• Individual Customer Data which is personal information that links back to an individual e.g., name, address, phone number and email address etc.;and
• Statistical Data e.g., number of passengers flown, hits to website. This is stored purely for analytical purposes, and is entirely anonymous. This information will not be stored to your customer record, and will only be aggregated for statistical analysis so that we can better understand GA customer profile and improve GA service offering.

• Providing services to you such as processing a transaction e.g. making a booking, providing flight alert messages through GA’s mobile services facility, internet check-in, registering for GA frequent flyer programme;
• Marketing and communicating with you in relation to products and services offered by GA, our airline and service partners, as well as our appointed agents; and
• Safety, security and legal compliance.

GA may disclose your Customer Data to law enforcement agencies and government for security, customs and immigration purposes. For example, GA and other airlines are required by laws in the United States of America and other countries to provide border control agencies with access to your booking information or flight itinerary. Accordingly, relevant Customer Data (known as Passenger Name Record (PNR) or Advance Passenger Information (API)) may be disclosed to the appropriate customs and immigration authorities as required by law. Please be informed that the initial recipients of such information may share your PNR and API data with other government agencies or enforcement authorities.

In addition, GA may disclose Customer Data to our lawyers and legal advisors for establishing, exercising or defending our legal rights, or as otherwise authorised or required by law. GA will also reserve the right to share your Customer Data as is necessary to prevent a threat to the life, health or security of an individual or corporate entities such as GA. Further, GA may disclose Customer Data, as is necessary, to investigate suspected unlawful activities including but not limited to fraud, intellectual property infringement or privacy.

3. Transfer of Information Overseas
GA Head Office is based in Indonesia. Customer Data may be transmitted to data storage facilities where we keep our central records. Your Customer Data is transferred for GA to perform our contract with you. The Customer Data may also be transferred to our offices and appointed agents in other countries in connection with our performance of the contract with you.

4. Consent
Generally, in the course of GA performing servicing functions such as making a flight booking, transmitting flight alert messages or accepting a meal preference, Customer Data will, by nature of the task or transaction, be provided by our customers and passengers to GA. In such instances, consent will necessarily be implied from the Customer that they are agreeable to providing Customer Data in order for GA to provide the requested or necessary service and/or product to them. However, where required by law, GA will adopt an ‘opt-in' policy for attaining customer consent, in which event, express written consent will be sought from you when collecting your Customer Data e.g., signing a form or checking a box.

In addition, you are able to withdraw your express consent at any time by contacting GA (see Section 10) or amending your Customer Data by logging on to your website account. (Note: this service only applies to Garuda Frequent Flyer (GFF) members and customers who have registered through the website).

GA will not seek consent for Statistical Data as this is not linked to a customer record. For more information on collection and usage of Customer Data obtained from our ‘websites' and through our ‘mobile services’ facility, please refer to Part B.

5. Access
GA may, upon your written request to our Customer Service (see Section 10), allow you to view your stored individual Customer Data. GA reserves the right to charge a reasonable administrative fee for this service. In exceptional circumstances, GA reserves the right to deny you access to your personal Customer Data and may provide an explanation as required by applicable laws.

Exceptional circumstances include where :

• an investigating authority or government institution objects to GA complying with a customer’s request,
• the information may, in the exercise of GA reasonable discretion and/or assessment, affect the life or security of an individual, and
• data is collected in connection with an investigation of a breach of contract, suspicion of fraudulent activities or contravention of law.

7. Accuracy
GA needs your assistance to ensure that your Customer Data is current, complete and accurate. As such, please inform GA of changes to your Customer Data by contacting GA and submitting your updated particulars to GA in writing (see Section 10). If you are a GFF member or a registered website user, you may log onto your website account. GA may also request Customer Data updates from you from time to time. As detailed in Section 2 above under the “Processing and Disclosure” sub-section, your booking information or flight itinerary may be disclosed to the appropriate customs and immigration authorities as required by law. As such, it is important to ensure that the Customer Data contained in your booking information or flight itinerary should also be current, complete and accurate.

8. Security Safeguards
GA takes the security and protection of your Customer Data very seriously. As such, GA uses procedural and technical safeguards to protect your Customer Data against loss or theft as well as unauthorised access and undue disclosure.

As an example of a procedural safeguard, GA has implemented various authentication procedures internally and with our external service providers that will involve GA requesting various personal particulars from you in order to verify your identity (or that of your duly authorised agent) before GA process your request for a particular service, product or transaction.

Examples of technical safeguards include encryption, “firewalls” and Secure Socket Layer (SSL). Further details of these technical safeguards for Customer Data collected through our websites and our mobile services facility are set out at Part B below.

If, however, a customer does not take reasonable care to ensure the continued confidentiality and accuracy of their Customer Data, GA will not be liable for any consequential misuse and/or fraud. If you have any concerns about security, you should contact GA (see Section 10).

9. Updates to the Privacy Policy
GA will amend this Privacy Policy from time to time and the updated versions will be posted on our website and date stamped so that you are aware of when the Privacy Policy was last updated.

Subject to applicable laws, the prevailing language of the Privacy Policy will be English. In the event of any inconsistency in interpretation between the English version and any translation of the Privacy Policy, this Privacy Policy statement in English will prevail.

10. Contact Us
If you have comments or questions about this Privacy Policy statement, please contact GA in writing at the address below referencing ‘Privacy Policy' :

Sales and Marketing Manager
PT GARUDA INDONESIA (Singapore)
101, Thomson Road
#12-03 United Square
Singapore 307591
Or email bookonline@garudaindonesia.com.sg referencing: Privacy Policy.

Alternatively for queries specific to Garuda Frequent Flyer, you may contact:

GFF Service Desk
101, Thomson Road
#12-03 United Square
Singapore 307591
Email: sin-gff@garudaindonesia.com.sg

To give you secure access to our online services, arising from your utilisation of our ‘mobile services’ facility, and your frequent flyer account, you are prompted to register on your first transaction with us, and subsequently login with your username and password. You should not share your membership number/User ID or password, and should always ‘log off' once you have finished your session on the websites as well as take the recommended precautions that ensure the safe and secure provision. As an additional security feature, GA has implemented a time stamp showing the time you have been on our websites and the last time you logged out. If you detect any anomalies you should inform GA immediately (see Section 10 of Part A). GA has also provided a lock out feature in the event you fail to log in successfully after a number of attempts. Also, if you leave our Website idle for a period of time, we will give you a ‘warning' dialogue box giving you the option to end your session.

2. Cookies
Most websites like ours use cookies to enhance your online experience. Cookies are alphanumeric identifiers that are transferred to your computer's hard drive from your web browser to recognise your preferences and to tailor content to you. The cookies do not contain your Customer Data (unless you specifically chose our “Remember Me” feature) but only Statistical Data which is entirely anonymous. Please refer to your browsers documentation to check if cookies have been enabled on your computer or to request not to receive cookies.

Information and procedures regarding cookie handling are provided by the respective browsers documentation within the browser itself by clicking on ‘help' and performing a search on ‘cookies'.

3. Clickstream Data
In order to improve your online experience, GA may track online behaviour or clickstream data to advance your use of our web pages and track referrals from other websites. Such data will not be stored to your customer record, and will only be aggregated for statistical analysis.

4. Links to Other Websites
GA provides you with links to other websites for your convenience and information. Whilst GA will protect your Customer Data on GA websites, GA cannot control the policies of other sites we may link to, or the use of any Customer Data you may share with them. Please note that GA Privacy Policy does not cover these other websites, and GA would recommend that you are apprised of their specific policies.

5. Minors
GA cannot distinguish the age of persons who access and use its websites. If a minor (according to applicable laws) has provided GA with Customer Data without parental or guardian consent, the parent or guardian should contact GA (see Section 10 of Part A) to remove the relevant Customer Data and unsubscribe them.

This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses cookies which are text files stored on your computer to help analyse your use of the website. The information generated by the cookie about your use of this website (including your IP address) will be transmitted to a Google server in the USA and stored there.

Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activities for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where this is required by law or insofar as third parties process this data on behalf of Google.

Google will never associate your IP address with any other data held by Google. You may refuse the installation of cookies by selecting the appropriate settings on your browser; however please note that if you do so you may not be able to use the full functionality of this website. By using this website you consent to the processing by Google of data relating to you in the manner and for the purposes mentioned above.

As a user of this website you hereby acknowledge that the operator of this website, their vicarious agents, their representatives, associated companies, chief executives, managerial staff, employees and their shareholders accept no liability in connection with the obtaining, transmission, processing and analysis of the above-mentioned data for which reason no claims for compensation can be asserted against these natural persons and legal entities.