1. Home

Privacy Notice

Since 1981, each year nearly one million passengers have chosen Corsair, a specialist in long-haul flights, to travel across oceans, discover new horizons and share unforgettable moments. Protecting the personal data you share with us is an important part of this approach. We want to assure you that your data is safe with us, and explain how we use it to offer you a unique and enriching experience.

Corsair, as Data Controller, may collect and process personal data concerning you, in particular when you use services on its website, mobile site and mobile applications.

Corsair undertakes to comply with the regulations applicable to all personal data processing operations it carries out and, more specifically, with the provisions of the French Data Protection Act of 6 January 1978 and the General Data Protection Regulation 2016/679 of 27 April 2016 which entered into force on 25 May 2018 (GDPR). 

Our company guarantees that your personal data: 

  • Is processed lawfully, fairly and transparently;
  • Is collected for specified, explicit and legitimate purposes, and is not further processed in a way that is incompatible with those purposes (purpose limitation);
  • Is kept in an adequate and relevant manner and is limited to what is necessary in relation to the purposes for which it is processed (data minimisation);
  • Is accurate, kept up to date, and that all reasonable steps are taken to ensure that inaccurate data, having regard to the purposes for which it is processed, is erased or rectified without delay (accuracy).

Corsair implements appropriate technical and organisational measures for the protection of personal data in order to ensure a level of security appropriate to the risk inherent in its processing operations. 

In addition, Corsair may use processors to provide our services as effectively as possible. We then undertake to ensure that these processors provide sufficient guarantees regarding compliance with the obligations imposed by the applicable regulations.  

In order to ensure the proper application of these rules, Corsair has appointed a Data Protection Officer who is the privileged contact of the French Data Protection Authority (CNIL). 

Corsair also implements appropriate internal procedures to raise employee awareness and ensure compliance with these rules within its organisation.

Why does Corsair collect your personal data?

We collect your data for the following purposes: booking and ticket purchase, transport services, marketing, loyalty programmes, commercial information, satisfaction surveys, organisation of contests and prize draws, personalising our services, your customer experience at the airport or on board, statistical studies, recruitment, after-sales service, handling your requests and/or complaints, ensuring flight safety and security and combating fraud.

Data concerning you may also be used in connection with certain processing linked to specific events occurring during a flight, such as: accident reports, care and damage on board (CRASDAB), passenger offloading reports, in-flight incident reports (“Air Safety Report – ASR”), cabin incident reports (“Cabin Safety Report” – CSR).

Data concerning you enables us to improve and personalise the services we offer and the communications we send you.   
For example: we may send you personalised emails based on the products you have purchased on our website. 

Legal basis

The processing of your personal data is justified by different legal bases depending on how we use your personal data. Below are the legal bases we apply to process your personal data:  
-    Consent: obtained in particular to send you the best promotions or allow you to take part in games/contests;  
-    Contract: to ensure performance of the transport contract;  
-    Legal obligation: for immigration purposes, flight security, counter-terrorism, or any other purposes deemed appropriate by the authorities;  
-    Legitimate interest: pursued by Corsair in order to improve your customer experience (develop new services, tailor our offers);   
-    Vital interests: your insurance company, its agents and medical staff may exchange with us relevant personal data and special categories of personal data when we/they must act on your behalf, in the interest of other customers or in an emergency.

How does Corsair collect your data? What data is collected by Corsair?

You may provide us with personal data when:

You make a booking in our agencies, through our customer services or online, 

  • Passenger information (surname, first name, email, phone number), identity documents, insurance and medical details and any special requests (dietary) 

You browse our websites or use our mobile apps,

  • Your travel preferences;
  • Information about your browsing behaviour on our websites and mobile apps;
  • Information about when you click on one of our advertisements, including those published on other organisations’ websites;
  • Information about how you access our digital services, including operating system, IP address, online identifiers and browser details;
  • Your social preferences, interests and activities. 

You subscribe to one of our services,

  • Your personal details such as postal address, email address, phone number and date of birth;
  • Account login details such as your username and chosen password, encrypted

When you have consented to receive promotional offers, take part in surveys, contests and prize draws, 

  • Personal data you provide when contacting us, including by email, post, phone or on social networks, such as your name, username, contact details and date of birth;
  • Details of emails and other digital communications we have sent you and that you have opened, including any links you clicked;
  • Your feedback and contributions to customer surveys and questionnaires.

On board our aircraft,

  • Details about your identity, information relevant to special requests (dietary, religious, disability, medical), information about your purchases during pre-orders, payment information, and your behaviour (if it harms flight safety)

Other sources of personal data,

We may access personal data about you through other sources, such as specialised companies providing information, distribution partners, and public registers.

If you use your social media logins to connect to our platforms and online services (e.g., Facebook, Google+ and Twitter), you agree to share your user details with us. For example: your name, email address, date of birth, location and any other information you choose to share with us. 

Personal data you provide about other individuals (such as people on your booking) 

By providing other people’s personal data, you must be sure that they consent and that you are authorised to do so. You should also make sure, where applicable, that they understand how we may use their personal data.

Recipients or categories of recipients of the data

Data collected via Corsair’s website, mobile site and mobile applications may be shared with authorised Corsair staff, with service providers involved in your trip, including travel agencies, Corsair’s commercial representatives at our overseas stations, our customer services, ground handling companies at overseas stations, and other airlines with which we have entered into a partnership.    

We also work with providers who help ensure and deliver the services described above.   

We remind you that Corsair ensures that all these different stakeholders comply with the regulations in force. We ask them to secure every personal data item received and not to use it for their own commercial purposes.  

In order to offer you the best services and products and to develop our marketing communications, we work with our provider SaleCycle (www.SaleCycle.com). It uses browsing data to measure website traffic, with the aim of understanding which products and services interest you and collecting personal data (name, email address, phone number, unique device identifier). This information allows us to support you at each stage of the purchasing process by contacting you occasionally (by email or SMS with your consent), or to offer you online advertisements tailored to your interests. To learn more about how SaleCycle uses browsing data on our behalf, you can consult the SaleCycle Privacy Policy via this link: http://www1.salecycle.com/privacy-notice-fr

In order to target people whose behaviour is similar to that of our current customers, we may create a profile based on their activity on social networks and purchases made on our website. For this we work with Facebook and Google.  

We may also need to share personal data in order to establish, exercise or defend our legal rights; this includes transmitting personal data to third parties to prevent fraud and reduce credit risk.   

In addition, to improve border controls and combat illegal immigration, airlines are required to collect and transmit to the Ministry of the Interior passenger booking, check-in and boarding data (API/PNR) in accordance with Decree 2014-1095 of 26 September 2014 taken pursuant to Article L 237-7 of the Internal Security Code.

For more information, please click on the links below :

https://pnr.gouv.fr/Presentation-UIP  
https://pnr.gouv.fr/Compagnies-Aeriennes/Le-systeme-API-PNR-France   

We share only the personal data strictly necessary to enable our service providers and distribution partners to provide their services to you/us.

Transfer of data outside the European Economic Area (EEA)

In order to perform the transport contract or for specific legal authorisation reasons, some recipients may be established outside the EEA. They have access to personal data collected by themselves and by Corsair such as: surname, first name, identity document number, travel details, etc.  
If your personal data is processed by a provider established outside the EEA and considered not to have a sufficient level of protection by the European Commission, Corsair undertakes to guarantee the protection of your data in accordance with the strictest rules, in particular through the signature, on a case-by-case basis, of contractual clauses based on the European Commission’s model.

How long is your data retained?

We will keep your personal data for as long as necessary for the purposes defined in this notice and/or to comply with legal and regulatory requirements. After this period, we will securely delete your personal data. If your data is needed after this period for analytical, historical or other legitimate business purposes, we will take appropriate measures to anonymise it. 

Rights of data subjects

Any natural person has the right to access data concerning them, request its rectification, deletion, portability, to exercise their rights to restriction and objection to processing, and to define the fate of their data after death.

To exercise your rights or for any question about the processing of your data under this scheme, you can contact:

CORSAIR  
Data Protection Officer   
2, place de l’Equerre  
94 150 RUNGIS  
Email: registry@corsair.fr or dpo@corsair.fr 

You also have the right to lodge a complaint with the French Data Protection Authority (CNIL) in the event of a breach of the applicable personal data protection regulations, in particular the GDPR. See the CNIL website for more information about your rights: cnil.fr   


Corsair asks you to include in your request all information necessary for your identification (surname, first name, email), and if needed, we may ask you for a document proving your identity to avoid, for example, identity theft.

Please note that we have one month to respond in accordance with the Regulation. If your request is complex, we will inform you within 30 days that the processing period will be extended to 3 months.  
   
For certain services, these rights may be exercised online (managing your customer account, loyalty account, newsletter by clicking the unsubscribe link at the bottom of each communication) or by SMS using the STOP SMS unsubscribe code.

Promotional communications are distinct from communications relating to your loyalty account. If you decide to no longer receive information linked to this account, it must be cancelled.

When you contact our customer service, your call may be recorded for quality improvement, dispute prevention and malicious call prevention purposes.   
You also have a right to object to the processing of your personal data for direct marketing purposes. Where required by law, your data will only be used for electronic marketing after we have obtained your explicit consent. 

The collection of certain personal data is essential to allow access to some services or benefits (special meals, medical assistance, etc.). You may of course exercise your right to object to the collection and processing of this data, but doing so may result in you being unable to benefit from these services or benefits. 

In accordance with French and international laws and regulations, failure to provide or inaccuracy of certain data may lead to a decision to refuse boarding or entry into a foreign territory (for example, by decision of a customs service), without Corsair being held liable.

About cookies and similar technologies

Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. They help us provide important features and functions on our websites and mobile apps, and we use them to improve your customer experience. Please consult our separate cookie notice. 

Links to other websites

Our websites or mobile apps may contain links to other websites operated by other organisations that have their own privacy notices. Please read their terms and privacy notices carefully before providing your personal data on another organisation’s website, since we decline all responsibility for the websites of other organisations.

Social media features

Our websites or mobile apps may contain social media features such as Facebook, Twitter, Google+ and Pinterest, which have their own privacy notices.

 

Please read their terms and privacy notices carefully before providing your personal data, since we decline all responsibility for these features. 

Sharing of personal data with supervisory authorities

To enable you to travel, disclosure and processing of your personal data may be mandatory (in accordance with government requirements at the point(s) of departure and/or arrival) for immigration, border control, security and counter-terrorism purposes, or for any other purposes deemed appropriate by local authorities.  

Some countries will only authorise travel subject to advance passenger information (for example, Caricom API Data and US Secure Flight Data). As part of enhanced security measures, the airline is required to transmit flight data and the data of all passengers travelling to or from the United States to the US authorities. These requirements may vary depending on your destination. We advise you to verify them. Even if they are not mandatory, we can assist where necessary. 

We may share strictly necessary personal data with other public bodies if required by law or if we are legally authorised to do so. 

Decree No. 2014-1095 of 26 September 2014 (as amended by Decree No. 2018-714 of 3 August 2018) requires us to communicate your passenger data to the French government whenever your air travel takes place outside metropolitan national territory.

Changes to our notice

This notice replaces all previous versions. We may modify the notice at any time. Therefore, please consult it regularly on our website for updates. If the changes have a significant impact, we will publish a visible notification on our website(s), including, where we deem appropriate, an electronic notice of the changes made to the privacy notice.

Last updated: 06 July 2020

Key terms

Personal data : Any information relating to an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifier such as a name, location data, an online identifier, a bank identification number, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity.

Processing of personal data : Any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, storage, consultation or disclosure, by any medium.

Data Controller:   The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data.

European Economic Area (EEA):  the EU Member States, Norway, Iceland and Liechtenstein. 

Online advertisements : marketing messages that you may see on the Internet. 

Special categories of personal data: categories of personal data revealing racial or ethnic origin, political opinions, philosophical or religious beliefs, trade-union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, health data, and data concerning a person’s sex life or sexual orientation.  

Caricom API Data : some or all States of the Caribbean Community have concluded an agreement with the United States under which advance passenger information required by and provided to these States for border security purposes will be transmitted to the US Department of Homeland Security for processing on behalf of those States. Please consult the Caribbean Community website for more information.

US Secure Flight Data : the Transportation Security Administration (TSA, transport security administration) requires you to provide your full name, date of birth and gender for watch-list screening. You may also provide your redress number, where applicable. Failing this, the authorities may refuse you access to transport or to the border area. The TSA may share the information you provide with law-enforcement and intelligence agencies or others, as part of its published system of records notices. Please consult the TSA website for more information.

Cookie Notice

   About cookies and similar technologies  
   Your choices regarding cookies  
   Changes to our notice  
   Key terms

About cookies and similar technologies

Cookies are small data files that allow a website or mobile app to collect and store a range of data on your desktop computer, laptop or mobile device. They help us provide important features and functions on our websites and mobile apps, and we use them to improve your customer experience. With your authorisation, other organisations may place cookies on our websites and mobile apps. We use cookies, for example, for the following:

  • To improve the operation of our websites and mobile apps

Cookies allow us to assess and improve the functioning of our websites and mobile apps, personalise your experience and give you access to a multitude of useful features. They help us, in particular, track what you book at each stage of the booking process and remember your preferences, such as recent searches or pre-selected holidays, and the contents of your online basket.

  • To improve the performance of our websites and mobile apps

Cookies help us understand how our websites and mobile apps are used (for example, by telling us if you receive error messages during browsing) and to test different layouts of our websites and mobile apps. Website analytics, including Google Analytics, provides us with information on the number of visitors to our websites and mobile apps, the popularity of sections and the existence of trends, such as a specific page being mainly viewed by people from a particular country. These cookies help us improve your experience. 

  • To provide relevant online advertising

We use cookies to help provide online advertisements that we believe best match your interests on our websites, mobile apps and other organisations’ websites. These cookies allow us, in particular, to suggest flights from the nearest airport, holidays to destinations you have shown interest in, or products you may like.

They may collect data about your online behaviour, such as your IP address, the referring website, and information about your purchase history or the content of your online basket. 

This means you may see our advertisements on our websites, mobile apps and other organisations’ websites. It is also possible that advertisements from other organisations appear on our websites and mobile apps.

In order to provide relevant online advertisements that match your interests, we may combine data collected via cookies in your device’s browser with other data we collect.

  • To assess the effectiveness of our marketing communications, including online advertising

Cookies can tell us whether you have seen a specific advertisement and how much time has elapsed since you saw it. With this information, we can assess the effectiveness of our online advertising campaigns and control how many times you see an advertisement so that it does not become too frequent. We also use cookies to assess the effectiveness of our marketing communications, including to know if you opened a marketing email we sent you.

Your choices regarding cookies

You can use your browser settings to accept or reject new cookies and to delete existing cookies. You can also set your browser to notify you when new cookies are placed on your computer or other device. The websites All About Cookies and Your Online Choices provide more detailed information on managing cookies.

If you choose to disable some or all cookies, you may no longer be able to fully use our websites or mobile apps. You may, for example, be unable to add items to your basket, check out, or use products and services that require registration.

The AdChoices icon will generally appear when we publish personalised advertisements on other organisations’ websites. If you click it, you will receive specific advice on how to control your preferences regarding online advertising. You will find more information on the YourAdChoices website.

You can also manage your consents by clicking here

Changes to our notice

This notice replaces all previous versions. We may modify the notice at any time. Therefore, please consult it regularly on our website(s) for updates. If the changes have a significant impact, we will publish a visible notification on our website(s), including, where we deem appropriate, an electronic notice of the changes made to the cookie notice.

Last updated: 06 July 2020

Key terms

Website analytics : website analytics, including Google Analytics, helps us understand how visitors use our website. We can obtain a wide range of reports on visitors’ interactions with our website and mobile apps in order to improve them. 

Website analytics uses first-party cookies to detect visitor interactions. In our case, they are used to collect information on how visitors use our website and mobile apps. We then use this information to compile reports and improve our site. 

Google Analytics, for example, collects information anonymously. It reports on website trends without identifying individual visitors. You can opt out of Google Analytics without affecting your visits to our site. For more information on opting out of Google Analytics on all websites you use, visit Google.

Online advertisements : marketing messages that you may see on the Internet.