This Privacy Policy applies to personal information about you that we collect, use and otherwise process regarding your relationship with us as a client, customer or potential customer, including when you travel with us or use our other services, use our websites or mobile applications, contact our service agents or call centre and book to use our services through third parties (such as travel agents and other airlines). Please ensure that you read this Privacy Policy in its entirety before submitting personal information to us.
Additional Terms and Conditions or policies may apply if you elect to take additional services from us such as making a duty free purchase on board or entering a competition linked to Air Chathams and other third parties.
Controller of Personal Information
Any personal information processed by Air Chathams ("we", "us" or "our") in connection with this Privacy Policy is controlled by Air Chathams Limited trading as Air Chathams, which is considered the “controller” of your personal information under European Data Protection Legislation, to the extent it applies to personal information collected about you, and other applicable laws.
If you have made a flight booking with us but one or more flights are to be provided by other airline(s) then that other airline will also separately be considered a “controller”. Any provider of services such as a hotel or car rental company will also separately be a “controller”. Please be careful to review privacy policies of such service providers separately, which you can access from them directly.
What do we mean by personal information?
Personal information means data relating to you from which you can be reasonably identified, such as your name and contact details, your travel arrangements and purchase history. It may also include information about how you use our websites and mobile applications. We recognise that your personal information is valuable and we process it in accordance with applicable law, and to the extent that it applies to your personal information, with European Data Protection Legislation.
European Data Protection Legislation
For the purposes of this Privacy Policy, "European Data Protection Legislation" means all applicable legislation relating to data protection in the European Economic Area ("EEA"), including the EU General Data Protection Regulation 2016/679 ("GDPR") and all legislation implementing or made under or pursuant to or replacing or superseding the GDPR. Where this Privacy Policy uses terms which are defined in the GDPR, the definitions set out in the GDPR will apply.
Information you provide to usand how we use it
When you use our services, you will need to provide us with your personal details or the details of those individual(s) who will be travelling.
We collect personal information from you by asking specific questions when you interact with us, such as when you:
- Complete and manage a booking you have made with us or a service you have requested from us;
- Travel with us and update your travel arrangements; and/or
- Complete online registrations and other online interactions.
You can choose not to provide us with any of your personal information. However, if you choose not to provide us with your personal information in these circumstances, we will be unable to respond to your enquiry, engage in further communications with you and/or provide the requested services.
We will, depending on the nature of your communication with us, use your personal information to:
- If you are a customer travelling with us: fulfil your travel arrangements and deliver services you have requested, manage the boarding process and facilitate flight connections, send status updates and service communications to you, keep track of you at the airport in advance of your flight and keep you safe when you fly with us because it is in our legitimate interests to use your personal information to communicate with you and facilitate the provision of the services. It is also necessary to use your personal information to protect the vital interests of you or another person and/or to comply with a legal obligation and/or perform a contract with you for the provision of services.
- If you are making an enquiry about how our services could help you or your business: respond to any enquiry you may make and/or provide you with information that you request from us because it is in our legitimate interests to use your personal information to communicate with you, to respond to your request and develop the relationship between us.
- If you are making an enquiry about how your business could support or work with our business: consider how your business could support or work with our business because it is in our legitimate interests to use your personal information to consider whether it would be beneficial to work with your business.
- If you are an existing client supplier or partner of ours and you are making an enquiry about your agreement or relationship with us: respond to you as an existing client, supplier or partner of ours in relation to a pre-existing agreement or relationship because it is in our legitimate interests to use your personal information to manage your business' relationship with us. It may also be necessary for us to:
- Use your personal information to perform an agreement with your business, where we would be unable to provide those services to or receive them from your business without that information (for example, if a particular service or information is to be provided to you at your business, we would be unable to provide that service or information unless we were able to use your personal information for that reason);
- Use your personal information to comply with a legal obligation relating to how we manage our business or our relationship with your business.
- If you are a member of the public and you are making an enquiry about whether you could work for us: consider and decide how to respond to your enquiry because it is in our legitimate interests to use your personal information to consider whether we have any suitable job vacancies and to contact you about them. It may also be necessary for us to use your personal information to comply with a legal obligation relating to how we manage our business.
- If you are making any other type of enquiry: consider and respond to your enquiry because it is in our legitimate interests to use your personal information in order to determine how to answer your query and/or provide you with the relevant information and/or service. Depending on the subject of your enquiry, it may also be necessary for us to use your personal information to comply with a legal obligation relating to how we manage our business or our relationship with you or your business.
- If we do not know you and/or your role at our business: we may also use your personal information to confirm your identity and the business that you work for, as well as your role at that business. We do this because it is in our legitimate interests to make sure that your enquiry is genuine and is not spam or being made for fraudulent reasons. We may also do this because we may be subject to legal obligations which require us to confirm the details that you provide to us before entering into a relationship with you.
- If you opt-in to receive marketing communications: we will use your personal information to contact you to share information about relevant products, services, news and events. When you provide your contact details for this reason, you will be consenting to us contacting you for these purposes. We will only be able to send you marketing communications if you have provided your consent.
How can you change what marketing communications you receive and how you receive them?
When you opt-in to receive communications from us, you are giving your consent for your personal information to be used by us to contact you by email, direct mail and telephone, and to deliver personalized website experiences, to share information about relevant products, services, industry news and events. You are entitled to withdraw your consent to us contacting you or to amend your communication preferences by contacting us at the email address listed under "Ownership and Contact details." Please be aware that we do sometimes send marketing communications that promote a third party’s products and services (for example, those of our business partners) as well as our own and we may ask if you consent to this.
If you decide that you do not want to receive correspondence from us about the services we provide, including communications regarding press releases, newsletters, marketing, promotions, and/or other topics, you can:
Unsubscribe by selecting the "unsubscribe" contained in each marketing communication we send by email, which will stop you receiving further marketing emails. We aim to action requests to stop marketing communications within 10 working days of receiving those requests, but it is possible you will receive some marketing communications in the period prior to that change being made.
Withdrawing your consent will not affect our use of your personal information prior to you withdrawing that consent but it will mean that we will not be able to contact you about the services we may be able to offer you or your business in the future.
We will let you know where you must provide us with personal information in order to perform an agreement with you or your business or to comply with a legal obligation.
Please note that if you tell us that you do not wish to be sent further marketing communications, you will still receive service communications (as described above) which are necessary, for example, to confirm your booking or to provide you with an update on its status.
If you ask us to stop sending marketing communications, please note that we will retain so much of your personal information as is necessary to indicate that you do not want to receive marketing communications.
We will respect your choice as to what communications you wish to receive and the methods by which you are sent them.
When and why do we collect ‘special categories of personal data’?
Certain categories of personal information, such as that about race, ethnicity, religion, health, sexuality or biometric information are special categories of data requiring additional protection. Generally, we try to limit the circumstances where we collect and process special categories of personal data. We may collect and process special categories of personal data in certain circumstances, such as where:
- You have requested specific medical assistance from us and/or an airport operator, such as the provision of wheelchair assistance or oxygen;
- You have sought clearance from us to fly with a medical condition or because you are more than 28 weeks pregnant;
- You have chosen to provide such information to us or it has been passed onto us by a third party such as the travel agent through which you made your booking.
In addition, you may have requested services (such as a meal) which is not ’sensitive data’ but may imply or suggest your religion, health or other information.
Special categories of personal data will only be collected by us on the basis of your explicit consent, unless otherwise stated above.
Information received from third parties
In addition, we may receive personal information about you from third parties, such as:
- Companies contracted by us to provide services to you;
- Companies involved in your travel plans, including airlines involved in your prior or onward journey, relevant airport operators and customs and immigration authorities; and
- Companies that participate in our partner loyalty schemes and other customer programmes.
These third parties may function as separate controllers under the European Data Protection Legislation (if applicable) and receive your personal information in accordance with their own privacy policies and procedures. We recommend you consult their privacy policies for further information.
Information we automatically collect about you
When you visit our websites and your browser or other applications on your device interact with it, we will automatically collect information about your interaction with our websites such as your IP address, traffic data, clickstream information, time stamp, location data, web logs, other communication data and the resources that you access. We automatically collect data about your use of our websites using various technologies such as cookies, web logs and beacons, as described below. This information allow us to:
- Ensure content from our websites is presented in the most effective manner for you and your device and to make improvements to our websites;
- Recognise you when you return to our websites and to record your use of the websites;
- As part of our efforts to keep our websites secure;
- Administer and maintain our websites by conducting testing and solving errors; and
- Analyse your and other users' use of the websites in order to create anonymised and aggregated research or statistics from time to time. Once your personal information has been anonymised and aggregated with that of other users, we will no longer be able to identify you or anyone else from the combined information.
We will use your personal information in this way because it is in our legitimate interests to determine how you may be viewing and using our websites so that we can operate it effectively and improve it.
Cookies
Our websites use cookies, small data files containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. We use cookies to enhance your use of our websites and/or services and to monitor your activity during your visit(s) to our websites. By continuing to use our websites you consent to our use of cookies as explained in this Privacy Policy.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
The following table sets out the types of cookies used on our websites and provides detail about what they are used for. When you use our websites for the first time, cookies which are essential to make our websites operate (see those identified as "essential cookies" below) will have been set but other cookies will not have been set unless you agreed to those cookies being set at that time. If you have agreed to accept cookies then our websites will remember this and continue to set cookies each time you visit.
Some cookies are deleted when you close your browser. These are known as session cookies. Others remain on your device until they expire or you delete them. These are known as persistent cookies and enable us to remember things about you as a returning visitor. If you do not want cookies to be stored, then you may turn off certain cookies listed below individually or you can select the appropriate options on your web browser to delete some or all cookies. Please note, however, that if you block some or all cookies (including essential cookies) you may not be able to use or access all or parts of our websites, such as being able to log on to member specific areas.
Click here for more information about cookies used on our website.
If you would like to disable cookies, you can set your web browser to reject cookies. However, if you disable the cookie function, you may not be able to access or receive all the information contained on our websites. How to alter your cookie setting will depend on the type of browser you use. We have provided examples of how to disable cookies on the most popular browsers below:
Microsoft Internet Explorer
- Choose the “tools” menu then “Internet Options”;
- Cick on the “privacy” tab; and
- Select the appropriate setting.
Mozilla Firefox
- Choose the “tools” menu then “Options”;
- Click on the “privacy” menu then “Options”;
- Click on the “privacy” icon; and
- Find the “cookie” menu and select the relevant options.
Please note that Google and other third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies as a result of you visiting other websites, over which we have no control.
For further information about how to refuse, block or delete cookies, please refer to your browser ‘help’ section or see www.allaboutcookies.org.
How long do we keep personal information?
We will keep your information for as long as we need it for the purpose it is being processed for. For example, where you book a flight with us we will keep the information related to your booking, so we can fulfil the specific travel arrangements you have made and after that, we will keep the information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the booking. The information may also be retained so that we can continue to improve your experience with us and to ensure that you receive any loyalty rewards which are due to you.
We will actively review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or customer need for it to be retained. We may retain a record of the existence of our relationship with you, to the extent that and for so long as we are required to do so by law. For example, if you have contacted us to ask for the processing of your personal information to be erased, we will retain a record of your request in order to ensure that we comply with your wishes.
Who do we share your personal information with?
We do not sell personal information to third parties, and we only allow third parties to send you marketing information where we have your consent to do so.
However, we may share your personal information with others to confirm your identity, to respond to your query, or to manage our business and provide services to you. By providing us with your personal information you agree to the following disclosures:
- We may check your personal information by searching for your name and that of your business in publicly available and private databases of businesses and individuals, which will use the details entered by us to provide us with the search results. For example, we may use databases such as those retained by LinkedIn for this purpose:
- We may pass your personal information on to selected third parties including:
- Our service providers and subcontractors for the performance of any contract we enter into with them or you, including:
- Airlines and other service providers where, for instance, part of your travel itinerary involves a flight operated by a different airline or includes car hire or a hotel booking. (such airlines and other service providers will be identified when you make a booking).
- Credit and charge card companies, credit reference agencies and anti-fraud screening service providers to process payments and (where necessary) to carry out fraud-screening.
- Third party service providers we are using to provide services that involve data processing, for example, to carry out marketing initiatives or run customer surveys on our behalf.
- Our business partners if you have expressed an interest in a product or service of such business partner. For example, if you have joined an affiliated loyalty program so that we can administer the benefits of the loyalty program to you.
- Government and law enforcement agencies such as customs and immigration authorities, in response to a valid, legal requirement or request.
- Customs and immigration authorities of any country in your itinerary or to which your flight may fly over. Air Chathams and other airlines are required by laws in Fiji, USA, Australia, New Zealand, Singapore, Hong Kong, Japan and other countries to give border control agencies and Customs authorities access to booking and travel information when you fly to and from countries including stop overs and where you may overfly countries to your destination.
- Any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) in so far as reasonably necessary for the purposes set out in this policy.
- Analytics and search engine providers that assist us on the improvement and optimisation of our websites.
- Professional advisors such as law firms and/or courts of law to enforce or apply any contract with you.
- Any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this policy.
- A purchaser or successor entity in the event of a sale or other corporate transaction involving some or all of our business or as needed to effect the sale or transfer of business assets, or as needed for external audit, compliance or corporate governance related matters.
- A third party to which we have a duty to disclose or share your information (i) to enforce or apply our conditions of carriage and other agreements with you; (ii) as required by applicable law, court orders, government regulators or legal process (including subpoenas); (iii) as necessary to protect the property, safety and rights of others.
Except as provided in this policy, we will not provide your personal information to third parties.
International Data Transfers
We transfer, store and process your personal information in various countries worldwide. The nature of our business means it is often necessary for us to send your personal information outside the country in which you are located to fulfil your travel arrangements. This occurs because our business and the third parties we share your personal information with as described in this Privacy Policy have operations in countries across the world. By providing us with your Personal Information, you consent to this transfer to various countries, as required. Your personal information shall be protected in accordance with this Privacy Policy, regardless of where it is transferred, processed or stored.
We are located in New Zealand which is a country that has been deemed to offer adequate data protection by the European Commission.
Where we pass your personal information from a location inside the EEA to parties located outside the EEA that do not offer adequate protection as determined by the European Commission, we will enter into agreements which enable us to transfer the personal information to them and that enable you to exercise your rights in accordance with the European Data Protection Legislation. A copy of the terms of these agreements, signed by the recipient of such personal information in accordance with applicable law, can be obtained by contacting us using the details listed under "Ownership and Contact details" below.
Your Rights
With respect to the personal information that we collect about you, to the extent that you are located in the EEA, under European Data Protection Legislation you have the right to:
- Request access to that personal information;
- Receive a copy of the personal information that you have provided to us in a structured commonly used format so that you can share it with others;
- Where personal information is inaccurate or incomplete, ask for personal information to be rectified or completed;
- Request the transfer of your personal information to another party;
- Ask that personal information be erased;
- Object to us processing your personal information by asking for the processing of that personal information to be restricted or stopped. For example, if we use your personal information for marketing purposes; and
- Make a complaint to a European data protection authority about the manner in which we process your personal information.
Please contact us using the details listed under “Ownership and Contact details” below to exercise these rights or for additional information. When you contact us to exercise the above rights, we may ask for further information from you, to confirm your identity, as we take the protection of your personal information seriously. If you have an online account with us, you may be able to log into your account to access and update the information you have provided to us.
Security of your personal information
We will take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password and firewall-protected) servers.
All electronic financial transactions entered into through our website will be protected by encryption technology.
You acknowledge that the transmission of information over the internet is inherently unsecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website). To help you keep your information secure, we recommend that you:
Keep your booking reference confidential
When you make a booking, you will be given a booking reference (also known as a PNR or Passenger Name Record). This will appear on the email confirmation or ticket of each person in your booking. You should always keep your booking reference confidential. Giving your booking reference to others may allow them to access your booking details through our system. If you are travelling with others and would not like your individual booking details to be accessible by them, you may prefer each person to make separate bookings.
Keep your account number and website log-in details confidential
To make sure your access to our websites, other online services, and mobile applications is secure, you should not share your log in details with anyone else. When you finish using the website, online services or mobile app you should log out if others may be able to access your computer or device. This is especially important if you are using a publicly accessible computer.
Be aware of and protect yourself against Internet fraud and ‘phishing’
There is an Internet fraud practice known as ‘phishing’ which is the illegal gathering of personal information by deception. Unsolicited emails are sent to individuals from lists illegally gathered by a third party, and recipients are asked to enter or reconfirm bank or password details into a 'cloned' or illegal copy website.
USA TSA Secure Flight Program - Privacy Notice
The Transportation Security Administration (TSA) requires you to provide your full name, date of birth, and gender for the purpose of watch list screening, under the authority of 49 U.S.C. section 114, the Intelligence Reform and Terrorism Prevention Act of 2004 and 49 C.F.R parts 1540 and 1560. You may also provide your Redress Number, if available. Failure to provide your full name, date of birth, and gender may result in denial of transport or denial of authority to enter the boarding area. TSA may share information you provide with law enforcement or intelligence agencies or others under its published system of records notice. For more on TSA privacy policies, or to review the system of records notice and the privacy impact assessment, please see the TSA Web site at www.tsa.gov
Amendments to this Privacy Policy
We may update this policy from time to time to reflect any changes in our practices, services and legal obligations by publishing a new version on our website.
Your continued use of our websites and services following the effective date of a change to this Privacy Policy signifies your acceptance and agreement to the terms of the revised Privacy Policy. We encourage you to check this page periodically to determine the current terms. The Privacy Policy has been revised at the "Last Updated" date displayed at the top of this Privacy Policy.
Ownership and Contact details
This website is owned and operated by Air Chathams Limited, trading as Air Chathams.
You can contact us by emailing [email protected], completing the contacts form on: Contact Us - Air Chatham (airchathams.co.nz) Or telephone: +64 9 257 0261