Privacy Notice
6 February 2025
Introduction
Thai Airways International Public Company Limited ("THAI"), which includes its subsidiary companies, consisting of Thai Smile Airways Co., Ltd., Thai Flight Training Co., Ltd., Thai-Amadeus Southeast Asia Co., Ltd., Tour Euang Luang Co., Ltd. and WingSpan Services Co., Ltd. aims at provision of services with quality to meet your expectations. THAI places great importance on protecting your personal data and complying with relevant laws and regulations. This Privacy Notice has been prepared to inform you about how we protect your personal data and your rights as the Data Subjects.
THAI as the “Data Controller” has the authority to determine the collection, use, or disclosure of personal data in compliance with the Personal Data Protection Act B.E.2562 (2019) (PDPA) (“the Act”), the General Data Protection Regulation of the European Union (GDPR) and other related laws (“The Applicable Privacy Laws”)
THAI hereby informs you as the Data Subject who may be: (1) the person who has contacted THAI, whether he/she is a current, former, or potential future customer of THAI; (2) employee, personnel, staff, representative, shareholder, director/ business rehabilitation plan administrator, contact person, agent or person associated with juristic person or natural person under (1) above, or groups of persons who have contacted THAI, whether they are current, former, or potential future customers of THAI; (3) employee, personnel, staff, former employee, outsourcing worker, student intern, job applicant, including shareholder, director/rehabilitation plan administrator of THAI and the Proxy of the shareholder including any person authorized to act on behalf of person under (3) above or; (4) creditor or former shareholder under THAI rehabilitation plan prior to capital restructuring according to the business rehabilitation plan or the nominated person for consideration to be elected as director of THAI (refer to as “you”), of how we protect your personal data obtained or may obtain from the business operation and the provision of services through various channel e.g. website, telephone, electronic channel, application, social media or other sources, to ensure that THAI will protect your personal data and will collect, use, or disclose your personal data only when it is necessary, lawful, and appropriate. Additionally, we inform you of the rights you may have as the Data Subject as detailed in this Privacy Notice.
1. The Personal Data that THAI Collects, Uses, or Discloses.
1.1 The Data that Identify the Data Subject Directly or Indirectly. THAI may collect your personal data through various channels, such as collecting directly from you (e.g., when you use our services, contact us, sign documents or contracts, fill out forms, including communication through our online platforms, via our website, email, phone, during meetings and events), or we may collect from other sources (e.g., juristic persons or our business partners, or those you represent, work for, or act on behalf of, subsidiaries or third parties who know you, recruitment agency, government agency, state agency, supervisory agency, or publicly available sources, such as websites and public organizational databases).
(1) Personal Data consisting of name, last name, sex, date of birth, age, nationality, contact details, or data in various documents, e.g., certificate of business registration, identification cards, passports or documents used in lieu of passports, state official identification card, or government organization employee card, residential cards, alien cards, work permits, social security cards, driving licenses, car registration books, house registration, signature, taxpayer identification number, data concerning a family member, facial photo, educational background, work history, and Curriculum Vitae, occupation, or status.
(2) Contact Details consisting of current address, address as appeared on the house registration, address for delivery of documents/postal address, email address, telephone number, mobile phone number, fax number, name or account for application through digital channels e.g., Line, Google, Facebook, YouTube, Instagram, or Twitter, and contact information provided to THAI.
(3) Information relating to shareholding status and exercise of rights as a shareholder consisting of share certificate, details of shareholders (e.g., number of shares, proportion of share held, and type of share held), exercise of vote cast in the shareholders' meeting and/or details in the Proxy form
(4) Financial and Transaction Information consisting of bank account number, credit card number, debit card number, type of credit or debit card, information from the analysis of personal data, payment information, or other information about the use or application for the use of the service with THAI.
(5) Contact Information consisting of information received through contact, communication, participation in meeting with THAI in any form, such as in-person meeting, branch offices, telephone, electronic or digital channels, social media, information from CCTV, and off-site service which may appear or be recorded in written form, voice, or video record, transaction record, photograph, or motion pictures.
(6) Information Technology Technical Data consisting of computer serial number or internet protocol (IP address), Media Access Control (MAC), serial number or identifier assigned to the equipment connected to the network (MAC Address), Transaction Log, device ID, application connecting channel (API), Cookies, type and version of plug-Ins, browser, operating system and platform, mobile internet or network, device setting information and other technical data from the use of platform, application and operating system of THAI.
(7) Usage Information consisting of username or code for the service, password, searching information, browsing history, viewing history, menu accessed, time period for using the website, platform, application, favorite menu, question & answer, log file, communication and suggestion to THAI.
(8) Behavioral Information consisting of information about personal interest and service usage behavior.
(9) Work Information consisting of start date, years of experience, department, years of service, job position, job bibliography, job certification and reference, personnel ID, salary/wages and benefits, salary adjustment history, working record and disciplinary record, date of termination, type of termination, time in-out record, leave of absence history, bank details, emergency contact details, life insurance beneficiaries details (if any), educational background and reports, training and development information, photo, work history, other non-financial benefits, insurance details, family information, meeting records and opinions.
(10) Medical Record consisting of illness information, medical conditions record.
(11) Scorings and Testing Results.
1.2 Sensitive Personal Data where THAI shall obtain your consent prior to the collection consisting of biometric data (e.g. facial recognition, finger scan, retinas and voice recognition data), religion, race, personal data relating to criminal records, health, or any other information as may be published by the Personal Data Protection Committee, unless there is a legal basis under the Applicable Privacy Laws that allow THAI to collect personal data without your consent.
If you provide us with personal data about other individuals, such as contact persons, family members, directors, shareholders, representatives, or other persons with managerial authority in your organization, or if you request us to disclose such personal data to third parties, you are responsible for informing those individuals about the details of this Privacy Notice and obtaining their consent (if required) or relying on other legal bases instead of consent. In addition, you must ensure that we can legally collect, use, or disclose the personal data of those individuals as specified in this Privacy Notice.
If THAI collects, uses, and/or discloses personal data of minors, incompetent persons, and quasi-incompetent persons, THAI will collect personal data of minors, quasi-incompetent persons, and incompetent persons only if the consent of parents, guardians, or curators of such persons have been obtained, or if we can rely on other legal bases as permitted by law. If THAI becomes aware that personal data has been unintentionally collected from individuals under the age of 20 without the guardian's or parental consent where required by law, or personal data has been collected from quasi-incompetent and incompetent persons without the consent of their curators, we will protect such personal data in accordance with the law, or collect, use, and/or disclose such data only when we can rely on other legal exceptions as applicable.
In some cases, the provision of personal data is necessary for the legal obligation or performance of a contract or necessary for entering into the contract or for providing personal data for consideration and/or appointment to a position within THAI. Therefore, If you do not provide such information, this may result in THAI being unable to comply with the legal or contractual obligation that THAI has with you, or it may prevent THAI from considering your nomination or for consideration and/or appointment to a position within THAI.
(2) Contact Details consisting of current address, address as appeared on the house registration, address for delivery of documents/postal address, email address, telephone number, mobile phone number, fax number, name or account for application through digital channels e.g., Line, Google, Facebook, YouTube, Instagram, or Twitter, and contact information provided to THAI.
(3) Information relating to shareholding status and exercise of rights as a shareholder consisting of share certificate, details of shareholders (e.g., number of shares, proportion of share held, and type of share held), exercise of vote cast in the shareholders' meeting and/or details in the Proxy form
(4) Financial and Transaction Information consisting of bank account number, credit card number, debit card number, type of credit or debit card, information from the analysis of personal data, payment information, or other information about the use or application for the use of the service with THAI.
(5) Contact Information consisting of information received through contact, communication, participation in meeting with THAI in any form, such as in-person meeting, branch offices, telephone, electronic or digital channels, social media, information from CCTV, and off-site service which may appear or be recorded in written form, voice, or video record, transaction record, photograph, or motion pictures.
(6) Information Technology Technical Data consisting of computer serial number or internet protocol (IP address), Media Access Control (MAC), serial number or identifier assigned to the equipment connected to the network (MAC Address), Transaction Log, device ID, application connecting channel (API), Cookies, type and version of plug-Ins, browser, operating system and platform, mobile internet or network, device setting information and other technical data from the use of platform, application and operating system of THAI.
(7) Usage Information consisting of username or code for the service, password, searching information, browsing history, viewing history, menu accessed, time period for using the website, platform, application, favorite menu, question & answer, log file, communication and suggestion to THAI.
(8) Behavioral Information consisting of information about personal interest and service usage behavior.
(9) Work Information consisting of start date, years of experience, department, years of service, job position, job bibliography, job certification and reference, personnel ID, salary/wages and benefits, salary adjustment history, working record and disciplinary record, date of termination, type of termination, time in-out record, leave of absence history, bank details, emergency contact details, life insurance beneficiaries details (if any), educational background and reports, training and development information, photo, work history, other non-financial benefits, insurance details, family information, meeting records and opinions.
(10) Medical Record consisting of illness information, medical conditions record.
(11) Scorings and Testing Results.
1.2 Sensitive Personal Data where THAI shall obtain your consent prior to the collection consisting of biometric data (e.g. facial recognition, finger scan, retinas and voice recognition data), religion, race, personal data relating to criminal records, health, or any other information as may be published by the Personal Data Protection Committee, unless there is a legal basis under the Applicable Privacy Laws that allow THAI to collect personal data without your consent.
If you provide us with personal data about other individuals, such as contact persons, family members, directors, shareholders, representatives, or other persons with managerial authority in your organization, or if you request us to disclose such personal data to third parties, you are responsible for informing those individuals about the details of this Privacy Notice and obtaining their consent (if required) or relying on other legal bases instead of consent. In addition, you must ensure that we can legally collect, use, or disclose the personal data of those individuals as specified in this Privacy Notice.
If THAI collects, uses, and/or discloses personal data of minors, incompetent persons, and quasi-incompetent persons, THAI will collect personal data of minors, quasi-incompetent persons, and incompetent persons only if the consent of parents, guardians, or curators of such persons have been obtained, or if we can rely on other legal bases as permitted by law. If THAI becomes aware that personal data has been unintentionally collected from individuals under the age of 20 without the guardian's or parental consent where required by law, or personal data has been collected from quasi-incompetent and incompetent persons without the consent of their curators, we will protect such personal data in accordance with the law, or collect, use, and/or disclose such data only when we can rely on other legal exceptions as applicable.
In some cases, the provision of personal data is necessary for the legal obligation or performance of a contract or necessary for entering into the contract or for providing personal data for consideration and/or appointment to a position within THAI. Therefore, If you do not provide such information, this may result in THAI being unable to comply with the legal or contractual obligation that THAI has with you, or it may prevent THAI from considering your nomination or for consideration and/or appointment to a position within THAI.
2. Purposes for Which Your Personal Data are Collected, Used or Disclosed.
THAI will proceed to collect, use, or disclose your personal data according to the conditions described by laws; namely (1) contractual basis, for THAI’s initial or fulfillment of a contract or request made by you to THAI (2) legal obligation imposed on THAI as required by the law (3) legitimate interest of THAI or other persons or juristic persons (4) vital interest of persons (5) necessary for a public interest, public task or the exercise of the right by the public sector or (6) your consent in case the collection, use, or disclosure that are outside the scope as described in (1) to (5) above, for any of the following purposes;
2.1 to contact, communicate or provide information about the products or services that you use or will use;
2.2 to fulfill your request or contract that you have with THAI or associated with the request or contract that you made with THAI, for example, delivery of document, demand for debt payment, subscription and allocation of shares, verification of type and amount of debt obligations under THAI rehabilitation plan for debt conversion into capital, verification of the number of common shares that you are obligated, entitled, or may exercise from debt conversion into capital under THAI rehabilitation plan including to comply with the contracts that we have with third parties which are necessary and related to the provision of a service to you;
2.3 to manage relations between you and THAI, and to prepare detailed or historical records of services provided to you for provision of services to you in the future;
2.4 to manage information of corporate customers in which your personal data may be involved;
2.5 to comply with laws, rules, and regulations;
2.6 to perform any acts as the supervisory authorities may describe, request or recommend to comply;
2.7 to manage and administrate THAI’s internal businesses, e.g. compliance, improvement, or internal audit including compliance with THAI regulations or requirements;
2.8 to manage or administrate all risks e.g.
(1) to prevent, handle, or minimize risks arising from illegal acts that may occur to you, the customers, THAI’s personnel, and THAI by using the data for improvement of the security system through various service channels, working systems, and safety and security systems for information technology operation of THAI;
(2) for security purposes, e.g. photo recording of the person contacting or involving in a transaction with THAI via CCTV and the exchange of identification card when accessing the building for security reasons within THAI areas;
(3) to disclose and transfer your personal data to third parties as part of a business transaction such as sale, transfer, merger & acquisition, organizational restructuring, implementation of THAI Rehabilitation Plan or similar transactions;
2.9 to procure and offer products, services, and alternatives of services to you, including communication, notice and warning, delivery or offer of privilege, benefits, awards or information about products or services of THAI, the companies in THAI group or business alliances which may be of interest to you, or for sale promotion or lucky draw activity;
2.10 to authenticate and verify the identity, and examine the use of services or transactions according to your orders;
2.11 to manage all complaints e.g. the investigation on the use of the services or transmission of data within or between THAI and third parties, the process of accepting your complaints, compensation or use of information for improving such services;
2.12 for statistical analysis or research in connection with business operation of THAI and its subsidiaries;
2.13 for strategic purposes, protecting interest or evaluation of the business result or services of THAI;
2.14 for evaluation, development, and improvement of products or services or for execution of the rights by THAI;
2.15 for marketing promotion project or activity, meeting, seminar, entertainment or site visit;
2.16 for storage of data on cloud service (Cloud Storage) and other systems used for storing data;
2.17 for the performance of the contract to which THAI is the contracting party or for enforcement of the rights under the law or contracts binding THAI;
2.18 for connecting or facilitating the use of the website, application, and platform of THAI or other persons;
2.19 for application for a job or employment, recording of working hours, payment of remuneration and other benefits, performance evaluation, audit, and record of the use of information technology services, operation management, disciplinary action, learning, and self-development;
2.20 for occupational health and safety purposes, severance pay, and insurance claims;
2.21 for the submission of the meeting agenda, and schedule of the meeting, registration, meeting attendance, counting of votes, meeting management, meeting minutes, questions and comments, dissemination of meeting minutes in written, visual, audio and/or video formats;
2.22 for use of data and photographs for THAI internal and external communications
2.23 for specific purposes related to criminal records in collecting personal data relating to criminal records, such as:
(1) for the purpose of verifying and assessing qualifications, checking prohibited characteristics, and characteristics indicating fitness to be entrusted with the management of THAI’s affairs, and considering the suitability for holding a position, including granting permission, endorsement, certification, approval, and providing opinions in the consideration of election or appointment, to enable THAI to select appropriate individuals to hold positions of THAI and perform their duties efficiently in compliance with laws and orders of authorized officials;
(2) for the purpose of allowing THAI to collect, retain, use, and/or disclose criminal record for more than six months from the date the related activities are completed, for the purposes and to the extent necessary for the collection, use, and/or disclosure of personal data, for the necessary management of THAI.
The collection, use, or disclosure of your personal data including the cross-border transfer thereof shall be performed in accordance with the above principles.
3. Persons or organizations who the data may be disclosed to
THAI may be required to disclose your personal data to other persons or organizations within or outside the country in order to fulfill the purposes under this notice as follows:
3.1 Subsidiary Companies consisting of Thai Smile Airways Co., Ltd., Thai Flight Training Co., Ltd., Thai-Amadeus Southeast Asia Co., Ltd., Tour Euang Luang Co., Ltd., and WingSpan Services Co., Ltd.
3.2 Business Alliances for example, business alliance in air transport, tourism, hotel, car rent, marketing, financial institution, insurance or life assurance or any persons involving the promotion or loyalty program, data analysis, joint platform service provider, or person whose name or trademark appears on the contract, website, or other service channels of THAI.
3.3 Persons Involving in the Services of THAI for example, other airlines, business partners, ground handling agents providing check-in and baggage services, cargo accepting and delivery services, call centers, person who performs as intermediary in transactions for THAI, joint provider with THAI, outsourcing service provider, contractor or seller of goods or service to THAI or domestic and international agent of THAI for when THAI is a contracting party, for example, infrastructure development provider, technical infrastructure developer, electronic or information technology system developer, logistics and cargo terminal service provider, cloud computing service provider, data analysis provider and event and activity organizers.
3.4 Person or Organization as Described by Laws THAI may be required to disclose your personal data in order to comply with laws, rules, regulations or orders of the government agency, state agency, supervisory agency or in case THAI believes that the disclosure is necessary for complying with laws to protect the right of THAI or other persons, for the safety of a person, to protect, investigate, or manage fraud, security or safety in various areas, for example, tax authority, fund administrator, social security authority, or financial institution. THAI may be required to disclose the personal data to the Royal Thai Police, the Office of the Securities and Exchange Commission, or other relevant agencies involved in the collection of personal data relating to criminal records, for verifying qualifications and for checking characteristics indicating fitness to be entrusted with the management of THAI’s affairs as required by law.
3.5 Advisors of THAI, for example, legal, financial, technical experts and auditors.
3.6 Right and Obligation Assignee or Novation Assignee, including the person involved in company restructuring, business assignment, investment, merger and acquisition, purchase or sale of properties, shares or businesses by a person involving in such activities, shall be in accordance with this notice.
3.7 Other Related Persons, for example, beneficiary, person authorized to act on behalf of another, or guarantor.
3.8 Association, Organization, Club and Other Bodies, for example, Thai Airways Employee Saving Cooperation, Thai Airways Employee Club.
3.9 Websites and Other Social Media, for example, THAI Websites, Facebook, Google, or Instagram
THAI shall inform the person or organization whom the data has been disclosed to comply with THAI’s policy and laws for the security of your data. THAI shall allow the use of your personal data for the intended purposes and according to instruction of THAI only.
4. Storage of Your Personal Data and Duration.
4.1 Storage of Your Personal Data
THAI has established security measures to protect your personal data both in document and electronic form to prevent loss, unauthorized access, use, alteration, modification, or disclosure of personal data without rights or unlawfully.
4.2 Duration for Storage Your Personal Data
THAI will collect your personal data for the purposes specified in this notice, as required by laws, and for a maximum of 10 years from the date you end your relationship with THAI, except when it is otherwise necessary by laws or such personal data are unable to be erased or destroyed due to the technical limitation.
For the personal data relating to criminal records, THAI may collect, retain, use, and/or disclose criminal record for more than six months from the date the related activities are completed, for the purposes and to the extent necessary for the collection, use, and/or disclosure of personal data.
5. International Transfer of Your Personal Data.
In case THAI is required to transfer your personal data to other persons or juristic persons in other countries, for example, your contracting party or THAI’s contracting party, THAI’s representatives, THAI’s overseas branches, the subsidiary companies, international agencies or organizations, and data protection measures in the destination country may not be equivalent to those required by laws. THAI will take appropriate measures to ensure that your personal data is transferred safely
Personal data may be shared to individuals involved in providing services on behalf of THAI for the purposes identified above. In this case, we use additional safeguards to protect your personal data such as the “Data Processing and Transfer Agreement” and “Standard Contractual Clauses” for transferring personal data to the business operator outside the EU/EEA or Thailand (as the case may be). We process your data mainly within the Kingdom of Thailand and the EU. If you use services that involve data transfer to other countries which may have data protection measures equivalent to or different from those in the Kingdom of Thailand or the EU, such as international flight connections, we will transfer your data to those countries. In this respect, please refer to the general privacy policy of the International Air Transport Association (IATA) https://www.iatatravelcentre.com/privacy.htm
When you are an individual in the EU and processing your personal data falls under GDPR, in some cases when we transfer your data to destinations countries outside the EU or EEA, we will use additional safeguards to protect your personal data according to the “Standard Contractual Clauses” as stipulated by Applicable Privacy Laws and endorsed by the European Commission. A copy of the clauses can be provided for your review upon request to the contact details provided in section 10.
6. Website System used for collecting the Data.
When accessing the website system of THAI, THAI will automatically collect certain data from your usage for the purposes detailed in this notice, for example, THAI will use the data recorded or collected by cookies and similar technologies for statistical analysis or other activities related to the website system or business of THAI. This helps THAI provide you with a better website experience, including the improvement of efficiency and quality of THAI’s website services.
7. What rights do you have?
As the data subject, you may exercise the following rights;
7.1 Right of Access and Request a Copy
You have a right to access and obtain a copy of your personal data which is under our responsibility, or to request THAI to disclose the acquisition of such personal data that you did not consent to.
7.2 Right of Data Portability
You have a right to obtain personal data we hold about you, where we rely on consent basis or necessary for the performance of the contract basis, by a request you have made to THAI, or as announced by the Personal Data Protection Committee. If THAI has made such personal data available in a readable format that can be used generally by automated tools or devices and can be used or disclosed by automated means, you also have the right to: (1) request THAI to send or transfer such personal data to another data controller when it can be done by automated means; and (2) receive the personal data that THAI has sent or transferred in such format directly to another data controller, unless it is technically unfeasible.
7.3 Right to Object
You have a right to raise an objection to the collection, use or disclosure of your personal data by THAI in the following cases: (1) THAI collects your personal data due to the necessity of performing a task for THAI’s public interest, the exercise of right by the government sector, or for the legitimate interest of THAI, other persons or juristic persons; (2) THAI collects, uses, or discloses your personal data for the purpose of direct marketing; or (3) THAI collects, uses, or discloses your personal data for the purposes of scientific, historical or statistical research, unless it is necessary for THAI to perform a task for the public interest.
7.4 Right to Erasure or Destroy Personal Data
You have a right to request THAI to erase, destroy, or anonymize your personal data in the following cases: (1) your personal data is no longer necessary for the purposes for which it was collected; (2) you withdraw your consent and THAI has no other legal grounds to continue collecting, using, or disclosing such personal data; (3) you object to the collection, use, or disclose of your personal data collected by THAI due to the necessity of performing a task for the public interest of THAI, the exercise of the right by the public authority, or for the legitimate interest of THAI, other persons or juristic persons, and THAI has no overriding legitimate grounds to refuse such objection; (4) you object to the collection, use, or disclosure of personal data for direct marketing purposes; or (5) your personal data are unlawfully collected, used or disclosed, except when it is necessary for THAI to collect your personal data for compliance with legal obligations or for the establishment, exercise, or defense of legal claims or the use or protection of the right of THAI.
7.5 Right to Restriction
You have the right to restrict the use of your personal data in the following cases: (1) THAI is in the process of verifying your request for accuracy of your personal data and to ensure it is up-to-date; (2) THAI unlawfully collects, uses, or discloses your personal data; (3) THAI no longer needs to collect, use, or disclose the personal data for any purposes, but you wish THAI to retain your personal data for your benefits according to the laws; or (4) you wish THAI to suspend he use of your personal data pending investigation or verification of your objection to your personal data.
7.6 Right to Rectification
You have the right to request THAI to rectify your personal data to be accurate, complete and not misleading.
7.7 Right to Withdrawal of Your Consent
Where you have consented to the collection, use, or disclosure of your personal data, you have the right to withdraw your consent to THAI at any time. Withdrawal of consent may cause inconvenience for you or you may not receive special offers/services related to such personal data for which you have withdrawn consent.
7.8 Right to Cancellation of Your Consent
You have the right to cancel your consent for personal data that THAI has collected before the Act came into force by submitting a request to withdraw consent to THAI’s department where you are or have been receiving the services.
7.9 Right to Complaint
You have the right to lodge your complaint to the relevant agencies or authorities if THAI or a data processor, including THAI’s employee or contractor, violates or fails to comply with personal data protection laws.
If you wish to exercise any of the rights mentioned in sections 7.1 to 7.8 above, you can contact the THAI’s officer to submit a request to exercise those rights (as detailed in section 10). Once THAI receives your request, it will consider your request according to the criteria and conditions prescribed by law and will complete the request and notify you of the decision and actions within 30 days from the date THAI receives the request and the accompanying documents are complete.
Exercising your personal data rights may result in you being unable to receive certain services from THAI while THAI considers or processes your request.
THAI will not charge you any fees for exercising these rights. However, if THAI deems that your request to exercise your rights is excessive or without reasonable grounds, THAI may charge a fee for processing your request as permitted by law.
You can exercise your personal data rights from the date the Act comes into force.
If you wish to exercise the rights you can fill out the form here.
8. Additional requirements of local laws
This Privacy Notice complies with the requirements of the Act. In some countries, there may be local laws that impose additional or different requirements from the Act. In such cases, THAI may issue local announcements or policies which supplement or amend this Privacy Notice from time to time to fully comply with such laws.
9. Changes to this privacy notice
THAI may update this Privacy Notice from time to time as appropriate. THAI will inform you through our websites and applications, and it is recommended that you read and review the details in the new privacy notice whenever such changes are updated.
10. How can you contact us?
If you have any concerns about how we process your personal data or would like to exercise your rights according to this Privacy Notice, you can send your request to;
Data Protection Officer or Privacy Office
Thai Airways International Public Company Limited
89 Vibhavadi Rangsit Road, Bangkok 10900, Thailand
Email: privacy@thaiairways.com
THAI has appointed EU representative for the purposes of the GDPR. If you are in EU and would like to contact us, you can also send your request to;
Thai Airways International Public Company Limited
ZEIL 127
60313 Frankfurt
Germany
Email: EU.Representative@thaiairways.com
Subscribe To Our Newsletter