Menu
Free calls from USA: 
Worldwide: 
Boarding app privacy
This Privacy Policy describes how Katarina Line d.o.o. ("we", "us", "our") collects, uses, and protects information through the Boarding mobile application ("the App"). The App is a staff tool used by Katarina Line crew members to manage cruise passenger boarding operations.
1. Information We Collect
1.1 Passenger Information
When crew members process passenger boarding, the following data may be collected:
- Identity data: first name, last name, date of birth, nationality, country of origin, sex/gender
- Contact data: email address, phone number, emergency contact name and phone number
- Travel document data: document type (passport/ID), document number, issuing country, expiry date, machine-readable zone (MRZ) data
- Biometric data: facial photograph read from passport NFC chip (used for identity verification only)
- Health data: food restrictions, health conditions, drug allergies (provided voluntarily)
- Booking data: booking reference, cabin number, cruise details, QR code identifier
- Consent data: ship rules acceptance, digital signature, newsletter consent
- Special occasion data: occasion type and notes (e.g. birthday, anniversary)
1.2 Staff (Operator) Information
- Username, full name, email address, and role
- Authentication tokens (for secure access)
1.3 Device Information
- Device identifier: iOS vendor ID or Android ID, used for audit logging of boarding operations
1.4 Information NOT Collected
- We do not use any analytics, advertising, or third-party tracking services
- We do not collect precise GPS location data (location permission is required by iOS for NFC functionality only)
- We do not share data with third-party advertisers or data brokers
2. How We Use Information
| Purpose | Data used |
|---|---|
| Passenger check-in and boarding verification | Identity, travel document, booking data |
| Identity verification via passport scanning | MRZ data, NFC passport photo, document data |
| Health and safety compliance | Health conditions, allergies, dietary restrictions |
| Emergency contact during cruise | Emergency contact details |
| Operational reporting and audit trail | Boarding timestamps, operator ID, device ID |
| Ship rules acknowledgement | Digital signature, acceptance timestamp |
| Guest experience | Special occasion data, guest notes |
3. Device Permissions
| Permission | Purpose |
|---|---|
| Camera | Scanning passenger QR codes and reading passport MRZ zones. Images are processed on-device and not stored. |
| NFC | Reading passport chip data for identity verification. Data is read on-device and transmitted only to our servers. |
| Location (iOS only) | Required by iOS for NFC passport reading. Location data is not collected, stored, or transmitted. |
4. Data Storage and Security
- On-device storage: Data is stored locally using encrypted storage (MMKV) within the app's secure sandbox. This enables offline operation during boarding.
- Server transmission: All data is transmitted over HTTPS to Katarina Line's servers. No data is sent to third parties.
- Offline sync: When the device is offline, boarding operations are queued locally and securely synchronised when connectivity is restored.
- Authentication: Staff access is protected by username/password authentication with token-based sessions. Passwords are never stored on the device.
5. Data Sharing
We do not sell, rent, or share passenger or staff data with third parties. Data is transmitted solely to Katarina Line's own servers for cruise operation purposes.
On-device PDF boarding reports may be generated and shared by staff using the device's native sharing functionality, at the operator's discretion.
6. Data Retention
- On-device: Data is retained on the device for the duration of the active cruise operation. Data is cleared when the operator logs out or selects a different voyage.
- Server-side: Passenger and boarding data is retained in accordance with maritime regulations and Katarina Line's data retention policies. For specific retention periods, please contact us.
7. Your Rights
Under the General Data Protection Regulation (GDPR) and applicable data protection laws, passengers have the right to:
- Access personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (subject to legal retention requirements)
- Object to or restrict processing of your data
- Receive your data in a portable format
- Withdraw consent at any time (where processing is based on consent)
To exercise any of these rights, please contact us using the details below.
8. Legal Basis for Processing
- Contract performance: Processing passenger data is necessary to fulfil the cruise booking and boarding contract.
- Legal obligation: Certain passenger data is required under maritime safety and border control regulations.
- Legitimate interest: Operational audit trails and device identification for security and accountability.
- Consent: Newsletter subscription and special occasion data are collected only with explicit consent.
9. Children's Privacy
The App does not directly collect data from children. Minor passengers' data is provided by their parent or guardian as part of the booking and boarding process.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect the most recent revision. Continued use of the App constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us.