Privacy Policy

1. Who controls your data

CruisesUnlocked is the Ireland-based controller for personal data collected through this website, email list, accounts, and membership services. Formal privacy requests and operator notices should be sent to the contact below.

Privacy contact: deals@cruisesunlocked.ie.

2. Data we collect

• Email address, name, and contact details you provide.
• Newsletter signup source, consent record, unsubscribe status, and email engagement where our email provider makes it available.
• Account, login, billing status, Stripe customer/subscription identifiers, and membership plan details. We do not store full card numbers.
• Shortlist travel-plan details you choose to save, such as dates, budget, destination interests, cruise lines, ships, and contact email.
• Website usage events such as deal clicks, page source, outbound link clicks, referrer, IP address, user agent, and timestamps for security, analytics, and affiliate reporting.
• Messages you send to us for support, refunds, unsubscribe requests, or account help.

3. How we use personal data

• Send cruise deal emails and member updates where you have opted in.
• Provide account access, membership benefits, billing support, and Shortlist recommendations.
• Process payments, refunds, renewals, and subscription status through Stripe.
• Improve deal quality, site reliability, product decisions, and customer support.
• Measure affiliate clicks and understand which deals are useful.
• Comply with accounting, tax, legal, security, and fraud-prevention obligations.

4. Legal bases

• Consent — for marketing emails and optional non-essential cookies/tracking where used.
• Contract — to provide accounts, subscriptions, Shortlist services, checkout, billing support, and membership access.
• Legitimate interests — to keep the service secure, measure basic product performance, prevent abuse, respond to support, and understand affiliate/deal performance.
• Legal obligation — for records we must keep for tax, accounting, consumer, or regulatory reasons.

5. Marketing email

We only send marketing emails where you sign up, opt in, or otherwise give clear permission. Every marketing email includes an unsubscribe option. You can also unsubscribe through the unsubscribe page or by emailing deals@cruisesunlocked.ie.

Unsubscribing from marketing does not stop essential transactional emails about payments, account access, security, legal updates, or service notices.

6. Cookies and tracking

Essential cookies may be used for account login, security, checkout, and site operation. Optional analytics or marketing cookies will not be used unless they are listed in our Cookie Notice and, where required, you have given consent.

7. Service providers

We use trusted providers to run the service. Expected providers include Supabase for account/customer data, Stripe for payments, Resend for transactional and account email, beehiiv for newsletter publishing and subscriber management, Vercel for hosting, and Cloudflare for DNS/security if enabled. We may also use analytics, error monitoring, or affiliate tracking providers if they are listed in the Cookie Notice or this policy.

Some providers may process data outside the European Economic Area. Where that happens, we rely on appropriate safeguards such as EU Standard Contractual Clauses, adequacy decisions, or provider data processing terms.

8. Retention

• Newsletter records are kept until you unsubscribe or ask us to delete them, unless limited suppression records are needed to honour your opt-out.
• Account, preference, and membership records are kept while your account or subscription is active and for a reasonable period afterwards for support, security, dispute, and accounting reasons.
• Payment, invoice, tax, and refund records may be kept for the period required by Irish law.
• Analytics and operational logs are kept only as long as useful for security, debugging, reporting, or business records.

9. Your rights

If you are in Ireland, the EU, or the UK, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your personal data. You can also withdraw consent where processing is based on consent.

To exercise rights, email deals@cruisesunlocked.ie. You also have the right to complain to the Irish Data Protection Commission or your local supervisory authority.

10. Security

We use reasonable technical and organisational measures to protect personal data, including managed payment processing through Stripe and role-limited access to customer systems. No online service can be guaranteed perfectly secure, but we take privacy and access seriously.

11. Children

CruisesUnlocked is not aimed at children. Do not use the service if you are under 18.

12. Updates

We may update this policy as the service, providers, or legal requirements change. Material changes will be highlighted where practical.