

In some circumstances the GDPR provides you the right to erase your Personal Data without undue delay, including when we no longer need the Personal Data for the purposes for which we collected or processed the Personal Data, if you withdraw your consent to consent-based processing, if you object to the processing of the Personal Data under certain rules of the GDPR, if the processing is for the purpose of direct marketing, and if the Personal Data have been unlawfully processed.  However, the GDPR provides exceptions or exclusions to the right to erase, including where the processing is necessary for the exercise of free expression and information, to comply with a legal obligation, or to establish, exercise, or defend a legal claim.

In some circumstances the GDPR provides the right to restrict the processing of your Personal Data, such as to contest the accuracy of the Personal Data, where the processing is unlawful but you oppose erasure, when we no longer need the Personal Data for the purpose of our processing but you require Personal Data to establish, exercise or defend a legal claim, and you have objected to the processing pending the verification of that objection.  When processing has been restricted on this basis, we may continue to store your Personal Data.  But we will process your data otherwise only with your consent, to establish, exercise or defend a legal claim, or to protect another natural or legal person’s rights, or for reasons of important public interest.

If applicable, the GDPR provides the right to object to our processing of your Personal Data on grounds relating to your situation, but only to the extent that the processing is necessary for a task carried out in the public interest or to exercise any official authority vested in the Company, or for a legitimate interest pursued by the Company or someone else.  If you object, we shall stop processing the Personal Data unless we can demonstrate compelling legitimate grounds to process the information that override your interests, rights and freedoms, or the purpose of the processing is to establish, exercise or defend a legal claim.

You may object to our processing of your Personal Data for direct marketing purposes including profiling for direct marketing purposes.  If you notify us of such an objection, we shall stop processing your Personal Data for that purpose.

You may object to our processing of your Personal Data for scientific or historical research or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for a task carried out in the public interest.

If the legal basis for our processing your Personal Data is consent or that the processing is necessary to perform a contract to which you are a party, or in order to take steps at your request before entering into a contract, and such processing is carried out by automatic means, you have the right to receive your Personal Data from us in a structured, commonly used, and machine-readable format.  But this right does not apply when its application ill adversely affect the rights and freedoms of others.

If you believe that our processing of your Personal Data infringes any data-protection statute, rule or regulation, you may lodge a complaint with the appropriate authorities responsible for data protection.  If applicable, you may lodge that complaint in the European Union member state of your habitual residence, your workplace, or the place of the alleged infringement.

To the extent that we base our processing of your Personal Data on your consent, you may withdraw that consent at any time.  But your withdrawal of that consent will not affect the lawfulness of any processing we do before your withdrawal.

If applicable, you may exercise any of your rights in relation to your Personal Data by emailing the Company atregistration@wodonthewaves.com.

Children

The Website is not intended for children under the age of 13, and the Company does not intentionally collect Personal Data from children under 13 except as guests named in a booking. If you have reason to believe that we have collected Personal Data from someone under 13 years of age, please let us know.

How Do I Opt Out Or Unsubscribe?

All e-mails you receive from us will include specific instructions on how to unsubscribe and you may unsubscribe at any time

(1) Follow the instructions provided in any Company e-mail;

(3) Send mail to the following address: registration@wodonthewaves.com

Please allow up to 2 weeks to be unsubscribed from all Company emails.

Claims

If you believe that the Company has acted inconsistently with this Policy, please notify us either at the address above at www.wodonthewaves.com and we will try to resolve your concern.