We respect the privacy of our users. This privacy statement is designed to help them understand the type of information we gather and what we do with the gathered information.
The collected information falls into two categories:
To make use of certain features of our website (such as e-mail and other interactive forums), visitors need to register and provide certain information as a part of the registration process. We may ask for their name and address, the name and address of their company affiliation, their home and business phone numbers, their e-mail address, certain financial information, and any other information which may be useful. This helps us tailor our website to suit our visitor’s needs.
To make our website responsive to the needs and interests of our visitors, we track the pages visited by each user. Then, we aggregate this data with the data on the pages visited by other users, to track the overall visitor traffic pattern.
We recognise industry standards and employ security safeguards to protect personal information of our visitors from unauthorised access and misuse. Our online reservation system resides on a secure server that encrypts all purchase information using Secure Socket Layers. We use all reasonable endeavours to protect personal information from loss, misuse, and alteration. Only our authorised employees that are under appropriate confidentiality obligations have access to users' personal information.
Our visitors should, however, understand that the open nature of the internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended.
Please note that we respect the privacy of our users. We will not sell or provide any of their personal information to any third party except as necessary to provide requisite service(s), carry out the transaction(s) they have requested, to operate the Go First website and/or if we believe in good faith that the law requires it.
Our website often provides links to third party websites, such as those of our business partners and online advertisers. We request our visitors to review their privacy policies to learn more about what, why, and how they collect and use information of their visitors/users.
We are a company registered under the laws of India, having a registered office at C/o Britannia Industries Limited, A-33 Lawrence Road Industrial Area, New Delhi-110035, India, and a corporate office at C-1 Wadia International Centre (WIC), Pandurang Budhkar Marg, Worli, Mumbai 400025, India. We are engaged in the business of operating, managing, and providing scheduled air transport services under the brand name ‘GO FIRST’.
The customers of GO FIRST include customers of different nationalities and jurisdictions who avail/ book various services of GO FIRST on different online and offline platforms, namely, the GO FIRST website, mobile site, mobile applications, customer contact centre, authorized agents, and affiliates of GO FIRST. In the course of availing such services, the customers of GO FIRST provide certain personal data and information to GO FIRST, and the said Customer Data (as defined below) and information is collected and used by GO FIRST to provide safe, smooth, and efficient services to the customers; in which event GO FIRST is the controller of the personal information and data provided by the customers. Further, in certain cases, part of GO FIRST services require the customers to voluntarily share their preferences and options to avail of additional services that involve third-party participation for the provision of such additional services. In such cases, GO FIRST collects and processes the personal information and data of the customers with the third parties who are affiliates of GO FIRST. In both the above cases, GO FIRST acts as either the controller or the processor of the personal information and data collected from the customers depending upon the purpose for which the data is collected.
What information do we collect about you?
We collect information when you purchase flight tickets or other products on our website, mobile application, official social media channels, customer contact centre, authorized agents and affiliates, complete a survey, participate in a promotion, or when you travel with us, such as your contact details, travel information and credit card details. We also collect information about your preferences from your interactions with our in-flight and ground-based staff, and from specific requests you make. In addition, we collect device and technical information from you when you use our website or mobile application. For more information, please refer to Section 1 “The types of Customer Data we collect”.
How will we use the information about you?
We use your information to fulfil our contract of carriage with you. We also use your information to maintain our website and mobile application and tailor our products, send special day wishes and services to your preferences to provide the best service possible. In addition, we use your information to market our products and services to you, and those of our group companies, partners and agents (with your consent where required by applicable law). For more information, please refer to Section 3 “How we use your Customer Data”.
Who do we share your information with?
Where do we process your information?
Our information infrastructure is cloud-based and outsourced. We transfer your information to airports and ground staff in destinations that you are flying to and where we operate. Our staff are located in our offices around the world. For more information, please refer to Section 5 “Transfer of information overseas”.
How long do we keep hold of your information?
GO FIRST will retain Customer Data for as long as it is necessary to fulfil the purpose for which it was collected, and for satisfying any legal, business, accounting or reporting requirements or as required by relevant laws. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. For European Union (“EU”) residents, we will endeavour to delete data within thirty (30) days of a request for erasure or contact you if it will take longer. For more information, please refer to Section 8 “Retention”.
How can I exercise my rights over my information?
You may have various rights in relation to your data.
For more information for non-EU residents, please refer to Section 6 “Non-EU Data Subject Rights”.
For more Information for EU residents, please refer to Section 7 “EU Data Subject Rights”.
If you have any concerns or complaints, please contact us at the addresses mentioned in Section 14 “Contact us”.
How will we notify you of changes?
1. THE TYPES OF CUSTOMER DATA WE COLLECT:
The types of Customer Data that GO FIRST collect depend on the circumstances of collection and on the nature of the service requested or transaction undertaken.
There are two broad categories of Customer Data that GO FIRST collects:
A. Personal Data. The data we collect includes but is not limited to:
B. Technical Data. This includes device and technical information you give us when using our Website or mobile application (“Website”) such as IP addresses or other unique identifiers, like mobile carrier, time zone setting, operating system, platform, etc.
We also use Customer Data to derive statistical data, such as the number of passengers. This is processed and stored purely for analytical purposes and is entirely anonymous. This information will not be stored to your customer record, and will only be aggregated for statistical analysis so that we can better understand GO FIRST's customer profile and improve GO FIRST's service offering.
C. Special categories of information or “sensitive personal data”
Certain categories of Customer Data, such as information about your race, ethnicity, religion or health, are considered special categories of information, or “sensitive personal data” under the General Data Protection Regulation (“GDPR”). Generally, we try to limit the circumstances where we collect your sensitive personal data. However, this can occasionally occur because you have made certain requests in connection with your travel arrangements that reveal or suggest something about you that could be considered “sensitive personal data”, or if you otherwise choose to provide such information to us (or a third party such as the travel agent through which you made your booking).
D. How do we collect data from you?
GO FIRST collects Customer Data, either directly from you or from your authorized representatives (i.e. persons whom you have authorized and/or persons who have been validly identified as being your authorized representative (e.g. your organization’s corporate travel manager/agent) pursuant to our then-current security procedures). GO FIRST also collects Customer Data from third parties which are located in various countries. This includes, but is not limited to, travel agents (including, airlines and non-airlines), our service providers, or through our Website, inflight services, customer survey, any posts on GO FIRST specific pages on social media websites and other channels including our ticketing counters and airport operations.
2. IS THE PROVISION OF CUSTOMER DATA REQUIRED?
The collection of the following types of Customer Data is mandatory to enable GO FIRST to fulfill our contract of carriage with you. These types of Customer Data are marked as mandatory on our booking form. If you do not provide this information, we will not be able to provide you with our services and/or products required.
Additional information may be mandatory if you are flying to a specific country, or if you are flying on behalf of a business registered in a specific country, e.g. your gender, nationality, passport number, the country of issue of your passport, the name, GST registration number and address of the business you are flying on behalf of, and your business email address and phone number. These mandatory fields will be clear when you make a booking.
These types of Customer Data are marked as mandatory on our sign up / enrolment form. If you do not provide this information, you will not be able to benefit from points accruals and membership tier benefits and we will not be able to provide you with our services and/or products required.
The failure to supply the following types of Customer Data will result in (i) GO FIRST being unable to update you on our latest products and/or launches; and/or (ii) your inability to enter or participate in contests, promotions, or redemption activities organized by GO FIRST.
3. HOW DO WE USE YOUR CUSTOMER DATA?
If you are an EU resident, we are required to disclose the legal basis for processing your data under the GDPR. We will use the Customer Data in the following ways:
A. In accordance with our contract of carriage with you, we will use the Customer Data to:
B. As it is in our legitimate interests to be responsive to you, to provide customized services and marketing, and to ensure the proper functioning of our products, services, and organisation, we will use your Customer Data to:
a. to contact you to perform our services, and in particular, to monitor and record calls for quality, training, legal compliance, analysis, and other related purposes in order to pursue our legitimate interest to improve service delivery;
b. enforce our terms and conditions against your employer; and
c. communicate with you about products, services, promotions, events, and other news and information we think will be of interest to you.
If you are an EU resident, you can object to this profiling and opt out of receiving such targeted marketing. For more information on this right, please refer to the para with the heading “Objection” under Section 7 below; and
15. With your consent where required by applicable laws, we will use your Customer Data to:
a. send you marketing and promotional materials in relation to products and services offered by GO FIRST, GO FIRST’s partner airlines and service partners, as well as GO FIRST’s appointed.
b. You have the right to withdraw your consent at any time by contacting us at firstname.lastname@example.org
4. DISCLOSURE OF YOUR CUSTOMER DATA:
A. GO FIRST will share your Customer Data with selected third parties in the situations set out below:
B. GO FIRST will share the Customer Data with its stations in order to better customise your preferences when you travel with GO FIRST:
For the purposes of our contract with you, i.e. to:
C. As it is in our legitimate interests to be responsive to you, to provide customized services and marketing, to:
D. For the purposes of undertaking targeted direct marketing and other forms of marketing or advertisement, provided we have the consent of the recipient and/or have provided the opportunity to opt-out, in each case where required by applicable law.
E. GO FIRST will also use and disclose your Customer Data to persons who have been validly identified as being you or your authorized representative(s) pursuant to our then-current security procedures, for the purpose of the relevant transaction or inquiry. In particular, each of the passengers who are grouped under the same Passenger Name Record (“PNR”) number shall be deemed to be authorized representatives of each of the other passengers under the same PNR number.
F. GO FIRST will disclose your Customer Data to law enforcement or Government agencies, public, regulatory authorities, border control agencies, or other organisations for security, customs and immigration purposes, if legally required to do so, or if we have good faith belief that such use is reasonably necessary to:
G. We will also disclose your Customer Data to third parties:
In addition, GO FIRST may disclose Customer Data to our legal advisors for establishing, exercising, or defending our legal rights, to our other professional advisors, or as otherwise authorized or required by law. GO FIRST also reserves the right to share Customer Data as is necessary to prevent a threat to the life, health, or security of an individual or corporate entity such as GO FIRST. Further, GO FIRST will disclose Customer Data, as is necessary, to investigate suspected unlawful activities including but not limited to fraud, intellectual property infringement, or privacy.
5. TRANSFER OF INFORMATION OVERSEAS:
GO FIRST Corporate Office is based in Mumbai, India. GO FIRST’s infrastructure is primarily based on Cloud and its Core Systems are Software as Service (SaaS) in nature where its Customer Data is stored and accessed. Customer Data will be accessible to GO FIRST’s offices and appointed agents, including ground handling agents, sales agents, and contact centre agents, in India and around the world in connection with GO FIRST’s performance of the contract with you. This means that Customer Data will be transferred to, and stored at, a destination outside of your country and outside the European Economic Area ("EEA"). We will transfer Customer Data to airports and ground crew in destinations that you are flying to and where we operate. The Customer Data is transferred outside the EEA on the basis that it is necessary for the performance of the contract of carriage between you and GO FIRST. If you are an EU resident, where we transfer Customer Data outside the EEA, this is done on the basis that it is necessary for the performance of the contract of carriage between you and GO FIRST. The Customer Data will also be processed by staff operating outside the EEA who work for us, for our suppliers, or our business partners. Such staff is engaged in, among other things, the fulfillment of your order, the processing of your payment details, and the provision of support services.
6. NON-EU DATA SUBJECT RIGHTS:
If you are not a resident in the EU, you may have certain rights in relation to the Customer Data we hold about you, which we detail below.
You have the right to know whether we process Customer Data about you, and if we do, to access Customer Data we hold about you and certain information about how we use it and who we share it with.
Where permitted by law, GO FIRST, reserves the right to charge a reasonable administrative fee for this service. GO FIRST reserves the right to deny you access to your Customer Data and may provide an explanation as required by applicable laws.
You have the right to seek corrections of any Customer Data held about you that is inaccurate. GO FIRST reserves the right to charge a reasonable administrative fee for this service.
C. Feedback and Complaints
If you have any concerns, feedback, or complaints about the use and/or sharing of your Customer Data, we are open to receiving your feedback or complaints.
D. Exercise of Rights
To exercise any of your rights, please contact us at email@example.com.
7. EU DATA SUBJECT RIGHTS:
If you are a resident in the EU, you may have certain rights in relation to the Customer Data we hold about you, which we detail below. Some of these only apply in certain circumstances where GO FIRST is holding authority of the data and legally/contractually allowed as per the local laws as set out in more detail below. We also set out how to exercise those rights.
These rights include:
Please note that we will require you to provide us with proof of identity and address before responding to any requests to exercise your rights. We must respond to a request by you to exercise those rights without undue delay and at least within one (1) month (although this may be extended by a further two (2) months in certain circumstances). To exercise any of your rights, please contact us at firstname.lastname@example.org.
In the event that you wish to make a complaint about how we process your Customer Data, please contact us and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with your data protection authority.
You have the right to know whether we process Customer Data about you, and if we do, to access Customer Data we hold about you and certain information about how we use it and who we share it with. If you require more than one copy of the Customer Data we hold about you, we may charge an administration fee. We may not provide you with certain Customer Data if providing it would interfere with another’s rights (e.g. where providing the Customer Data we hold about you would reveal information about another person) or where another exemption applies.
You have the right to receive a subset of the Customer Data we collect from you in a structured, commonly used, and machine-readable format and a right to request that we transfer such Customer Data to another party. The relevant subset of Customer Data is data that you provide us with your consent or for the purposes of performing our contract with you. If you wish for us to transfer the Customer Data to another party, please ensure you detail that party and note that we can only do so where it is legally, contractually, and technically feasible. We are not responsible for the security of the Customer Data, its transmission, or its processing once received by the third party. We also may not provide you with certain Customer Data if providing it would interfere with another’s rights (e.g. where providing the Customer Data we hold about you would reveal information about another person).
You have the right to correct any Customer Data held about you that is inaccurate. GO FIRST reserves the right to charge a reasonable administrative fee for this service. Please note that whilst we assess whether the Customer Data we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below. To exercise any of your rights, please contact us at email@example.com.
You may request that we erase the Customer Data we hold about you in the following circumstances:
Also, note that you may exercise your right to restrict our processing of the Customer Data whilst we consider your request as described below.
Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure. However, we may retain the Customer Data if there are valid grounds under law for us to do so (e.g., for the defence of legal claims or freedom of expression) but we will let you know if that is the case. Please note that after deleting the Customer Data, we may not be able to provide the same level of servicing to you as we will not be aware of your preferences.
Where you have requested that we erase Customer Data that we have made public and there are grounds for erasure, we will use reasonable steps try to tell others that are displaying the Customer Data or providing links to the Customer Data to erase the Customer Data too. To exercise any of your rights, please contact us at firstname.lastname@example.org
E. Restriction of Processing to Storage Only
You have a right to require us to stop processing the Customer Data we hold about you other than for storage purposes in certain circumstances. Please note, however, that if we stop processing the Customer Data, we may use it again if there are valid grounds under data protection law for us to do so (e.g. for the defence of legal claims or for another’s protection).
You may request we stop processing and just store the Customer Data we hold about you where:
At any time you have the right to object to our processing of Customer Data about you in order to send you promotions, special offers, and marketing messages, including where we build profiles for such purposes and we will stop processing the Customer Data for that purpose.
You also have the right to object to our processing of Customer Data about you and we will consider your request in other circumstances as detailed below by contacting email@example.com referencing: Data Subject Rights.
You may object to where we are processing the Customer Data we hold about you (including where the processing is profiling) on the basis of our legitimate interest and you object to such processing.
Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or if we need to process it in relation to legal claims. Also, note that you may exercise your right to request that we stop processing the Customer Data whilst we make the assessment on an overriding interest. Please refer to the para with the heading “Restriction of Processing to Storage Only” under Section 7.
GO FIRST will retain Customer Data for as long as it is necessary to fulfill the purpose for which it was collected, and for satisfying any legal, business, accounting, or reporting requirements or as required by relevant laws. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
If you withdraw your consent to marketing, we will remove you from our marketing database.
GO FIRST needs your assistance to ensure that your Customer Data is current, complete, and accurate. As such, please inform GO FIRST of changes to your Customer Data by contacting GO FIRST and submitting your updated particulars to GO FIRST in writing (see Section 14). GO FIRST reserves the right to charge a reasonable administrative fee for this service.
GO FIRST will also request Customer Data updates from you from time to time. As detailed above, your booking information or flight itinerary will be disclosed to the appropriate security, customs, and immigration authorities as required by law. As such, it is important to ensure that the Customer Data contained in your booking information or flight itinerary is current, complete, and accurate.
10. SECURITY SAFEGUARDS:
GO FIRST takes the protection of your Customer Data seriously but, unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Customer Data, we cannot guarantee its absolute security and shall not be liable for any breach of security by an outside party, including where unauthorized access, modification, destruction or disclosure of your personal information or data is attributable to any acts of an outside party, or any breach of security, virus and data protection protocols at your end or on the computer/mobile system that you use to access our Website.
11. LINKS TO OTHER WEBSITES:
GO FIRST's Website is not directed at children under the age of 18 and GO FIRST cannot distinguish the age of persons who access and use our Website. If a minor (according to applicable laws) has provided GO FIRST with Customer Data without parental or guardian consent, the parent or guardian should contact GO FIRST (see Section 14) to remove the relevant Customer Data and unsubscribe the minor. If we become aware that Customer Data has been collected from a person under the age of 18 without parental or guardian consent, we will delete this Customer Data and, where that minor has an account, terminate the minor’s account.
14. CONTACT US: