Privacy Policy

International Cruise & Excursion Gallery, Inc., its affiliates and subsidiaries ("Company," "We," "Us," and "Our") respects your privacy and are committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website (our "Website") and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect when you participate in any of our programs:

• On or through this Website.
• Over the phone, email, text, and other electronic messages between you and Us.
• Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website.
• When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is to not use our Website. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Information We Collect About You and How We Collect It

We collect several types of information ("Personal Information") from and about users of our Website, including the following categories of information:

• Purchasing Information. This is information that we may collect about your transactions in our stores, on our websites or via our mobile applications including what products you purchase, how frequently you purchase them, any rewards or promotions associated with a purchase.
• Identifying Information. This is information by which you may be personally identified, through your account with us or otherwise, including but not limited to name, age, date of birth, gender, postal address, e-mail address, telephone number, address, or any other identifier by which you may be contacted online or offline. The collection of such identifying information is necessary for Us to provide you with our services.
• Device and Usage Information. This is information about your internet connection (ISP), IP address, device and mobile ad identifiers, the website that referred you to our Website, the subject of the ads you click or scroll over, cookies, analytics, the equipment you use to access our Website and usage details. To collect this information, we use automatic data collection cookies, web beacons and similar technologies.
• Location Information. This is information about the location of your device, including GPS location, for purposes of enhancing or facilitating our services, such as enabling the functionality of our websites or mobile applications that provide you with information about stores near you, enabling you to remotely order and pay for our products and services, or have certain products delivered by a third-party vendor. If you want to opt out of the collection of this location information, please see the section below titled Choices on How We Use and Disclose Your Information or by contacting us as detailed under Contact Information.
• Public Information. Some information we gather is publicly available. We may also gather information about you from third-parties and other companies.

We collect this information:

• Directly from you when you provide it to us.
• Some information such as your internet connection and equipment you use to access our Website and usage details is automatically collected as you navigate through the Website. Information collected automatically may include usage details, IP addresses, location and information collected through cookies and other tracking technologies.
• We use third party analytics providers and products, such as Google Analytics, to obtain, compile and analyze information about how users are using and interacting with the Website. In order to collect this information, such providers may set cookies on your browser or mobile device or read cookies that are already there. Google Analytics may also receive information about you from apps you have downloaded, that partner with Google. We do not combine the information collected through the use of Google Analytics with personally identifiable information. You can control the information provided to Google and opt out of certain ads provided by Google by using one of the methods set forth in http://www.google.com/policies/privacy/partners/vtecudwweystzfuqczyadyddufsveuzy
• From third parties, for example, our business partners, affiliates and agents.

Information You Provide to Us. The information we collect on or through our Website may include:

• Certain general data and Personal Information that identifies our customers, that you provide or give us in another way. This may include your first and last name, postal address, telephone number, email address, date of birth, citizenship, and passport details, and if you make a purchase, your credit/debit card details in order to make a payment and confirm the purchase.
• Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to our service, posting material, or requesting further services. Information you provide when you enter a contest or promotion sponsored by us, and when you report a problem with our Website.
• Records and copies of your correspondence including email addresses, if you contact us.
• Your responses to surveys that we might ask you to complete for research purposes.
• Details of transactions you carry out through our Website and of the fulfillment of your travel and purchases. You may be required to provide financial information including credit or debit card information before placing an order through our Website.
• Your search queries or preferences through use of the Website, including the election to share location information with us and our website applications.

You also may provide information, or comments, or photographs to be published or displayed (hereinafter, "posted") on public areas of the Website or transmitted to other users of the Website or third parties (collectively, "User Contributions"). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages/you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Information We Collect Through Automatic Data Collection Technologies. As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

• Details of your visits to our Website, including traffic data, logs, and other communication data and the resources that you access and use on the Website.
• Information about your computer and internet connection, including your IP address, operating system, and browser type.

The information we collect automatically is statistical data and does not include Personal Information, but we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

• Estimate our audience size and usage patterns.
• Store information about your preferences, allowing us to customize our Website according to your individual interests.
• Speed up your searches.
• Recognize you when you return to our Website.

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies).) A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
• Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. Information on how to disable or remove flash cookies can be found below under the section titled Choices on How We Use and Disclose Your Information.
• Web Beacons. Pages of the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
• Java Scripts. Java scripts are code snippets embedded in various parts of websites and applications that facilitate a variety of operations including accelerating the refresh speed of certain functionality or monitoring usage of various online components.
• Entity Tags. Entity Tags are HTTP code mechanisms that allow portions of websites to be stored or "cached" within your browser and validates these caches when the website is opened, accelerating website performance since the web server does not need to send a full response if the content has not changed.
• HTML5 Local Storage. HTML5 local storage allows data from websites to be stored or "cached" within your browser to store and retrieve data in HTML5 pages when the website is revisited.

We may tie information gathered above to Personal Information you provide to us.

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

How We Use Your Information and Legal Bases for Processing

We only process your information where it is necessary for:

• our legitimate interests to establish and manage our relationship with you, for administrative purposes, and other legitimate business interests such as credit assessment, marketing, presenting and improving our website;
• fulfilling our contractual obligations towards you (e.g., sending confirmations, invoices, and travel documentation to you), our affiliated or related entities, associates, partners, and the customers of such affiliated or related entities, associates and partners; and
• compliance with applicable laws and regulations and our legal obligations, such as legal/regulatory, accounting and tax requirements.

There may be occasions where we request your consent to process your Personal Information. Where applicable, you may withdraw consent subsequently at any time by contacting us as detailed under Contact Information, below, without affecting the lawfulness of processing based on consent before its withdrawal. For example, we may use your information to contact you about our own and third-parties' goods and services that may be of interest to you. We may use the information we have collected from you to enable us to display advertisements to our advertisers' target audiences. Even though we do not disclose your Personal Information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria. Information on how to opt-out of interest-based advertising can be found under the section titled Choices on How We Use and Disclose Your Information or by contacting us as detailed under Contact Information.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may disclose and share Personal Information that we collect or you provide as described above (How We Use Your Information and Legal bases for Processing) to the following:

• To our subsidiaries and affiliates including but not limited to: SOR Technology, LLC; WMPH Vacations, LLC; ICE Europe, Ltd; Gallery Lifestyles and Cruises S. De R.L. De C.V; Gallery Intertel Services S. De. R.L. De C.V.; I.C.E. Vacations Asia-Pacific Pty Ltd; ICE Travel Portugal, LDA; and ICE Vacation Center India Private Limited.
• To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them.
• To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company's stock or assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Company about our Website users is among the assets transferred.
• To third parties, including but not limited to suppliers, third-party vendors, business partners, and corporate affiliates for the same legitimate purposes as detailed above.
• To fulfill the purpose for which you provide it. For example, if you give us an email address to use the "email a friend" feature of our Website, we will transmit the contents of that email and your email address to the recipients.
• For any other purpose disclosed by us when you provide the information, with your consent, as applicable.
• To comply with any court order, law, or legal process, including to respond to any government or regulatory request. When the disclosure of such Personal Information is required to be made to a governmental or regulatory agency, we will ensure that such Personal Information will only be shared with the relevant governmental or regulatory agency and not released to the general public. However, you will hold Us harmless if the Personal Information is disclosed by the governmental or regulatory agency to any third party or the public.
• To enforce or apply our terms of use or terms and conditions posted on the Website and other agreements, including for billing and collection purposes.
• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of ICE, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the Personal Information you provide to us. Below are some of the mechanisms available to change control over your information automatically provided when visiting the Website:

• Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
• Google Analytics. You can control the information provided to Google and opt out of certain ads provided by Google by using one the of the methods set forth in http://www.google.com/policies/privacy/partners/ or use the Google Analytics opt out browser add-on at http://tools.google.com/dlpage/gaoptout?hl=en.
• Cookies; Web Beacons; Entity Tags; and HTML5 Local Storage; and other similar technologies. Persistent cookies can be removed by following your web browser's directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Site may not function properly if the ability to accept cookies is disabled. Turning off the browser's cookies will prevent web beacons from tracking your specific activity. The web beacon may still record an anonymous visit from your IP address, but unique information will not be recorded. If you do not want to receive tracking pixels, you will need to disable HTML images in your email client, and that may affect your ability to view images in other emails that you receive. Each browser is different, but many common browsers (Internet Explorer, Chrome, Firefox, and Safari) have preferences or options that may be adjusted to allow you to either accept or reject cookies and certain other technologies before they are set or installed or allow you to remove or reject the use or installation of certain technologies altogether. To find out how to see what cookies have been set and how to reject and delete the cookies, please visit: http://www.aboutcookies.org.
• Opting out of sharing location information. You may be able to adjust the settings of your device so that information about your physical location is not sent to us or third parties by (a) disabling location services within the device settings; or (b) denying certain websites or mobile applications permission to access location information by changing the relevant preferences and permissions in your mobile device or browser settings. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. See your device settings for more information.

We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Digital Advertising Alliance or the Network Advertising Initiative ("NAI") on the NAI's website or by visiting www.AboutAds.info.

Information Sent Abroad

ICE is a global organization and provides global services. In certain circumstances, sharing data cross-border is essential to the services you receive from Us.

I. Special Requirements under EU Data Protection Laws (GDPR):

In order to complete your booking, complete analysis, or for other legitimate purposes we transfer, process and store information about you outside of the EEA on servers located in the United States by International Cruise & Excursion Gallery, Inc. and its affiliates located at 7720 N. Dobson Rd., Scottsdale, AZ 58256. Therefore, your information may be transferred to, stored, or processed in the United States. We will ensure that in terms of Data Security Standards, our systems in the US will have the same level of data protection that is required of our EU affiliate. If we transfer your Personal Information to agencies or third parties outside the EEA, we require similar, binding EU Standard Contractual Clauses, and we monitor compliance with such. Our affiliated or related entities, associates and partners have also agreed to adopt equivalent measures. Copies of these measures can be obtained by contacting Us as detailed under Contact Information below. You may lodge a complaint with the UK Information Commissioner's Office if you consider that our processing of your Personal Information infringes applicable law.

II. Special Requirements under Mexican Data Protection Laws:

In accordance with the requirements of the Mexican Federal Law on the Protection of Personal Information Held by Private Parties (Ley Federal de Proteccion de Datos Personales en Posesion de los Particulares) (the "Mexican DP Law"), We inform our users and subscribers located in Mexico of Our compliance with the Mexican DP Law. Under Mexican DP Law, We do not need to obtain your consent for the processing of your Personal Information for the purposes that give rise and are necessary for the fulfillment of our relationship (e.g. personal information required in order for you to subscribe to our vacation programs). In case you do not agree with the processing of your Personal Information for such purposes and as described in this policy, please abstain from acquiring or using our services.

Our Website users and subscribers located in Mexico should note that:

• The Personal Information provided by you to Us through email, fax, websites, online services, enrollment or subscription forms and agreements, telephone calls or any other means, is processed by Us for the purposes set forth in section How We Use Your Information; in the understanding that, in order to comply with the Mexican DP Law, below we have set forth those purposes that are not required to fulfill the relationship between us, commonly known as "additional or secondary purposes":
  • To provide you with updates about discounted availability, special offers, new services and products which may be of interest to you and other noteworthy news items.
  • Send advertisements, promotions and brochures.
  • To contact you about our and third parties' goods and services that may be of interest to you.
  • To ask for ratings and reviews of services or products.
    
    Should you not wish that your Personal Information be used for the purposes listed immediately above, please send an email to legalaffairsrequest@iceenterprise.com with subject line "Request for Restriction on the use of My Personal Information for Secondary Purposes / Mexico".
  
  
• That this privacy policy applies to all your Personal Information that We may have access to, including: name, nationality, birthdate and birthplace, age, address, telephone number, cell phone number, email, tax identification number, hand written signature, as well as Personal Information that may be considered sensitive and related to recorded video or photographs, health condition, economic and financial data, including your bank account information and information of your credit or debit cards, as well as other Personal Information listed in the section Information We Collect About You and How We Collect It.
• As described above (see Information We Collect Through Automatic Data Collection Technologies), We also collect information using various technologies, such as cookies and web beacons.
• That your Personal Information will be solely treated in accordance with the terms and conditions of this privacy policy.
• In order for you to: (i) exercise your rights to Access, Rectify, Cancel, and Object to the use of your Personal Information (known as "ARCO Rights"), and (ii) to limit the use and disclosure or to revoke your consent to the use of your Personal Information for the secondary purposes described above, please send an email to legalaffairsrequest@iceenterprise.com with subject line "Exercise of ARCO Rights / Mexico". The request should include, as minimum:
  • Copy of your official ID and/or of your legal representative. Such documents should be scanned and attached to the corresponding email communication. For legal representative, please also attach a copy of his/her power-of-attorney.
  • Clear and precise description of the Personal Information about which the ARCO Rights are to be exercised, as well as the right or rights you wish to exercise. This description could be included in the email cover letter or in a document attached thereto, scanned and initialized in each of its pages.
  • Expressly state your agreement to receive our response through an email communication, specifying the corresponding email address.
  • Any other data that allows US to locate your Personal Information.
    
    We will issue a response within the following 20 business days after we receive your request. Once you receive our response, you will have a 15 business day period to respond to our communication. In case you do not reply to our response within the mentioned period, we will understand in good faith that you agree with our response. We may refuse the exercise of your ARCO Rights in the cases permitted by applicable law, and shall inform you about such decision. The refusal may be partial, in which case We will carry out the access, rectification, cancellation or objection in the corresponding part.
    
    As mentioned below, you can also review and change your Personal Information by logging into the Website and visiting your account profile page.
  
  
• See the section Disclosure of Your Information for information regarding the manner in which we share your Personal Information with third parties and data-processors. Please note that we require your consent to transfer your Personal Information to third parties to market their own products or services to you.
  
  Should you not wish that your Personal Information be transferred to third parties for their own marketing purposes please send an email to legalaffairsrequest@iceenterprise.com with subject line "Request for Restriction on the Transfer of Personal Information to Third Parties for their Own Marketing Purposes / Mexico".


• This privacy policy may be modified as described in the section "Changes to the Privacy Policy" set forth below.

Your Rights to Accessing and Correcting Your Information

You can review and change your Personal Information by logging into the Website and visiting your account profile page. You have the right to ask ICE not to process your Personal Information for marketing purposes. You also have the right to access Personal Information about you by ICE and to correct inaccurate Personal Information. Please ensure that we have an up-to-date active and deliverable email address for you. In accordance with applicable law, you may also have the right to object to or request restriction of the processing of your Personal Information and to request erasure and to port Personal Information about you.

Should you wish to exercise your rights, or to unsubscribe please contact legalaffairsrequest@iceenterprise.com or Attn: Privacy Policy Manager, International Cruise & Excursion Gallery, Inc., 7720 N. Dobson Rd., Scottsdale, AZ 85256 or via our toll-free number: 888-320-4234.

Access to your Personal Information will be granted in accordance with the requirements of applicable national legislation. The information will be forwarded to you within an appropriate period of time in accordance with applicable law, and where any discrepancies are discovered following your enquiry, we will take immediate steps to validate and, where appropriate, correct our records.

Retention of Data

We will retain your Personal Information during the term of the provision of the services availed by You only for so long as reasonably necessary for the purposes set out herein, in accordance with applicable laws.

Children Under the Age of 18

Our Website is not intended for children under 18 years of age. No one under age 18 may provide any Personal Information to Company or on the Website. We do not knowingly collect Personal Information from children under 18. If you are under 18, do not use or provide any information on this Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us as detailed under Contact Information, below.

Data Security and Retention

We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions provided therewith will be encrypted.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our Website. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Your Personal Information will be retained only for so long as reasonably necessary for the purposes set out above, in accordance with applicable laws.

CALIFORNIA RESIDENTS- Your Privacy Rights

Under the California Consumer Privacy Act of 2018 ("CCPA"), California residents have the right to opt-out of the "sale" of your personal data, such disclosure and sharing may be considered a "sale" of your Personal Information and you may have the right under applicable law to opt-out of or object to such sharing. We do not sell or otherwise share your Personal Information for monetary or other valuable consideration.

In addition, if you are a California resident, you may request a copy of your Personal Information; request disclosure of Personal Information sold or disclosed for a business purpose; and request the deletion of your Personal Information. Please be advised that we may keep certain information, including but not limited to your transaction history and complaints you have filed, for an extended period of time and as may be required to fulfill our legal obligations.

To exercise these rights above please contact us at legalaffairsrequest@iceenterprise.com . Please note "CA Opt-out Request" in the subject line of your email. To protect your privacy and security, we will need to ask for information to verify your identity before acting on a request. This information may include, but is not limited to, your name, contact information, and information related to your or relationship with us, but the information requested may vary depending on the nature and circumstances of your request.

If you request information, we will provide digital copies of any Personal Information you request free of charge, unless the information is not subject to the CCPA. If you request that we delete your personal information, we will both render certain Personal Information about you permanently unrecoverable and also deidentify certain personal information.

Please be advised that we do not discriminate against anyone for asserting or exercising their rights under the CCPA.

NEVADA RESIDENTS

Although we do not exchange Nevada residents' Personal Information for money with anyone, Nevada residents have the right to opt-out of the future sale of their information to a third-party so that they may license or sell information by contacting us at legalaffairsrequest@iceenterprise.com .

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page with a pop-up notice that indicates the privacy policy has been updated on the Website home page. The date the privacy policy was last revised is identified at the top of the page. Please visit our Website and this privacy policy periodically to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, or request that we remove or opt-out any information gathered about you, that we actually control, please email or write to us at: legalaffairsrequest@iceenterprise.com or Attn: Privacy Policy Manager, International Cruise & Excursion Gallery, Inc., 7720 N. Dobson Rd., Scottsdale, AZ 85256 or via our toll-free number: 888-320-4234. The Privacy Policy Manager would also act as a designated grievance officer and shall address any discrepancies and grievances that you may have with respect to this Privacy Policy.