Privacy Policy and Notice at Collection
Last Update on March 26, 2026
1. INTRODUCTION AND PURPOSE
This Privacy Policy and Notice at Collection is intended to inform you how Viking River Cruises Australia Pty Ltd (“Viking” or “we” or “us”) collects, uses, shares, and processes your personal information through your use of the Services. The term “Services” refers to our ocean, river and expedition cruises, including the selection of products, content, events, activities, excursions and services offered onboard and off-shore either directly by us, or through our affiliates or third-party business associates, as well as any other products, features, tools, materials, or other services offered from time to time through a variety of Access Points. The term "Access Points" refers to our website at www.vikingcruises.com.au/ (“Website”), mobile applications, onboard media, blogs, social media and other places, and other online or wireless offerings, whether accessed via computer, mobile device or other technology, any of which is owned or operated by us or on our behalf.
Viking is committed to protecting privacy and security of your personal information and to implementing and maintaining appropriate physical, organizational and technological safeguards in accordance with the provisions set forth in the federal Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”).
A copy of the APPs is available for download on the website of the Office of the Australian Information Commissioner at https://www.oaic.gov.au/privacy/australian-privacy-principles.
If you are an employee, contractor, or job applicant, your personal information collected in those contexts will be subject to a separate privacy policy that we provide to you where and when appropriate.
2. WHAT PERSONAL INFORMATION WE COLLECT
We may collect and process several categories of personal information about you depending on the nature of your interactions with us:
- Identifiers and contact information (such as your name, mailing address, billing address including postcode, telephone number, email address, date of birth, and Viking account username and password).
- Government Identifiers such as your passport information.
- Purchase and preference information (such as information about your vacation and dietary preference, information about your interests, itineraries you book and other products or services you purchase).
- Payment account information such as credit/debit card details that are necessary to process the payment for the Services provided when you make a booking or a purchase. Payment account information is stored, processed and transferred in encrypted form at rest and in transit. Online credit card payments are processed using a third-party payment gateway service, and Viking does not store such information. If the credit card transaction is manual, the imprinted record will be stored by Viking for the period that financial records are required to be retained by law.
- Demographic information such as your gender, age, and postcode.
- Internet Browser, Usage, and Log Data: We collect information when you visit our Access Points, use the Services, or view or interact with Viking advertising or content online (such as your IP address, device, browser type, and software characteristics like type and operating system, geolocation, activities and content viewed, pages visited, links clicked).
- Geolocation Information based on your IP address.
- Professional Information: If you interact with Viking on behalf of business customers, vendors, or other companies, we may also collect personal information such as your job title, office location, compensation or payments, and engagement history with us.
- Emergency Contacts: We may collect the name, address, and telephone number of someone who is not traveling with you who we can contact in case of an emergency.
- Sensitive Information: we may collect health information that is necessary to provide our Services, and such information may be considered sensitive information under the APPs and as such subject to additional rights and protections.
3. HOW WE COLLECT YOUR PERSONAL INFORMATION
We collect personal information from various sources:
Directly from you: We collect personal information directly from you when you create a profile to register for a Viking account, contact our customer service or other means to request information from us, participate in sweepstakes or other promotions, use the Services (such as when you book travel with us, participate in onboard activities, take offshore excursions while traveling with us), or provide us with feedback, testimonials, photos, or other personal information. If you are a business contact, we also collect personal information directly from you when we communicate with you, onboard you, or provide/receive products or services to/from you.
Automatically from your devices: we use various technologies to automatically collect usage and interaction data when you interact with our Access Points, read our emails, and engage with our digital advertisements and content. These technologies include cookies, pixels, and SDKs and may be used by us directly or by third parties and service providers.
From our service providers: we receive personal information from the vendors and service providers that we hire to help us run our business, including those companies that process payments or conduct data analytics, or provide customer service or provide marketing, analytics, and advertising services.
From our parent company and affiliates: we may receive personal information from our parent company and corporate affiliates, as travel may be provided on a vessel owned or operated by a corporate affiliate.
From our data partners: we receive personal information from data aggregators, data licensors, and public databases.
From social media and other third-party services: we receive personal information about you when you interact or connect with us or our Services, for example, by liking us on Facebook® or following us on Twitter® or on Instagram® or watching us on YouTube®. The collected information may be information associated with that third-party service, or that you elect to make public using that service or have authorized the third-party service to share with us (such as your user ID, billing information, public profile information, email address, birthday, friends list, pages you have "liked" or commented on, and other account and profile data). The information we receive is dependent upon your privacy settings with the third-party platform.
From other passengers: occasionally we receive personal information from passengers, such as when you are listed as an emergency contact or if you are onboard and someone in your party provides Viking with your information.
We may combine the information we collect from or about you with information provided by other sources. We also combine information that we collect offline with information we collect online. We may also aggregate your information with other consumers’ information to understand preferences and trends within your peer group over time.
4. HOW WE USE YOUR PERSONAL INFORMATION
We use the personal information we collect and receive from or about you (including sensitive information) primarily to provide better customer service to you, to provide the Services you request, to improve and customize the content you see on our Access Points, to contact you about special promotions and new Services, and for other purposes, including the following:
- to provide you with the Services you request, to provide you with your travel reservation booking confirmation and updates, and to manage your account, including processing payments and providing travel notifications;
- customizing, personalizing and enhancing the Services and evaluating how well the Services perform;
- customizing, targeting, or personalizing our marketing and advertising that you view and monitoring the effectiveness of our email communications and other advertising efforts;
- to remember information so that you will not have to re-enter it during your visits to, or the next time you visit, the Access Points;
- to solicit information from you, including through surveys;
- to resolve disputes, collect fees, troubleshoot problems, or otherwise provide customer service to you;
- to contact you for a sweepstakes or other promotion about a product or service we believe may be of interest to you, travel-related or otherwise, either from us alone or together with another sponsor or a third party;
- to compile aggregate data for internal and external business purposes;
- to monitor the traffic, usage, and demographic patterns on the Access Points;
- to complete your reservations, process your transactions, and provide the Services to you;
- to diagnose and fix technology problems;
- to prevent, detect, and investigate potentially illegal or harmful activities, including fraud;
- to comply with our legal obligations;
- to protect your privacy rights;
- in the case of business contacts, to administer and manage our relationship with you and your employer (such as record keeping, payments, communicating with you, tracking outcomes, and verifying your eligibility and suitability);
- to verify your identity in relation to requests you make; and
- for any other legitimate purpose that is required or permitted by law or that is disclosed to you at the time we collect the information or that is related to a request made by you or that is within your reasonable expectation at the time of the collection based on the circumstances.
In addition to the above uses of personal information described in this Privacy Policy, we may aggregate information about you and other individuals together, or otherwise "de-identify" the information about you (which means that the information does not identify you personally). We may use information in these forms for any legitimate business purpose, including without limitation, for research and analysis, administration of the Services, advertising (e.g., improving our targeting efforts or our Services), and promotional purposes.
4.1. COOKIES AND TRACKING TOOLS
We use an email delivery and marketing company to send emails to you. Pixel tags and cookies are used in those email messages to help us measure the effectiveness of our marketing and to track whether (and when) you opened our email.
Our Access Points use tracking tools like pixels and cookies to better understand how you use and interact with our Access Points (such as which pages you visit, what time of day you visit, which links you click on, and from where you access the Access Points). The data we collect about your use of our Access Points may be linked with other personal information we process about you. Most Internet browsers automatically allow tracking tools. However, you can instruct your browser, by toggling its options, to stop allowing tracking tools or to prompt you before allowing a tracking tool from the sites you visit.
If you decide not to allow tracking tools, your ability to use some features on our Access Points may be impaired. Certain visitors to our Access Points may have previously received targeted promotional materials relative to the Access Points. Viking may share site usage information about such visitors with reputable third parties for the purpose of targeting future campaigns and upgrading visitor information used in reporting statistics.
5. DISCLOSURE OF YOUR PERSONAL INFORMATION
Viking may disclose your personal information to third parties only for the purposes described below.
With our parent company and affiliates: We may share personal information with our parent company and corporate affiliates. This sharing enables us to fulfill the Services, as travel may be provided on a vessel owned or operated by a corporate affiliate, as well as to provide you with information about other products and Services we believe might interest you.
With our service providers: We share personal information with the vendors and service providers who provide functions on our behalf, including credit card processing, business analytics, customer service, marketing, distribution of surveys or sweepstakes programs, and fraud prevention. We may also authorize vendors to collect information on our behalf.
With travel and activity providers: We share personal information with airline, lodging, offshore excursion and other activity providers who work with us to provide the Services to you or when you have made reservations with them through us as part of the Services. By requesting the excursion or activity or making a reservation as part of the Services, you are authorizing and directing us to disclose to the provider the information (including personal information) required to complete the reservation and provide the travel, lodging, excursion or activity. Please note that these providers also may contact you as necessary to obtain additional information about you, facilitate your reservation with them, or respond to a review you may submit. Please note that travel and activity providers are not controlled by us, and personal information disclosed to them is subject to the applicable provider's privacy policy and security practices. Therefore, we encourage you to review the privacy policies of any provider.
With business partners and advertising companies: We may share personal information with our third-party business partners: (i) with whom we jointly offer products or services or sweepstakes or other promotions, travel-related and otherwise, or (ii) whose products or services may be offered through our Access Points or on our cruises. We may also share personal information with advertising networks, ad servers, social media platforms, and analytics companies in connection with our and their marketing.
With third-party referring websites: If you were referred to our Website from a third-party website (for example, through a link you clicked on another site that directed you to our Website), we may share some information about you with that referring website. We encourage you to review the privacy policies of any website that referred you to our Website.
For legal compliance: we may share personal information for legal compliance and law enforcement purposes such as: in response to subpoenas, court orders, or other legal process; with law enforcement agencies as required; to establish or exercise our legal rights; to defend against legal claims; to enforce our Booking Terms & Conditions or any other agreement we or another party may have with you; and/or when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities or exercise, defend or protect the rights, property or safety of our company, our customers, our Access Points, or others.
Mergers or corporate reorganization: If another entity acquires Viking or all or substantially all of our assets, your information may be disclosed to such entity as part of the due diligence process and may be transferred to such entity as one of the transferred assets. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties.
We may also aggregate and/or deidentify information and then share that aggregated or anonymized data with third parties for market and research purposes or for other purposes.
In many cases, Viking imposes contractual restrictions equivalent to those imposed on Viking under the Privacy Act and the APPs in respect of collection and use of personal information by those third parties. In some cases, Viking’s ability to impose contractual restrictions is limited. In those circumstances, Viking will carefully consider the risks to the protection of personal information when entering into arrangements with third parties either located in Australia or overseas. Viking will never disclose your sensitive information without your consent as required under the Privacy Act and APPs.
6. YOUR PRIVACY RIGHTS
In accordance with applicable laws, you may be entitled to submit a privacy request to exercise the following privacy rights:
- Right to Access: you may request access to and know what personal information we hold about you and also the right to obtain a copy of such personal information;
- Right to Correct/Update: you may request to update or correct any personal information that is incomplete or outdated;
- Withdrawing consent: if we have collected your consent in order to process your personal information when consent is required (in case of sensitive personal information) you may withdraw such consent by submitting a privacy request.
You may submit your privacy request via email to privacyaunz@viking.com or by filling out the Data Subject Request Form.
We will process your privacy requests within the timeframes set by applicable laws. For your protection we may need to verify your identity before starting to process your privacy request. We reserve the right to deny your request in full or in part for any reason permitted under applicable laws.
You may contact us more generally at the following:
By telephone:138 747 (AU) or 0800 447 913 (NZ)
By email: reservations.anz@viking.com
By mail:
Viking Cruises Australia
6/66 Wentworth Ave
Surry Hills NSW 2010
AUSTRALIA
7. MARKETING COMMUNICATIONS
As described here, with your consent, we or third parties may use your personal information for direct marketing, to send you marketing materials about promotions, offers, new products or services provided. We may also track your activity online for the purpose of sending targeted advertising.
We may use information that we know about your likes and interests to tell you about other Viking programs, products and services. We may know about your likes and interests because you have provided that information.
You may receive certain marketing communications from Viking in response to your request, or if you have purchased products or services from us and you have not opted out of receiving marketing communications, or if you have provided your express consent.
We will never knowingly send you unsolicited commercial electronic messages without your express or inferred consent in line with Australian law. More information on the Spam Act 2003 is available from the regulator’s website at www.acma.gov.au/spam.
8. YOUR MARKETING PREFERENCES
You can change your marketing preferences at any time as follows:
Opt out of Marketing emails: you can stop receiving promotional email communications from us by clicking on the “unsubscribe” link provided in such communications. We make every effort to promptly process all unsubscribe requests. You may not opt out of Services-related communications (e.g., account verification, information about your orders, bookings, cruises, changes/updates to our websites, products or features of our Services, technical and security notices).
Targeted advertising via cookies and pixels: You may reject or delete cookies, pixels, or other tracking technology for purposes of targeted advertising by managing them on your Internet browser or mobile device. Please refer to your browser’s or mobile device’s technical information for instructions on how to delete and disable cookies, pixels, and other tracking tools. Depending on your mobile device, you may not be able to control tracking technologies through settings. If you wish to opt out of such tracking technology from us or from our third-party vendor’s or partner’s cookies, please click on the Manage Cookies link at the bottom of the Website homepage.
You may also unsubscribe from our mailing/marketing lists at any time by contacting us in writing via email at privacyaunz@viking.com.
If you have unsubscribed from our mailing list or otherwise exercised your right to opt out of marketing communications, we may still use your personal information for the sole purposes of excluding you from our marketing campaigns conducted through our internal software programs and via third-party providers such as e-commerce marketing platforms and email automation services. You may still see our brand advertising from third parties such as but not limited to social media platforms.
9. RETENTION AND PROTECTION OF PERSONAL INFORMATION
Viking stores your personal information only for as long as is necessary for the legitimate purpose of its processing. When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal information. In compliance with legal recordkeeping requirements, we may retain certain types of personal information for a minimum of 7 years (e.g., transaction history for tax purposes), while other types of personal information (e.g., cookie data) are retained for shorter periods.
Viking has implemented physical, electronic and organizational security measures, as well as policies and procedures, in order to help protect your personal information from loss, misuse, unauthorized access, use, disclosure, alteration or destruction. Viking regularly reviews security and encryption technologies and will strive to protect information to the fullest extent possible in accordance with applicable laws. However, no method of online transmission and storage of data is 100% secure.
We encourage you to be vigilant about the protection of your own personal information when using third party digital services.
10. LINKED SITES
Our Website may contain links to other sites. We are not responsible for the privacy practices or the content of such web sites. We encourage you to read the privacy policy of any linked sites as their privacy policy only applies to those sites and may differ from ours.
11. CHANGES TO THE PRIVACY POLICY
We reserve the right to make changes to this Privacy Policy and Notice at Collection from time to time, and the updated version will be posted on this page. Please regularly review this page to be aware of any changes that will be effective as of the date of posting.
12. COMPLAINTS, COMMENTS AND CONTACTS
If you have any complaints, comments about our Privacy Policy and Notice at Collection, or you wish exercise your privacy rights, please submit your request to the Viking Privacy Team at privacyaunz@viking.com or use the information provided above.
In the event that you believe that your complaint has not been adequately addressed or resolved by the Viking Privacy Team, then you also have the right to lodge a complaint with the Office of the Australian Information Commissioner at www.oaic.gov.au.
