MSC Cruises Privacy Information Notice pursuant to Article 13 of Reg. (EU) 2016/679
MSC Cruises Privacy Information Notice pursuant to Article 13 of Reg. (EU) 2016/679

MSC Cruises S.A., headquartered in Avenue Eugène-Pittard 40, Geneva, Switzerland, registered for tax purposes under number 060.667.071 (CHE-112.808.357), acting as data controller, and the companies of our group (as mentioned at section 4.a) of this notice), acting as data processors (collectively, “we” or “us”), are committed to the fair processing of the passengers’ personal data (“your data”). In order to provide you with a great cruise experience, we collect personal data about you on different occasions, such as when you browse the website, when you book a cruise or when you make on-board purchases.

Please read carefully this information notice, which is based on article 13 of the General Data Protection Regulation (Reg. (EU) 2016/679 or simply “GDPR”).
For any doubts regarding the content of this document, please refer to our FAQ document available here or contact our designated Data Protection Officer via email at You can also send requests in writing to MSC Cruises S.A., Avenue Eugène-Pittard 40, Geneva, Switzerland; in that case, please specify “For the Attention of the Data Protection Officer” on the envelope.


  • Right to access personal data and other rights (pursuant to Article 7 of Italian Legislative Decree no. 196/2003)
    The data subject has the right to obtain confirmation as to whether or not personal data concerning him/her exist, regardless of whether they have already been recorded, and to communication of such data in an intelligible form.
    The data subject has the right to be informed of:
    a) The source of the personal data; 
    b) The purposes and methods of the processing; 
    c) The logic applied to the processing, if this has been carried out using electronic means; 
    d) Details of the data controller, data processors and the representative designated under Article 5, paragraph 2; 
    e) The entities or categories of entity to whom/which the personal data may be communicated and who/which may be notified about these data in their capacity as designated representative on the State’s territory, data processors or persons in charge of the processing.
    The data subject has the right to obtain:
    a) Updating, rectification or, if interested, integration of the data, 
    b) Deletion, anonymisation or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they were collected or subsequently processed; 
    c) Certification to the effect that the operations under letters a) and b) have been reported, including as to their content, to the entities to whom/which the data were communicated or disseminated, unless this requirement proves impossible to comply with or involves a clearly disproportionate effort compared with the right to be protected. 
    The data subject has the right to object, in whole or in part:
    a) On legitimate grounds, to the processing of personal data concerning him/her, even if they are relevant to the purpose of their collection; 
    b) To the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or for undertaking market or business communication research.