• SINSingapore
  • ICNSeoul (Incheon)
  • PVGShanghai (Pudong)
  • TPETaipei (Taoyuan)
  • KHHKaohsiung
  • HKGHong Kong
  • BKKBangkok (Suvarnabhumi)
  • KIXOsaka (Kansai)
  • CTSSapporo (Shin-Chitose)
  • SDJSendai
  • NRTTokyo (Narita)
  • HNDTokyo (Haneda)
  • NGONagoya (Chubu)
  • FUKFukuoka
  • NGSNagasaki
  • KMIMiyazaki
  • KOJKagoshima
  • ASJAmami
  • OKAOkinawa (Naha)
  • ISGIshigaki
MAP
Pick-up Date
 
Input error
 

Privacy Policy

*This English translation is provided for reference purpose only. If any discrepancy is identified between this translation and the Japanese original, the Japanese original shall prevail.

This Privacy Policy explains how Peach Aviation Limited (hereinafter referred to as “Peach Aviation”, “we” or “the Company”) handles the personal information which we receive from customers (hereinafter referred to as “you” or “customer(s)”).
In compliance with the "Act on the Protection of Personal Information" and related laws and regulations, we will appropriately manage and handle the personal information we receive from our customers as follows.
Chapter 1 describes the handling of personal information of all customers, Chapter 2 describes the handling of personal information of customers located in the People's Republic of China, and Chapter 3 describes the handling of personal information of customers located in the Kingdom of Thailand.

Chapter 1 Handling of Personal Information of All Customers

1. Application and Modification of this Privacy Policy

This Privacy Policy applies when you provide us with personal information or when you use our “Services, etc.” (defined below).
「The term “Services, etc.” collectively refers to the services and products provided by the Company as set forth in Chapter 1, Section 4 [1]-[3], as well as various events and campaigns operated by the Company.
By using our Services, etc., you are deemed to have fully understood and agreed to the terms of this Privacy Policy.
This Privacy Policy may be changed by the Company from time to time.

2. Acquisition of Personal Information

We acquire your personal information in the following cases:
[1] When you provide the Company with your personal information when the customer applies for, uses, browses, participates in, or inquire about our Services, etc.. (hereinafter collectively referred to as “Application, etc.”)
[2] When we acquire your personal information from “joint users” as stipulated in Chapter 1, Section 7.
[3] When we acquire your personal information legally, such as from a third party who has obtained your consent.

We will not acquire or use your sensitive information such as race, creed, social status, medical history, criminal history, or the fact that you have been a victim of a crime, except when it is essential for the provision of our Services, etc., when required by law, or when you have given consent.

3. Personal Information to be Acquired

In the cases set forth in Chapter 1, Section 2, we will acquire your personal information as set forth below in order to achieve the purposes set forth in Chapter 1, Section 4.

[1] Personal information provided upon Application, etc. for services as set forth in Chapter 1, Section 4 [1] and [2], such as;
name, address, telephone number, e-mail address, date of birth, age, gender, passport number, physical and medical information related to the passenger's flight, etc.
[2] Personal information provided upon Application, etc. for services as specified in Chapter 1, Section 4 [3], such as;
name, address, telephone number, e-mail address, date of birth, age, gender, account ID/username for the relevant service, location information, IDs for various social network services that are linked with the relevant service for login, etc.
[3] Inquiry details
[4] Usage history of websites and applications operated by the Company (including Cookies and individual identification numbers of mobile information devices)
We collect Cookies (*1) and mobile device identification numbers (*2) to make your browsing of our website or applications more convenient.
[5] Information on the opening and preview status of e-mails sent to customers by us (using web beacons (*3)) and information on access to the Company's website from e-mails.

(*1)“Cookie” is a technology that records and manages the information of customers who use our website and applications on their computers and application software. Customers can reject the receipt of Cookies at any time by setting their Internet browsing software (browser or application). However, please note that without cookies, the response speed of website and application browsing may be significantly reduced.
(*2) Mobile phone identification number based on phone number.
(*3) A Web beacon is a mechanism for collecting information on browsing by embedding a small, invisible image (1 x 1 pixel GIF image) into a Web page or HTML e-mail. This allows us to accumulate information about your web page visits and email open/preview status.

4. Purpose of Use of Personal Information and Retained Personal Data

Personal information provided to us and retained personal data handled by us will be used, in whole or in part, within the scope necessary to achieve the following purposes.
We will not use your personal information in a manner that may encourage or induce illegal or improper activities, even within the scope of the purpose.

[1] Reservations for air transportation services, ticket sales, check-in, airport handling, and in-flight services;
[2] Reservations, ticket sales, check-in, and airport handling for joint carriage, joint acceptance of carriage, code-sharing, successive carriage, and consignment carriage;
[3] Service guidance, provision of services, operation of services, management of services, shipment of purchased products, contact regarding purchased goods, response to inquiries, after-sales service, and management of information of members, regarding all services including websites and applications operated by the Company other than [1]-[2] above;
[4] To provide information (including distribution of behaviorally targeted advertisements (*4)) regarding the Services etc., contacts necessary for the operation of Services, etc., implementation and management of questionnaires;
[5] All operations incidental or related to [1]-[4] above;
[6] Analysis of Services, etc. (including analysis of customer attribute information and behavioral history), other surveys and research, and development of new services and products;
[7] Creation of statistical data related to Services, etc., processed into a format that does not allow individuals to be identified;
[8] To provide information on services, products, events and campaigns handled by our group companies and partner companies (including distribution of behaviorally targeted advertisements);
[9] Responding to customer inquiries, requests, etc.
[10] Selling non-life insurance and small-amount short-term insurance products and services under consignment from Chubb Insurance Co., Ltd., Sompo Japan Insurance Inc., AWP Ticket Guard Small Amount & Short Term Insurance Co., Ltd., and Zurich Insurance Company Ltd., and provision of services incidental or related thereto, etc. (*5)
[11] Purposes described in Chapter 1, Section 7 "Shared Use".

(*4) Information acquired from customers, such as website and application browsing history and purchase history, will be analyzed to provide services, distribute advertisements, etc.
(*5) Please see below for the purposes of use of personal information as stipulated by each insurance company.
・Chubb Insurance Company Limited
https://www2.chubb.com/jp-jp/footer/privacy-policy.aspx
・Sompo Japan Insurance Inc.
https://www.sompo-japan.co.jp/private_information/
・AWP Ticket Guard Small Amount & Short Term Insurance Company
https://www.ticketguard.jp/company/privacy-policy.html
・Zurich Insurance Company Ltd.
https://www.zurich.co.jp/agreement/

Notwithstanding the foregoing, if we receive personal information from a third party and there is a separate stipulation regarding the purpose of use of such personal information, we will use such personal information in accordance with such stipulation.

5. Provision to Third Parties

We will not provide personal information about our customers to any third party, except in the following cases. Please note that the outsourcing of the handling of personal information to a subcontractor (Chapter 1, Section 6) and the sharing of personal information (Chapter 1, Section 7) do not constitute the provision of information to a third party.

[1] When the customer's consent has been obtained;
[2] When the provision of information is required by law;
[3] When it is necessary for the protection of human life, body, or property and it is difficult to acquire the customer's consent.
[4] When the provision of information is required to cooperate with public duties of the national or local government, and obtaining customer consent may make it difficult to carry out such public duties.
[5] When the information is provided in a form such as statistical data in which the individual cannot be identified.
[6] When the personal information is provided in connection with the succession of business due to merger, company split, business transfer, or other reasons.
[7] When providing personal information in accordance with legal procedures, provided that the customer can easily confirm the following information on the Company's website, etc., in advance, and provided that the customer has not expressed a desire to refuse the provision of personal information.

1) To be provided to a third party for the purpose of use;
2) Items of personal data to be provided to third parties;
3) Means or method of provision to third parties;
4) To stop the provision of information to third parties when requested by the customers;
5) Method of accepting requests from customers.

6. Outsourcing the Handling of Personal Information to Subcontractors and Management of Subcontractors

From time to time, we may outsource our business to third parties, and in such cases, personal information may be provided to the extent necessary to achieve the purposes of use described in Chapter 1, Section 4. In such cases, we will appropriately supervise the subcontractor, including the conclusion of a contract regarding the handling of personal information.

7. Joint Use

Peach Aviation may share your personal information with joint users of this information as follows.

[1]
●Joint user(s)
ANA Group Companies

●Type of information shared
Customer's name, address, telephone number, e-mail address, date of birth, age, gender, transaction details, details of inquiry, history of use of website, application, etc.

●Purpose of use
1) To provide air transport services, travel services such as tours and hotels, and other products and services handled by the company we or jointly use.
2) For the purpose of sending direct mail, providing information on products and services, and conducting questionnaires, etc. by the company we or jointly use.
3) For sales analysis and other research and development of new products and services of the company that we or jointly use.
4) In order to communicate and hand over the products and services offered by us or the company we use jointly to the company in charge in the event of inquiries from customers, applications for use, or other requests.
5) In order for us or our joint companies to appropriately and smoothly carry out transactions with customers.
6) For management and internal management of the ANA Group

●Name, address and representative of the person responsible for the management of personal information
ANA Holdings, Inc.
〒105-7140
Shiodome City Center, 1-5-2 Higashi-Shinbashi, Minato-ku, Tokyo
Koji Shibata, Representative Director

[2]
●Joint user(s)
EAN.com LP

●Type of information shared
Reservation number at the time of ticket purchase, travel destination, travel date
(Limited to the information of the person who clicked the advertisement leading to the hotel reservation site provided by the joint use company)

●Purpose of use
1) To analyze data provided from the "Peach Rooms" site.
2) To verify data from the "Peach Rooms" site, with data from Peach Aviation Ltd. Website.

●Name, address and representative of the person responsible for the management of personal information
Peach Aviation Limited
〒549-0001
1 Senshu Kukou Kita, Izumisano-shi, Osaka, Japan
Peach Aviation Limited
Representative Director and CEO: Kazunari Ohashi

[3]
●Joint user(s)
Rokt Pte. Ltd. (For more information on Rokt Pte. Ltd.'s privacy policy, see here for more information.)

●Type of information shared
Customer's address (limited to the prefecture), email address, age, gender, and return airport at the time of ticket purchase

●Purpose of use:
1) To display the most appropriate advertisements on our official website based on your demographic information.
2) To check whether you have purchased products or services based on the advertisements described in 1) above, and to confirm the usage status of the advertisements.
※ Note that neither we nor Rokt Pte. Ltd. will send e-mail to your e-mail address for this purpose without your permission.

●Name, address and representative of the person responsible for the management of personal information
Rokt Pte. Ltd.
3 Phillip Street, #11-01 Royal Group Building, Singapore 048693
CEO Bruce Buchanan

8. Transfer Outside Japan

When we provide your personal information to third parties such as business entities outside Japan, including subcontractors and joint users, we will do so based on your consent, except in any of the following cases

[1] When the third party is located in a country that is stipulated by law as having a personal information protection system of a level equivalent to that of Japan
[2] Where the third party has established a system necessary for the third party to continuously take measures equivalent to those to be taken by business operators handling personal information in Japan

In the event that [2] applies, we will take necessary and appropriate measures to ensure the continued implementation of the corresponding measures by the third party. If you wish to confirm the details of these measures, please make a request in accordance with Chapter 1, Section 10.

9. Management of Personal Information

We will take necessary and appropriate security control measures to prevent leakage, loss, or damage of customers' personal information and to manage such information.

We will endeavor to maintain accurate and up-to-date information within the scope of the purposes of use, and will exercise necessary and appropriate supervision over directors, employees, and contractors (including subcontractors, etc.) handling personal data with respect to the protection and appropriate handling of customers' personal information.
In addition, we will set a separate retention period for personal information in accordance with the purpose of use, and dispose of such information in an appropriate manner after such period has elapsed.

If you wish to review the details of the security control measures, please make a request in accordance with Chapter 1 Section 10.

10. Method of Requesting Disclosure of Retained Personal Data and Contact for Inquiries

(1) Requests for Disclosure, etc. of Retained Personal Data
With respect to personal data held by the Company, we will respond to the following requests (hereinafter referred to as “Disclosure, etc.”)to the extent required by law after confirming that the request is made by the Customer for him/herself or on his/her behalf; notification of purpose of use, disclosure, correction, addition, deletion, suspension of use, removal, suspension of provision to third parties, disclosure of records of provision to third parties, and provision of information on personal information protection measures.
*Personal information protection measures refer to measures taken by the Company in cases falling under Chapter 1, Section 8 [2], or security control measures in Chapter 1, Section 9.
Please be aware that the Company may not be able to provide Services, etc. as a result of the suspension of use or deletion of personal information.

(2) Request Procedure
(i) Method of Requesting Disclosure, etc.
[Customers located in Japan]
Please send the required documents listed in (ii) by mail to the following address.
〒549-0011
1, Senshu Kukou Naka, Tajiri-cho, Sennan-gun, Osaka, Japan
Peach Aviation Limited
Person in charge of Personal Information Handling
[Customers located outside of Japan]
Please send the required documents listed in (ii) by e-mail to the following address.
Contact only for customers located outside of Japan: cs@flypeach.com

(ii) Required Documents to be Submitted upon Request for Disclosure, etc.
Please download the following request form (A), fill in all the prescribed items, and send it by mail together with documents to verify your identity (B) and a handling fee (only if you are requesting notification or disclosure of the purpose of use of retained personal data and wish to have a response sent by mail) (C).
(A) Request form

Request Form for Disclosure of Retained Personal Data

(B) Documents for identification
Please enclose the following (a) or (b) for identification.
(a) A photocopy of one of the following documents: driver's license, passport, physical disability certificate, or Residence Card or Special Permanent Resident Certificate
(b) In cases other than (a) above, two of the following documents: photocopy of health insurance card, photocopy of pension book, or seal registration certificate (issued within 3 months) with a registered seal affixed to the margin of the original.

(C) Fee
In the case of a request for notification or disclosure of the purpose of use of retained personal data, and if you wish to receive a response by mail, a handling fee of 1,000 yen (including tax) will be charged per request. Please enclose a postal money order with fixed amount (1,000 yen) issued by Japan Post Bank Co., Ltd.
*If the fee is insufficient or not enclosed, we will notify you in writing, but if payment is not made within two weeks of the dispatch of said document, we will assume that no request for disclosure has been made.
*No fee is required for requests other than notification or disclosure of the purpose of use.

(iii) When a Representative Makes a Request for Disclosure, etc.
If the person making the request for Disclosure, etc. is a legal representative of a minor or an adult ward, or a representative authorized by the person to make the request for Disclosure, etc., please enclose the following two documents for the representative in addition to the documents listed in (ii) above for the person in question:
1) Documents to verify the identity of the applicant (please enclose the same documents stipulated in (ii)(B) above for the representative)
2) A letter of attorney or other document that certifies the authority of representation in making a request for Disclosure, etc.

(iv) Method of Response to Requests for Disclosure, etc.
[Customers located in Japan]
We will respond in writing or by electromagnetic record to the person who made the request (to the address indicated on the return envelope or the e-mail address indicated on the request form).
*If you wish to receive a response by electromagnetic record (electronic file format), Please make sure that you can receive emails from the domain "@flypeach.com".

[Customers located outside of Japan]
We will respond to your request by electromagnetic record to the person who made the request (to the e-mail address indicated on the request form).
*Please make sure that you can receive emails from the domain "@flypeach.com".

[Others]
If we do not disclose the information, we will notify you with the reason. Please note that it may take several days to reply. Disclosure, etc. of retained personal data will not be made in the following cases:
(a) When the identity of the applicant cannot be confirmed;
(b) When the authority of representation cannot be confirmed for an application by a Representative;
(c) When the required documents are incomplete;
(d) When the subject of the request for Disclosure, etc. does not fall under our retained personal data;
(e) If there is a risk of harm to the life, body, property, or other rights or interests of the person concerned or a third party;
(f) If there is a risk of significant hindrance to the proper execution of our business;
(g) If there is a risk that the security management of personal data held by the Company may be hindered;
(h) If it would be in violation of laws and ordinances

(v) Purpose of Use of Personal Information Acquired in Connection with Requests for Disclosure, etc.
Personal information acquired in connection with requests for Disclosure, etc. shall be handled only to the extent necessary for handling the request for Disclosure, etc. Documents submitted will be stored for a certain period of time and then properly disposed of.

(3) Other Inquiries
For inquiries regarding our handling of personal information, please contact the contact listed in (2) (i) above, depending on your location.

11. Company Name, Address, and Name of Representative

Peach Aviation Limited
〒549-0001
1 Senshukuko-Kita, Izumisano-shi, Osaka, Japan
Representative Director and CEO, Kazunari Ohashi

Chapter 2 Handling of Personal Information of Customers located in the People's Republic of China

In addition to Chapter 1, the provisions of Chapter 2 shall apply to the handling of personal information of customers located in the People's Republic of China (the "PRC") in accordance with the Personal Information Protection Law of the People's Republic of China (中华人民共和国个人信息保护法) and related legislation ("PIPL, etc."). In the event of any conflict between the provisions of Chapter 1 and Chapter 2, the provisions of Chapter 2 shall prevail.

1. Introduction

If you are under 18 years of age, we ask that you acquire the consent of a parent or guardian or ask for permission from a parent or guardian before using our services. Persons who apply for our Services etc. on behalf of a customer are also requested to acquire the consent of the customer (or the guardian of the customer if the customer is a minor under the age of 18) for the Company's handling of personal information.
If a minor has provided personal information to the Company without the consent of his/her parent or guardian, the parent or guardian may request the Company to delete such minor's personal information in the manner described in Chapter 2, Section 5.

2. Acquisition of Sensitive Personal Information

We may handle passport information, health information, payment information, and personal information that may be classified as sensitive personal information in terms of PIPL, etc. for the purposes of use described in Chapter 1, Section 4.
In addition, there is a possibility that leakage or illegal use of sensitive personal information could adversely affect the rights and interests of customers (e.g., personal dignity could easily be violated, and personal and property safety could easily be endangered). We will strictly control and handle the information in a lawful manner.

If a customer under the age of 14 uses our Services etc., we will process only the minimum necessary information. We also ensure that appropriate safeguards are in place to prevent the profiling of minors under the age of 14, the transmission of promotional information, or the use of personal information to solicit them into activities that are inappropriate for their age or ability.

3. Retention Period of Personal Information

We retain your personal information until the purpose of use is achieved, and in particular, we have established the following retention periods for your personal information.

[1] Personal information of Peach account, Peach Mail Magazine and PEACH SHOP ONLINE:
After withdrawal from the membership, until the related work is completed.
[2] Personal Information of Passengers
Until the completion of carriage and related services as provided in the Conditions of Carriage for Domestic and International Passengers.
[3] Other personal information
The shortest period of time necessary for the agreed purpose of use

If there are other regulations under Chinese laws and regulations or the China Civil Aviation Administration (CAAC), etc., we will comply with those regulations. For example, the PRC Electronic Commerce Law requires that customer transaction and order information be retained for a minimum of three years. In addition, the CAAC's "Flight Irregularity Management Regulations" require us to keep information on complaints of flight irregularities for two years.

4. Safe Management of Personal Information

[1] We have security measures in place to protect the personal information provided by our customers from leakage, alteration, or loss. Specifically, we have taken the following steps to protect your personal information:
- We have established and implemented an internal management system and rules for the protection of personal information.
- We manage the classification of personal information.
- We use https to build our Web site and use SSL encryption communication technology to protect the transmission of important data between your Web browser and the server.
- Access control is implemented to reasonably set access privileges and to prevent unauthorized persons from accessing personal information.
- We provide education and training on security and privacy protection to raise awareness of the importance of protecting personal information among directors and employees.
- We have established and are operating an emergency response plan for accidents involving personal information.

[2] We establish measures to ensure that irrelevant personal information is not collected. We will retain your personal information for the shortest period of time necessary to accomplish the purposes described in this Privacy Policy, except where an extension of the retention period is permitted by law.
[3] In the event of an incident involving personal information, we will promptly notify our customers and report the incident to the regulatory authorities in accordance with PIPL and other regulations.

5. Requests regarding the Handling of Personal Information

In addition to Chapter 1, Section 10, we will respond to requests regarding the personal information of customers located in China that we retain as follows within a reasonable period and scope in accordance with the PIPL, etc. Please note that prior to making a request, we will verify the identity of the customer.

(1) Items claimable under this section
[1] Withdrawal of consent or deletion of personal information of a minor customer
If the processing of your personal information is based on consent, you have the right to withdraw that consent.
In addition, if a minor has provided personal information to the Company without the consent of his/her parent or guardian, the parent or guardian has the right to request that the Company delete the minor's personal information.
We will delete the personal information specified by the customer in accordance with the contents of the request, to the extent appropriate and possible. Please note that deletion may prevent us from providing Services, etc. that were previously available or that meet the customer's request. Please be aware of this before making a request.

[2] Requests for interpretation or explanation of this Privacy Policy
You have the right to request an interpretation and explanation of this Privacy Policy.

(2) When Making a Request
For requests under this section, the following request methods and contact information are available.

(i) How to Request
Please send the required documents listed in (ii) to the following address.
Contact for customers located in the People's Republic of China: cs@flypeach.com

(ii) Required Documents to be Submitted when Making a Request
(A) Request Form

Request Form <for customers located in the People's Republic of China >

(B) Identification documents
Please submit a photocopy of one of the following documents for identification purposes.
ID, passport, Mainland Travel Permit for Hong Kong and Macao Residents, Mainland Travel Permit for Taiwan Residents

(iii) When a Representative Makes a Request
If the person making a request under this section is a legal representative of a parent or guardian of a minor or an adult ward, or a representative authorized by the person to make the request, (hereinafter collectively referred to as “representative”) please send the following two types of documents:
(a) Documents for identification (please enclose the same documents stipulated in (ii)(B) above for the representative)
(b) A power of attorney or other document that certifies that the person has the authority to act on behalf of or is the guardian of the person making the request.

(iv) Reply to your Request
We will respond to your request by electromagnetic record to the person who made the request. Please note that it may take a few days to receive a response. Please note that we may not be able to respond to your request in the following cases.
(a) If the person cannot be identified;
(b) If the identity of the guardian or the right of representation cannot be verified when the application is made by a representative, etc.;
(c) If the prescribed documents are incomplete;
(d) If the subject of the request does not fall under our retained personal data;
(e) If there is a risk of harm to the life, body, property or other rights or interests of the person in question or a third party;
(f) If there is a risk of significant hindrance to the proper execution of our business;
(g) If there is a risk that the security management of personal data held by the Company may be hindered;
(h) If it would be in violation of laws and ordinances;

(v) Purpose of Use of Personal Information Acquired in Connection with a Request
Personal information acquired in connection with a request shall be handled only to the extent necessary to respond to the request. Documents submitted will be properly disposed of upon completion of the request.

6. Provision of Personal Information to Third Parties and Transfer of Personal Information Outside of China

When we provide your personal information to a third party (including cases of joint use and provision through outsourcing involving transfer outside of China), we will comply with the PIPL, etc.

Chapter 3 Handling of Personal Information of Customers located in the Kingdom of Thailand

1. Introduction

This Chapter 3 provides additional information about the collection, use, or disclosure ("processing") of personal information of customers and other individuals in the Kingdom of Thailand ("Thailand") in accordance with the Personal Data Protection Act of Thailand B.E. 2562 (A.D. 2019) ("PDPA").
If consent is required for processing of personal information relevant to the use of our Services, etc. of data subjects who are minors, quasi-incompetents or incompetents under the law of Thailand and cannot lawfully give consent by themselves, consent or permission of the persons exercising parental power, their curators or custodians (as the case may be) must also be obtained. If data subjects are under the age of 10, only consent or permission of the persons exercising parental power must be obtained.
If the Company is not aware that the data subjects are minors, quasi-incompetent persons or incompetent persons prior to the collection of their personal information, upon learning that we have collected personal information of minors without the consent of persons exercising parental power (when it is required and the minors cannot lawfully give consent by themselves), or from quasi-incompetent persons and incompetent persons without the consent of their legal curator and custodian, we will delete the personal information at the earliest convenience unless we can rely on other legal grounds apart from consent for such processing.
The data subject’s consent to this Privacy Policy must be obtained in the event that a person such as family member or an agent authorized to act on its behalf applies for our Services, etc. on behalf of the data subject.
In the event that any provisions of this Chapter 3 contradict those of Chapter 1, the provisions of this Chapter 3 shall prevail.

2. The controller of personal information

The controller of your personal information is the Company .
The Company protects personal information which is collected and used by controllers (who make decisions about how and why your personal information is used) and processors (who act on the controller's written instructions) on the basis of the PDPA.

3. Our lawful basis for processing personal information

The Company protects your personal information by ensuring that it can only be used to the extent necessary for specific purposes (as set out in Chapter 1, Section 4) and by requiring that there is a lawful basis for each processing activity on the basis of the PDPA.
The Company may process customer personal information on one or more of the following lawful bases:
[1] When your consent is obtained to the processing (Article 19 PDPA)
Consent will usually only be relied upon for promotional and marketing related processing, or in some cases, in relation to sensitive personal information.
[2] When processing is necessary in order to perform or take steps to enter into a contract (Article 24(3) PDPA).
This is typically why we process customer information which is essential to providing our services, including a customer’s identity, contact, payment and travel details, etc.
[3] The Company needs to process the information to comply with a lawful obligation (Article 24(6) PDPA).
This includes the requirement to share personal information with customs and immigration authorities or law enforcement, as well the Company's legal duties towards its staff and customers.
[4] The information is required to protect your, or a third party's, vital interests (Article 24(2) PDPA), for example in the event of a medical emergency.
[5] It is in the Company's or a third party’s legitimate interests to process the personal information, and these interests are not overridden by your fundamental rights regarding your personal information under the law (Article 24(5) PDPA).
This includes the use of personal information necessary to operate the Company’s business and also to maintain, develop and improve its products and services and provide the best possible customer experience to the extent permissible under the PDPA.

4. Request about processing of personal information

(1) The PDPA provides you with the following legal rights:
[1] Request for disclosure: You can request copies of your personal information and details of how we process it.
[2] Request for correction or updating: Corrections or updates to personal information will be undertaken wherever possible after due review of the request.
[3] Request for erasure: You may request that we erase, destroy or anonymize all or part of the personal information we hold about you. We will consider your request and, where the information is no longer required or the law does not permit us to continue to retain it, we will delete it.
[4] Transferring your personal information: You can request a copy of your personal information in a structured, common, machine-readable format. This only applies to personal information which we obtain from you and process on the basis of your consent or in order to perform a contract, and which is processed by automated means.
[5] Objecting to processing: You can object to processing which is carried out on the basis of our or a third party’s legitimate interests or for the purpose of direct marketing. We will stop processing your information unless we have a legitimate reason to continue which overrides your objection. If your objection is to direct marketing, we will always stop.
[6] Restricting how your personal information is processed: You can limit how we process your personal information in certain circumstances. Where this applies, any processing of your personal information (other than storing it) will only be lawful with your consent or where required for legal claims, protecting certain rights or important public interest reasons.
[7] The right to withdraw consent : If we are relying on consent to process your personal information, you have the right to withdraw that consent at any time.
However, the withdrawal of consent shall not affect the processing of your personal information that you have already given consent legally before it is withdrawn.
Please note, the rights set out above are not absolute and do not apply in every situation. There are also legal exemptions which apply in some situations and mean a request may be refused.
Of course, if a request is refused we will inform you of the reasons for this when we respond.
Records of requests made to us will be retained so that we can ensure we have complied with our legal obligations.

(2) When Making a Request
You can exercise your rights free of charge (except in the case where expenses may be chargeable under the PDPA). The method for submitting a request and contact information are as follows.
(i) How to Request
Please send the required documents listed in (ii) to the following address.
Contact for customers located in the Kingdom of Thailand: cs@flypeach.com

(ii) Required Documents to be Submitted when Making a Request
(A) Request Form
Request Form <for customers located in the Kingdom of Thailand>
(B) Identification documents
Please submit a photocopy of one of the following documents for identification purposes.
ID, passport

(iii) When a Representative Makes a Request
If the person making a request under this section is a legal representative of a parent or guardian of a minor or an adult ward, or a representative authorized by the person to make the request, (hereinafter collectively referred to as "representative") please send the following two types of documents:
(a) Documents for identification (please enclose the same documents stipulated in (ii)(B) above for the representative)
(b) A power of attorney or other document that certifies that the person has the authority to act on behalf of or is the guardian of the person making the request.

(iv) Reply to your Request
We will respond to your request by electromagnetic record to the person who made the request.
We will respond without delay and usually within thirty (30) days.
We may, in some cases, ask for identification or (if you are making the request on behalf of a third party) proof of your authority to submit a request. If your request is particularly complex or you have made a number of requests, it may take longer to provide a detailed response. Please also bear in mind that there are exceptions to the rights above and some situations where they do not apply.
Please be informed that, in some cases, we may not be able to disclose the information requested because it does not exist or because the request cannot be met due to laws and regulations. Should such case occur, we will notify you of the denial of disclosure and the reasons.
If you are not satisfied with our response to a data protection request or if you think your personal information has not been processed appropriately, then you have the right to file a complaint with the Personal Data Protection Committee of Thailand.

(v) Purpose of Use of Personal Information Acquired in Connection with a Request Personal information acquired in connection with a request shall be handled only to the extent necessary to respond to the request.

5. Data sharing which is necessary to provide products or services

The Company’s products and services are provided with the assistance of other companies and organizations and often the Company will need to share personal information with third parties in order to run its business. These third parties include:
[1] ANA Group Companies
[2] Organizations with which the Company is legally required to share personal information
including: government organizations, regulatory and law enforcement authorities, judicial, customs and immigration authorities, third-party organization, etc.
[3] Service providers
including: subcontractor handling the Company flights, airports and airlines who we partner with, various service providers, providers with whom we have a marketing partnership, etc.
Where the Company instructs companies, contractors or service providers to process data on its behalf, then it will ensure that it does so pursuant to a contract which meets the requirements of PDPA.

6. Marketing communications

The Company sends out marketing communications from time to time to notify interested persons of news and provide details of our Services, etc. which may be of interest to them. The Company will only do this if the recipient has consented to receive marketing communications.

7. Where your personal information is stored and transferred

The Company is located in Japan and many of the service providers and other organizations with whom we share your personal information will be located in jurisdictions outside Thailand.
When transferring personal information to third parties, the Company will ensure that it complies with the requirements of the PDPA and related Japanese laws.
However, you should be aware that recipients outside Thailand may be subject to national laws which do not necessarily provide equivalent protection for your personal information. If you would like more information regarding where your personal information is stored and transferred please contact the Company using the details set out in this Chapter 3, Section 10.

8. Retention of personal information

The Company retains customers’ personal information until the purpose of use is achieved. Particularly, the Company has set the retention period for personal information as follows. For most other personal information, the appropriate retention period will be determined based on the nature of the information and the purpose for having it by reference to legal and accounting requirements and our business needs.
[1] Personal information of Peach account, Peach Mail Magazine and PEACH SHOP ONLINE:
After withdrawal from the membership, until the related work is completed.
[2] Personal Information of Passengers
Until the completion of carriage and related services as provided in the Conditions of Carriage for Domestic and International Passengers.
[3] Other personal information
The shortest period of time necessary for the agreed purpose of use

Please note that the Company may retain your personal information for a longer period than mentioned above if it is for the purposes of the establishment, compliance, or exercise of legal claims, the defense of legal claims, or the purpose for compliance with the law.

9. Lodging a complaint with an authority

Customers have the right to lodge a complaint on the processing of their personal information with the Personal Data Protection Committee of Thailand.

10. The contact information of the controller and Data Protection Officer.

Controller: Peach Aviation Limited
1 Senshukuko-Kita, Izumisano-shi, Osaka, Japan

Data Protection Officer email: cs@flypeach.com

11. The contact information of the local representative

Name of the representative in Thailand: Air People International Co., Ltd.
Address: 14th Floor Charn Issara II, 2922/215 New Petchburi Road, Bangkapi, Huaykwang, Bangkok 10310
Contact details: peach@apiairlines.com

Effective date: April 12th, 2024