Nauru Airlines (“we”, “us” or “our”) understands the importance of privacy to all individuals. We adhere to applicable privacy legislation and are committed to protecting your personal and data privacy. We limit our collection and use of your personal data to the information we need to conduct our business and provide you with the highest quality service.
Additional Terms and Conditions or policies may apply if you elect to take additional services from us, such as entering a competition or promotion.
2. What is ‘personal information’?
Personal information means data relating to you from which you can be reasonably identified, such as your name and contact details, your travel arrangements and purchase history. It may also include information about how you use our websites and mobile applications. We recognise that your personal information is valuable and we process it in accordance with applicable law.
3. Information you provide to us and how we use it
3.1. When you provide personal information
When you use our services, you will need to provide us with your personal details and/or the details of those individual(s) who will be travelling. We collect personal information from you when you interact with us, such as when you:
- complete and manage a booking you have made with us or a service you have requested from us;
- travel with us and update your travel arrangements; and/or
- use our website and apps, complete online registrations, enter promotions and engage in other online interactions.
You can choose not to provide us with any of your personal information. However, if you do so, we may be unable to respond to your enquiry, engage in further communications with you and/or provide the requested services.
When we collect personal information, we do so because it is in our legitimate interests to use and disclose your personal information to communicate with you, facilitate the provision of the services, protect the vital interests of you and other persons, comply with laws, regulations and the requirements of Government authorities and/or perform a contract with you for the provision of services.
3.2. How we use your personal information
- If you are travelling with us - we may use your personal information to fulfil your travel arrangements and deliver services you have requested, manage the travelling process, facilitate flight connections, send status updates and other communications to you, keep track of you at the airport and keep you safe when you fly with us.
- If you make an enquiry about our company, services or products - we may use your personal information to respond to your query or comply with a legal obligation.
- If you are an existing customer, supplier, or partner of ours – we may use your personal information to fulfil an obligation or perform an agreement with you, respond to any query or comply with a legal obligation.
- If you make an enquiry about working for us – we may use your personal information to consider and respond to your enquiry, comply with a legal obligation or retain your personal information in relation to future work opportunities.
- If we do not know you and/or your role at your business – we may use your personal information to confirm your identity and the business that you work for, as well as your role at that business. We do this because it is in our legitimate interests to make sure that your enquiry is genuine and is not spam or being made for fraudulent reasons. We may also do this because we may be subject to legal obligations which require us to confirm the details that you provide to us before entering into a relationship with you.
- If you opt-in or otherwise consent to receive marketing communications – we may use your personal information to contact you to share information about relevant products, services, news, promotion and events in accordance with paragraph 4. When you provide your contact details for this reason, you will be consenting to us contacting you for these purposes, including for future promotions we may hold. We will only be able to send you marketing communications if you have provided your express or implied consent.
4. Marketing Communications
4.1. When you opt-in or otherwise consent to receive marketing communications from us, you are giving your consent for your personal information to be used by us to contact you by email, direct mail, telephone, SMS, MMS, social media, apps and via other forms of communications for the purpose of direct marketing, which includes:
- delivering personalised website, app or social media experiences;
- sharing information with you about products and services provided by us and our industry partners (such as third party hire car companies, travel insurance providers or hotels);
- sending you press releases, newsletters and information about industry news and events; and
- notifying you about promotions and competitions held by us and our industry partners,
4.2. You are entitled at any time to withdraw your consent to receive Marketing Communications or amend your communication preferences by contacting us using the details in paragraph 17.
4.3. If you decide that you do not want to receive Marketing Communications from us, you can unsubscribe by selecting the opt-out or unsubscribe link contained in the relevant Marketing Communication (where applicable) or by contacting us using the details in paragraph 17. We aim to action requests to stop marketing communications within 10 working days of receiving those requests.
4.4. Please note that if you opt-out of further Marketing Communications, you will still receive service communications (as described in paragraph 3.2 above) which are necessary, for example, to confirm your booking or to provide you with an update on its status.
5. Special categories of personal information
5.1. Certain categories of personal information, such as that about race, ethnicity, religion, health, sexuality or biometric information are special categories of data requiring additional protection. In addition, you may have requested services (such as a meal) which is not ’sensitive data’ but may imply or suggest your religion, health or other information. Generally, we try to limit the circumstances where we collect and process special categories of personal data.
5.2. We may collect and use special categories of personal data in certain circumstances, such as where the collection or use or is required by law or you have:
- requested specific medical assistance, such as the provision of wheelchair assistance or oxygen;
- sought clearance from us to fly with a medical condition or because you are more than 28 weeks pregnant;
- chosen to provide such information to us or it has been passed onto us by a third party such as the travel agent through whom you made your booking.
5.3. Special categories of personal data will only be collected by us on the basis of your explicit consent, unless otherwise stated above.
6. Information received from third parties
6.1. We may receive personal information about you from third parties, such as companies contracted by us to provide services to you, companies involved in your travel plans, airlines involved in your prior or onward journey, airport operators, customs and immigration authorities and companies that participate in our partner loyalty schemes and other customer programmes.
These third parties receive your personal information in accordance with their own privacy policies and procedures and, where applicable, may function as separate controllers under the European Data Protection Legislation. We recommend you consult their privacy policies for further information.
7. Information we automatically collect about you
7.1. When you visit our website or mobile apps, your browser or other applications automatically collect information about your interaction such as your IP address, traffic data, clickstream information, time stamp, location data, web logs, other communication data and the resources that you access.
7.2. We automatically collect data about your use of our website or apps using various technologies such as cookies, web logs and beacons, as described below. This information allows us to:
- ensure content from our website and apps is presented in the most effective manner for you and your device and to make improvements to our website
- recognise you when you return to our website or app and to record your use
- keep our website and apps secure
- administer and maintain our website and apps by conducting testing and solving errors
- analyse your and other users' use of the website and apps in order to create anonymised and aggregated research or statistics from time to time. Once your personal information has been anonymised and aggregated with that of other users, we will no longer be able to identify you or anyone else from the combined information.
7.3. We use your personal information in this way because it is in our legitimate interests to determine how you may be viewing and using our website and any apps so that we can operate them effectively and improve them.
8.2. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
8.3. Some cookies are deleted when you close your browser. These are known as session cookies. Others remain on your device until they expire or you delete them. These are known as persistent cookies and enable us to remember things about you as a returning visitor. If you do not want cookies to be stored, then you may turn off cookies individually or select the appropriate options on your browser or device to delete some or all cookies. Please note, however, that if you block some or all cookies (including essential cookies) you may not be able to use or access all or parts of our websites.
8.4. If you would like to disable cookies, you can set your web browser or device to reject cookies. However, if you disable the cookie function, you may not be able to access or receive all the information contained on our websites or apps. How to alter your cookie setting will depend on the type of browser you use.
9. How long do we keep personal information?
9.1. We will keep your information for as long as we need it for the purpose(s) for which it was collected. For example, where you book a flight with us we will keep information related to your booking for a period that allows us to fulfil the travel arrangements, handle or respond to any complaints or queries, continue to improve your experience with us, ensure that you receive any loyalty rewards which are due to you and to allow us to comply with any legal obligations.
9.2. We regularly review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or customer need for it to be retained. We may retain a record of the existence of our relationship with you, to the extent that and for so long as we are required to do so by law.
10. Who do we share your personal information with?
10.1. We do not sell personal information to any third parties. However, in certain circumstances, we may share your personal information with third parties, including:
- other airlines and service providers where, for instance, part of your travel itinerary involves a flight operated by a different airline or includes car hire or a hotel booking
- credit and charge card companies, credit reference agencies and anti-fraud screening service providers to process payments and (where necessary) to carry out fraud-screening
- to confirm your identity or check your personal information (including by searching for your name and that of your business in publicly available and private databases)
- service providers we are using to provide services that involve data processing, for example, to carry out marketing initiatives or run customer surveys on our behalf
- our business partners if you have expressed an interest in a product or service of such business partner. For example, if you have joined an affiliated loyalty program so that we can administer the benefits of the loyalty program to you
- Government and law enforcement agencies such as customs and immigration authorities, in response to a valid, legal requirement or request
- any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) in so far as reasonably necessary for the purposes set out in this policy
- analytics and search engine providers that assist us on the improvement and optimisation of our websites
- any of our employees, officers, insurers, professional advisers, lawyers, tax or business advisors, agents, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this policy
- a purchaser or successor entity in the event of a sale or other corporate transaction involving some or all of our business or as needed to effect the sale or transfer of business assets, or as needed for external audit, compliance or corporate governance related matters
- a third party to whom we have a duty to disclose or share your information (i) to enforce or apply our conditions of carriage and other agreements with you; (ii) as required by applicable law, court orders, government entities or legal process (including subpoenas); (iii) as necessary to protect the property, safety and rights of others.
10.2. By providing us with your personal information, you consent to the disclosure of your personal information to third parties as set out in paragraph 10.1. In the event you do not wish for us to disclose your personal information to third parties pursuant to clause 10.1, please contact us using the details in paragraph 17.
11. International Data Transfers
11.2. By providing us with your personal information, you consent to the disclosure of your personal information offshore as set out in paragraph 11.1.
11.3. We are located in Australia and Nauru, which are not countries that have been deemed to offer adequate data protection by the European Commission. If you do provide your personal information to us, please note that you are doing so on the basis that you consent to the transfer of your personal information outside the European Economic Area (EEA). The potential consequence of this is that there is a risk that your personal information will not be protected in a manner that complies with European Data Protection Legislation. You can withdraw your consent to such international transfers but it will mean that we will not be able to contact you about the services we can or have agreed to provide to you going forward.
12. Your Rights
12.1. With respect to the personal information that we collect about you, you have the right to:
- request access to that personal information
- receive a copy of the personal information that you have provided to us in a commonly used format so that you can share it with others
- where personal information is inaccurate or incomplete, ask for personal information to be rectified or completed
- request the transfer of your personal information to another party
- ask that personal information be erased
- object to us processing your personal information by asking for the processing of that personal information to be restricted or stopped. For example, by requesting that we do not use your personal information for marketing purposes
- make a complaint about the manner in which we process your personal information under any applicable laws.
12.2. Please contact us using the details listed in paragraph 17 to exercise these rights or for additional information. When you contact us to exercise the above rights, we may ask for further information from you, to confirm your identity, as we take the protection of your personal information seriously. In the event you email us, we will endeavour to respond to requests, complaints or queries as soon as reasonably practicable.
12.3. Please note that despite clause 12.1, we are not required to give you access to your Personal Information to the extent that:
- we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or
- giving access would have an unreasonable impact on the privacy of other individuals; or
- the request for access is frivolous or vexatious; or
- the information relates to existing or anticipated legal proceedings between us and you, and would not be accessible by the process of discovery in those proceedings; or
- giving access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations; or
- giving access would be unlawful; or
- denying access is required or authorised by or under applicable laws or a court/tribunal order; or
- both of the following apply:
(a) we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in;
(b) giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal evaluative information generated by us in connection with a commercially sensitive decision-making process.
13. Security of your personal information
13.1. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
13.2. We will store all the personal information you provide on secure (password and firewall-protected) servers.
13.3. All electronic financial transactions entered into through our website will be protected by encryption technology.
13.4. You acknowledge that the transmission of information over the internet is inherently unsecure, and we cannot guarantee the security of data sent in this manner.
13.5. You are responsible for keeping your booking information secure. To help you keep your information secure, we recommend that you:
- Keep your booking reference confidential - When you make a booking, you will be given a booking reference on the email confirmation or ticket. You should always keep your booking reference confidential. Giving your booking reference to others may allow them to access your booking details through our system. If you are travelling with others and would not like your individual booking details to be accessible by them, you may prefer each person to make separate bookings.
- Be aware of and protect yourself against Internet scams, fraud and ‘phishing’ - There is an Internet fraud practice known as ‘phishing’ (the illegal is gathering of personal information by deception).
13.6. If we become aware of a breach of security of your Personal Information, we will notify you of the breach of security of your Personal information by written notice to your postal address, telephone or electronically within the period required by applicable laws.
14. USA TSA Secure Flight Program - Privacy Notice
14.1. This paragraph is relevant for flights to and from all United States territories.
14.2. The United States Transportation Security Administration (TSA) requires you to provide your full name, date of birth, and gender for the purpose of watch list screening, under the authority of 49 U.S.C. section 114, the Intelligence Reform and Terrorism Prevention Act of 2004 and 49 C.F.R parts 1540 and 1560. You may also provide your Redress Number, if available.
14.3. Failure to provide your full name, date of birth, and gender may result in denial of transport or denial of authority to enter the boarding area. TSA may share information you provide with law enforcement or intelligence agencies or others under its published system of records notice. For more on TSA privacy policies, or to review the system of records notice and the privacy impact assessment, please see the TSA Web site at www.tsa.gov.
15. European Data Protection Legislation
15.2. Where the European Data Protection Legislation applies to personal information collected about you, Nauru Air Corporation, trading as Nauru Airlines is the “controller” of your personal information. If you have made a flight booking with us but one or more flights are to be provided by other airline(s) then that other airline will also separately be considered a “controller”. Any provider of services such as a hotel or car rental company will also separately be a “controller”. Please be careful to review privacy policies of such service providers separately, which you can access from them directly.
16.1. We may update this policy from time to time to reflect any changes in our practices, services and legal obligations by publishing a new version on our website.
17. Ownership and Contact details
17.1. This website is owned and operated by Nauru Air Corporation, trading as Nauru Airlines.