All downloadable files on this page are in PDF (Portable Document Format) and can be viewed with Adobe Acrobat Reader. You can download the Reader at no cost from the Adobe website.
At Cathay Pacific, we are committed to protecting your personal and data privacy. To ensure that you can make informed decisions and feel confident about supplying your Personal Data (as defined below) to us when using our website, mobile and other services, we provide this notice outlining our practices and the choices you have concerning how your Personal Data is being collected and used by us.
We request information from you in several areas of our website, mobile services and other channels that may be used to personally identify you (“Personal Data”), including but not limited to:
Certain Personal Data (particularly relating to your personal information and contact information) are required for specific services and if you fail to supply such Personal Data as requested from each specific service, we may be unable to deliver you the services in full.
We may use the Personal Data you provided for one or more of the following purposes:
We may from time to time use aggregate non-identifying information about our customers to better design our website and/or to improve our services and products. This means we may provide this information to third parties. However, this information will never identify any single user in particular.
Except as provided below, we will not knowingly or intentionally use or share the Personal Data you provide to use in ways unrelated to the aforementioned purposes without your prior consent.
You may request access to and correct your Personal Data held by us. If you wish to obtain a copy of any of your Personal Data, if you believe that the Personal Data relating to you which we collect and maintain is incorrect, or if you believe that the Personal Data held by us was used beyond the scope of the purpose of use disclosed above or was acquired by fraudulent or unlawful means or provided to a third party without your prior consent, please write to us at the address below.
A request for access or correction to, or deletion of Personal Data or for information regarding policies and practices and kinds of Personal Data held by us must be in writing and sent to us via postal mail at the following address:
The Data Protection Officer
Cathay Pacific Airways Limited
6th Floor Cathay Pacific City,
8 Scenic Road,
Hong Kong International Airport, Lantau, Hong Kong
We may charge a reasonable fee for the processing of any data access request.
Two types of cookies are used on the CX Group Sites:
Session Cookies, which are temporary cookies that remain in the cookie file of your browser until you leave the site.
Persistent Cookies, which remain in the cookie file of your browser for much longer (though how long will depend on the lifetime of the specific cookie).
Cookies cannot be used by themselves to identify you.
Third Party Cookies
|country_lang_cookie||Used to record your country of residence and your preferred language choice.|
|Marco Polo Club_userid_cookie||Used to remember the login ID of Marco Polo Club member when "Remember this no." option is selected during login.|
|session cookie||Cookies that will expire at the end of session or after idling for 30 minutes. Used to maintain the transaction with CX Group Site.|
|TRACKER_CX / TRACKER_KA||Used to recognise repeated visitors to the site and in conjunction with other information we hold to attempt to record specific browsing information (that is, about the way you arrive at the site, pages you view, options you select, information you enter and path you take through the site) against an individual customer profile.|
|CoreID6||Used to recognise repeated visitors to the site and in conjunction with other information we hold to attempt to record specific browsing information (that is, about the way you arrive at the site, pages you view, options you select, information you enter and path you take through the site) against an individual customer profile.|
|DoubleClick||Used for the purpose of serving our Internet advertisements on other [third party] websites. Some of our web pages may contain electronic images that allow us to track user interactions on these pages. They may also report back some information to DoubleClick about the interaction performed.|
Used for the purposes of understanding more about visitors on CX Group Sites then apply this understanding to provide web environments that save visitors time and make the sites easier to use. This data could include search engine referral, affiliate referrals, traffic driven by banner ads or other promotions, visitor navigation around the site, popular pages, processed or abandoned transactions and sales conversions. It also receives certain technical information, such as the visitor's browser version and operating system. Ticket booking information will be captured such as IP address, MARCO POLO CLUB membership number, Asia Miles membership number, login name and email address. All information about individual visitors to a web site belongs to Cathay Pacific. IBM Coremetrics is not allowed to disclose individual information collected for Cathay Pacific to any other IBM Coremetrics client.
On CX Group Sites Coremetrics is used in conjunction with CoreID6 for online web analytics.
Below technologies are used by IBM Coremetrics on CX Group Sites:
Session Cookie: The "Session" cookie exists only for the lifetime of the current browser session. The Session cookie will exist from the point at which the first tag is received from the website until 1) the visitor closes all browser windows for the browser in question or 2) more than 30 minutes pass without receiving a data collection tag from the browser session. One or more "sessions" may be associated with a "visitor".
Visitor Cookie: The "Visitor" cookie persists after the visitor closes all browser windows. The "Visitor" cookie contains a cookie ID referenced by Coremetrics to identify a visitor returning to the site across multiple "sessions".
Web Beacon: Also known as a "clear GIF", "pixel tag", "data tag" or "image tag". It is a mechanism by which a small section of code that is placed on web site pages to execute an image request to IBM data collection servers. Web beacons facilitate the transfer of data by requesting and delivering the transparent graphic GIF image from IBM Coremetrics to relevant CX Group Site.
If you do not want IBM Coremetrics to deploy cookies in your browser, you can set your browser to reject cookies or to notify you when a web site tries to put a cookie in your browser software. Rejecting cookies may affect your ability to use of some of the products and/or services at our web site.
IBM Coremetrics offers two methods by which visitors can opt-out of data collection associated with their online activities:
1) "Anonymous Visitor" and
2) "Total Opt-Out" (which are both discussed below).
For either of these options to take effect, you must first accept a cookie from this site which will allow us to recognize you with a random and unique alphanumeric identifier so that we can honor your opt-out selection. If you do not accept this cookie, or later delete it, we cannot honor your request to opt-out and you will continue to be served cookies.
Your IBM Coremetrics cookie contains a random and unique alphanumeric identifier. If you select the "Anonymous Visitor" option, then your cookie will be modified to read "anonymous", meaning that IBM Coremetrics will continue to collect or receive data about your experience on CX Group Sites. However, such data will be presented as part of a pool of general, anonymous visitors.
If you select "Total Opt-Out", then your cookie will be modified to read "opt-out", meaning that no data will be collected about you on the relevant CX Group Site. IBM Coremetrics will in such cases record that a "Total Opt-Out" election has been made, so that aggregated totals of "Total Opt-Out" elections can be calculated and recorded. Once you make your selection, a dialog box should appear to confirm that your opt-out choice was successful. The opt-out will remain in effect for as long as the cookie remains on your hard drive. If you remove this cookie from your hard drive (for instance, if you reinstall or update your browser or choose to delete all cookies), you will need to renew your opt-out selection.
Remember, if you choose to opt out of the Site Analytics cookie [from a particular CX Group Site] you will need to do so the first time you visit such site which provide opt-out to avoid having your information collected by that site. Further, if you use more than one web browser or computer, you will need to opt-out in each one. Please note that if you upgrade your browser to a new version (including, but not limited to, Microsoft's Internet Explorer 8.0), you may need to opt out again.
Please click here if you wish to opt-out from data collection associated with IBM Coremetrics.
Remarks: Rejecting cookies may affect your ability to use of some of the services on CX Group Sites.
All browser releases from 4.0 and beyond have a "cookie filter" imbedded in the Privacy settings.
You have the ability to accept or decline cookies by modifying the settings in your browser. However, you may not be able to use all the interactive features on our site if cookies acceptance have been disabled completely.
Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in future.
You need to set each browser, on each device you use to surf the web. You should repeat this procedure with each one if you use multiple browsers (e.g., Safari, Internet Explorer, Firefox, Google Chrome, etc.). Similarly, if you connect to the web from multiple devices (e.g., work and home), you need to set each browser on each device. However, if you disable cookies or refuse to accept a request to place a cookie, it is possible that some parts of this website, and certain areas of the website for which you need to log in, will not function properly, and the advertising you receive when you visit this website may not be advertisements tailored to your interests.
Whilst currently we are only using cookie in the ways we have stated out, new cookies will be implemented as necessary in order to better serve you.
We may collect information regarding your IP address, browser type, domain name and access time. This information is used for our own research purposes and is separated from the Data. We do not link IP addresses to any personal information. In rare instances, IP addresses may be used to assist in deterring and/or preventing abusive or criminal activity on the website.
This website contains links to other sites that are operated by third party companies with different privacy practices. You should remain alert when you leave our site and read the privacy statements of other websites. We have no control over Personal Data that you submit to or receive from these third parties.
To maintain the accuracy of the Personal Data, as well as to prevent unauthorised access and ensure the correct use of Personal Data, we have implemented appropriate physical, technical, and administrative measures to safeguard and secure the Personal Data we collect.
For example, we use Secure Socket Layer (SSL) protocol—an industry standard for encryption over the Internet—to protect in transmission the Personal Data we collect online. When you type in sensitive information such as credit card details, it will be automatically converted into codes before being securely dispatched over the Internet. All electronic Personal Data that we maintain is securely stored and further protected through our use of appropriate access controls. When disposing of Personal Data, paper documents containing Personal Data are securely destroyed, and electronic files storing Personal Data are permanently deleted.
In addition, to better protect certain Personal Data, some areas of the cathaypacific.com website or our mobile services channels are inaccessible unless you supply individually identifiable and verifiable information, such as your The Marco Polo Club / Asia Miles™ Membership Number and Password, or log in using your User ID and PIN.
As stated above, in some instances we may entrust Personal Data to third party service providers (including service providers outside of your jurisdiction), binding them to protect the security of Personal Data and only to use it for the purposes we specify.
In addition, we may disclose and transfer Personal Data to and jointly use Personal Data with (whether within or outside of your jurisdiction) our subsidiaries, associated companies, business associates, service providers, and other persons who we consider appropriate, in connection with the services and products provided to or requested by you. We may disclose this information to facilitate communication of news and information about such services and products and otherwise for the purposes mentioned above, under Section 3, "Purposes for which the Personal Data are Collected and Used."
The entities with whom we may share your Personal Data include but are not limited to:
Where permitted by applicable local law, we may also disclose your Personal Data to third parties: (i) when required by law, by court order, or in response to a search warrant or other legally valid inquiry; (ii) to an investigative body; (iii) to enforce our agreements with you; (iv) when requested by other government or law enforcement authorities (such as immigration and customs control and/or border control agencies); (v) with your express consent, or, (vi) pursuant to our good faith belief that disclosure is required by law or otherwise necessary to the establishment of legal claims or defenses, to obtain legal advice, to exercise and defend our legal rights, to protect our rights or property and those of our subsidiaries or associated companies, or to protect the life, body or property of an individual. This also applies when we have reason to believe that disclosing the Personal Data is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
We may also transfer any information we have about you as an asset in connection with a merger or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of Cathay Pacific or as part of a corporate reorganization or stock sale or other change in corporate control.
Please be advised that the Personal Data that Cathay Pacific collects or obtains may be transferred to jurisdictions that offer lesser protection of Personal Data than that provided in your jurisdiction. By submitting personal information to Cathay Pacific or using any Cathay Pacific website, you understand and consent to such transfer.
Occasionally, we may use your personal data (including your name and contact details) to send you marketing communications such as emails containing news, offers, promotions and joint marketing offers about our travel services and packages, loyalty programs, duty-free sales and other travel related auxiliary services such as travel insurance, hotel transfers and car rentals. However, we will first obtain your consent before doing so. Please see below on how to provide us with your consent.
We may also provide your personal data (including your name and contact details) to third parties including our marketing partners, travel service partners for the purpose of marketing their products and services to you, including travel services and packages, loyalty programs, duty-free sales and other travel related auxiliary services such as travel insurance, hotel transfers and car rentals. Again, we will only do this if you provide us with your consent.
You may indicate your consent to the above by the following ways:
You may opt-out from receiving marketing communications at any time, free of charge, by:
Any personal data provided to or gathered by Cathay Pacific is controlled primarily by Cathay Pacific.
All Personal Data that has been collected from you will only be stored for a limited duration that is relevant to the purpose for which it was processed and for as long as required by applicable law.
This notice is written in English language and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this notice, the English version shall prevail.