KLM Privacy Policy

Introduction

Koninklijke Luchtvaart Maatschappij NV (also known as KLM Royal Dutch Airlines) and Air France (45 rue de Paris, 95747 Roissy CDG Cedex, Frankrijk) know that the personal privacy of passengers and frequent flyer members (grouped together in this document as “customers”), prospective customers and the visitors to its website is very important.

The personal data of KLM’s customers, prospective customers and website visitors is thus handled and protected with the greatest possible care in accordance with the requirements of the Dutch Personal Data Protection Act (WBP), as well as the Personal Data Protection Act (hereinafter referred to as the "Personal Data Act") in Taiwan.

The Chinese version of "KLM Privacy Policy" is aimed at customers and potential customers in Taiwan as well as visitors to the Chinese version of the website, and was developed in accordance with the Taiwanese Personal Data Act. However, KLM customer data is stored at the head office of KLM, and is subject to the Dutch Personal Data Protection Act (WBP). KLM has a specialized institution (Address: Amsterdamseweg 55, 1182 GP in Amstelveen, The Netherlands) which is responsible for processing the company's data.

In accordance with WBP requirements, KLM has reported how it processes personal data to the Dutch Data Protection Authority (College Bescherming Persoonsgegevens - CBP) located in The Hague, The Netherlands.

These reports are available to the public and published online at

http://www.dutchdpa.nl/Pages/en_ind_wetten_zelfr.aspx

Discover the convenience of KLM's website

KLM is continually expanding and improving its electronic services to make them more convenient for customers, potential customers and website visitors. One example is that the KLM website provides 24-hour online access to booking and Flying Blue services. These electronic services simplify everything from travel planning, e-tickets and online check-in. People can also take advantage of the e-services to access the information provided by our partners, such as hotel and car rental reservations, and travel insurance.

Which personal data does KLM process?

Within the framework of providing you with aviation and transport services, selling you products or promoting its services, or allowing you to contact us for any other reason, KLM collects, processes, and uses your personal data, and will transmit your personal data internationally. Your personal data includes but is not limited to your name, date of birth, ID number, passport number, marriage status, education, and occupation, address, e-mail address, telephone number, credit card number, account data, personal travel preferences and interests or other data which could directly or indirectly identify you.

KLM uses directly or indirectly obtained personal information in executing aviation and transport contracts, for providing various services, executing legal acts, protecting the interests of parties or the public, and for informing customers, prospective customers and visitors to the KLM website about the activities, products and services of KLM, Air France, and its partners. KLM exchanges and uses personal data for these purposes with Air France and partners. In order to provide more convenience, KLM also develops new products and services based on your travel preferences and interests. Sometimes KLM will publish questionnaires or contests/competitions. Our customers, potential customers and website visitors can participate in these.

The purpose and scope of the collection, processing and use of personal data

KLM may collect, process and use your personal information based on the following objectives:

1.Aviation and transport booking or management and transport-related affairs

2.In order to assist in affairs relating to journeys such as hotel registration and ticketing

3.In order to manage customer information and consumer information

4. Passport, visa and documentation processing

5. Insurance protection and control as well as handling consumer protection affairs

6.Credit or debit card management and statements

7.Integration of business and technical information or purchase and supply management

8.Non-transport contracts, similar contracts or legal relationship management matters such as: Providing your personal information to KLM associates, subsidiaries, partner companies or service suppliers in order to provide you with better service.

9.In order to fulfil legal obligations or promote the public interest and for the protection of the rights of the parties or others. For example: Providing your personal data when required by foreign legal acts, foreign authorities or non-parties for insurance claims.

KLM's use of your personal data will not be limited to any region or duration so that we can be ready to provide the services you need when required. If you do not provide the personal information required for individual services, KLM will not be able to provide or meet the services you need.

What if you do not wish to receive any information?

If you do not wish to receive information on the activities, products and services of KLM and its partners, you can write to KLM's Privacy Department and enclose a photocopy of your identity. The address of that department is shown at the bottom of this page (if you wish to apply for or cancel KLM's e-mail service, please refer to the next paragraph).

E-mail services and marketing

Providing electronic services is important to KLM, particularly because these e-services offer customers, prospective customers and website visitors quick and convenient access to information, including, but not limited to booking, flights and marketing information for KLM, Air France and its partners.When you subscribe to such communications as KLM’s electronic newsletter, you are giving KLM, Air France and its partners permission to use your e-mail address to send you the newsletter, information from partners, and other mail such as surveys and news about special offers.

KLM.com uses cookies and applets. These are compact pieces of information that are stored on the hard drive of your computer. Cookies and applets collect information when you visit KLM.com. For more information, please read our cookie policy.

If you no longer wish to receive information via e-mail, you can click on the unsubscribe link at the bottom of each e-newsletter, or at KLM.com

The KLM website's record of clicking behaviour

On the KLM website, general visiting data such as the most commonly requested pages is recorded without this data being linked to the identity of the visitor. The purpose of collecting this information is to allow users to use the KLM website as easily as possible, while also helping them find the website information they require. In this way, KLM will be able to continue to improve their service standards.

Phishing e-mails

"Phishing" is a kind of Internet fraud used to illegally obtain personal information. It may seem as though KLM has automatically sent e-mail information wherein the recipient is asked to enter or re-confirm bank, password or credit card details. However, this information will be stored in a replica or copy of the KLM website. At the same time, clicking the links in these e-mails may damage the user's system. Phishing messages can be recognized by the following:

• Lack of a personal salutation
• Urgent request for an answer
• Grammatical errors or spelling mistakes
• Links to unknown web pages

KLM and its partners will not send any e-mail asking you to provide personal information. We will not send mail from any Internet mail server such as Gmail, Hotmail or Yahoo. Flight schedule or booking e-mails from KLM will contain your reservation code or booking number.

You are reminded that KLM is unable to control Internet scam e-mails sent to collect, process or use your personal data, or to internationally transmit your personal data. If you receive this type of fraudulent "phishing" message, we recommend that you do not reply to the message, do not click any of the links in the e-mail, and do not provide any personal information. Please forward the e-mail to the following e-mail address: email.abuse.qam@klm.com.

Please note, we will not reply to letters sent to this address, so you will not receive a reply.

The KLM website's use of cookies/applets

In the process of providing services, KLM uses cookies/applets. These are compact pieces of information stored on the hard drive of your computer. KLM uses both temporary cookies and special cookies/applets.

Temporary cookies contain no personal data and are intended only to make it easier for you to use the KLM site. Once special cookies/applets have been stored in your computer our website can identify you each time you return to the KLM site. With this information, the site can be designed specially to meet your needs – and to make our site better to use. If your browser prohibits the use of cookies/applets, you can still visit most of the content on the KLM website.

What security measures does KLM take?

KLM does its utmost to ensure your personal information is not used in bad faith. Only authorized personnel have access to your data. Should it be necessary for KLM partners to assume part of or any KLM services, KLM will reach an agreement with them prior to this that they will handle your personal data with an equally strict level of confidentiality.

Additionally, KLM's partners in Taiwan have not been commissioned by KLM to collect, process or use your personal data, and KLM's partners in Taiwan should comply by the relevant provisions of the Taiwanese Personal Data Act.

If KLM discovers any personal information theft, leakage, tampering, or other violations, aside from remedying this as soon as possible, after investigating and finding out the truth, you will be informed in an appropriate manner.

Links to other sites

Some of the pages on the KLM website link to the websites of other companies. KLM is unable to control how these companies collect, process or use your personal data, or internationally transmit your personal data. You are advised to read the policy (or statements) of these sites carefully in regard to how they process and protect personal data since the conditions offered by these sites may not be the same as those offered by KLM. KLM will not be responsible for any violations of these companies.

Special security measures to prevent aggression

To promote public order and safety aboard its flights, KLM keeps a record of the names of passengers who have interfered with safety, public order or discipline, either on board its aircraft or on the ground, or collects crime data for these passengers. They will not be allowed passage aboard KLM aircraft, and only after a certain time or under certain conditions determined by KLM will these be specially handled. These persons are personally informed (in writing where possible) that their name has been placed in these records, and how long these special security measures will apply to them. Related companies or parties may request access to these records, or make changes to their accuracy by submitting this request in writing to the KLM Privacy Office. However, if Clause 10 of Personal Data Law applies, KLM has the right to disregard the requests of these parties to reply to queries, view or make copies of this personal data.

In order to safeguard the health of all passengers or to assist specific passengers with boarding requirements, personal information such as medical records or health checks may be collected, processed or used.

Special security measures for travelling to and from the Netherlands Antilles, Aruba and Suriname

Passengers landed at Amsterdam Airport Schiphol who the Royal Netherlands Marechaussee find to be in possession of illegal drugs will have their names documented by the State of the Netherlands. The names of these people shall also be given to KLM. Based on such information, KLM is entitled to refuse to enter into any transport contract with these persons for a period of three years.

Related companies may request access to these records, or challenge their accuracy only by writing to the Royal Netherlands Marechaussee (Address: PO Box 90615, 2509 LP The Hague, The Netherlands). If you reside in the Netherlands Antilles, Aruba, Suriname or in Venezuela, your written request must be accompanied by a photocopy of your passport.

The transfer of data to countries outside the EU

In order to strengthen border control, many countries are taking increased safety measures. This is particularly true for the United States and Canada. In order to prevent and control possible terrorist activities, these two countries and other countries require more information about passengers taking round trips or going through some countries on some airlines (including KLM).

If the airlines refuse to cooperate, very serious penalties may be imposed: Including large fines or even the cancellation of the airline's landing rights. In addition, even if the airlines refuse to cooperate, passengers cannot avoid providing personal information; and passengers will still be asked about this information when travelling through the airport, resulting in long queues for customs and immigration formalities, and longer waiting times.

It must be emphasized that these authorities have guaranteed to use your booking information only for security purposes, and only authorized staff (customs, security and immigration) dealing with security matters have access to your personal information.

Contact

For questions, comments, or complaints about KLM's protection of your personal data, please click and fill out this form. After the form is received, we will get in touch with you as soon as possible.

If you would like to view your personal data, request a copy of the personal information, supplement, correct, delete, or challenge your personal data, you can write and attach a photocopy of an identification document, mailed to the following address:

KLM Royal Dutch Airlines
Privacy Office - AMSPI
PO Box 7700
1117 ZL Luchthaven Schiphol
The Netherlands

We may charge a reasonable fee for your above-mentioned requirements.

If KLM has queries about your request to correct, stop processing or using personal data, or if your request cannot be performed for business reasons and a dispute thus arises, KLM will note the dispute in accordance with the law and act after ascertaining the facts.

Changes

KLM reserves the right to revise this Privacy Policy at any time. For this reason, please check for the most recent version of KLM’s privacy policy.

This version was drawn up in October 2012.