Personal Data Protection Policy
Who Are We?
CORSICA Linea, registered with the RCS under number 815 243 852, with headquarters at 4, boulevard Roi Jerome 20000 AJACCIO, is the data controller for the purposes described below.
Regulations define personal data as 'any information relating to an identified or identifiable natural person,' where an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, or location data.
Corsica Linea has appointed a Data Protection Officer (DPO) whose contact details are as follows:
- protectiondesdonnees@corsicalinea.com
- Corsica Linea – Internal Control Manager, Data Protection Officer, 42 rue de Ruffi, 13 003 Marseille."
Purposes and Legal Basis:
The table below summarizes the purposes for which Corsica Linea processes your personal data as well as the legal bases for these processing activities:
Purposes of processing | Legal Basis |
Conducting commercial prospecting actions | Our legitimate interest or your consent if required by regulations |
Monitoring interests | Our legitimate interest or your consent if required by regulations |
Management of the loyalty program | Execution of contractual relationships |
Organization of promotional operations | Our legitimate interest (to showcase our offers) |
Management of reservation data for La Méridionale ships | Execution of contractual relationships |
Management of Corsica Linea's ship customers and passengers, including processing of reservation and boarding data | Execution of the contract between us |
Boarding control (IMO lists) | Compliance with regulatory obligations |
Management of contracts concluded with customers | Compliance with regulatory obligations |
Management of customer feedback and satisfaction surveys | Our legitimate interest (better understanding your expectations) |
Handling of contact requests | Our legitimate interest (responding to your requests) |
Management of your user account on the Corsica Linea website | Our legitimate interest (IT security) |
Blocking of new orders (unpaid bills - endangerment of onboard security) | Our legitimate interest (preserving the interests of Corsica Linea) |
Management of GDPR rights exercise requests from data subjects | Compliance with regulatory obligations |
Listening to phone calls made to the reservation center | Our legitimate interest (training, evaluation of our employees, and service quality improvement) |
Management and monitoring of accidents on board | Our legitimate interest (accident prevention and preservation of Corsica Linea's rights) |
Management of onboard WIFI access provision (registration, access, and payment). Note: Data allowing payment by credit card is directly processed by our partner INGENICO via the interface provided on the WIFI service access portal. CORSICA Linea does not have access to it and does not retain it. |
Execution of the contract concluded with individuals wishing to access WIFI |
Management of influencers (travel agencies and others) | Execution of contractual relationships between us |
Promotion of Corsica Linea to influencers (travel agencies and others) | Our legitimate interest |
Management of contracts concluded with our commercial partners | Execution of contractual relationships between us and our commercial partners |
Onboard and boarding area video surveillance | Our legitimate interest (ensuring the safety of people and property) |
Onboard safety monitoring | Our legitimate interest (ensuring the safety of people and property) |
Freight transport management | Execution of the contract between us |
Supplier and service provider management | Execution of contractual relationships between us and the suppliers and service providers |
Supplier evaluation | Compliance with regulatory obligations (Sapin II) |
Litigation management | Our legitimate interest (preserving Corsica Linea's interests) |
Monitoring of donors to La Marie Do Association | Execution of contractual relationships between us |
Recruitment and management of job candidates | Execution of pre-contractual measures or your consent |
What data do we process?
Corsica Linea processes the following categories of personal data: identification data (names, first names, place of birth, nationality, etc.), email address, elements of personal life (vehicle registration in case of transport, names and ages of children when they are passengers, etc.), your interests, payment and billing information related to orders, specific requirements related to particular needs (in case of reduced mobility for example), as well as diplomas and CVs for job applicants.
In forms, responses to asterisked boxes are mandatory, failure to respond will compromise the proper follow-up of your reservation.
Your data is collected by Corsica Linea directly from you in case of reservation made on our website. Your data may also be transmitted to Corsica Linea by our authorized partners (travel agencies, consignee agents, etc.) for marketing crossings. Regarding job applicants, your data may have been transmitted to Corsica Linea by companies specializing in recruitment.
Who do we transmit your data to?
- Within Corsica Linea: your personal data is mainly communicated/accessible to the following Departments/Services of CORSICA Linea: Marketing, Sales and Sales Administration Department, Fleet Management Department, Information Systems Department, Legal Department, Operation and QHSSE Direction, security staff as well as the Human Resources Department (for job applicants).
- Port authorities: in order to comply with regulatory requirements (transmission of IMO lists to port authorities), personal data concerning you may be transferred to port authorities. As CORSICA Linea serves destinations to Algeria and Tunisia, these authorities may be located in countries outside the European Union.
- Navigation companies other than Corsica Linea:
- Corsica Linea's website allows you to book crossings on La Méridionale's ships, the latter will be the recipient of your personal data if you make a crossing on one of its ships.
- Managers/owners of port areas: data concerning you may be transmitted to managers/owners of port areas in order to control access to these areas.
- Providers of CORSICA Linea for IT maintenance and hosting purposes. Regarding the onboard WIFI access service, your data is transmitted to our service provider MARLINK for the provision and technical support of connectivity services to the network and connection with the INGENICO payment service.
- Providers of CORSICA Linea for customer relationship management purposes (for example for email routing).
- The consignee agents of CORSICA Linea responsible for boarding operations and ticket sales/modifications on the day of departure.
- The network of travel agencies partners of the Linea Voyages group.
- Your data may be transmitted to competent administrative or judicial authorities within the framework of current regulations. For example, in the event of a request, this may involve surveillance camera data or WIFI connection data on board.
If some third parties are located in countries whose regulations do not necessarily offer the same level of protection as that of the Member States of the European Union, CORSICA Linea will ensure that these transfers are carried out in accordance with the provisions imposed by French regulations (such as the implementation of contractual clauses adopted by the European Commission). You can contact our Data Protection Officer for further information on these topics as well as a copy of the relevant documents.
Retention period:
The personal data collected is retained by CORSICA Linea in accordance with data protection regulations and legal retention periods. For example:
- Data related to the management of crossings is retained for a period of 5 years;
- Data related to contract management (clients or suppliers) is retained for the duration of the contract plus 5 years;
- Prospect data is retained for a period of 3 years from the last commercial contact;
- Data related to unpaid debts is retained for 48 hours from the regularization of the debt or, failing that, for 3 years;
- Data related to situations endangering safety on board is retained for 3 years from the incident;
- Data related to job applicants is retained for a period of 1 year;
- Data related to accidents on board is retained for 5 years (10 years in case of bodily injury);
- Onboard video surveillance data is retained for 30 days;
- WIFI service connection data is retained for a period of 1 year.
As an exception, your personal data may be retained for longer periods in the event of legal or administrative proceedings.
Your rights:
- You have the right to request access to and rectification of your personal data.
- You have the right to request limitation of the processing of your personal data, (i) if you dispute the accuracy of your data for the period allowing us to verify the accuracy of this data, (ii) if you consider that we are processing your data unlawfully and that you require limitation of their use rather than deletion, (iii) if we no longer need your data for the purposes mentioned above but they are still necessary for the establishment, exercise or defense of your legal rights, (iv) in case of exercise of your right of opposition during the verification period as to whether the legitimate grounds we pursue prevail over yours.
- You have the right to request the deletion of your personal data.
- You have the right to request to exercise your right to object to processing for reasons relating to your particular situation.
- You also have the right to object to commercial prospecting, without having to provide reasons.
- You have the right to exercise your right to portability.
- You have the right to withdraw your consent at any time.
- You also have the right to formulate specific or general directives concerning the retention, erasure and communication of your personal data post-mortem.
These rights can be exercised, at any time, by sending an email to the following address: protectiondesdonnees@corsicalinea.com or by postal mail to the following address: Corsica Linea – Internal Control Manager, Data Protection Officer - 42 rue de Ruffi, 13 003 Marseille.
You can also - if you wish - lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL). Additional information is available on its website www.cnil.fr.
For any questions on these aspects, you can contact the Data Protection Officer by email at the following address: protectiondesdonnees@corsicalinea.com or by postal mail at the following address: Corsica Linea - Internal Control Manager, Data Protection Officer, 42 rue de Ruffi, 13 003 Marseille.
