Privacy Policy
Hainan Airlines Holding Co., Ltd. (hereinafter referred to as "we" or "Hainan Airlines") respects and takes measures to protect your personal information.
INTRODUCTION
Hainan Airlines Holding Co., Ltd. (hereinafter referred to as "we" or "Hainan Airlines") respects and takes measures to protect your personal information.
This privacy policy aims to specify the rules on how Hainan Airlines collects and uses your personal information, as well as how you exercise your rights related to personal information. This privacy policy applies to our official website (www.hnair.com), the overseas website of Hainan Airlines (www.hainanairlines.com), the Hainan Airlines app, the WeChat official account of Hainan Airlines, the Hainan Airlines applet (e.g., the WeChat applet), and other channels.
This privacy policy mainly includes the following:
I. The data protection principles
II. Occasions in which we collect your personal information, types of your personal information collected and purposes of collection
III. How we entrust the processing, sharing, transfer and disclosure of your personal information
IV. Basis for our processing of your personal information
V. How we protect your personal information
VI. How we store your personal information
VII. How we transfer your personal information globally
VIII. Protection of children's personal information
IX. Your rights of personal information protection
X. Updating of this privacy policy
XI. How to contact us
If you have any question or concern about our use of your personal information, or want to report or complain about any violation of this privacy policy, please contact us through the contact information provided at the end of this privacy policy.
I. The data protection principles
When processing personal information, we will adhere to the following data protection principles:
1. We will process personal information lawfully, fairly and in a transparent manner;
2. We will collect personal information for specified, explicit and legitimate purposes only, and will not process it in a way that is incompatible with those legitimate purposes;
3. We will only process the personal information that is adequate, necessary for the relevant purposes;
4. We will keep accurate and up to date personal information, and take reasonable steps to ensure that inaccurate personal information are deleted or corrected without delay;
5. We will keep personal information in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the information is processed;
6. We will take appropriate technical and organisational measures to ensure that personal information are kept secure and protected against unauthorised or unlawful processing, and against accidental loss, destruction or damage.
II. Occasions in which we collect your personal information, types of your personal information collected and purposes of collection
1. Information provided voluntarily by you
In order to provide you with air transport services, we will ask you to provide the following personal information voluntarily:
● Identity and contact information: your gender, date of birth, identity card number, passport number, any certificate that meets the requirements for boarding civil aviation aircraft, nationality, country of residence, your name, address, telephone number and email address, as well as personal information of anyone else who travels with you (including his/her contact information), which will be used to inform you or the relevant contact person of flight and order information (including flight travel, check-in, reimbursement, flight delay, flight cancellation, insurance service, etc.), arrange your itinerary, send the itinerary receipt or any other product to you, verify your identity, invite you to give feedback on service quality, accept your complaints and suggestions, provide you with services related to your Hainan Airlines account and other products of Hainan Airlines, and push marketing information to you with your consent. Please note that when you book any service for anyone else, you should submit such passenger's personal information. Before providing us with such passenger's personal information, please ensure that you have obtained his/her consent, and that he/she is aware of and accepts this privacy policy.
● Fortune Wings member information: Your member account and flight information, beneficiary information for mileage redemption, Fortune Wings family account information, etc., which will be used to manage our Fortune Wings members, verify your membership, and provide bonus point accumulation, rewards, redemption and other services under the frequent flyer program for you.
● Identity document information and pictures required for business services: your identity card, passport, visa page, any certificate that meets the requirements for boarding civil aviation aircraft, its validity period and issuing authority, your age or date of birth, gender, and any corresponding document picture that may be required, which, according to regulations, will be used to verify your identity during ticket booking, seat booking, check-in, boarding, the review and handling of entry and exit procedures, aviation insurance service, the provision of services related to your Hainan Airlines account, and other services provided to you (e.g., complaint handling). During real-name authentication, you will also be required to provide biometric features (static or dynamic facial features) to complete authentication.
● Payment information: personal account information, order and operation records, logs, and risk control information provided to us by online payment platforms (Alipay, WeChat Pay, China UnionPay Quick Pass, baitiao.jd.com, Paypal, UnionPay, etc.), which enables us to manage your payment information when you purchase tickets, verify your identity, and provide services related to your Hainan Airlines account.
● Information that helps improve travel and other services: special service needs, personal preferences (e.g., in-flight meal preferences, aircraft seat preferences, in-flight service preferences), which will be used to enhance the relevance of our products and services, improve our services, provide you with services that better meet your requirements, and target our marketing advertisements with your consent. When you're to apply for any special service such as stretchers or unaccompanied children, we may ask you to provide additional personal information based on the service type applied for, such as disability certificate, medical certificate, name, telephone number, document number, etc. of the pick-up/drop-off person. We will be authorized to use the above information provided by you during your use of such service. After the completion of such service, we will anonymize or delete your above information in accordance with applicable laws and regulations as soon as possible.
● Other personal information: personal information related to transactional and online matters related to bonus points and mileage programs of other airlines; personal information obtained by monitoring the use of our products and services, such as self-service devices, flight status notices, and the online handling of the check-in procedure; personal information collected through questionnaire surveys, opinion solicitation, or other marketing research activities; personal information provided to Hainan Airlines for investigations or problem solving, such as information for your identity authentication.
We use such personal information to provide convenience for your travel, provide you with other travel-related products and services, manage our Fortune Wings Club, conduct marketing, and provide you with our information and contact details. Personal information collected by us
2. Information collected automatically by us
When you visit our website, app, applet or WeChat official account, we will collect specific information related to you from your device automatically for technical, device and other reasons. Information collected automatically by us will include your following information:
2.1 Device Information: device model, operating system version, browser version number, IMEI number, cookie identifier and other identifiers such as RFID tag, Mac address, IP address, port information, DNS, mobile operator, data network standard, ROOT identifier, network access mode, login channel, app version number, login time, hardware number, and other log information and technical parameter information related to the user network, system and device.
2.2 Information on broad geographical locations of your device (including national or city level locations), and other technical information, such as traffic data, location data and resources accessed by you on our website. Location data will be collected multiple times when you visit our website, including when you start the app advertising page, open the homepage of our website, or enter the ticket booking page, airport list page, flight schedule search page, historical order search page, etc. If you deny the authorization of location information, we will no longer collect such information, unless you reinstall the app after uninstallation.
Such information is necessary for third parties (e.g., Umeng.com, Dingxiang, Tingyun) to analyze and judge device uniqueness, and control security risks. We use such information for operational purposes to help us further understand our user base and improve our service capabilities. If you deny the collection of the above information, we will be unable to provide you with basic functions or services in the online environment (app, official website, applet or WeChat official account).
2.3 Sharing of third-party account information: If you use any third-party account (e.g., Apple ID) for quick login when visiting our website, app or applet, or when you log into our WeChat official account with your WeChat user ID, we can obtain account information authorized for sharing by you from such third party, and bind your third-party account to your Hainan Airlines account, so that you can log in directly through such third-party account to use our products and/or services. We will use your relevant information within the scope of your authorization (e.g., Openid, Unionid, etc. for WeChat users).
3. List of device permissions obtained by us
When you're using the Hainan Airlines app, we need some permissions in order to provide you with better services. We will request your consent before obtaining any permission. You can also disable any permission through the settings of the operating system of your device.
Permission | Description |
Camera/album permission | Used for the convenience of functions such as code scanning, boarding pass identification, and face recognition for real-name authentication. If you deny this permission, you will be unable to use the corresponding functional service only, and your normal use of other functions will not be affected. |
Storage permission | Used for picture storage, screenshot sharing/picture saving to the album, and other functions. If you deny this permission, you will be unable to use the corresponding functional service only, and your normal use of other functions will not be affected. |
Positioning permission | Used to help you locate and search for city information quickly. If you deny this permission, you will be unable to use the corresponding functional service only, and your normal use of other functions will not be affected. |
Address book | Used to access the address book to access contact person information, add contact person information quickly for ticket purchase, etc. If you deny this permission, you will be unable to use the corresponding functional service only, and your normal use of other functions will not be affected. |
Network service | Network service is required when the "Hainan Airlines" app is started for the first time. If you deny this permission, you will be unable to use the corresponding functional service only, and your normal use of other functions will not be affected. |
Face permission | Used for quick face authentication and login on iOS devices. If you deny this permission, you will be unable to use the corresponding functional service only, and your normal use of other functions will not be affected. |
Local network permission | Used for iOS devices to access local network information in order to identify device/account abnormalities, which is now used in the risk control strategy of Dingxiang only. If you deny this permission, you will be unable to use the corresponding functional service only, and your normal use of other functions will not be affected. |
4. Purposes for collection, use and processing of personal information
The personal information which we collect from you may be collected, used, disclosed and/or processed for various purposes, depending on the circumstances at hand and your consent, including for example:
4.1 to assess, process and provide our products, services and/or facilities requested by you; including but not limited to :
Selling flight tickets, flight ticket and hotel packages, in-flight merchandise, etc. Sending you product or service booking confirmations. Providing you with flight-related services, such as check-in, meals, seat selection, luggage services, transit accommodation, irregular flight guarantees and special passenger services. Based on your location information, we will fill in the departure city, match departure information for special offer tickets, fill in the departure city on the ticket booking page, match airport information on the airport list page, flight schedule search information, historical order search information, etc.
4.2 to provide you with any assistance that you have requested; including but not limited to: related enquiries or information confirmation operations that you have authorized us to carry out, responding to your enquiries, assisting you with transaction operations, providing you with technical assistance and etc.
4.3 to maintain and improve our customer relationship with you. Including but not limited to: inviting you to join the Fortune Wings Club, inviting you to participate in various satisfaction surveys and etc.
4.4 to establish your identity; including but not limited to: requesting that you present the relevant documents during check-in, boarding, baggage inspection and other procedures, informing you about login activity on your online account, requesting that you present the relevant documents when proceed with membership affair;
4.5 to administer and process any payments (including refunds) related to products, services and/or facilities or other commercial transactions requested by you; including but not limited to: making order payments, handling your refund requests, fulfilling our compensation obligations;
4.6 to respond to your enquiries or complaints and resolve any issues and disputes which may arise in connection with any dealings between us;
4.7 to provide you with information and updates on products, services, facilities, loyalty programmes, promotions, launches, campaigns, contests and/or events offered or organised by us and our affiliated partners from time to time, in accordance with your consent; including but not limited to: sending you event invitations, delivering or distributing prizes to you, including but not limited to sending activity invitations to you, delivering or distributing prizes to you, our relevant activity information, and information on changes to products and services purchased by you, etc;
4.8 for direct marketing purposes via SMS, phone, email, fax, mail, instant messaging, social media and/or any other appropriate communication channels, in accordance with your consent; including but not limited : to administer our loyalty or rewards programmes, including the use of airport lounges and the administration of the Fortune Wings Club; to engage in codesharing or similar business arrangements with other airlines; to cater to your dietary requirements when using our products, services and/or facilities; for internal administrative purposes and record-keeping; to send you seasonal greetings messages from time to time; to send you service or account change notifications and information when necessary;
4.9 to monitor, review and improve our products, services, facilities, promotions and/or events; including but not limited to: cookies used by our websites and apps, traffic analysis and performance monitoring tools used by our websites and apps;
4.10 to conduct market research or surveys, internal marketing analysis, customer profiling activities, analysis of customer patterns and choices, planning and statistical and trend analysis in relation to our products, services and/or facilities;
4.11 to process, combine and/or analyse your personal information for the above purposes;
4.12 for detecting, investigating and preventing fraudulent, prohibited or illegal activities;
4.13 for our audit, risk management and security purposes;
4.14 for enabling us to perform our obligations and enforce our rights under any agreements or documents that we are a party to;
4.15 to transfer or assign our rights, interests and obligations under any agreements entered into with us;
4.16 or meeting any applicable legal or regulatory requirements and making disclosure under the requirements of any applicable law, legislation, regulation, direction, court order, by-law, guideline, circular or code applicable to us from time to time ("Applicable Law");
4.17 to enforce or defend our rights and your rights under, and to comply with, our obligations under any Applicable Law;
4.18 We will notify you in advance of any other purpose(s) for which we intend to use your data and obtain your consent where necessary, unless we are permitted by the GDPR or any other Applicable Law to process your personal information without your consent;
III. How we entrust the processing, sharing, transfer and disclosure of your personal information
In order to smoothly conduct our business operations and/or to fulfil our obligations to you, we may disclose the personal information that we have collected from you to third parties, for one or more of the purposes set out at Chapter 2 paragraph 4 of this Policy. Examples of third parties to whom we may disclose your personal information include:
1. Other companies in our group, such as our sister airlines;
2. Third party service providers, agents, affiliates or related companies who provide operational services in connection with our business such as data entry, telecommunications, information technology, logistics, storage and warehousing, catering, delivery, assembly, installation, printing and postal services, credit checks, credit facilities or services relating to marketing and promotional activity; including but not limited to:
2.1 providers of related supplementary services, such as hotels, insurance companies, logistics companies, food supply companies and sales product suppliers.
2.2 Other airlines, such as codesharing partners and mutual sales partners. Please note: Other airlines have their own privacy policies.If your travel plan includes traveling with other airlines, we recommend that you check the other policies, as they may differ from this Privacy Policy.
2.3 Information technology providers, such as TravelSky, Amadeus and Google.
2.4 Contracted and authorized service providers for website monitoring, and app traffic use analysis and performance monitoring, such as Umeng.com, TrueMetrics and etc.
2.5 Push service providers, where we may provide your device platform, device manufacturer, device brand, device identifier (e.g., IMEI, MAC, IDFA), and other device information, app list information, network information (e.g., IP address, WIFI information), and location-related information to push service providers to provide you with push technology services, such as Merit Interactive Co., Ltd.
2.6 Contracted and authorized security management suppliers to identify device/account abnormalities, such as Dingxiang.
3. Our professional advisors, consultants and/or auditors;
4. Relevant government regulators or authorities (in accordance with any Applicable Law).Including but not limited to: public security agencies (such as the National Civil Aviation Public Security Big Data Operation & Training Center) to which we submit personal information for screening in the interests of public safety and anti-terrorism.
5. The third parties with whom we conduct business are only authorised to use your personal information to perform the service for which they were hired. As part of our agreement with them, they may be required to adhere to the GDPR and/or any policies that we provide, and to take reasonable measures to ensure your personal information is secure.
6. The Hainan Airlines app uses SDKs from the following suppliers. When you use specific functions of the app, we may share or disclose your specific personal information to the following SDK suppliers in order to realize the following scenarios or service purposes:
Name | Business purpose | Personal information collected | Third-party link |
Dingxiang (Beijing Dingxiang Technology Co., Ltd.) | Risk control | MAC address, unique device identifier IMEI, location information, and device environment software and hardware information | https://www.dingxiang-inc.com/docs/detail/const-id#doc-h2-3 |
Tingyun (Beijing Networkbench Inc.) | Performance monitoring and user profiling | MAC address, unique device identifier IMEI, location information, network status, and device environment software and hardware information | https://wukongdoc.tingyun.com/app/privacy.html |
Umeng.com (Umeng Tongxin (Beijing) Technology Co., Ltd.) | Performance monitoring and user profiling | MAC address, unique device identifier IMEI, location information, SIM card IMSI, device environment software and hardware information, and network status | https://www.umeng.com/page/policy |
Baidu SDK (Beijing Baidu Netcom Science and Technology Co., Ltd.) | Recognition for real-name authentication | MAC address, unique device identifier IMEI, camera, storage permission, and device environment software and hardware information | https://ai.baidu.com/ai-doc/REFERENCE/Vkdygjliz |
UnionPay (China UnionPay) | Payment | MAC address, unique device identifier IMEI, SIM card IMSI, and mobile phone number | https://user.95516.com/pages/misc/newAgree.html |
WeChat (Shenzhen Tencent Computer System Co., Ltd.) | Screenshot or order sharing, payment, and login | MAC address, unique device identifier IMEI, SIM card IMSI, network information, and UnionID | https://developers.weixin.qq.com/community/ develop/doc/000288f25fc35889c22b0987659c00 |
Alipay payment SDK (Alipay (China) Network Technology Co., Ltd.) | Payment | MAC address, unique device identifier IMEI, SIM card IMSI, and network information | https://opendocs.alipay.com/open/01g6qm |
Weibo (Beijing Weimeng Chuangke Network Technology Co., Ltd.) | Screenshot sharing | MAC address, and unique device identifier IMEI | https://open.weibo.com/ |
Firebase (Google) | Performance monitoring and user profiling | MAC address, unique device identifier IMEI, and location information | https://firebase.google.com/support/privacy |
Wangsu MAA (Wangsu Science & Technology Co., Ltd.) | CDN acceleration | MAC address, unique device identifier IMEI, network information, device environment software and hardware information, and SIM card IMSI | None |
GeTui (Merit Interactive Co., Ltd.) | Message push | MAC address, unique device identifier IMEI, app list information, device environment software and hardware information, network information, and SIM card IMSI | https://docs.getui.com/privacy/ |
IV. Basis for processing personal information
1. Before and during the processing of your personal information, we will perform the following operations regularly:
1.1 Review the purposes of the particular processing activity, and select the most appropriate lawful basis (or bases) for that processing, i.e.:
(a) that the data subject has consented to the processing;
(b) that the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
(c) that the processing is necessary for compliance with a legal obligation to which the Company is subject;
(d) that the processing is necessary for the protection of the vital interests of the data subject or another natural person; or
(e) that the processing is necessary for the purposes of legitimate interests of the Company or a third party, except where those interests are overridden by the interests of fundamental rights and freedoms of the data subject – see paragraph 2 of this Chapter.
1.2 Except where the processing is based on consent, satisfy ourselves that the processing is necessary for the purpose of the relevant lawful basis (i.e. that there is no other reasonable way to achieve that purpose);
1.3 Document our decision as to which lawful basis applies, to help demonstrate our compliance with the data protection principles;
1.4 Include information about both the purposes of the processing and the lawful basis for it in our relevant privacy notice(s);
1.5 Where sensitive personal information is processed, also identify a lawful special condition for processing that information (see paragraph 3.2.2 of this Policy), and document it; and
1.6 Where criminal offence information is processed, also identify a lawful condition for processing that information, and document it.
2. When determining whether the Company’s legitimate interests are the most appropriate basis for lawful processing, we will:
2.1 Conduct a legitimate interests assessment ("LIA") and keep a record of it, to ensure that we can justify our decision;
2.2 If the LIA identifies a significant privacy impact, consider whether we also need to conduct a data protection impact assessment ("DPIA");
2.3 Keep the LIA under review, and repeat it if circumstances change; and
2.4 Include information about our legitimate interests in our relevant privacy notice(s).
3. Sensitive Personal Information
3.1 Sensitive personal information is sometimes referred to as ‘special categories of personal data’ or ‘sensitive personal data’ (e.g. information about your health status).
3.2 We will only process sensitive personal information if:
3.2.1 We have a lawful basis for doing so as set out in paragraph 1.1 above, for example, it is necessary to comply with the Company’s legal obligations or for the purposes of the Company’s legitimate interests; and
3.2.2 One of the special conditions for processing sensitive personal information applies, for example:
(a) The data subject has given explicit consent; including but not limited to: when you request special passenger services from us, such as for passengers with wheelchairs or passengers requiring a stretcher, when you request refunds from us, and etc.
(b) The processing is necessary for the purposes of exercising the employment law rights or obligations of the Company or the data subject;
(c) The processing is necessary to protect the data subject’s vital interests, and the data subject is physically incapable of giving consent;
(d) Processing relates to personal data which are manifestly made public by the data subject;
(e) The processing is necessary for the establishment, exercise or defence of legal claims; or
(f) The processing is necessary for reasons of substantial public interest.
3.3 Before processing any sensitive personal information, our staff shall notify the Data Protection Officer of the proposed processing, in order that the Data Protection Officer may assess whether the processing complies with the criteria noted above.
3.4 Sensitive personal information will not be processed until:
3.4.1 The assessment referred to in paragraph 3.3 has taken place; and
3.4.2 The individual has been properly informed (by way of a privacy notice or otherwise) of the nature of the processing, the purposes for which it is being carried out and the legal basis for it.
V. How we protect your personal information
1. The Company will use appropriate technical and organisational measures to keep personal information secure, and in particular to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage. These may include:
1.1 Making sure that, where possible, personal information is pseudonymised or encrypted;
1.2 Ensuring the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
1.3 Ensuring that, in the event of a physical or technical incident, availability and access to personal information can be restored in a timely manner; and
1.4 A process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
2. Where the Company uses external organisations to process personal information on its behalf, additional security arrangements will need to be implemented in contracts with those organisations to safeguard the security of personal information. In particular, contracts with external organisations will provide that:
2.1 The organisation may act only on the written instructions of the Company;
2.2 Those processing the data are subject to a duty of confidence;
2.3 Appropriate measures are taken to ensure the security of processing;
2.4 sub-contractors are only engaged with the prior consent of the Company and under a written contract;
2.5 The organisation will assist the Company in providing subject access and allowing individuals to exercise their rights in relation to data protection;
2.6 The organisation will assist the Company in meeting its obligations in relation to the security of processing, the notification of data breaches and data protection impact assessments;
2.7 The organisation will delete or return all personal information to the Company as requested at the end of the contract; and
2.8 The organisation will submit to audits and inspections, provide the Company with whatever information it needs to ensure that they are both meeting their data protection obligations, and tell the Company immediately if it is asked to do something infringing data protection law.
VI. How we store your personal information
1. We strive to store all collected electronic personal information securely in an encrypted or desensitized manner. Unless otherwise stipulated by laws and administrative regulations or unless any longer storage period is allowed, we will store your personal information during the period necessary to realize the processing purpose on a minimally necessary basis.
2. Personal information (and sensitive personal information) that is no longer required will be deleted permanently from our information systems and any hard copies will be destroyed securely.
VII. How we transfer your personal information globally
In principle, personal information collected and generated by us within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China.
To support your booking and payment, and provide you with other services related to our core businesses, your personal information may be transferred to countries other than your country of residence for processing. Different laws on personal information protection may apply in these countries. (Please note that the protection level of your personal information may vary under laws of different countries.)
Specifically, our website server is located within the territory of the People's Republic of China, and our group's offices, and third-party service providers and partners are located all over the world. This means that when we collect your personal information, we will process such data in the above countries.
If your personal information is transferred from within the territory of the People's Republic of China to outside the territory of the People's Republic of China, we will conduct a risk assessment and/or an impact assessment of personal information protection pursuant to legal and regulatory requirements, or sign the standard contract clause issued by the Chinese cyberspace authority. When personal information is transferred abroad with your consent, we will notify you of the relevant information according to law and obtain your separate consent.
We will take appropriate protective measures to ensure that your personal information is protected in conformity with this privacy policy. This includes implementing the standard contract clause provided by the European Commission for the transfer of personal information among our group's offices. The above clause requires all offices under our group to protect personal information processed by us in accordance with applicable data protection laws.
VIII. Protection of children's personal information
1. Hainan Airlines attaches great importance to the protection of personal information of minors. If you are a minor under the age of 14, or you are identified as a minor under laws of any other country, you should obtain the written consent of your parents or legal guardian before using our products and/or services. Hainan Airlines protects personal information of minors in accordance with applicable national laws and regulations.
2. If any minor provides us with personal information without the consent of his/her parents or guardian, or if you think that Hainan Airlines has collected personal information of any minor (under applicable laws) inadvertently without the prior consent of his/her parents or guardian, please contact our Data Protection Officer through the contact information described in Section XI below of this policy immediately to ensure that such information is deleted or any marketing or promotion email or other activity is unsubscribed.
IX. Your rights of personal information protection
You are entitled to the following rights of personal information protection:
9.1 You can choose to unsubscribe marketing information sent by us to you at any time. We may send marketing information, including individualized targeted marketing information, such as preferential routes, and price discounts of products or services, to you by means of app message push, text message, our WeChat official account, email, etc. with your consent.
You can choose whether to receive app message push marketing information through the directory of "IOS System Settings – Notices – Hainan Airlines – Notices Enabled" or "Android System Settings – Notices (or Notices and Status Bar) – Management – Hainan Airlines – Notices Enabled, or Hainan Airlines App Settings – New Message Receiving Switch" in the Hainan Airlines app. If you still want to unsubscribe other marketing related information, please contact us using the contact details in "Contact Us – Service Hotline".
9.2 Moreover, in order to display product or service information more suited to your needs, we will collect and use your browsing records, search records, geographic location, device information, and other information authorized by you when you access or use our website and client in order to recommend and show individualized products and/or services to you in the app. If you do not want recommended individualized products and/or services when using the app, you can turn off individualized products recommended in general in the app through (App Settings – Privacy Management – Individualized Recommendation Switch). Turning off the individualized push switch may render you unable to see products in which you are interested in the app, thereby affecting your user experience. You're advised to consider carefully before turning it off. Individualized recommendation content can improve your browsing and user experience, and you're advised to keep it enabled.
9.3 If you want to cancel your current account information, you can call the 24-hour customer service hotline 95339 of Hainan Airlines or the customer service hotline 950717 of Fortune Wings Club for handling. We will delete your relevant information after your account is cancelled. Please note that if you cancel your account information through the customer service hotline 950717 of Fortune Wings Club, you will be unable to continue using Fortune Wings Club and related channels, including websites or apps of Hainan Airlines, Grand China Air, Tianjin Airlines, Hong Kong Airlines, Lucky Air, Capital Airlines, Fuzhou Airlines, Suparna Airlines, Beibu Gulf Airlines, Urumqi Air, Air Changan, Air Guilin, West Air, etc.
We will respond to individuals' requests for rights of personal information protection in accordance with applicable laws and regulations on personal information protection. In order to ensure the security of your personal information, we may ask you to provide a written request or verify your identity before giving a substantial reply to your request, and give a reply within 15 working days after confirming your identity. However, if we are unable to give a reply due to objective circumstances, we will extend the deadline after obtaining your consent and give a reply by the extended deadline.
X. Updating of this privacy policy
Hainan Airlines may amend this Privacy Policy from time to time. Use of the website, mobile site and mobile applications after the effective date of the amendments constitutes acceptance of the amended terms and conditions. We reserve the right to apply the amended terms to the information we have already collected, subject to any legal constraints. You should read and review this page regularly to see if there have been any changes.
XI. How to contact us
At any time, if you have any complaint, grievance or opinion about how we process your personal information or our compliance with GDPR or any other applicable data protection law;
You're expected to revoke any consent previously given by you to us regarding the use of your personal information;
You can contact our Data Protection Officer and/or our EU representative. We will do our best to handle any complaint, grievance or opinion that you may have promptly and fairly.
Our Data Protection Officer assumes overall responsibility for handling all matters related to the protection of your personal information, and will assist us in monitoring internal compliance, providing information and advice on our data protection obligations, and serving as the contact person between us, and you and any regulatory authority. If you have any question or opinion about the contents of this policy, or need more information, please contact the following persons:
Our Data Protection Officer: [hna-dpo@hnair.com];
Our EU representative: [hna-dpo@hnair.com]。