Language

English Bahasa Indonesia 简体中文 France 日本語 한국어 Español Deutsch Português Italiano

FlyGaruda Indonesia

Privacy Policy

Welcome to https://www.flygarudaindonesia.com/.

This Privacy Policy forms part of our Terms & Conditions and governs how FlyGaruda Indonesia (hereinafter referred to as “we,” “our,” or “us”) collects, uses, stores, and protects personal information (hereinafter referred to as “Personal Information”) provided by customers, website users (the “Website Users”), and individuals who interact with us through our call centers or sales offices.

We value your privacy and are committed to safeguarding your Personal Information. We will take reasonable steps and apply appropriate measures to ensure that any information you share with us through this website remains secure and protected from unauthorized access. However, please note that while we strive to maintain confidentiality, we cannot guarantee absolute protection against all unauthorized access.

We may update or revise this Privacy Policy from time to time as necessary. Any changes will be published on our website with a revised date so you can easily identify the most recent version.

Company Information:

AN NGUYEN SERVICES COMPANY LIMITED

Address: 2nd Floor, No. 47 To Vinh Dien Street, Khuong Trung Ward, Thanh XuanDistrict, Hanoi City, Vietnam

Business License: 0105904771
 

Article1. Information We Collect

Depending on how you use our website, we may collect:

- When browsing: non-identifiable technical data such as IP address, device type, and cookies.

- When booking: name, passport details, date of birth, nationality, contact details (email, phone), and payment information.

- When communicating: inquiries, complaints, or service requests via email, phone, or live chat.

- When subscribing: if you opt in, your email for newsletters or promotional offers.
 

Article 2. How We Use Your Information

We use your personal information for purposes such as:

- Processing and confirming your reservations.

- Issuing e-tickets and sending booking updates.

- Communicating with you about schedule changes or service issues.

- Providing customer service and responding to inquiries.

- Improving our website and services.

- Sending marketing updates or offers (only with your consent).
 

Article 3. Sharing of Data

We only share your information when necessary, including with:

- Bangkok Air to issue and manage your bookings.

- Trusted service providers (e.g., payment processors, IT support, travel partners) who help us deliver our services.

- Authorities or regulators when required by law, to prevent fraud, or to ensure safety.

We commit to not sell or rent your personal information to third parties.
 

Article 4. Methods of Collecting & Retention Period of Personal Data

* We may collect your personal information through various channels, including but not limited to:

- Our website and mobile applications when you book a flight;

- When you subscribe or register for our newsletters or electronic communications;

- When you register to participate in our services, promotions, or other programs.
* We will retain your personal data within our internal systems for as long as is necessary to:

- Provide the requested services;

- Fulfill the purposes for which the data was originally collected;

- Comply with applicable legal and regulatory obligations;

- Resolve disputes or enforce our agreements.

- Your personal data will be deleted once it is no longer required for above mentioned purposes, or earlier if you request its deletion, in accordance with applicable laws.
 

Article 5. Legal Basis for Processing Personal Data

We only process your personal data on the following legal grounds:

- Your certain consent, where required;

- Performance of a contract of carriage, or taking steps at your request before entering into such a contract;

- Compliance with legal obligations under applicable laws;

- Pursuit of our legitimate interests, provided such interests do not override your fundamental rights and freedoms.

You may withdraw your consent at any time. However, please be noted:

- Withdrawal of consent will not affect the lawfulness of processing carried out based on your consent prior to its withdrawal;

- If you choose not to provide certain personal data, or if the information you provide is incomplete or inaccurate, we may not be able to fully perform our contractual obligations or provide the services you have requested at the expected level of quality.
 

Article 6. Your Rights

As a user, you have the right to:

- Access and request a copy of your personal data.

- Correct or update inaccurate information.

- Request deletion of your data where legally permissible.

- Withdraw consent for marketing communications at any time.

- File a complaint with a data protection authority if you believe your rights are violated.

To exercise your rights, please contact Mr. Danny Pham - Customer Data Care and Protection Supervisor at [email protected]  for supports. You may, in your email, details the necessary information such as: full name, email address, booking# (if available), phone number… for him to identify you and your concern.
 

Article 7. Children Personal Information
- For children under fourteen (14) years old holding Korean nationality, we will collect, use, or share personal information only with the consent of the child’s parent, legal representative, or guardian.

- For children holding European Union nationality and who are below the minimum legal age for consent under that Member State’s regulations (13 in Denmark, Spain, and the United Kingdom; 14 in Austria and Italy; 15 in the Czech Republic and France; 16 in Germany and the Netherlands), we may only process the child’s personal information after obtaining consent or authorization from the parent or guardian.

- For children from other nationalities, we will collect and process personal information in accordance with the applicable data protection laws, and only with the consent or authorization of the parent or guardian.
In regards to children personal information, parents, legal representatives or guardians may request to access, edit, or withdraw consent regarding the child’s personal information through our sales offices, by postal mail, or by email at [email protected]

Article 8. Technical Measures for Data Protection

To protect customer personal information against loss, theft, unauthorized disclosure, alteration, or damage, we implement the following technical, managerial, and physical security measures:

- Important personal data is stored in a password-protected system with restricted access.

To cope with risks such as hacking or computer viruses, and considering the potential impact on individuals’ rights and freedoms, we undertake to:

- Prevent leakage or damage of personal data caused by hacking or malware;

- Operate access control systems to prevent unauthorized external access;

- Implement appropriate technical and organizational measures, including pseudonymization and encryption, to ensure a security level appropriate to the risks;

- Maintain the ongoing confidentiality, integrity, availability, and resilience of data processing systems and services;

- Ensure the timely restoration of access to personal data in the event of a physical or technical incident;

- Regularly test, assess, and evaluate the effectiveness of our security measures;

- Maintain a dedicated unit responsible for personal data protection
Please contact Mr. Danny Pham - Customer Data Care and Protection Supervisor at [email protected] for supports if you have any inquiry or concern in regards to your personal information shared with us. You may, in your email, details the necessary information such as: full name, email address, booking# (if available), phone number… for him to identify you and support you as as quickly as possible.
 

Article 9. Communication and Notification in Case of Data Breach

In the event of a personal data breach, we will notify you and the relevant supervisory authority without undue delay, in accordance with applicable laws. Such notification will be written in clear, plain language and will include:

- The name and contact details of our Customer Data Care & Protection Officer or another point of contact - Mr Danny Pham, Customer Data Care & Protect Supervisor, email to be reached: [email protected]

- A description of the likely consequences of the breach;

- The measures taken or proposed to be taken to address the breach, including steps to mitigate any potential adverse effects.

Notification to you may not be required if:

- Adequate technical and organizational measures (such as encryption) were applied to render the data unintelligible to unauthorized parties;

- Subsequent actions have ensured that the high risk to your rights and freedoms is no longer likely to materialize;

- Providing individual notifications would involve disproportionate effort. In such cases, we will issue a public communication or take a similar measure to inform you effectively.
 

Article 10. Privacy Policy Effectiveness

This Privacy Policy takes effect from 25 May 2023 and replaces all previous versions.

We are committed to ensuring full compliance with this Privacy Policy, and our Customer Data Care & Protection Officers will oversee its enforcement.

We reserve the right to update or revise this Privacy Policy from time to time as necessary. Any changes will be published on our website with a revised date so you can easily identify the most recent version. Contact Information

If you have any questions or concerns regarding your Personal Data, please contact:

Mr. Danny Pham

Customer Data Care and Protection Supervisor
Email: [email protected]
Last reviewed and updated on 25 August 2025