In order to provide its services, Air Tahiti Nui needs to collect and process personal data (for example: your email, your passport number ...). In order to be as transparent as possible, in this document Air Tahiti Nui explains:
- What data is collected and for what purposes
- With whom your personal data may be shared
- Your rights and the different means at your disposal for you to maintain full control over your personal data
- The main IT security measures put in place to protect your data
In addition, to ensure compliance with this policy, Air Tahiti Nui has appointed a data protection officer who reports to the Commission Nationale de l’Informatique et Libertés (CNIL).
What personal data is collected and for what purposes?
In order to allow the reservation and purchase of your tickets, Air Tahiti Nui collects your last name, first name and passport information via its website or through an agency. This data is essential in ensuring our transport service and is recorded in our reservation systems, plus it is shared with the partner companies in the case of codeshare flights..
Your personal data may also be used for purposes of prospecting, loyalty programs, promotions, surveys and organization of contests or for the definition of new products, always with the aim of offering you a suitable and efficient service.
To improve the relevance of our offers according to your interests, this personal data can therefore be enriched through information provided by commercial partners.
As part of its loyalty program, Air Tahiti Nui also registers an account in your name and manages a mailing list based on your email. Your Club Tiare number can also be communicated to our partners to allow the accumulation of your miles.
In addition, for those who have made the choice to subscribe, a newsletter allows you to receive the latest offers through your email.
Also, to meet the legal obligations of each country with regards to immigration, for the prevention of unpaid debt, the fight against fraud and flight safety, some personal data is transmitted to the authorities of countries before you enter their territory.
Finally, in the event of an incident that affects the safety or security of a flight, Air Tahiti Nui must record the personal data of those involved in the incident. These records may be used to file a complaint or to implement a ban on transportation on Air Tahiti Nui flights.
With whom may your personal data be shared?
The collected data may be communicated to Air Tahiti Nui authorized personnel, our partners (accredited agents in travel agencies, partner carriers, car rental companies, hotels, credit card companies) or to partners of ancillary services, as part of the performance of the services.
For the protection of your personal data, the contracts entered into by Air Tahiti Nui systematically include confidentiality clauses and compliance with safety rules.
In the context of customs, immigration or police investigation, Air Tahiti Nui may have to communicate your personal information to the authorized French or foreign public authorities. This transfer of personal information is also required in order to fulfill mandatory immigration formalities or for the purposes of preventing and combating terrorism or other serious crimes.
In accordance with Article L.232-7 of the French Internal Security Code, Air Tahiti Nui informs you that air carriers may be required to send the reservation, check-in and boarding data of their passengers (API/PNR) to the French administration, according to the treatment modalities and for the purposes provided for by decree n° 2014-1095 of 09/26/2014..
Some of the recipients mentioned above are likely to be established outside the European Union and will have access to all or part of the personal information collected by Air Tahiti Nui (last name, first name, passport number, details of the trip, etc.), for the proper performance of the contract of carriage or because of a specific legal authorization.
What are my rights and how can I exercise them?
In accordance with the General Data Protection Regulation (GDPR) and the law on "informatique et libertés" (French Data Protection Act), you have a right of access, rectification, deletion, opposition or limitation. To exercise your right, you can send your request to Air Tahiti Nui by post to the following address:
DPO Air Tahiti Nui
28 Boulevard Saint Germain
When you contact Air Tahiti Nui's customer service, your call is likely to be registered for the purposes of improving service quality, prevention of litigation and malicious calls. However, if you do not wish to be registered, indicate this directly to the advisor.
Unless you express opposition during the collection of your data or later, Air Tahiti Nui reserves the right to use your data or to communicate it to its partners in order to send you suitable commercial offers. When required by law, your data will be used for prospecting purposes only after obtaining your explicit consent. The latter can be revoked at any time upon request from you.
In addition, if you no longer wish to receive the electronic newsletter of Air Tahiti Nui, you have the option to click on the unsubscribe link located at the bottom of each communication.
Also, if you do not want to receive offers from Club Tiare and Air Tahiti Nui partners, you can update your communication preferences in your profile by logging into your Club Tiare account.
The collection of certain personal data is essential to allow access to certain services or benefits (special meals, medical assistance, etc.). You may, however, exercise your right to object to the collection and processing of such data, although this may result in you being unable to take advantage of these services or benefits.
In accordance with French and international laws and regulations, the lack of communication or the inaccuracy of certain data may lead to a decision to refuse boarding or entry to a foreign country (for example by decision of a customs service), for which Air Tahiti Nui cannot be held liable.What computer security measures are in place to protect your personal data?
To ensure the security of your personal data, Air Tahiti Nui has put in place a set of safety rules and precautions of use that are transposed in the company's IT policy.
The security of our internet-accessible systems is periodically audited by IT security experts.
All our systems handling your payment data comply with the most stringent standards (Payment Card Industry Data Security Standard or PCI DSS).
Finally, for several years Air Tahiti Nui has been committed to securing its information system by implementing technical and organizational measures according to ISO 27001 and 27002 standards.
Air Tahiti Nui reserves the right to adapt the personal data protection policy. It is advisable to regularly check the latest version of this policy.
This version was prepared during April 2018.