Controller of Personal Information
If you have made a flight booking with us but one or more flights are to be provided by other airline(s) then that other airline will also separately be considered a “data controller”.
Any provider of services such as a hotel or car rental company will also separately be a “data controller”. You can access the privacy policies of those providers from them directly.
What do we mean by personal information?
Personal information means details which identify you or could be used to identify you, such as your name and contact details, your travel arrangements and purchase history. It may also include information about how you use our websites and mobile applications.
When does this policy apply?
Where we reference that others are data controllers in the sections “Controller of Personal Information” and “Who do we share your personal information with?” you should consult their privacy policies for further information.
Additional Terms and Conditions or policies may apply if you elect to take additional services from us such as making a duty free purchase on board or entering a competition linked to Fiji Airways and other third parties.
How can you keep your personal information secure?
Here are some things you can do to keep your information secure.
Keep your booking reference confidential. When you make a booking, you will be given a booking reference (also known as a PNR or Passenger Name Record). This will appear on the email confirmation or ticket of each person in your booking. You should keep your booking reference confidential always. Giving your booking reference to others may allow them to access your booking details through our system. If you are travelling with others and would not like your individual booking details to be accessible by them, you may prefer each person to make separate bookings.
Keep your Tabua Club membership number and website log-in details confidential. To make sure your access to our websites, other online services, and mobile applications is secure, you should not share your log in details with anyone else. When you finish using the website, online services or mobile app you should log out if others may be able to access your computer or device. This is especially important if you are using a publicly accessible computer.
Be aware of and protect yourself against Internet fraud and ‘phishing’. There is an Internet fraud practice known as ‘phishing’ which is the illegal gathering of personal information by deception. Unsolicited emails are sent to individuals from lists illegally gathered by a third party, and recipients are asked to enter or reconfirm bank or password details into a 'cloned' or illegal copy website.
When do we collect personal information about you?
We collect personal information about you whenever you use our services (whether these services are provided by us or by other companies or agents acting on our behalf), including when you travel with us, when you use our website or mobile applications, or interact with us via email or use our contact centres.
For additional details see ’What types of personal information do we collect and retain?’ below.
In addition, we may receive personal information about you from third parties, such as:
i. Companies contracted by us to provide services to you.
ii. Companies involved in your travel plans, including airlines involved in your prior or onward journey, relevant airport operators and customs and immigration authorities.
iii. Companies that participate in our partner loyalty schemes and other customer programmes.
iv. Companies who provide details to us under privacy polices providing information to be shared with Fiji Airways.
What types of personal information do we collect and retain?
When you use our services, you will need to provide us with your personal details or the details of those individual(s) who will be travelling.
We collect the following categories of personal information:
i. Information you provide for Fiji Airways to complete and manage a booking you have made with us or a service you have requested from us.
ii. Information collected during your travel with us.
iii. Information about your travel arrangements.
iv. Information about the services we have provided to you in the past.
v. Information about online registration and other interactions.
vi. Information about your use of our websites, contact centres and mobile applications.
vii. Information about your location from your device if you have been browsing on fijiairways.com or using our mobile application. (This is your IP address. An Internet Protocol address is a numeric code that can act as a unique identifier for your computer or other device – this can be turned off from your device.
When and why do we collect ‘sensitive personal data’?
Certain categories of personal information, such as that about race, ethnicity, religion, health, sexuality or biometric information are special categories of data requiring additional protection and is referred to here as “sensitive personal data”. Generally, we try to limit the circumstances where we collect and process sensitive personal data. Examples of where we may collect and process ’sensitive personal data’ includes the following:
i. You have requested specific medical assistance from us and/or an airport operator, such as the provision of wheelchair assistance or oxygen.
ii. You have sought clearance from us to fly with a medical condition or because you are more than 28 weeks pregnant.
iii. You have otherwise chosen to provide such information to us or it has been passed onto us by a third party such as the travel agent through which you made your booking.
iv. Biometric information (for example, facial recognition) may be collected during the security clearance process prior to, and after, flying with us.
In addition, you may have requested services (such as a meal) which is not ’sensitive data’ but may imply or suggest your religion, health or other information.
What do we use your personal information for?
The main purposes for which we use your personal information are:
i. To fulfil your travel arrangements and deliver the services you have asked for.
ii. To manage the boarding process and to facilitate flight connections at the airport.
iii. To send status updates and service communications to you.
iv. To keep track of you in advance of your flight and at the airport.
v. To help keep you safe when you fly with us and to meet certain legal and regulatory requirements which apply to Fiji Airways as an airline.
vi. To provide services tailored to your requirements and to treat you in a more personal way.
vii. To carry out analysis and market research.
viii. To carry out marketing and keep you informed of Fiji Airways’ products and services.
ix. To send you status updates and service communications.
x. To improve our websites, products and services.
xi. For management and administrative purposes.
When will we send you marketing?
When we collect information directly from you we may ask you if you do not want to receive our marketing communications. Please be aware that we do sometimes send marketing communications that promote a third party’s products and services (for example, those of our business partners) as well as our own.
We may ask if you consent to receiving marketing communications from other members of our group or from third parties.
We will respect your choice as to what communications you wish to receive and the methods by which you are sent them.
How can you change what marketing communications you receive and how you receive them?
If you decide you would no longer like to be sent marketing communications, you can change your mind at any time. The ways to stop being sent marketing communications are described below:
i. If you are a Tabua Club member you can change your marketing preferences at any time by amending your membership profile online or by telephoning or writing to the Tabua Club.
ii. If you are a registered user of fijiairways.com, you can change your marketing preferences at any time by amending your profile online.
In addition, each marketing communication we send by email will also have an unsubscribe option which will allow you to stop you receiving further marketing emails. We aim to action requests to stop being sent marketing communications within 10 working days of receiving those requests, but it is possible you will receive some marketing in the period prior to that change being made.
Please note that if you tell us that you do not wish to be sent further marketing communications, you will still receive service communications (as described above) which are necessary, for example, to confirm your booking or to provide you with an update on its status. If you are a Tabua Club Member, we will continue to keep you informed about your membership and other important service information relating to the Tabua Club. If you ask us to stop sending marketing communications, please note we will retain your personal information for the purposes of indicating that you do not want to receive marketing communications.
What is our legal basis for using your personal information?
i. Because we need to use your information so that we can process your booking, fulfil your travel arrangements and otherwise perform the contract we have with you.
ii. Because it is in Fiji Airways’ legitimate interests as an airline to use your personal information to operate and improve our business as an airline and travel provider.
iii. Because Fiji Airways needs to use your personal information to comply with a legal obligation.
iv. To protect the vital interests of you or another person.
v. Because you have consented to Fiji Airways using your information for a particular purpose.
More information on each legal basis is provided below.
If processing of your data is subject to any other laws then the basis of processing your data may be different to that set out above and may in those circumstances be based on your consent in all cases.
Performance of a contract with you. It will be necessary for Fiji Airways to use your personal information to complete a booking you have made with us. For example, we will need to use information such as your contact details and payment information to provide you with the flight, holiday and/or car hire you have requested and paid for.
Legitimate Interests. As a commercial airline and travel provider Fiji Airways has a legitimate business interest to use the personal information we collect to offer an effective service and carry out our business.
Compliance with legal obligations. There are situations where Fiji Airways is subject to a legal obligation and needs to use your personal information to comply with those obligations.
To protect the vital interest of you or another person. There are situations where we may need to use your personal information to protect the vital interests of you or another person.
Consent. Alternatively, we may collect and use your personal information where you have given your specific consent to us doing so. However, if you withdraw this consent, in some circumstances, it may mean we will not be able to provide all or parts of the services you have requested from us and you will not be able to cancel your booking or obtain a refund of any charges you have paid.
How long do we keep personal information?
We will keep your information for as long as we need it for the purpose it is being processed for. For example, where you book a flight with us we will keep the information related to your booking, so we can fulfil the specific travel arrangements you have made and after that, we will keep the information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the booking. The information may also be retained so that we can continue to improve your experience with us and to ensure that you receive any loyalty rewards which are due to you.
We will actively review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or customer need for it to be retained.
Who do we share your personal information with?
i. Customs and immigration authorities of any country in your itinerary or to which your flight may fly over. Fiji Airways and other airlines are required by laws in Fiji, USA, Australia, New Zealand, Singapore, Hong Kong, Japan and other countries to give border control agencies and Customs authorities access to booking and travel information when you fly to and from countries including stop-overs and where you may overfly countries to your destination.
ii. Airlines and other service providers needed to deliver the services you have asked for where, for instance, part of your travel itinerary involves a flight operated by a different airline or includes car hire or a hotel booking. Those airlines and other service providers will be identified when you make a booking.
iii. If you have joined affiliated loyalty program, our partners in loyalty schemes that you have joined so that we can administer the benefits of the loyalty programme to you.
iv. Credit and charge card companies, credit reference agencies and anti-fraud screening service providers to process payments and (where necessary) to carry out fraud-screening.
v. In response to a valid, legal request from Government and law enforcement agencies such as customs and immigration authorities.
vi. Third party service providers we are using to provide services that involve data processing, for example, to carry out marketing initiatives or run customer surveys on our behalf.
vii. Third parties, such as law firms and law courts, to enforce or apply any contract with you.
viii. Third parties, such as the police and regulatory authorities, to protect our rights, property, or the safety of our customers, staff and assets.
x. If necessary to comply with a legal or regulatory obligation in any jurisdiction, including where that obligation arises because of a voluntary act or decision by us (e.g. our decision to operate to a country or a related decision).
xi. We may disclose your personal information to [any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors] insofar as reasonably necessary for the purposes set out in this policy.
xii. We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) in so far as reasonably necessary for the purposes set out in this policy.
We may disclose your personal information:
a. to the extent that we are required to do so by law;
b. in connection with any ongoing or prospective legal proceedings;
c. in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
d. to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
e. to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
Except as provided in this policy, we will not provide your personal information to third parties.
We do not sell personal information to third parties, and we only allow third parties to send you marketing information where we have your consent to do so.
What countries will your personal information be sent to?
Your personal information may be sent to and stored by us and third parties in countries outside the country in which you are located.
The nature of our business means it is often necessary for us to send your personal information outside the country in which you are located to fulfil your travel arrangements. This occurs because our business and the third parties identified in “Who do we share your personal information with?” have operations in countries across the world.
This may involve sending your data to countries where under their local laws you may have fewer legal rights.
Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
Information that we collect may be transferred to the countries which do not have data protection laws equivalent to those in force in your normal country of residence.
Security of your personal information
We will take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
All electronic financial transactions entered into through our website will be protected by encryption technology.
You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).
Our website session cookies; a session cookie, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
You may refuse to accept cookies by altering the settings on your internet browser (for example Safari, Internet Explorer, Chrome and Firefox). Please note that if you choose not to permit cookies some areas of our website may not function properly or be accessible.
Please note though, that if you block or delete cookies, you will not be able to use all the features on our website.
For further information about how to refuse, block or delete cookies, please refer to your browser ‘help’ section or see www.allaboutcookies.org.”
USA TSA Secure Flight Program - Privacy Notice
The Transportation Security Administration (TSA) requires you to provide your full name, date of birth, and gender for the purpose of watch list screening, under the authority of 49 U.S.C. section 114, the Intelligence Reform and Terrorism Prevention Act of 2004 and 49 C.F.R parts 1540 and 1560. You may also provide your Redress Number, if available. Failure to provide your full name, date of birth, and gender may result in denial of transport or denial of authority to enter the boarding area. TSA may share information you provide with law enforcement or intelligence agencies or others under its published system of records notice. For more on TSA privacy policies, or to review the system of records notice and the privacy impact assessment, please see the TSA Web site at www.tsa.gov
We may update this policy from time to time by publishing a new version on our website.
You should check this page occasionally to ensure you are happy with any changes to this policy.
Ownership and Contact details
This website is owned and operated by Air Pacific Limited, trading as Fiji Airways.
You can contact us by emailing email@example.com, filling the contacts form on https://www.fijiairways.com/contact-us/ or by telephone on +679 672 0777.