Privacy Policy
Carnival Corporation & PLC
Global Privacy Notice For Staff And Crew
Global Job Applicant Privacy Notice
Last Updated: April 15th, 2025
Carnival Corporation (“Carnival”,” “we,” “our,” or “us”) is a division of Carnival Corporation & plc. We recognize that your privacy is important. Your choice to share information with us is an important part of how we provide a world-class travel experience. We’ve developed this Privacy Notice to explain how we
collect, use, disclose, and otherwise process personal data about our recruits and job applicants. The Carnival Corporation entity to whom you submit your application is the controller of your personal data.
This Job Applicant Notice is not a contract and does not create any legal rights or obligations not otherwise provided by law. This Job Applicant Notice also is not intended to replace other notices or disclosures we may provide to you in connection with an application for a job or eventual role in our organization, which will supersede any conflicting disclosures contained in this Job Applicant Notice.
What is Personal Data?
When we use the term “personal data” in this Job Applicant Notice, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual within the context of the individual acting as a recruit or job applicant of Carnival Corporation. It does not include aggregated or deidentified information that is maintained in a form that cannot reasonably be used to infer information about, or otherwise be linked to, a particular individual.
Where we maintain deidentified data, we will maintain and use the data in deidentified form and not attempt to reidentify the data except as required or permitted by law.
Our Collection and Use of Personal Data
Collection of Personal Data
During the recruiting process and when an individual applies for a job with us, we collect the following professional or employment-related personal data:
Contact Information: such as full name, email address, home address and telephone number.
Professional History & Qualifications: such as previous employers, positions and work experience, professional licenses, certificates or other qualifications, employment references or referrals, authorization to work in the U.S. (including citizenship or immigration status), and information relating to potential conflicts with the role the individual is applying or being considered for.
Educational History & Qualifications: such as highest level of education, the schools the individual attended and when they were in attendance, degrees, certificates, or other educational qualifications the individual earned, and the individual’s transcripts or educational references.
Compensation Information: such as desired salary, bonus, benefits, expenses, and stock or equity grants, as permitted by law.
Equal Opportunity Information: such as age, race, ethnicity, national origin, citizenship, sex, gender identity, sexual orientation, religion, disability, or accommodation request, or marital or veteran status when an individual chooses to provide it. Please note that this information will not be used in hiring decisions unless permitted by law.
Web-Related Information: such as technical details about the individual’s visit to our online services contained in log files or analytics data relating to their usage and activity on our online services. For more information, please refer to the general Privacy Notice on our website. The Privacy Notice governs our use of information collected from our website visitors. If there is any conflict between our website Privacy Notice and this Job Applicant Privacy Notice, this Job
Applicant Privacy Notice will govern with respect to our use of personal data in connection with recruiting and job applications.
Other Application and Interview Information: any personal data the individual chooses to share with us in their interview or application, CV, resume, transcripts, job search status, or other supporting documentation.
Employment Eligibility Information: where required by law, citizenship status or work permit or work visa status to comply with immigration and employment regulations.
Inferences: we may generate inferences or predictions about recruits and job applicants, and their abilities, interests, or preferences based on the other personal data we collect and the interactions we have with them.
Depending on the nature of your role, and to the extent permitted by law, such pre-employment screening information may include:
Employment history and professional qualification verification. We may contact your professional and academic referees to confirm the employment, professional and academic information that you have provided to us. You should ensure that you have any referees’ consent to disclose information about you to us when you submit your application.
Directorship searches, such as current and former directorships and any disqualifications from acting as a director.
Adverse online and media searches, conducted using adverse key words relating to crime, terror, fraud or other illicit activities.
Basic criminal records checks.
Although we often collect the personal data described above directly from the individual, we may also collect certain information from references, recruiters, job-related social media sites (such as LinkedIn), and publicly available sources (such as government records and online and media sources, including social
media sites). In addition, we may also collect this information through service providers and other third parties that collect it on our behalf, such as communications providers, background check providers, scheduling providers and application providers.
Failure to provide all or any part of the personal data may make it impossible to continue the recruitment process or for us to consider your application.
Sensitive Information
The following personal data elements we collect may be classified as “sensitive” under certain privacy laws ("sensitive information"):
Government identification, such as Social Security Number/Social Insurance Number, driver’s license number, state or other government identification card number, and passport number;
Racial or ethnic origin;
Criminal record;
Citizenship or immigration status; and
To the extent you provide this information to us, information relating to racial and ethnic origin, religious beliefs, health, disabilities, sexual orientation, and gender identity. We do not sell sensitive information about individuals acting in their capacity as job applicants, and we do not share or otherwise disclose sensitive information about individuals acting in their capacity as job
applicants for the purpose of targeted advertising, nor use such information for the purpose of inferring characteristics about our job applicants.
Use of Personal Data
We use the personal data we collect during the recruiting process and when an individual applies for a job with us to:
Identify the individual as a potential candidate and review their application for a position with us;
Verify the information provided to us in connection with their application or received from other sources;
Determine their eligibility and suitability for the potential position or other opportunities with us;
Facilitate the recruiting and interview process;
Communicate with the individual about the status of their application or other opportunities with us
that may be of interest to them;
Assess and improve the performance and success of our recruiting and hiring process;
Conduct internal investigations, audits, compliance, risk management, problem resolution and
security operations;
Fulfill contractual obligations to recruits, applicants and other third parties; or
Comply with applicable law, rules, regulations, legal proceedings, and government investigations, including relating to tax reporting and immigration.
Please note that if an individual accepts an offer from us, we may transfer the personal data we collected about them during the recruiting and job application process to their personnel file with us.
Disclosure of Personal Data
We may share the categories of personal data outlined above with the following third parties for the purposes described below:
Within Carnival Corporation: We share personal data relating to job applicants within the Carnival Corporate and Carnival family of companies for internal administrative purposes and uses that are consistent with this Job Applicant Notice. For example, the Carnival entity responsible for the job posting may share personal data about an applicant with another Carnival entity that is responsible
for our organization-wide recruiting and employment decisions.
Recruiters and Job Application Providers: We often engage recruiters and job application providers to assist us in identifying potential job applicants and processing job applications we receive. For these third parties to assist us in the recruiting and job application process, we share personal data about potential and current personnel with them.
Other Service Providers: In addition to the third parties identified above, we engage other third parties to perform certain functions on our behalf in connection with the uses of personal data described in the Our Collection and Use of Personal Data section above, including assisting us with our recruiting process, personnel management, benefits and services offerings and other
related business operations. Depending on the function the third party serves, the service provider may process personal data on our behalf or have access to personal data while performing functions on our behalf.
Business Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose personal data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal data may also be disclosed in the
event of insolvency, bankruptcy, or receivership.
Legal Obligations and Rights: We may disclose personal data to third parties, such as legal advisors and law enforcement:
Last Updated: April 15th, 2025
Carnival Corporation (“Carnival”,” “we,” “our,” or “us”) is a division of Carnival Corporation & plc. We recognize that your privacy is important. Your choice to share information with us is an important part of how we provide a world-class travel experience. We’ve developed this Privacy Notice to explain how we
collect, use, disclose, and otherwise process personal data about our recruits and job applicants. The Carnival Corporation entity to whom you submit your application is the controller of your personal data.
This Job Applicant Notice is not a contract and does not create any legal rights or obligations not otherwise provided by law. This Job Applicant Notice also is not intended to replace other notices or disclosures we may provide to you in connection with an application for a job or eventual role in our organization, which will supersede any conflicting disclosures contained in this Job Applicant Notice.
What is Personal Data?
When we use the term “personal data” in this Job Applicant Notice, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual within the context of the individual acting as a recruit or job applicant of Carnival Corporation. It does not include aggregated or deidentified information that is maintained in a form that cannot reasonably be used to infer information about, or otherwise be linked to, a particular individual.
Where we maintain deidentified data, we will maintain and use the data in deidentified form and not attempt to reidentify the data except as required or permitted by law.
Our Collection and Use of Personal Data
Collection of Personal Data
During the recruiting process and when an individual applies for a job with us, we collect the following professional or employment-related personal data:
Contact Information: such as full name, email address, home address and telephone number.
Professional History & Qualifications: such as previous employers, positions and work experience, professional licenses, certificates or other qualifications, employment references or referrals, authorization to work in the U.S. (including citizenship or immigration status), and information relating to potential conflicts with the role the individual is applying or being considered for.
Educational History & Qualifications: such as highest level of education, the schools the individual attended and when they were in attendance, degrees, certificates, or other educational qualifications the individual earned, and the individual’s transcripts or educational references.
Compensation Information: such as desired salary, bonus, benefits, expenses, and stock or equity grants, as permitted by law.
Equal Opportunity Information: such as age, race, ethnicity, national origin, citizenship, sex, gender identity, sexual orientation, religion, disability, or accommodation request, or marital or veteran status when an individual chooses to provide it. Please note that this information will not be used in hiring decisions unless permitted by law.
Web-Related Information: such as technical details about the individual’s visit to our online services contained in log files or analytics data relating to their usage and activity on our online services. For more information, please refer to the general Privacy Notice on our website. The Privacy Notice governs our use of information collected from our website visitors. If there is any conflict between our website Privacy Notice and this Job Applicant Privacy Notice, this Job
Applicant Privacy Notice will govern with respect to our use of personal data in connection with recruiting and job applications.
Other Application and Interview Information: any personal data the individual chooses to share with us in their interview or application, CV, resume, transcripts, job search status, or other supporting documentation.
Employment Eligibility Information: where required by law, citizenship status or work permit or work visa status to comply with immigration and employment regulations.
Inferences: we may generate inferences or predictions about recruits and job applicants, and their abilities, interests, or preferences based on the other personal data we collect and the interactions we have with them.
Depending on the nature of your role, and to the extent permitted by law, such pre-employment screening information may include:
Employment history and professional qualification verification. We may contact your professional and academic referees to confirm the employment, professional and academic information that you have provided to us. You should ensure that you have any referees’ consent to disclose information about you to us when you submit your application.
Directorship searches, such as current and former directorships and any disqualifications from acting as a director.
Adverse online and media searches, conducted using adverse key words relating to crime, terror, fraud or other illicit activities.
Basic criminal records checks.
Although we often collect the personal data described above directly from the individual, we may also collect certain information from references, recruiters, job-related social media sites (such as LinkedIn), and publicly available sources (such as government records and online and media sources, including social
media sites). In addition, we may also collect this information through service providers and other third parties that collect it on our behalf, such as communications providers, background check providers, scheduling providers and application providers.
Failure to provide all or any part of the personal data may make it impossible to continue the recruitment process or for us to consider your application.
Sensitive Information
The following personal data elements we collect may be classified as “sensitive” under certain privacy laws ("sensitive information"):
Government identification, such as Social Security Number/Social Insurance Number, driver’s license number, state or other government identification card number, and passport number;
Racial or ethnic origin;
Criminal record;
Citizenship or immigration status; and
To the extent you provide this information to us, information relating to racial and ethnic origin, religious beliefs, health, disabilities, sexual orientation, and gender identity. We do not sell sensitive information about individuals acting in their capacity as job applicants, and we do not share or otherwise disclose sensitive information about individuals acting in their capacity as job
applicants for the purpose of targeted advertising, nor use such information for the purpose of inferring characteristics about our job applicants.
Use of Personal Data
We use the personal data we collect during the recruiting process and when an individual applies for a job with us to:
Identify the individual as a potential candidate and review their application for a position with us;
Verify the information provided to us in connection with their application or received from other sources;
Determine their eligibility and suitability for the potential position or other opportunities with us;
Facilitate the recruiting and interview process;
Communicate with the individual about the status of their application or other opportunities with us
that may be of interest to them;
Assess and improve the performance and success of our recruiting and hiring process;
Conduct internal investigations, audits, compliance, risk management, problem resolution and
security operations;
Fulfill contractual obligations to recruits, applicants and other third parties; or
Comply with applicable law, rules, regulations, legal proceedings, and government investigations, including relating to tax reporting and immigration.
Please note that if an individual accepts an offer from us, we may transfer the personal data we collected about them during the recruiting and job application process to their personnel file with us.
Disclosure of Personal Data
We may share the categories of personal data outlined above with the following third parties for the purposes described below:
Within Carnival Corporation: We share personal data relating to job applicants within the Carnival Corporate and Carnival family of companies for internal administrative purposes and uses that are consistent with this Job Applicant Notice. For example, the Carnival entity responsible for the job posting may share personal data about an applicant with another Carnival entity that is responsible
for our organization-wide recruiting and employment decisions.
Recruiters and Job Application Providers: We often engage recruiters and job application providers to assist us in identifying potential job applicants and processing job applications we receive. For these third parties to assist us in the recruiting and job application process, we share personal data about potential and current personnel with them.
Other Service Providers: In addition to the third parties identified above, we engage other third parties to perform certain functions on our behalf in connection with the uses of personal data described in the Our Collection and Use of Personal Data section above, including assisting us with our recruiting process, personnel management, benefits and services offerings and other
related business operations. Depending on the function the third party serves, the service provider may process personal data on our behalf or have access to personal data while performing functions on our behalf.
Business Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose personal data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal data may also be disclosed in the
event of insolvency, bankruptcy, or receivership.
Legal Obligations and Rights: We may disclose personal data to third parties, such as legal advisors and law enforcement:
- in connection with the establishment, exercise, or defense of legal claims;
- to comply with laws and regulations or to respond to lawful requests and legal process;
- to protect our rights and property and the rights and property of our agents, customers, and others, including to enforce our agreements, policies, and terms of use;
- to detect, suppress, or prevent fraud;
- to reduce credit risk and collect debts owed to us;
- to protect the health and safety of us, our customers, or any person; or
- as otherwise required by applicable law.
Otherwise with Consent or Direction: We may disclose personal data about our recruits and job applicants to certain other third parties with their consent or direction.
Retention of Personal Data
We retain personal data only for as long as is reasonably necessary to fulfil the purpose for which it was collected or until the applicant withdraws consent. However, if necessary, we may retain personal data for longer periods of time, until set retention periods and deadlines expire, for instance where we are required to do so in accordance with legal, tax, and accounting requirements
set by a legislature, regulator, or other government authority.
To determine the appropriate duration of the retention of personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of personal data, whether we can attain our objectives by other means, and our legal, regulatory, tax, accounting, and other applicable obligations.
Once retention of the personal data is no longer necessary for the purposes outlined above, we will either delete or deidentify the personal data, or, if this is not possible (for example, because personal data has been stored in backup archives), then we will not further process the personal data until deletion or deidentification is possible.
Your Privacy Choices
In accordance with the applicable jurisdictional laws, you may have the following rights over our processing of your personal data. We may not be able to modify or delete your information in all circumstances. Not all of these rights may apply to you.
RIGHT TO KNOW whether we are processing any personal data about you and certain
personalized details about the personal data we have about you.
RIGHT TO ACCESS to the personal data we have collected about you and obtain a copy.
RIGHT TO CORRECT inaccuracies in your personal data.
RIGHT TO REQUEST DELETION of personal data we have collected from you. However, if we are obligated by law to retain your personal data for a longer period of time, or it is technically unfeasible to erase your personal data, we will retain your personal data with necessary security protection measures and will not otherwise process your personal data.
RIGHT TO RESTRICTION of the processing undertaken by us on your personal data in certain circumstances, such as where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of that personal data.
RIGHT TO OBJECT. YOU HAVE THE RIGHT TO OBJECT TO ANY PROCESSING
JUSTIFIED BY LEGITIMATE INTERESTS BASED ON GROUNDS RELATING TO YOUR
PARTICULAR SITUATION AT ANY TIME. SHOULD YOU DECIDE TO OBJECT TO THE
PROCESSING OF YOUR PERSONAL DATA, WE WILL STOP PROCESSING PERSONAL DATA CONCERNING YOU, UNLESS WE CAN DEMONSTRATE COMPELLING REASONS FOR CONTINUING TO PROCESS YOUR PERSONAL DATA THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR IN THE CASE THAT WE ESTABLISH, EXERCISE, OR DEFEND OUR LEGAL CLAIMS. YOU CAN OBJECT TO DIRECT MARKETING ACTIVITIES AT ANY TIME FOR ANY REASON WHATSOEVER.
RIGHT TO DATA PORTABILITY and to obtain a copy of your personal data in a structured, commonly used and machine-readable format.
RIGHT TO WITHDRAW CONSENT. The withdrawal of your consent does not affect the lawfulness of our use of your personal data before your withdrawal. If you want to withdraw your consent with regard to receiving promotional communications, you can unsubscribe through the method described in each promotional message.
You may also have the right to be free of retaliatory or discriminatory treatment for exercising these rights. However, please note that if the exercise of these rights limits our ability to process personal data (such as in the case of a deletion request), we may no longer be able to provide you our Services or
engage with you.
We will need to verify your identity before processing your request, which may require us to request additional personal data from you or require you to log into your account, or the matching of sufficient information you provide us to the information we maintain about you in our systems. As a result, we require
requests to include name, address, email address, telephone number and information about the job applications, include what roles you applied to and the data you applied. We may at times need to request additional personal data from you, taking into consideration our relationship with you and the sensitivity of
your request.
In certain circumstances, we may decline a request to exercise the requests described above, particularly where we are unable to verify your identity. If we are unable to comply with all or a portion of your request, we will explain the reasons for declining to comply with the request.
Please note that we can only process privacy rights requests for personal information processed by Carnival Corporation. If you have interacted with another brand in our family of companies or any other third party, you will have to contact that brand or third party to exercise your privacy rights.
To access, modify or delete your personal data, please contact privacy@carnival.com with sufficient information to identify you and your request.
California-Specific Disclosures
The following disclosures and rights only apply to residents of the State of California.
No Sales, Sharing or Targeted Advertising applicants, and we do not share or otherwise disclose personal data about individuals acting in their capacity as job applicants to third parties for the purpose of displaying advertisements that are selected based on personal data obtained or inferred over time from an individual’s activities across businesses or distinctly-branded websites, applications, or other services (otherwise known as “targeted advertising” or
“cross-context behavioral advertising”).
Submitting Privacy Rights Requests
Authorized Agents. In certain circumstances, you are permitted to use an authorized agent to submit requests on your behalf through the designated methods set forth above where we can verify the authorized agent’s authority to act on your behalf. In order to verify the authorized agent’s authority, we generally require evidence of either (i) a valid power of attorney or (ii) a signed letter containing your name and contact information, the name and contact information of the authorized agent, and a statement of authorization for the request. Depending on the evidence provided, we may still need to separately reach out to you to confirm the authorized agent has permission to act on your behalf and to verify your identity in connection with the request.
Europe-Specific Disclosures
The following information may apply to you if you are located in the EEA, the UK or Switzerland.
Legal Basis
Our processing of your personal data as described in the Section “Our Collection and Use of Personal "Data” is based on the following legal grounds:
Perform or enter into a contract or quasi contractual relationship with you: We rely on this legal basis in particular in the following cases:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to confirm your identity;
(iii) to communicate with you to provide technical or administrative support;
(iv) to share information among our affiliates; or
(v) to calculate proposed salary and assessing eligibility for certain benefits.
Compliance with legal obligations: We may be obliged to process personal data to comply with our legal obligations, for example where we are required to obtain or retain data for employment, tax law or commercial purposes, to determine your eligibility to work, or where we must comply with regulatory requirements regarding public health or gambling.
Legitimate interests: We may base the processing of your personal data on our legitimate interests where (i) neither of the afore listed legal bases apply and (ii) where the processing of your personal data is necessary for our legitimate interests. Such cases may include the following in particular:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to assess potential conflicts of interest which may arise from current and past
directorships or shareholdings;
(iii) to operate, monitor and improve our application process, including when sharing personal data with service providers;
(iv) to protect our rights and the rights of our guests;
(v) to prevent, investigate, and defend against fraud, unlawful or criminal activity,
unauthorized access to or use of personal data and our data system services;
(vi) to communicate with you and reply to your questions or comments submitted to us by any means; and
(vii) to pursue or defend against legal claims.
Where we process your personal data based on our legitimate interests, we will only do so where we have appropriately assessed and balanced our interests against your right to privacy.
Consent: We may need your consent in connection with criminal records checks, which we use to identify and manage our risk exposure in accordance with data security commitments to our customers and employee and customer safety and financial risk, and verify information you have provided in connection with your application.
If we need your consent, you can choose not to give it or take it back at any time. Withdrawing your consent won't affect how we used your information before. If you give us consent, we will only use your information for the reasons you agreed to. If you don't give consent or take it back, we might not be able to further process your application. Other than that, saying no or taking back your consent won't have any negative effects on you International Transfers of your Personal Data.
With respect to international transfers of your personal data from locations in the EEA and the UK to jurisdictions that are not considered to provide an adequate level of data protection under EU law (such as the U.S.), we have implemented appropriate safeguards, such as standard contractual clauses approved
by the European Commission, to secure the transfer of your personal data. In particular, we have implemented an intra-group data transfer agreement which includes the standard contractual clauses, to ensure an adequate level of protection when transferring data within the company group. If you would like
to obtain further information on the transfer of your personal data to countries located outside the EEA and the UK which do not provide for an adequate level of protection, please contact us using the contact details provided above.
European Privacy Rights
You have the right to lodge a complaint to the supervisory authority in your country of residence. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. For the UK, please contact the
Information Commissioner’s Office (ICO) at https://ico.org.uk/.
Canada-Specific Disclosures
The following information may apply to you if you are located in Canada.
Carnival Corporation & plc is a global company. Carnival Corporation & plc, and their respective service providers store and process personal data outside of Canada. The countries to which we transfer personal data may not provide you with the same legal protections you have under federal, provincial and
territorial laws of Canada. However, we have implemented appropriate safeguards, including contractual requirements, to secure the transfer of your personal data.
China-Specific Disclosures
Chinese Privacy Rights
Please also note that after an individual passed away, their next of kin may be able to exercise the individual rights of the deceased in accordance with law.
Personal Data Processor
The primary personal data Processor of your data under this Privacy Notice is the Carnival Corporation entity you have a contractual relationship with. Other personal data Processors that may access and process your personal data for the purposes described in this privacy notice include the entities listed
above.
India-Specific Disclosures
Indian Privacy Rights
Please also note that you have the right to nominate an individual who shall, in the event of your death or incapacity, exercise your rights with respect to our processing your Personal Data.
For further information on how to exercise those rights, or if you have any questions, concerns, complaints or grievances regarding our privacy policies or our processing of Personal Data, you may contact our Data Protection Officer by sending an email to Privacy@Carnival.com. You also have the right to lodge a complaint with the Data Protection Board of India.
Indonesia-Specific Disclosures
This section applies to you if you are a resident of Indonesia, or if your personal data is processed in Indonesia. Notwithstanding anything contained above to the contrary, we may also process personal information about you in accordance with the Indonesian law.
Legal Basis
Our processing of your personal data as described in the Section “Our Collection and Use of Personal Data” is based on the following legal grounds:
Consent: We may need your consent in connection with criminal records checks, which we use to identify and manage our risk exposure in accordance with data security commitments to our customers and employee and customer safety and financial risk, and verify information you have provided in connection with your application.
If we need your consent, you can choose not to give it or take it back at any time. Withdrawing your consent won't affect how we used your information before. If you give us consent, we will only use your information for the reasons you agreed to. If you don't give consent or take it back, we might not be able to further process your application. Other than that, saying no or taking back your consent won't have any negative effects on you.
Perform or enter into a contractual relationship with you: We rely on this legal basis in particular in the following cases:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to confirm your identity;
(iii) to communicate with you to provide technical or administrative support;
(iv) to share information among our affiliates; or
(v) to calculate proposed salary and assessing eligibility for certain benefits.
Compliance with legal obligations: We may be obliged to process personal data to comply with our legal obligations, for example where we are required to obtain or retain data for employment, tax law or commercial purposes, to determine your eligibility to work, or where we must comply with regulatory requirements regarding public health or gambling.
Legitimate interests: We may base the processing of your personal data on our legitimate interests where (i) neither of the afore listed legal bases apply and (ii) where the processing of your personal data is necessary for our legitimate interests. Such cases may include the following in particular:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to assess potential conflicts of interest which may arise from current and past
directorships or shareholdings;
(iii) to operate, monitor and improve our application process, including when sharing personal data with service providers;
(iv) to protect our rights and the rights of our guests;
(v) to prevent, investigate, and defend against fraud, unlawful or criminal activity,
unauthorized access to or use of personal data and our data system services;
(vi) to communicate with you and reply to your questions or comments submitted to us by any means; and
(vii) to pursue or defend against legal claims.
Where we process your personal data based on our legitimate interests, we will only do so where we have appropriately assessed and balanced our interests against your right to privacy.
Sensitive Information
‘Sensitive information’ includes (i) health data and information, (ii) biometric data, (iii) genetic data, (iv) criminal records, (v) children data, (vi) personal financial data, and/or (vii) other data in accordance with the provisions of the laws of the Republic of Indonesia. We may use sensitive information for the
purposes set forth in the Our Collection and Use of Personal Data section of our Privacy Notice where needed to assess your application, fulfill contracts with you, follow legal requirements, to protect life and for safety, and for other internal purposes consistent with the applicable laws and regulations.
Children refer to individuals under the age of 18 and unmarried.
Collection of the Dependent’s Data
You may only provide us with the personal data of your dependents, such as your spouse or children, if you are authorized to disclose such data to us.
Personal Data of Children
Before processing personal data of your children for the purposes stated herein, we will seek consent from you as their parent or legal guardian in accordance with the applicable laws and regulations.
In the event that you provide us with personal data of children for the purposes stated herein, we will process such data in a manner consistent with applicable laws and regulations protecting the privacy of children’s data.
Personal Data of People with Disabilities
Before processing personal data of any person with disabilities, we will seek consent from them or their legal guardian in accordance with the applicable laws and regulations.
Data Subject Rights
Data Subject Rights: In addition to the rights aforementioned in “Available Privacy Rights” section, you also have the right to obtain information, terminate processing and to lodge a complaint and compensation.
Transfers
We may transfer your personal data to countries located outside Indonesia. In transferring personal information out of your country of residence, we will:
a. ensure that the country where the transferee is domiciled has a level of personal data protection that is equivalent to or higher than that stipulated in Law of the Republic of Indonesia No. 27 of 2022 on Personal Data Protection (as may be amended from time to time) and its implementing regulations;
b. in the event that letter a above is not fulfilled, we will ensure that there is adequate and binding personal data protection; or
c. in the event that letter a and b above are not fulfilled, we will ask for your consent.
Language
This Job Applicant Notice is entered into in English language and Indonesian language versions. Both versions of this Job Applicant Notice are equally authentic and shall be treated as integral and inseparable parts that constitute the Job Applicant Notice. To the extent permitted under the applicable laws and regulations, the English version shall prevail in the event of any ambiguity, discrepancies or inconsistency between the English language and Indonesian language versions.
New Zealand-Specific Disclosures
This section applies to you if any of our New Zealand entities or entities that are subject to the Privacy Act 2020 (New Zealand) (the “NZPA”) collect, hold or use or disclose all or any part of your personal information.
Your Privacy Rights
You have the right to request access to, or correction of, your personal information. If you wish to request access to, or correction of, your personal information, please contact us by sending an email to Privacy@Carnival.com.
Foreign Disclosures
We may from time to time disclose or transfer your personal information to persons located in countries outside of New Zealand. By providing your personal information to us, you consent to the transfer and/or disclosure of your personal information to persons located in countries other than New Zealand and the use, processing, storage and disclosure of your personal information by such persons and in such countries and acknowledge that such persons may not be required to protect your personal information in a way that, overall, provides comparable safeguards to those in the NZPA.
Updates to This Job Applicant Notice
We will update this Job Applicant Notice from time to time. When we make changes to this Job Applicant Notice, we will change the "Last Updated" date at the beginning of this Job Applicant Notice. If we make material changes to this Job Applicant Notice, we will notify you by email, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided in the notification.
Contact Us
If you have any questions or requests in connection with this Job Applicant Notice or other privacy-related matters, please contact Privacy@Carnival.com
Retention of Personal Data
We retain personal data only for as long as is reasonably necessary to fulfil the purpose for which it was collected or until the applicant withdraws consent. However, if necessary, we may retain personal data for longer periods of time, until set retention periods and deadlines expire, for instance where we are required to do so in accordance with legal, tax, and accounting requirements
set by a legislature, regulator, or other government authority.
To determine the appropriate duration of the retention of personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of personal data, whether we can attain our objectives by other means, and our legal, regulatory, tax, accounting, and other applicable obligations.
Once retention of the personal data is no longer necessary for the purposes outlined above, we will either delete or deidentify the personal data, or, if this is not possible (for example, because personal data has been stored in backup archives), then we will not further process the personal data until deletion or deidentification is possible.
Your Privacy Choices
In accordance with the applicable jurisdictional laws, you may have the following rights over our processing of your personal data. We may not be able to modify or delete your information in all circumstances. Not all of these rights may apply to you.
RIGHT TO KNOW whether we are processing any personal data about you and certain
personalized details about the personal data we have about you.
RIGHT TO ACCESS to the personal data we have collected about you and obtain a copy.
RIGHT TO CORRECT inaccuracies in your personal data.
RIGHT TO REQUEST DELETION of personal data we have collected from you. However, if we are obligated by law to retain your personal data for a longer period of time, or it is technically unfeasible to erase your personal data, we will retain your personal data with necessary security protection measures and will not otherwise process your personal data.
RIGHT TO RESTRICTION of the processing undertaken by us on your personal data in certain circumstances, such as where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of that personal data.
RIGHT TO OBJECT. YOU HAVE THE RIGHT TO OBJECT TO ANY PROCESSING
JUSTIFIED BY LEGITIMATE INTERESTS BASED ON GROUNDS RELATING TO YOUR
PARTICULAR SITUATION AT ANY TIME. SHOULD YOU DECIDE TO OBJECT TO THE
PROCESSING OF YOUR PERSONAL DATA, WE WILL STOP PROCESSING PERSONAL DATA CONCERNING YOU, UNLESS WE CAN DEMONSTRATE COMPELLING REASONS FOR CONTINUING TO PROCESS YOUR PERSONAL DATA THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR IN THE CASE THAT WE ESTABLISH, EXERCISE, OR DEFEND OUR LEGAL CLAIMS. YOU CAN OBJECT TO DIRECT MARKETING ACTIVITIES AT ANY TIME FOR ANY REASON WHATSOEVER.
RIGHT TO DATA PORTABILITY and to obtain a copy of your personal data in a structured, commonly used and machine-readable format.
RIGHT TO WITHDRAW CONSENT. The withdrawal of your consent does not affect the lawfulness of our use of your personal data before your withdrawal. If you want to withdraw your consent with regard to receiving promotional communications, you can unsubscribe through the method described in each promotional message.
You may also have the right to be free of retaliatory or discriminatory treatment for exercising these rights. However, please note that if the exercise of these rights limits our ability to process personal data (such as in the case of a deletion request), we may no longer be able to provide you our Services or
engage with you.
We will need to verify your identity before processing your request, which may require us to request additional personal data from you or require you to log into your account, or the matching of sufficient information you provide us to the information we maintain about you in our systems. As a result, we require
requests to include name, address, email address, telephone number and information about the job applications, include what roles you applied to and the data you applied. We may at times need to request additional personal data from you, taking into consideration our relationship with you and the sensitivity of
your request.
In certain circumstances, we may decline a request to exercise the requests described above, particularly where we are unable to verify your identity. If we are unable to comply with all or a portion of your request, we will explain the reasons for declining to comply with the request.
Please note that we can only process privacy rights requests for personal information processed by Carnival Corporation. If you have interacted with another brand in our family of companies or any other third party, you will have to contact that brand or third party to exercise your privacy rights.
To access, modify or delete your personal data, please contact privacy@carnival.com with sufficient information to identify you and your request.
California-Specific Disclosures
The following disclosures and rights only apply to residents of the State of California.
No Sales, Sharing or Targeted Advertising applicants, and we do not share or otherwise disclose personal data about individuals acting in their capacity as job applicants to third parties for the purpose of displaying advertisements that are selected based on personal data obtained or inferred over time from an individual’s activities across businesses or distinctly-branded websites, applications, or other services (otherwise known as “targeted advertising” or
“cross-context behavioral advertising”).
Submitting Privacy Rights Requests
Authorized Agents. In certain circumstances, you are permitted to use an authorized agent to submit requests on your behalf through the designated methods set forth above where we can verify the authorized agent’s authority to act on your behalf. In order to verify the authorized agent’s authority, we generally require evidence of either (i) a valid power of attorney or (ii) a signed letter containing your name and contact information, the name and contact information of the authorized agent, and a statement of authorization for the request. Depending on the evidence provided, we may still need to separately reach out to you to confirm the authorized agent has permission to act on your behalf and to verify your identity in connection with the request.
Europe-Specific Disclosures
The following information may apply to you if you are located in the EEA, the UK or Switzerland.
Legal Basis
Our processing of your personal data as described in the Section “Our Collection and Use of Personal "Data” is based on the following legal grounds:
Perform or enter into a contract or quasi contractual relationship with you: We rely on this legal basis in particular in the following cases:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to confirm your identity;
(iii) to communicate with you to provide technical or administrative support;
(iv) to share information among our affiliates; or
(v) to calculate proposed salary and assessing eligibility for certain benefits.
Compliance with legal obligations: We may be obliged to process personal data to comply with our legal obligations, for example where we are required to obtain or retain data for employment, tax law or commercial purposes, to determine your eligibility to work, or where we must comply with regulatory requirements regarding public health or gambling.
Legitimate interests: We may base the processing of your personal data on our legitimate interests where (i) neither of the afore listed legal bases apply and (ii) where the processing of your personal data is necessary for our legitimate interests. Such cases may include the following in particular:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to assess potential conflicts of interest which may arise from current and past
directorships or shareholdings;
(iii) to operate, monitor and improve our application process, including when sharing personal data with service providers;
(iv) to protect our rights and the rights of our guests;
(v) to prevent, investigate, and defend against fraud, unlawful or criminal activity,
unauthorized access to or use of personal data and our data system services;
(vi) to communicate with you and reply to your questions or comments submitted to us by any means; and
(vii) to pursue or defend against legal claims.
Where we process your personal data based on our legitimate interests, we will only do so where we have appropriately assessed and balanced our interests against your right to privacy.
Consent: We may need your consent in connection with criminal records checks, which we use to identify and manage our risk exposure in accordance with data security commitments to our customers and employee and customer safety and financial risk, and verify information you have provided in connection with your application.
If we need your consent, you can choose not to give it or take it back at any time. Withdrawing your consent won't affect how we used your information before. If you give us consent, we will only use your information for the reasons you agreed to. If you don't give consent or take it back, we might not be able to further process your application. Other than that, saying no or taking back your consent won't have any negative effects on you International Transfers of your Personal Data.
With respect to international transfers of your personal data from locations in the EEA and the UK to jurisdictions that are not considered to provide an adequate level of data protection under EU law (such as the U.S.), we have implemented appropriate safeguards, such as standard contractual clauses approved
by the European Commission, to secure the transfer of your personal data. In particular, we have implemented an intra-group data transfer agreement which includes the standard contractual clauses, to ensure an adequate level of protection when transferring data within the company group. If you would like
to obtain further information on the transfer of your personal data to countries located outside the EEA and the UK which do not provide for an adequate level of protection, please contact us using the contact details provided above.
European Privacy Rights
You have the right to lodge a complaint to the supervisory authority in your country of residence. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. For the UK, please contact the
Information Commissioner’s Office (ICO) at https://ico.org.uk/.
Canada-Specific Disclosures
The following information may apply to you if you are located in Canada.
Carnival Corporation & plc is a global company. Carnival Corporation & plc, and their respective service providers store and process personal data outside of Canada. The countries to which we transfer personal data may not provide you with the same legal protections you have under federal, provincial and
territorial laws of Canada. However, we have implemented appropriate safeguards, including contractual requirements, to secure the transfer of your personal data.
China-Specific Disclosures
Chinese Privacy Rights
Please also note that after an individual passed away, their next of kin may be able to exercise the individual rights of the deceased in accordance with law.
Personal Data Processor
The primary personal data Processor of your data under this Privacy Notice is the Carnival Corporation entity you have a contractual relationship with. Other personal data Processors that may access and process your personal data for the purposes described in this privacy notice include the entities listed
above.
India-Specific Disclosures
Indian Privacy Rights
Please also note that you have the right to nominate an individual who shall, in the event of your death or incapacity, exercise your rights with respect to our processing your Personal Data.
For further information on how to exercise those rights, or if you have any questions, concerns, complaints or grievances regarding our privacy policies or our processing of Personal Data, you may contact our Data Protection Officer by sending an email to Privacy@Carnival.com. You also have the right to lodge a complaint with the Data Protection Board of India.
Indonesia-Specific Disclosures
This section applies to you if you are a resident of Indonesia, or if your personal data is processed in Indonesia. Notwithstanding anything contained above to the contrary, we may also process personal information about you in accordance with the Indonesian law.
Legal Basis
Our processing of your personal data as described in the Section “Our Collection and Use of Personal Data” is based on the following legal grounds:
Consent: We may need your consent in connection with criminal records checks, which we use to identify and manage our risk exposure in accordance with data security commitments to our customers and employee and customer safety and financial risk, and verify information you have provided in connection with your application.
If we need your consent, you can choose not to give it or take it back at any time. Withdrawing your consent won't affect how we used your information before. If you give us consent, we will only use your information for the reasons you agreed to. If you don't give consent or take it back, we might not be able to further process your application. Other than that, saying no or taking back your consent won't have any negative effects on you.
Perform or enter into a contractual relationship with you: We rely on this legal basis in particular in the following cases:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to confirm your identity;
(iii) to communicate with you to provide technical or administrative support;
(iv) to share information among our affiliates; or
(v) to calculate proposed salary and assessing eligibility for certain benefits.
Compliance with legal obligations: We may be obliged to process personal data to comply with our legal obligations, for example where we are required to obtain or retain data for employment, tax law or commercial purposes, to determine your eligibility to work, or where we must comply with regulatory requirements regarding public health or gambling.
Legitimate interests: We may base the processing of your personal data on our legitimate interests where (i) neither of the afore listed legal bases apply and (ii) where the processing of your personal data is necessary for our legitimate interests. Such cases may include the following in particular:
(i) to open and maintain applicant record, and process and assess your application, including assessing your suitability for a role;
(ii) to assess potential conflicts of interest which may arise from current and past
directorships or shareholdings;
(iii) to operate, monitor and improve our application process, including when sharing personal data with service providers;
(iv) to protect our rights and the rights of our guests;
(v) to prevent, investigate, and defend against fraud, unlawful or criminal activity,
unauthorized access to or use of personal data and our data system services;
(vi) to communicate with you and reply to your questions or comments submitted to us by any means; and
(vii) to pursue or defend against legal claims.
Where we process your personal data based on our legitimate interests, we will only do so where we have appropriately assessed and balanced our interests against your right to privacy.
Sensitive Information
‘Sensitive information’ includes (i) health data and information, (ii) biometric data, (iii) genetic data, (iv) criminal records, (v) children data, (vi) personal financial data, and/or (vii) other data in accordance with the provisions of the laws of the Republic of Indonesia. We may use sensitive information for the
purposes set forth in the Our Collection and Use of Personal Data section of our Privacy Notice where needed to assess your application, fulfill contracts with you, follow legal requirements, to protect life and for safety, and for other internal purposes consistent with the applicable laws and regulations.
Children refer to individuals under the age of 18 and unmarried.
Collection of the Dependent’s Data
You may only provide us with the personal data of your dependents, such as your spouse or children, if you are authorized to disclose such data to us.
Personal Data of Children
Before processing personal data of your children for the purposes stated herein, we will seek consent from you as their parent or legal guardian in accordance with the applicable laws and regulations.
In the event that you provide us with personal data of children for the purposes stated herein, we will process such data in a manner consistent with applicable laws and regulations protecting the privacy of children’s data.
Personal Data of People with Disabilities
Before processing personal data of any person with disabilities, we will seek consent from them or their legal guardian in accordance with the applicable laws and regulations.
Data Subject Rights
Data Subject Rights: In addition to the rights aforementioned in “Available Privacy Rights” section, you also have the right to obtain information, terminate processing and to lodge a complaint and compensation.
Transfers
We may transfer your personal data to countries located outside Indonesia. In transferring personal information out of your country of residence, we will:
a. ensure that the country where the transferee is domiciled has a level of personal data protection that is equivalent to or higher than that stipulated in Law of the Republic of Indonesia No. 27 of 2022 on Personal Data Protection (as may be amended from time to time) and its implementing regulations;
b. in the event that letter a above is not fulfilled, we will ensure that there is adequate and binding personal data protection; or
c. in the event that letter a and b above are not fulfilled, we will ask for your consent.
Language
This Job Applicant Notice is entered into in English language and Indonesian language versions. Both versions of this Job Applicant Notice are equally authentic and shall be treated as integral and inseparable parts that constitute the Job Applicant Notice. To the extent permitted under the applicable laws and regulations, the English version shall prevail in the event of any ambiguity, discrepancies or inconsistency between the English language and Indonesian language versions.
New Zealand-Specific Disclosures
This section applies to you if any of our New Zealand entities or entities that are subject to the Privacy Act 2020 (New Zealand) (the “NZPA”) collect, hold or use or disclose all or any part of your personal information.
Your Privacy Rights
You have the right to request access to, or correction of, your personal information. If you wish to request access to, or correction of, your personal information, please contact us by sending an email to Privacy@Carnival.com.
Foreign Disclosures
We may from time to time disclose or transfer your personal information to persons located in countries outside of New Zealand. By providing your personal information to us, you consent to the transfer and/or disclosure of your personal information to persons located in countries other than New Zealand and the use, processing, storage and disclosure of your personal information by such persons and in such countries and acknowledge that such persons may not be required to protect your personal information in a way that, overall, provides comparable safeguards to those in the NZPA.
Updates to This Job Applicant Notice
We will update this Job Applicant Notice from time to time. When we make changes to this Job Applicant Notice, we will change the "Last Updated" date at the beginning of this Job Applicant Notice. If we make material changes to this Job Applicant Notice, we will notify you by email, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided in the notification.
Contact Us
If you have any questions or requests in connection with this Job Applicant Notice or other privacy-related matters, please contact Privacy@Carnival.com