-

Our Approach to Governance

Learn how we focus on running a responsible business, and data privacy and security

Responsible business

Why is this important to us

Positive change requires that businesses are accountable for their impacts and show transparency. We believe this is key for us to be a catalyst for change in the industry.

What are we working towards

We want to be a transparent player in the industry that show accountability for our impacts

What are we doing to get there

The cruise industry still has a long way to go when it comes to sustainability. We want to be a catalyst for change in the industry, and we take our responsibility seriously by disclosing data and being transparent about where we need to improve.

  • Some of our key corporate governance principles are guiding and apply to all our business units. Our Code of Conduct applies to our owners, Board of Directors, employees and contracted workers. We welcome and encourage all our employees to raise any concerns through our Whistle Blower mechanism. We have implemented safeguards and policies to prevent violations of anti-corruption laws.

  • We believe procurement has a strategic role to play in our ESG work. As a global company we can have a positive economic impact on local businesses and we can use our purchasing rights to increase environmental and social development.

Data Privacy and Security

Why this is important to us

Guest and employees trust us with their data, the most valuable commodity in modern society. It’s our responsibility to respect and protect it

What are we working towards

To have zero major data breaches that would require reporting to data protection authorities

What are we doing to get there

Data is one of the most valuable commodities in modern society. At Hurtigruten Group, we take our guests’ and employees’ data privacy very seriously. It’s not a competitive advantage, it’s a hygiene factor.

Our ambition for data privacy is to:

  1. Ensure compliance with all relevant regulations in the markets we operate, e.g. GDPR.

  2. Provide training and support across the organization in privacy related matters, and

  3. To have zero major breaches that would require reporting to data protection authorities.