1. Home
  2. Privacy Policy

Thank you for visiting our website www.thaivietair.com. We respect and are committed to protect the privacy of our website visitors, as set out in this privacy policy. By using our website and/or purchasing the services offered on our website, you agree that you have read & accepted the following conditions of our privacy statement. This privacy Policy forms part of our Terms & Conditions & governs how ThaiVietair.com (hereinafter referred to as “we,” “our,” or “us”) collects, uses, stores, and protects personal information (hereinafter referred to as “Personal Information”) provided by customers, website users (the “Website Users”), and individuals who interact with us through our call centers or sales offices.

Article1. Information We Collect

Depending on how you use our website, we may collect:

- When browsing: non-identifiable technical data such as IP address, device type, and cookies.
- When booking: name, passport number, date of birth, nationality, contact details (email, phone).
- When communicating: inquiries, complaints, or service requests via email, phone, or live chat.
- When subscribing: if you opt in, your email for newsletters or promotional offers.

Article 2. How We Use Your Information

We use your personal information for purposes such as:

- Processing and confirming your reservations.
- Issuing e-tickets and sending booking updates.
- Communicating with you about schedule changes or service issues.
- Providing customer service and responding to inquiries.
- Improving our website and services.
- Sending marketing updates or offers (only with your consent).

Article 3. Sharing of Data

We only share your information when necessary, including with:

- Vietjet Air to issue and manage your bookings.
- Trusted service providers (e.g., payment processors, IT support, travel partners) who help us deliver our services.
- Authorities or regulators when required by law, to prevent fraud, or to ensure safety.
We commit to not sell or rent your personal information to third parties.

Article 4. Methods of Collecting & Retention Period of Personal Data

* We may collect your personal information through various channels, including but not limited to:

- Our website and mobile applications when you book a flight;
- When you subscribe or register for our newsletters or electronic communications;
- When you register to participate in our services, promotions, or other programs.
* We will retain your personal data within our internal systems for as long as is necessary to:
- Provide the requested services;
- Fulfill the purposes for which the data was originally collected;
- Comply with applicable legal and regulatory obligations;
- Resolve disputes or enforce our agreements.
- Your personal data will be deleted once it is no longer required for above mentioned purposes, or earlier if you request its deletion, in accordance with applicable laws.

Article 5. Legal Basis for Processing Personal Data

We only process your personal data on the following legal grounds:

- Your certain consent, where required;
- Performance of a contract of carriage, or taking steps at your request before entering into such a contract;
- Compliance with legal obligations under applicable laws;
- Pursuit of our legitimate interests, provided such interests do not override your fundamental rights and freedoms.

You may withdraw your consent at any time. However, please be noted:

- Withdrawal of consent will not affect the lawfulness of processing carried out based on your consent prior to its withdrawal;
- If you choose not to provide certain personal data, or if the information you provide is incomplete or inaccurate, we may not be able to fully perform our contractual obligations or provide the services you have requested at the expected level of quality.

Article 6. Your Rights

As a user, you have the right to:

- Access and request a copy of your personal data.
- Correct or update inaccurate information.
- Request deletion of your data where legally permissible.
- Withdraw consent for marketing communications at any time.
- File a complaint with a data protection authority if you believe your rights are violated.

To exercise your rights, please contact us for support. You may, in your email, details the necessary information such as: full name, email address, booking number (if available), phone number… to identify you and your concern.
 

Article 7. Technical Measures for Data Protection

To protect customer personal information against loss, theft, unauthorized disclosure, alteration, or damage, we implement the following technical, managerial, and physical security measures:

- Important personal data is stored in a password-protected system with restricted access.
To cope with risks such as hacking or computer viruses, and considering the potential impact on individuals’ rights and freedoms, we undertake to:
- Prevent leakage or damage of personal data caused by hacking or malware;
- Operate access control systems to prevent unauthorized external access;
- Implement appropriate technical and organizational measures, including pseudonymization and encryption, to ensure a security level appropriate to the risks;
- Maintain the ongoing confidentiality, integrity, availability, and resilience of data processing systems and services;
- Ensure the timely restoration of access to personal data in the event of a physical or technical incident;
- Regularly test, assess, and evaluate the effectiveness of our security measures;
- Maintain a dedicated unit responsible for personal data protection

Please contact us for support if you have any inquiry or concern in regards to your personal information shared with us. You may, in your email, details the necessary information such as: full name, email address, booking# (if available), phone number… for him to identify you and support you as as quickly as possible.
 

Article 9. Communication and Notification in Case of Data Breach

In the event of a personal data breach, we will notify you and the relevant supervisory authority without undue delay, in accordance with applicable laws. Such notification will be written in clear, plain language and will include:

- The name and contact details of our Customer Data Care & Protection Officer or another point of contact.
- A description of the likely consequences of the breach;
- The measures taken or proposed to be taken to address the breach, including steps to mitigate any potential adverse effects.

Notification to you may not be required if:

- Adequate technical and organizational measures (such as encryption) were applied to render the data unintelligible to unauthorized parties;
- Subsequent actions have ensured that the high risk to your rights and freedoms is no longer likely to materialize;
- Providing individual notifications would involve disproportionate effort. In such cases, we will issue a public communication or take a similar measure to inform you effectively.

Article 10. Privacy Policy Effectiveness

This Privacy Policy takes effect immediately and replaces all previous versions.

We are committed to ensuring full compliance with this Privacy Policy, and our Customer Data Care & Protection Officers will oversee its enforcement.

We reserve the right to update or revise this Privacy Policy from time to time as necessary. Any changes will be published on our website with a revised date so you can easily identify the most recent version. 

Last reviewed and updated on 30 December, 2025