1. Corsair
  2. The Company
  3. Legal
  4. Privacy notice and cookies

Privacy Notice

Key terms

Personal data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing of Personal data: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data Controller:  The natural or legal person, public authority which alone or jointly with others, determines the purposes and means of the processing of personal data.

European Economic Area (EEA): EU Member States plus Norway, Iceland and Lichtenstein.

Online advertising: Marketing messages that you may see on the internet.

Special categories of personal data: This are categories of personal data revealing racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; genetic data, biometric data for the purpose of uniquely identifying a natural person; health data; and data concerning a natural person’s sex life or sexual orientation.

Caricom API Data: Some or all of the Caricom states have entered into an agreement with the USA whereby advance passenger data, required by and provided to Caricom states for border security purposes, will be passed to the USA Department for Homeland Security for processing on behalf of those Caricom states. Please see the Caricom website for more details.

US Secure flight Data: The Transportation Security Administration (TSA) requires you to provide your full name, date of birth and gender for the purpose of watch list screening. You may also provide your Redress Number, if available. Failure to provide details may result in denial of transport or denial of authority to enter the boarding area. TSA may share information you provide with law enforcement or intelligence agencies or others under its published system of records notice. Please see the TSA website for more details.Personal data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing of Personal data: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data Controller:  The natural or legal person, public authority which alone or jointly with others, determines the purposes and means of the processing of personal data.

European Economic Area (EEA): EU Member States plus Norway, Iceland and Lichtenstein.

Online advertising: Marketing messages that you may see on the internet.

Special categories of personal data: This are categories of personal data revealing racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; genetic data, biometric data for the purpose of uniquely identifying a natural person; health data; and data concerning a natural person’s sex life or sexual orientation.

Caricom API Data: Some or all of the Caricom states have entered into an agreement with the USA whereby advance passenger data, required by and provided to Caricom states for border security purposes, will be passed to the USA Department for Homeland Security for processing on behalf of those Caricom states. Please see the Caricom website for more details.

US Secure flight Data: The Transportation Security Administration (TSA) requires you to provide your full name, date of birth and gender for the purpose of watch list screening. You may also provide your Redress Number, if available. Failure to provide details may result in denial of transport or denial of authority to enter the boarding area. TSA may share information you provide with law enforcement or intelligence agencies or others under its published system of records notice. Please see the TSA website for more details.

 

Since 1981, every year, around one million of passengers have chosen Corsair, specialized in international long-haul flights, to travel across the oceans and discover new horizons. Looking after the personal data you share with us is an important part of this. We want you to be confident that your data is safe and secure with us and understand how we use it to offer you a better, unique and inspiring experience.

 

Corsair, as a Controller, might collect and process with your personal data specially by using Corsair’s website and mobile applications.

 

Corsair is fully committed to respect the regulation in regards with the process of personal data in accordance with the regulation “Loi Informatique et Libertés” dated January 6th, 1978 and the General Regulation on Data Protection 2016/679 dated April 27th, 2016 and entered into force on May 25th, 2018 (hereinafter the “Regulation”).

 

Corsair guarantees that your personal data are:

  • Processed lawfully, fairly and in a transparent manner (‘lawfulness, fairness and transparency’);
  • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
  • Retained during a defined period of time, in accordance with the purpose for which they are processed and collected (‘storage limitation’);
  • Accurate and, kept up to date and that every reasonable step are taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);

 

Corsair implements appropriate technical and organizational measures for the protection of personal data in order to guarantee a level of security appropriate to the risk inherent in its processing operations. 
Furthermore, Corsair may collaborate with selected partners and subcontractors, in order to offer the best of our services. Where processing is carried out on behalf of Corsair, we ensure that processors provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject.

To ensure the correct enforcement of the Regulation, Corsair has designated a Data Protection Officer who is the main interlocutor of the “Commission Nationale de l’Informatique et des Libertés” (CNIL : Local authority for Data Protection).

Corsair also implements appropriate internal procedures to raise awareness among its employees and ensure compliance with these rules within its organization.

 

Why is Corsair collecting your personal data?

Corsair collects your personal data for the following purposes: ticket reservation and purchase, ensure transport services, commercial prospection, loyalty program, commercial information, satisfaction survey, organization of contests, personalize our services, improve your customers experience at the airport or on board, statistics, customers services, handle with complaints, respect safety and flight security and prevent fraud.

Data can be used for special processing related to specific events such as: detailed reporting of incidents (Air Safety Report – ASR), cares provided on board (CRASDAB), detailed reporting of cabin incident (« Cabin Safety Report » – CSR).

Data concerning you allows to improve and personalize services and communications.

For example: we can address tailored emails based on products already bought on our website.

 

Lawfulness of processing

Processing personal data by our company is lawfulness in regards with:

  • The consent: you gave your consent to the processing of personal data to receive promotions, competitions you choose to enter;
  • The contract: to arrange the transport;
  • Compliance with a legal obligation: disclose and process your personal data required for immigration, safety on board, security and anti-terrorism purposes or any other purposes for which the authority thinks it’s appropriate;
  • Legitimate interests: pursued by Corsair to personalize the customer experience (tailor our communications to make them more relevant and interesting for you);
  • To protect the vital interest: Your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us in circumstances where we/they need to act on your behalf or in the interest of other customers or in an emergency

 

How does Corsair collect your personal data? What data does Corsair process?

You may provide us with personal data :

When you make a booking online, through our call-centers or at our partner agencies

  • Passenger information (name, surname, mail, phone number), ID details, insurance details, medical data and any special dietary, religious or disability requests

When you browse our websites or use our mobile apps,

  • Travel preferences ;
  • Information about your browsing behavior on our websites and mobile apps;
  • Information about when you click on one of our adverts, including those shown on other organizations’ websites;
  • Information about the way you access our digital services, including operating system, IP address, online identifiers and browser details;
  • Social preferences, interests and activities.

When you register for any of our services,

  • Your personal details, including your address, email address, phone number and date of birth.
  • Your account login details, such as your username and the password you chose, which is encrypted.

When you accepted to be contacted by Corsair for the sending of promotional offers or to participate in competitions or surveys about our services,

  • Personal data you provide when you connect with us, including by email, post and phone or through social media, such as your name, username, date of birth and contact details.
  • Details of emails and other digital communications we send to you that you open, including any links in them that you click on.
  • Your feedback and contributions to customer surveys and questionnaires.

When you are onboard of our planes,

  • Identity details, appropriate medical information and any specific demand related to food, religion or to disability, during pre-order information about your purchases, information about your behavior if it’s compromised the safety of the flights.

Before boarding,

  • Due to the health situation, Corsair may have to collect and check the documents required (PCR tests, vaccination certificate, certificate of no symptoms) by the authorities in the destination country.
  • Some airports have implemented optional biometric screening devices. Corsair only collects confirmation of the verification of your identity. We do not process any of your biometric data. For further information regarding your personal data in this context, we invite you to read the privacy notice of these entities.


Other sources of personal data,

We may use personal data from other sources, such as specialist companies that supply information, retail partners and public registers.

If you log-in using your social network credentials to connect to our platforms and online services e.g. Facebook, Google+ and Twitter, you will agree to share your user details with us. For example, your name, email address, date of birth, location and any other information you choose to share with us.

 

Personal data you provide about other individuals (such as people on your bookings)

By providing other people’s personal data, you must be sure that they agree to this and you are allowed to provide it. You should also ensure that, where appropriate, they understand how their personal data may be used by us.

 

Recipients or categories of recipients of the data

When we collect data through our website or our mobile app, and in order to provide our services, they might be shared with our authorized personnel and any suppliers that might be involved in your travel arrangement, such as travel agencies, our commercial and local staff, our customer service, suppliers and other airlines with which we entered into a partnership.

We also collaborate with carefully selected suppliers who allow to ensure and provide services described above.

When we share personal data with other processors, we make sure that they provide sufficient guarantees to meet the requirements of the Regulation and ensure the protection of the rights of the data subject. We require them to keep it safe, and they must not use your personal data for their own marketing purposes. We only share the minimum personal data that enable our suppliers and partners to provide their services to you and us.

In order to offer you the best services and products, and to develop our marketing communications, we work with our service provider SaleCycle (www.SaleCycle.com). They use browsing data in order to measure the number of visits to the website, to find out which products and services interest you and to collect personal data (name, e-mail address, telephone number, unique terminal identifier). This information enables us to support you at every stage of the purchasing process by contacting you occasionally (by e-mail or SMS with your consent), or to offer you online advertising tailored to your areas of interest. 
To find out more about how SaleCycle uses browsing data on our behalf, you can consult the SaleCycle Privacy Policy accessible via this link: http://www1.salecycle.com/privacy-notice-fr

In order to target people whose behaviour is similar to that of our current customers, we can create a profile based on their activity on social networks and on purchases made on our website. To do this, we work with Facebook, Tik Tok and Google.

We may also need to share personal data in order to establish, exercise or defend our legal rights; this includes passing on personal data to third parties in order to prevent fraud and reduce credit risk.

In order to improve border control and tackle illegal immigration, airline companies must collect and share with Interior Ministry bookings, check-in and boarding pass data in accordance with the decree 2014-1095 dated from 26, September 2014 put into force by the article L 237-7 from Interior Security Code.

For further information:

https://pnr.gouv.fr/Presentation-UIP

https://pnr.gouv.fr/Compagnies-Aeriennes/Le-systeme-API-PNR-France

 

Data transfer to third countries which is not part of European Economic Area (EEA)

To comply with the transportation agreement or for legal obligation, we might transfer the personal data to countries outside EEA. They have access to data collected by themselves or by Corsair such as: surname, first name, ID number, travel information etc. …

When data are processed by a provider located outside EEA, Corsair ensures an adequate level of protection in accordance with the Regulation by, if needed, implementing standard data protection clauses as adopted by European Commission.

How long will your data be retained? 
We will retain your personal data for only as long as it is necessary for the uses set out in this Privacy Notice and/or to meet legal and regulatory requirements.

Consequently, personal data :

  • relating to customers are retained for the duration of the contractual relationship, and then for 3 years after the end of the contract for commercial prospecting purposes.

  • relating to prospective customers are retained until consent is withdrawn or 3 years after the last contact from the prospective customer.

  • relating to accounting data are kept for 10 years, as accounting proof.

For personal data relating to customers: an archive period of 2 years is planned in order to exercise or defend our legal rights.

After these retain periods, we will securely erase personal data. If data is needed after this period for analytical, historical or other legitimate business purposes, we will take appropriate measures to anonymize this data.

 

Right of access

Any individuals have the right to obtain personal data detained by Corsair, to rectify, ask for erasure, portability or restriction of processing and the right to object.

To exercise your rights or for further information regarding the data processing you could contact :

CORSAIR

Data Protection Officer

2, place de l’Equerre

94 150 RUNGIS

Email : registry@corsair.fr ou dpo@corsair.fr

 

You also have the right to appeal to the Commission Nationale de l'Informatique et des Libertés (CNIL) in the event of a breach of the regulations applicable to the protection of personal data, in particular the RGPD. Visit the CNIL website for more information about your rights:  https://www.cnil.fr/fr

Please communicate any information required to authenticate your identity (Surname, first name, email) and if necessary, we might require you ID to avoid any identity fraud.

One month is required to respond to your request in accordance with the Regulation. In case of a complex request, this delay could be extended to 3 months, in that case Corsair’s team will warn you within a month.

For some services, those rights could be exercised on line (customer account, loyalty program, newsletter by clicking on the unsubscribe link at the bottom of the page) or by SMS by using STOP SMS.

When you contact our Customer services, the call might be recorded in order to improve our services and prevent litigation.

Promotional communications are separate from communications relating to your loyalty account. If you decide that you no longer wish to receive information relating to this account, you must cancel it.

You have the right to object to processing of personal data which are processed for direct marketing purposes. Where required by law, your data will only be used for electronic prospecting purposes after obtaining your explicit consent.

Collecting personal data is necessary for some services (special meal, medical assistance …). You can exercise your objection rights to collecting and processing data but this could lead to the impossibility to benefit from the designated services.

In regards with French and International regulations, the absence or the inadequacy of data could result in denied boarding or entry to a territory (on customs’ decision). In that case, Corsair’s responsibility won’t be engaged.


About cookies and similar technologies

Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies help us to provide important features and functionality on our websites and mobile apps, and we use them to improve your customer experience. Please see our separate Cookie Notice.

 

Links to other websites

Our websites or mobile apps may contain links to websites operated by other entities that have their own privacy notices. Please make sure you read the terms and conditions and privacy notice carefully before providing any personal data on another entities’ website as we do not accept any responsibility or liability for websites of other entities.

Social media features

Our websites or mobile apps may contain social media features such as Facebook, Twitter, Google+ and Pinterest that have their own privacy notices. 

Please make sure you read their terms and conditions and privacy notice carefully before providing any personal data as we do not accept any responsibility or liability for these features.

 

Sharing personal data with regulatory authorities

So that you can travel, it may be mandatory (as required by government authorities at the point(s) of departure and/or destination) to disclose and process your personal data for immigration, border control, security and anti-terrorism purposes, or any other purposes which they determine appropriate.

Some countries will only permit travel if you provide your advance passenger data (for example Caricom API Data and US Secure Flight Data). These requirements may differ depending on your destination and you are advised to check. Even if not mandatory, we may assist where appropriate.

We may share the minimum personal data necessary with other public authorities if the law says we must, or we are legally allowed to do so.

Decree no. 2014-1095 of 26 September 2014 (amended by decree no. 2018-714 of 03 August 2018) requires us to communicate your passenger data to the French government whenever your air travel takes place outside mainland France.

 

Changes to our notice

This Privacy Notice replaces all previous versions. We may change the Privacy Notice at any time so please check it regularly on our website(s) for any updates. If the changes are significant, we will provide a prominent notice on our website(s) including, if we believe it is appropriate, electronic notification of Privacy Notice changes.

Last update: June 2024

 

Cookies

 

About cookies and similar technologies

Your choices when it comes to cookies

Changes to our Notice

Key terms

 

About cookies and similar technologies

Cookies are small data files that allow a website or a mobile app to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies help us to provide important features and functionality on our websites and mobile apps, and we use them to improve your customer experience. With our permission, cookies may be placed on our websites and mobile apps by other organisations. For example, we use cookies to do the following:

  • To improve the way our websites and mobile apps work 

Cookies allow us to assess and improve the way our websites and mobile apps work so that we can personalise your experience and allow you to use many of their useful features. For example, cookies help us to keep track of what you are booking as you move through each stage of the booking process; they help us to remember your preferences such as recent searches or shortlisted holidays, and the contents of your online shopping basket.

  • To improve the performance of our websites and mobile apps

Cookies can help us to understand how our websites and mobile apps are being used, for example, by telling us if you get an error messages as you browse, to test different designs of our website and mobile app pages. Website analytics, including Google Analytics, provides information about the number of visitors to our website and mobile apps, which parts of our website and mobile apps are most popular and if there are any trends such as one specific page being viewed mostly by people in a particular country. These cookies help us to improve your experience.


  • To deliver relevant online advertising

We use cookies to help us deliver online advertising that we believe is most relevant to you on our websites, mobile apps and other organisations’ websites. For example, these cookies help us to suggest flights from your nearest airport, holidays in destinations you have shown interest in or products you might like.

These cookies may collect data about your online behaviour, such as your IP address, the website you arrived from and information about your purchase history or the content of your shopping basket.

This means that you may see our adverts on our websites, mobile apps and on other organisations’ websites. You may also see adverts for other organisations on our websites and mobile apps.

To help us to deliver online advertising that is relevant to you, we may also combine data we collect through cookies in the browser of your devices with other data that we have collected.

  • To measure the effectiveness of our marketing communications, including online advertising

Cookies can tell us if you have seen a specific advert, and how long it has been since you have seen it. This information allows us to measure the effectiveness of our online advertising campaigns and control the number of times you are shown an advert so it does not become too repetitive. We also use cookies to measure the effectiveness of our marketing communications, for example by telling us if you have opened a marketing email that we have sent you.

 

Your choices when it comes to cookies

You can use your browser settings to accept or reject new cookies and to delete existing cookies. You can also set your browser to notify you each time new cookies are placed on your computer or other device. You can find more detailed information about how you can manage cookies at the All About Cookies and Your Online Choices websites.

If you choose to disable some or all cookies, you may not be able to make full use of our websites or mobile apps. For example, you may not be able to add items to your shopping basket, proceed to checkout, or use any of our products and services that require you to sign in.

Where we display personalised adverts on other organisations’ websites, the AdChoices icon will usually be displayed. Clicking on this icon will provide you with specific guidance on how to control your online advertising preferences. More information is available on the YourAdChoices website.

You can change your cookies preferences for this website by clicking here.

Our partners

When you accept cookies, these are deposited by the following partners for differnt purposes.

  • Functional cookies

Salecycle - partner allowing us to relaunch a visitor who has not finalized a purchase: https://www.salecycle.com/privacy-policy/

  • Analytical cookies

Google Analytics - tool to measure the performance of our site https://policies.google.com/privacy?hl=fr

New Relic - tool to measure the performance of our site: https://newrelic.com/termsandconditions/privacy 

Insider France - tool to measure the performance of our site : https://useinsider.com/privacy-policy/

Wizaly – tool to measure the performance of our site : https://www.wizaly.com/terms-of-use/

  • Advertising and targeting cookies

Bing - search engine - used to analyze marketing performance and personalize advertising https://privacy.microsoft.com/fr-fr/privacystatement 

Google Ads - search engine - necessary to analyze marketing performance and personalize advertising https://policies.google.com/privacy?hl=fr 

Criteo - partner for targeting users - used to personalize advertising https://www.criteo.com/fr/privacy/

Kwanko – a tool to measure marketing performance and personalize advertising : https://www.kwanko.com/gdpr/privacy-policy/?noredirect=en_US 

Google enhanced conversion - tool for knowing conversion rates - necessary to analyze marketing performance https://policies.google.com/privacy?hl=fr 

Skyscanner - price comparison - https://www.skyscanner.fr/media/politique-confidentialite 

Facebook - social network - needed to analyze marketing performance and personalize advertising https://www.facebook.com/privacy/policy 

LinkedIn - social network - necessary to analyze marketing performance and personalize advertising https://privacy.linkedin.com/fr-fr 

Twitter - social network - to analyze marketing performance and personalize advertising https://twitter.com/fr/privacy 

TikTok - social network - to analyze marketing performance and personalize advertising https://www.tiktok.com/legal/privacy-policy-eea?lang=en

Changes to our Notice

This Notice replaces all previous versions. We may change the Notice at any time so please check it regularly on our website(s) for any updates. If the changes are significant, we will provide a prominent notice on our website(s) including, if we believe it is appropriate, electronic notification of Cookie Notice changes.

Last update: June 2024


Key terms

Website analytics: Website analytics, including Google Analytics, help us understand how visitors engage with our website. We can view a variety of reports about how visitors interact with our website and mobile apps so that they can improve it.

Website analytics uses first-party cookies to track visitor interactions as in our case, where they are used to collect information about how visitors use our website and mobile apps. We then use the information to compile reports and to help us improve our site.

For example, Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all websites you use, visit Google
 

Online advertising: Marketing messages that you may see on the internet.