Privacy Policy


Thai Lion Air Privacy Policy, version 001 update as of 01Jun2022

Thai Lion Mentari Co., Ltd (“Thai Lion Air”, “we”, “us”, or “our”) is concerned about your right to privacy. Therefore, Thai Lion Air pledges to be responsible when gathering information relating to any identified or identifiable natural person ("Personal Data"), and to protect your privacy in every possible way. Although, this "Privacy Policy" is not a contract and does not create any additional legal rights, however, it does serve as an expression of Thai Lion Air’s commitment to protect your Personal Data.

To keep up with any development or change in the future, Thai Lion Air reserves the right to change, amend and/or vary this Privacy Policy at any time and will notify users of the same by updating the Privacy Policy here and by including a "NEWLY UPDATED" label with the "PRIVACY POLICY" link on the web sites governed by this Privacy Policy for a period of 30 days.

This Privacy Policy aims to answer your questions about the sources and kinds of Personal Data Thai Lion Air collects, how it is used, when it may be shared with others, and how we safeguard its confidentiality and security. We also provide you with ways to correct the Personal Data you provide us and the option to limit our sharing of this Personal Data with Thai Lion Air’s authorized third parties as well as your rights under applicable laws.

ThePersonal Data we collect about you

To ensure that we successfully process your booking and to effectively manage our business, we collect and maintain Personal Data of (1) our prospective, current and former individual customers, (2) employees, personnel, officers, representatives, shareholders, authorized persons, members of the board of directors, contact persons, agents, and other natural persons in connection with our prospective, current and former corporate customers ("Related Persons of Corporate Customers"), and (3) any non-customer individuals that we receive their Personal Data (e.g. emergency contact, spouse, partner, parent, heir, relatives, children).The persons in (1) – (3) are collectively referred to as ("you" or "your") and the individual and corporate customers referred to in (1) and (2) are referred to as the "Customer". We collect your Personal Data from many sources for the purposes of understanding current or new demands, meeting these demands, as well as to provide and personalize our products and services. The means of Personal Data collection, among others, are as follows:

  • From you, when you voluntarily provide your Personal Data to us or to third party service provider(s) engaged by us;
  • From you, when you voluntarily provide your Personal Data to us through our reservation desks/counters;
  • From you, when you voluntarily provide your Personal Data to us through our website, or third party's website (e.g. online travel agencies, booking engines, social media providers) or mobile applications;
  • From your browser, when you visit our website and your browser interacts with us;
  • From you, through our call centers;
  • From other government and regulatory authorities (e.g. Immigration Bureau and Customs);
  • From other sources and related links in connection with providing your transportation and/or accommodation needs, products, and services;

We may collect additional Personal Data in connection with your participation in any promotions or competitions offered by us and Personal Data you provide when giving us feedback.

The Personal Data we collect about you includes but is not limited to the following:

  • Title, first name, last name, date of birth, place of birth, age, gender, signature, marital status, political status, occupation, job position, salary, information on curriculum vitae or CV, and other occupational history (work place, work position and company you work for, employed at or holds shares of), education history, license plate number, nationality, and any correspondence (e.g. written communication with you), percentage of shares you hold in the company (for shareholders of corporate customers), voice recordings, phone records, photograph, CCTV footages and other Personal Data provided to customer-service representatives to research and resolve issues or questions or lodging complain;
  • Registered address, residence address, business address, billing address, shipping address, mailing address, freight address, email address; telephone number, mobile number, business telephone number, fax number and other phone numbers, social media account information (e.g. Facebook account, LINE ID, Google ID and Twitter ID) and other electronic communication ID;
  • Passport number, driver's license number, identification number, tax identification number, house registration information and other identification information;
  • Credit / debit card number(s), including associated billing address(es) and expiration date(s), bank account number, account type, account history, prompt pay details, current assets, income and expenses, payment details and records (e.g. payment date and/or time, payment amount, details about refund, refund amount, date and location of reservation, reservation number), date and time for pick up or delivery, acknowledgement of receipt, recipient signature, warranty details, complaints and claims;
  • Behavior supplied through your reservation and/or purchase of our products or services;
  • Your account identifiers, username and password, PIN ID;
  • Internet protocol (IP) address, cookies, web beacon, log, device model and type, network and connection details, access details, single sign-on (SSO) details, login log, access times, time spent on our page, cookies, login data, search history, browsing details, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on devices you use to access the platform;
  • Information on how you browse or use our websites, platform, application products and services and how you use and interact with our advertising (including content viewed, links clicked, and features used);
  • Your marketing preferences, information about your preferred products or services, and inferences about you based on your interactions with us, our affiliates, subsidiaries, and business partners, this also includes other communication preferences and details or content of your communications with us, your marketing data, such as responses to questionnaires, surveys, requests for feedback, and research activities;
  • Other information, collected, used or disclosed in connection with the relationship with us, such as, feedback from the use of products or services and other Personal Data provided via survey, contest, competition or other marketing research efforts or data collected when you participate in our business functions, seminars, social events;
  • Personal Data generated in connection with the Customer's relationship with us, for example account opening, administration, operation, payment, settlement, processing and reporting, on behalf of the Customer. Such Personal Data may include signatures, and your correspondence with us;
  • Flight details (e.g. one-way/roundtrip, flight number, country of origin/destination and date of departure/arrival, and baggage information);
  • Information about your previous flights and travel-related issues, including upgrades received;
  • Your interactions with our ground staff (e.g. such as the details of any complaint cases, call details, and other information relevant to assist our ground staff to provide products and/or services to you) and cabin crew before and during the flight (e.g. types of beverages requested or other in-flight requests and preferences);
  • Information about any incidents that you are either involved in or that you witness, in connection with your flight or any of our products or services;
  • Other information as necessary to facilitate travel or other products and services, including travel company; and
  • Information that you provide to the public with your own explicit consent.

Thai Lion Air only collects, uses, and discloses Personal Data of individual who are considered minors, quasi-incompetent, or incompetent person (under the applicable law) when we have obtained legal representative, curator, or guardian consent as the case may be, or we are allowed under the applicable law to do so.  

In the event we learn that we have unintentionally collected Personal Data from a minor, quasi-incompetent or incompetent person without legal ground, we will delete it immediately, or we will continue to process it only if we are permitted to do so by relying on applicable legal basis.

If you submit any Personal Data about other individual to us or our service providers, such as when you make a reservation for another individual, please provide this Privacy Policy for their acknowledgement and obtain their consent for us (where consent is required).

If you do not provide the Personal Data that we request, or prohibit us from collecting such Personal Data, which are necessary for us to perform our contractual or legal obligations, we may not be able to provide the requested products or services to you.

The purposes in which we collect, use, and disclose your Personal Data

Apart from the purposes where we may seek your consent, we (and third parties who may be acting on our behalf) may rely on (1) pre-contractual and contractual basis, for our initiation or fulfilment of a contract with you; (2) legal obligation, for the fulfilment of our legal obligations (3) legitimate interest, for the purpose of our legitimate interests and the legitimate interests of third parties, to be balanced with your own interest and fundamental rights and freedoms in relation to the protection of your Personal Data; (4) vital interest, preventing or suppressing a danger to a person’s life, body or health; (5) public interest, for the performance of a task carried out in the public interest or for the exercise of official actions and (6) the reason for an establishment and defence of legal claims, for the following purposes:

Generally, we use your Personal Data to provide you with our products or services, including air transportation or cargo services, and our flight-related services (Lion care travel insurance per your request), and our customer call center. Specifically, your Personal Data shall be used for the following purposes:

  • to contact you per your request or prior to your entering into a contract with us;
  • to enable us to provide you our products or services such as processing, confirming, and completing flight reservations, processing payments, and payment transfers, issuing and delivering insurance policies and/or e-policy to your address per your request, processing information relating to connecting flights, arrangements at airports and customs and immigration facilities, facilitating airport, internet check-in and self-check-in, and responding to requests for refund or lost and found, or baggage claim inquiries;
  • to process applications for establishment of a business relationship, to open/maintain/operate/close your accounts, including your applications or requests for services or products and to process your transactions and generate your account statement;
  • to send you any communications relevant to the products or services you’ve requested or purchased from us, to notify you about changes to our products or services, to share your information with our selected third parties, such as suppliers and partners to enable them to contact you and to enable us to interact with you on social media platforms (e.g. Facebook, Twitter, and LINE) regarding our products or services;
  • to verify your identity, to conduct due diligence or any other form of background checks or risk identification on you and the Customer (including screening against publicly available government law enforcement agency and/or official sanction lists), and to evaluate suitability and qualifications of you and the Customer; to issue a request for quotation and bidding and execute a contract with you or the Customer;
  • to manage your relationship with us and administrate of your account with us or plan, perform, and manage the contractual relationship with the Customer; to carry out or make transactions and/or payments: such as processing payments or transactions, fulfilling orders, performing accounting, auditing, and billing and collection activities, arranging shipments and deliveries, providing support services; to carry out your instructions or respond to your inquiries or feedback, to resolve your complaints, maintain and update lists/directories of your Personal Data, and to keep contracts and associated documents in which you may be referred to;
  • to protect and ensure safety of the health of a Customer, Related Persons of Corporate Customer, our staff, or other individuals in relation to our products, services, properties and premises;
  • to ensure the security and integrity of our products, services, buildings, and people as well as to protect against and investigate and deter against fraud, unauthorized or illegal activities, systems testing, maintenance and development such as monitoring network activity logs, authentication and access controls and logs where applicable, monitoring of system, devices and internet, ensuring IT security, detecting security incidents, conducting data security investigations, and otherwise protecting against malicious, deceptive, fraudulent, crime or illegal activity;
  • to comply with all applicable laws, regulations, rules, directives, regulatory guidelines, orders, instructions and requests from any governmental, tax, law enforcement or other authorities, for example to the Immigration Bureau, the International Air Transport Association (IATA), or other local and international authorities;
  • to comply with reasonable business requirements, such as, management, training, reporting, statistical, trend analysis and planning or other related or similar activities for our products or services, to manage our infrastructure, internal control, internal audit and business operations and to comply with our policies and procedures that may be required by applicable laws and regulations including those relating to risk control, security, audit, finance and accounting, systems and business continuity, and analyzing and managing risks associated with our business;
  • to address or investigate any complaints, claims or disputes, enforcing our legal or contractual rights including, but not limited to, recovering any and all amounts owed to us;
  • to improve our products or services provisions and operation and update you on our products or services from time to time, to carry out/plan research, data analytics, assessments, surveys and reports on our products or services for the purpose of developing our performance, development and improvement of marketing strategies, our products or services, to organize our promotional campaign or events, conferences, seminars, and company visits and to carry out aggregated and anonymized research about general engagement with our services and systems;
  • to perform our obligations under any agreements to which we are a party to, e.g. agreements with our affiliates, our business partners, or vendors;
  • to transfer your Personal Data to one or more third parties in the event of sale, transfer, merger, reorganization, or similar event as part of that transaction which we will ensure that the data recipient will comply with this Privacy Policy to respect your Personal Data, to facilitate financial audits to be performed by an auditor, to receive legal advisory services from legal counsel appointed by you or us, or to receive financial advisory services from investment banker or financial advisor appointed by you or us to assist in prospective merger and acquisition or capital market transactions;
  • to provide IT and helpdesk supports, create and maintain relevant code and profile for you, to manage your access to any systems to which we have granted you the access, to remove inactive accounts, to implement business controls to enable our business to operate, and to enable us to identify and resolve issues in our IT systems, and to keep our systems secure, to perform IT systems development, implementation, operation and maintenance; and
  • to be used for the purposes of accounting (billing and auditing), immigration, customs control, safety, security, internal statistical and marketing analysis, information systems management, system testing, maintenance and development, operational, support, customer surveys, customer relations and to improve and help us in any future dealings with you per your request or interest, for example by identifying your requirements and preferences.

Sensitive Data and our purpose for processing

Some Personal Data which are classified under the applicable data protection law as sensitive data ("Sensitive Data"), such as disabilities, health data, religion, race, and ethnicity , may be collected and used by Thai Lion Air to assist customers with special needs, preferences, and circumstances. Such Sensitive Data aids Thai Lion Air in determining whether a Customer is fit to fly, in managing dietary requirements, food allergies and religious preferences, in providing facility to the Customer (e.g. praying area/ space) and in accommodating other personal needs that may arise. Also, Sensitive Data on/from official identification documents (such as religion, race and ethnicity) is used for authentication and verification purposes.

We will use Sensitive Data as relied on the basis of explicit consent or any other legal bases as applicable by law. Where the legal basis is consent, you have the right to withdraw consent at any time. This can be done so by contacting THAI LION MENTARI CO., LTD 89/46 Vibhavadi Rangsit Road, Sanambin Sub-District, Don Mueng District, Bangkok 10210, Thailand Email: [email protected] The withdrawal of consent will not affect the lawfulness of the collection, use and disclosure of your Personal Data and Sensitive Data based on your consent before it was withdrawn.

Who we share Personal Data with

Whenever required by law, we will disclose your Personal Data to the government bodies or authorities or third parties pursuant to a subpoena or other legal processes accordingly. Further, we may also use or disclose your Personal Data as permitted by law to protect the rights or property of Thai Lion Air, our customers, our website, or its users.

In our business operation or for products or services provision, we may also disclose your Personal Data, whether in part or in full, to our contracted or authorized companies, such as our data processors.  Accordingly, we may disclose or share your Personal Data to the following third parties:

  • Our group companies. For a list of our group companies, please see Lion Group
  • Persons acting on your behalf or otherwise involved in the provision of the type of product or service you receive from us or may receive from such third party persons located in and outside Thailand;
  • Data storage and cloud service providers; hospitals or health-related institutions; banks and financial institutions; insurance companies; auditors; online travel agencies and travel insurance companies; software, IT, or telecommunications service providers (e.g. payment gateway providers); marketing, advertising media, and communications agencies; storage and logistics service providers; outsourced administrative service providers;
  • Your representative, your employer, sponsor and third parties that have roles in delivering services to you or someone acting on their behalf may provide us with information about you;
  • Immigration Bureau; Customs Department; Offices of the Narcotics Control Board; Anti-Money Laundering Office; Royal Thai Police Headquarters; Civil Aviation Authority of Thailand; Office of the Consumer Protection Board; National Anti-Corruption Commission; Tourism Authority of Thailand; Office of the Auditor General of Thailand; Office of the Ombudsman Thailand; and
  • Our business partners, investors, significant shareholders, assignees, prospective assignees, transferees, or prospective transferees in the event of any reorganization, restructuring, merger, acquisition, sale, purchase, joint venture, assignment, dissolution or any similar event involving the transfer or other disposal of all or any portion of our business, assets, or stock.

Some of the recipients we may share your Personal Data with may be located outside Thailand, where the data protection standards in those destination countries may or may not be equivalent to Thailand. In such case, we ensure appropriate safeguards in place, and oblige the recipients to protect your Personal Data in accordance with this Privacy Policy. As part of our effort to serve you better, we are constantly enhancing and expanding our products and services to fulfill your ever-growing needs. In order to realize this business aim, we will from time to time appoint, authorize or contract with strategic business partner. Your Personal Data will be disclosed to these business partners, authorized or contracted third party, service providers or advertisers to make available promotions, offers, products or services based on your request which you have marked your interest, which may not belong to us. However, to ensure that you will not receive unwanted communications, only information with regards to promotions, offers, products or services that you selected or marked as interested through our member profile will be shared with the respective business partners, service providers or third parties.
In the circumstances set out in this Privacy Policy where Thai Lion Air passes your Personal Data to a third party, we will use our best endeavors to ensure that the security measures that such party has in place in relation to the processing of your Personal Data are at least as stringent as those employed by Thai Lion Air if not better. This does not apply where we are required by law to pass your Personal Data to a third party. In the event we go through a business transition, such as sale of part or all of our assets, merger or acquisition, your Personal Data will likely form part of this transition and be transferred.

Thai Lion Air does not sell or rent any Personal Data you provide on our web site to any other parties. Thai Lion Air may share anonymous and/or aggregated information about all our unidentifiable users with third parties.

Retention period of your Personal Data

Subject to applicable laws, we will retain your Personal Data for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, and internal requirements. However, we may have to retain your Personal Data for a longer duration, as required by applicable law.

Correction/updating Personal Data

The instructions to do this are clearly outlined in every piece of promotional material issued by Thai Lion Air.

Links to other websites

Thai Lion Air web site contains links to other websites. Please be aware that we are not responsible for the privacy practices or content of those websites. We encourage you to read the privacy statements/policy of each website that collects Personal Data from you. Thai Lion Air's Privacy Policy applies solely to Personal Data collected by Thai Lion Air.

Security

Our online reservation system resides on a secure server that encrypts your purchase information using Secure Socket Layers. We use all reasonable endeavors to protect Personal Data from loss, misuse, and alteration. Only authorized employees and agents, who are under appropriate confidentiality obligations, will have access to your Personal Data. However, you will be responsible for your user ID or password that is used on our web site. You should take due care to protect them.

Cookies

A cookie is a piece of data stored on the user's hard drive containing Personal Data about the user. This enables our system to recognize your browser and remember your passenger names and billing information so that you won't have to retype it. The address and passenger information is saved to your hard drive by the Thai Lion Air web server. This Personal Data can only be accessed by the Thai Lion Air web server; Internet users and other companies cannot access this Personal Data. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file.

For security reasons, your credit card number is not saved. You must type the credit card number each time you make a purchase.

We also utilize cookies to track the effectiveness of online advertising. This Personal Data is treated confidentially and will not be shared with anyone outside of Thai Lion Air. We will only use this Personal Data to make informed decisions with regard to the purchase of online advertising. This enables us to maintain low costs and low fares for you, our Customers.

Site tracking

We use tracking software to monitor Customer traffic patterns and site usage to help us develop the design and layout of the site to better meet the needs of visitors to LionAirThai.com. This software does not enable us to capture any Personal Data.

Log files

We use IP addresses to analyze trends, administer the site, track user's movement, and gather broad demographic information for aggregate use. IP addresses are not linked to Personal Data.

Your rights as a data subject

Subject to applicable laws and exceptions thereof, you have the following rights:

  • The right to access your Personal Data. This also enables you to receive a copy of the Personal Data we hold about you and to check on how we acquire certain Personal Data without your consent;
  • The right to port your Personal Data to another party. This means to receive copies of your Personal Data in a structured, commonly used by ways of automatic tools or equipment, and in electronic format and/or ask us to transfer it to another party by automated means;
  • The right to object to the collection, use and disclosure of your Personal Data for certain cases, including when we use your Personal Data for direct marketing purposes;
  • The right to delete, destroy or anonymize your Personal Data. This enables you to ask us to delete, destroy or anonymize Personal Data where there is no valid ground for us to continue the collection, use and disclosure of such Personal Data or other cases per applicable data protection laws;
  • The right to restrict the collection, use and disclosure of your Personal Data. This enables you to ask us to suspend the collection, use and disclosure of your Personal Data in certain cases under applicable data protection laws;
  • The right to rectify the Personal Data we hold about you. This enables you to have any inaccurate, outdated, incomplete, and misleading Personal Data we hold about you rectified;
  • The right to make a complaint to a competent authority under the applicable data protection law; and
  • The right to withdraw your consent at any time where we collect, use and disclose your Personal Data based on your consent. This will not affect the lawfulness of the processing based on consent before the withdrawal.

Contact us

If you have any questions or concerns regarding this Privacy Policy, or if you would like to exercise your rights as a data subject, please contact us via the following details:

THAI LION MENTARI CO., LTD 89/46 Vibhavadi Rangsit Road, Sanambin Sub-District, Don Mueng District, Bangkok 10210, Thailand

Email: [email protected]

The contact details of our data protection officer are as follows:

THAI LION MENTARI CO., LTD 89/46 Vibhavadi Rangsit Road, Sanambin Sub-District, Don Mueng District, Bangkok 10210, Thailand

Email: [email protected]