DELTA AIR LINES, INC. PRIVACY POLICY

DATE EFFECTIVE: OCTOBER 2018

1. THIS PRIVACY POLICY

All information described in this Privacy Policy is processed by Delta Air Lines, Inc. ("Delta", "we", "us", or "our") as data controller. This Privacy Policy describes our practices related to the use, storage, and disclosure of personal information we collect from or about you when you interact with us in the course of our providing commercial air travel services, ancillary services, or other services provided by us or by others acting on our behalf, including when you use our website Delta.com ("Website") or our Fly Delta App ("App"). This Privacy Policy also describes our processing of the personal data of individuals representing our business customers and suppliers. 
Delta reserves the right to modify this Privacy Policy at any time and without prior notice. We will post any changes to our Website. This Privacy Policy is not a contract and does not create any contractual rights or obligations.

2. HOW TO 

If you have any questions or comments regarding this Privacy Policy, please contact our Data Protection Officer at Privacy@delta.com or contact our Customer Care center by telephone or post.

3. HOW DOES DELTA COLLECT AND RECEIVE YOUR INFORMATION?

3.1. We collect information from you

We may collect and receive information from you, including when you:

  • use or access our Website or App, such as when you complete the "passenger details" section during the course of a booking, even if you do not complete the booking;
  • register, create, or modify an online or in-app account with us, including your SkyMiles Partnersaccount and Promotional Partners account, communicate with us by email, including when you email us at Privacy@delta.com, telephone, in writing, through our customer services pages, or social media;
    • Our SkyMiles Partners are hotel, car rental, shopping, dining, vacation, and other businesses with whom you can earn, transfer, or redeem miles in the SkyMiles Program or otherwise qualify for discounts or benefits in connection with SkyMiles membership or Medallion Status. Our Promotional Partners are businesses with whom you may be offered a discount or benefit as a result of your transactions with Delta.
  • use any of our services, including when you travel with us, use airports where we operate, or use any facilities, such as Delta Sky Club lounge facilities, within those airports;

  • through cookies and other tracking technologies on our Website and App (see section 6 below); and

  • are associated to a company we do business with

3.2. Automatic access and data collection from our App

Our App may access certain device information and/or components automatically.

3.3. We collect information from other sources

We may receive your personal information from other airlines, and from travel agencies and your company in connection with your travel booking.

We may also receive your personal information from SkyMiles Partners and Promotional Partners in connection with our SkyMiles Program.

Our suppliers and other businesses we deal with provide us personal information of their representatives.

This Privacy Policy applies to information we receive from those other sources, as well as to information we collect from you or generate about you.



4. HOW DELTA USES YOUR DATA

4.1. Information about you and how we use it

This section describes what personal information we collect about you, the purposes for which we use it, and for the purposes of the European Union General Data Protection Regulation, the legal basis pursuant to which we process the information. Please also see section 4.2 regarding information collected through our App, and section 4.6 regarding our use of sensitive types of information.

 

Information we collect

Purposes for which we use it

Why we use it

a.

Information related to a flight booking or purchase of our products or services, whether provided online, over the phone, in person, at an airport kiosk or self-service device, in flight, or otherwise, including:

·      your name and title;

·      your national ID, in certain circumstances;

·      your contact details, such as postal address, telephone numbers, and email address;

·      your flight, luggage, and boarding information;

·      special assistance requests and preferences;

·      your billing and transaction information such as credit/debit card number(s), and related data including  associated billing address, and expiration date(s);

·      emergency contact(s);

·      seating preferences, medical needs, and dietary requests;

·      flight, car, and hotel preferences;

·      travel companions’ personal  information;

·      information about who is meeting or dropping you off;

·      your order for other services, such as cargo, animal services, and inflight services such as upgrades, beverages/food, and goods.

We use this information to:

·      provide you with our flight and other products and services;

·      provide assistance with bookings and seat assignments;

·      confirm your travel arrangements and remind you about incomplete bookings;

·      take your payment and make any refunds;

·      send you service communications, such as notifications of flight schedule changes, and check-in opening;

·      manage and administer our services and business, including performing our record-keeping requirements;

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical);

·      confirm your identity and to prevent fraud;

·      improve our products and services, including through statistical analysis and research for program development;

·      send you marketing communications, offers, and invitations to events, which may be based on our segmentation and modelling of your personal information;

·      provide you with assistance in an emergency, including communicating with your emergency contacts;

·      share it with other airlines for the purposes of your itinerary or re-booking you if there is a travel disruption;

·      share it with our SkyMiles Partners and Promotional Partners for the purpose of their providing services to you;

·      share it with authorized government agencies and as otherwise described in section 7.

·      Share it for luggage security screening to enable you to travel within and between countries.

We use this information because:

·   it is necessary to enter into and perform our contract with you to provide flights or other products or services;

·   we have a legitimate business interest in assisting you with making and managing your bookings with us;

·   we have a legitimate business interest in managing and administering our business and protecting it from fraud;

·   in the case of information relating to your health, and dietary requirements, you have consented to our using it to meet special assistance requests and preferences;

·   in the case of our storage of information related to your credit card (beyond what is necessary to process your payment), you have provided your consent;

·   we have a legitimate business interest in improving and promoting our service and better understanding how customers use it;

·   we have a legitimate business interest in ensuring that our technical systems operate properly;

·   in the case of information that we use to send you marketing communications, we have obtained your consent;

·   we must comply with certain regulatory requirements regarding emergencies and otherwise in relation to operating passenger flights. We also have a legitimate business interest in complying with legal and regulatory  requirements applicable in and outside the European Economic Area (“EEA”);

·   we and third party airlines have a legitimate business interest in making and operating connections between multiple flights and expediting baggage clearance across international borders;

·   we and our SkyMiles PartnersPromotional Partners and other businesses that are providing services that you request have a legitimate business interest in using the information to provide their services;

·      we have a legitimate business interest in protecting against risks to passenger and aircraft;

·      we have a legitimate business interest in streamlining customs clearance processes for our customers.

b.

Passenger identificationinformation, including:

·         Secure Flight Passenger Data, such as your government issued ID, name, date of birth, gender, Known Traveler Number, and Redress Number;

·         Advance Passenger Information such as passport or other travel document number (including machine-readable information), nationality, issue date and location, expiry date, and country of residence;

·         information from the Department of Homeland Security or similar authorities responsible for security in other countries, if traveling from certain airports;

·         biometric information (such as finger, face or iris).

We use this information to:

·         verify and authenticate your identity and undertake security screening to enable you to travel within and between countries, as required by most governments;

·         comply with legal and regulatory requirements;

·         verify and authenticate your identity at check-in, bag check location, security checkpoints, for lounge access, and when boarding the aircraft;

·         maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical);

·         share it with governments and as otherwise described in section 7.

We use this information because:

·   we must comply with certain regulatory requirements for verifying and authenticating your identity.  We also have a legitimate business interest in complying with legal and regulatory  requirements applicable in and outside the EEA;

·   we have a legitimate business interest in ensuring that our technical systems operate properly;

·   it is in the public interest to comply with such requirements which are to protect against risks to passenger and aircraft safety and unlawful cross-border activities;

·   in the case of our storage of information related to your passport data (beyond what is necessary for us to provide your flight), you have provided your consent.

c.

Information related to your membership in our Delta Sky Club, the SkyMiles Program, or activities with our SkyMiles Partners and Promotional Partners, including:

·      your name and contact details;

·      your SkyMiles status;

·      your SkyMiles account number;

·      your transactions and SkyMiles Program activity;

·      your choice of SkyMiles benefits;

·      your flight information;

·      your membership information for SkyMiles Partner and Promotional Partner loyalty programs;

·      your date of birth; and

·      your gender.

We use this information to:

·      provide you with services related to your SkyMiles Program membership and activity with SkyMiles Partners, or Promotional Partners,if applicable, including mileage tracking;

·      tailor our products and services for you, including anticipating your likely preferences based on information concerning your previous travel with us, previous transactions, or communications with us, any of which we may combine with other information we have about you, and which may be based on our segmentation and modelling of your personal information;

·      improve our products and services, including through statistical analysis, segmentation, and research for program development;

·      manage and administer our Delta Sky Clubs or the SkyMiles Program and for our related record-keeping requirements;

·      send you information about our products and services;

·      send you marketing communications, offers, and invitations to events, which may be based on segmentation and modelling of your personal information;

·      recognize your loyalty to the SkyMiles Program;

·      share your information with SkyMiles Partners and Promotional Partners as mentioned in section 7;

·      verify and authenticate your identity; and

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical).

We use this information because:

·   it is necessary to enter into and perform our contract with you relating to SkyMiles Program membership;

·   we have a legitimate business interest in improving our service, personalizing it for our customers, and better understanding how customers use it;

·   we have a legitimate interest in managing and administering our business and protecting it from fraud;

·   we have a legitimate business interest in ensuring that our technical systems operate properly;

·   in the case of information that we use to send you marketing communications, we have obtained your consent;

·   we have a legitimate business interest in promoting and developing our business.

d.

Information related to your preferences and personal and professional interests, and your opinions of our services,including:

·      information about your Internet activity;

·      your survey responses;

·      your responses to our marketing efforts;

·      your demographics;

·      your contact preferences;

·      your experience with our products and services.

We use this information to:

·      provide our products and services to you;

·      tailor our products and services for you based on this information alone and in combination with other information we have about you;

·      improve our products and services, including through statistical analysis and research for program development;

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical):

·      send you marketing communications, offers, and invitations to events, which may be based on segmentation and modelling of your personal information;

·      send you online messages about products and services provided by us or our SkyMiles PartnersPromotional Partners, and other third parties that may be of interest to you.

We use this information because:

·   we have a legitimate business interest in enabling you to manage your preferences and account details;

·   we have a legitimate business interest in improving our service, personalizing it for our customers, and better understanding how customers use it;

·   we have a legitimate business interest in ensuring that our technical systems operate properly;

·   in the case of information that we use to send you marketing communications, we have obtained your consent;

·   we have a legitimate business interest in promoting and developing our business. 

e.

Information from your use of our Website or App, including:

·      your Internet service provider;

·      your browser type;

·      your operating system;

·      pages you access on our Website or App; 

·      the date and time of your access to our Website or App;

·      your device type;

·      the IP address or unique identifier of your device;

·      your location, established from GPS or network based features;

·      feedback you provide to us;

·      your log-in credentials, if you have a SkyMiles or other account with us;

·      your on-line transactions with us.

We use this information to:

·      operate and administer our Website;

·      provide our products and services to you.  In the case of services provided through the App, these will be only the services you have chosen within the App, as further described in section 4.2;

·      improve our products and services, including through statistical analysis and research for program development;

·      send you messages and offers, about products and services provided by us or our SkyMiles Partners, Promotional Partners and other third parties that may be of interest to you, which may be based on your on-line behavior combined with other information we have about you and/or segmentation and modelling of your personal information;

·      tailor products and services for you, based or your browsing history on our Website, and use of the App, and combining this information with other information we have about you;

·      identify issues with our Website and users' experience of it;

·      monitor the way our Website is used;

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical);

·      support your use of location-based tools, such as airport directions and map views, city code search, displaying local Delta Sky Clubs, and locating parking spaces;

·      send you information about services in your location which may be of interest;

·      administer your on-line account, if you have one.  

We use this information because:

·   we have a legitimate business interest in understanding how our Website is accessed, how it is used, any security issues affecting its operation, and any problems users have with it across multiple devices;

·   we have a legitimate business interest in improving our service and better understanding how customers use it;

·   we have a legitimate business interest in providing you with information relevant to your travel with us;

·   we have a legitimate business interest in ensuring that our technical systems operate properly;

·   we have a legitimate business interest in promoting our products and services and those of third parties, and in personalizing the information that our Website or App sends to you about these things;

·   in the case of information that we use to send you marketing communications, we have obtained your consent.

f.

Information from your communications with us and our staff, including:

·      interactions in person on board our flights, or with ground staff;

·      emails, letters, surveys, and telephone calls with our staff including our customer service teams;

·      via social media.

We use this information to:

·      deal with any issues and concerns;

·      provide our products and services to you;

·      personalize our services;

·      manage and administer our services and business and for our record-keeping requirements;

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical);

·      improve our products and services, including through research for program development;

·      send you marketing communications, offers, and invitations to events, which may be based on segmentation and modelling of your personal information;

·      monitor communications for staff training, and quality checking purposes.

We use this information because:

·   it is necessary to enter into and perform our contract with you to provide flights or other products or services;

·   we have a legitimate interest in managing and administering our business and our relationship with you;

·   we have a legitimate business interest in ensuring that our technical systems operate properly;

·   we have a legitimate business interest in improving and developing our products and services;

·   in the case of information that we use to send you marketing communications, we have obtained your consent;

·  we have a legitimate business interest in promoting and developing our business.

g.

Information relating to travel and aircraft emergencies, including:

·      your involvement in medical incidents affecting you and others during your travel with us;

·      professional information about individuals involved in your care;

·      your designated emergency contact.

We use this information to:

·      assist you and your family members if there is an emergency;

·      provide you with your program benefits;

·      provide you with appropriate and timely communications;

·      comply with legal and regulatory requirements;

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical).

We use this information because:

·   we must comply with certain regulatory requirements regarding emergencies;

·   we have a legitimate business interest in ensuring that our technical systems operate properly;

·   we have a legitimate business interest in complying with legal and regulatory requirements applicable in and outside the EEA.

h.

Information we receive about you from other sources, including:

·      from SkyMiles PartnersPromotional Partners, your SkyMiles Program activity and redemptions;

·      from other airlines, your and your fellow travelers' Passenger Name Record containing your names and itineraries;

·      from travel agencies;

·      from your employer;

·      demographic information from public records and third parties;

·      from financial institutions and credit checking agencies.

We use this information to:

·      administer your SkyMiles Program membership and rewards;

·      administer your Delta Sky Club membership;

·      provide you with flights;

·      manage and administer our services and business and for our record-keeping requirements;

·      combine it with other information for statistical research and marketing purposes;

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical);

·      develop and promote our products and services;

·      check for and receive payment approval.

We use this information because:

·   it is necessary to enter into and perform our contract with you to provide flights or relating to your SkyMiles Program membership;

·   we have a legitimate business interest in improving and developing our products and services;

·   we have a legitimate business interest in performing our contract with your employer;

·   we have a legitimate business interest in ensuring that our technical systems operate properly.

i.

Business information of travelers on corporate accounts and of representatives of suppliers and other businesses (including for cargo) we deal with, including:

·      corporate contact, and employer or affiliation (e.g., employer name, title, contact details, and contract information).

We use this information to:

·      conduct our business dealings with our suppliers, customers, and other businesses;

·      tailor our products and services for you based on this information alone and in combination with other information we have about you;

·      administer your company’s SkyBonus program and other corporate travel benefits;

·      send you or your company marketing communications, offers, and invitations to events, which may be based on segmentation and modelling of your personal information;

·      maintain the operational availability and reliability of our IT systems with infrastructure backups and testing (which may use a copy of live data where test data is not practical).

We use this information because:

·   we have a legitimate business interest in performing our contracts with our corporate customers, suppliers and other business;

·   we have a legitimate business interest in developing our business with our corporate customers;

·   in the case of information that we use to send you marketing communications, we have obtained your consent;

·   we have a legitimate business interest in ensuring that our technical systems operate properly.

We only base our use of personal data on our legitimate interests when we consider that our legitimate interest is not overridden by the individual's interests or rights in the data.

Please note that where you have provided your consent to us for processing your information, you can withdraw this at any time as described in section 8.

4.2. Information collected through our App

We use push notification tokens in the App to send notifications to your mobile device with updates for flight times, gate changes, and flight cancellations. The App will activate your camera if you choose to take a picture for a parking reminder, and will store the photo for you to look at later. If you choose, the App can access your device calendar to save itinerary information in your personal schedule. It can also bring up your default e-mail program, so you can send notes and reminders while traveling.

At times, we may promote the App via internet advertising on external websites. If you click on these advertisements and navigate directly to a third party application or other platform, information such as your phone’s device identification number may be sent to the advertising network, so that they and we may track the effectiveness of our advertising. This information might also be used for capping the number of times a specific visitor to a website is shown a particular advertisement, estimating the number of unique users, debugging, or security and fraud detection.

4.3. Legal requirements and professional advice

We may also use your personal information where this is necessary to comply with a reasonable request by a law enforcement or regulatory authority, body, or agency, or in the defense of legal claims.

We may also use your personal information when obtaining legal and other professional advice including for audits. We consider this to be in our legitimate interest in the management of our business.

4.4. What if you do not provide information?

In some cases, we are legally required to collect certain information from you so we can provide the services you have requested, such as Secure Flight Passenger Data or Advance Passenger Information when you make a reservation to fly within, into, or out of the United States, or for point-to-point international travel. Failure to provide this information will mean we cannot provide the service.

In some circumstances we need your information to perform our contract with you or to provide products and services, such as payment details and, on occasion, credit checking information. If you do not provide this information, we may not be able to enter into or perform the contract or provide the products and services.

4.5. Authorization on behalf of another passenger

When you provide information to us about your travel companions (if, for example, you have arranged to make a booking on their behalf), you confirm to us that you have obtained their authorization to provide us their information and their consent to use their information in accordance with this Privacy Policy. If you cannot make these confirmations, you must not provide us with any personal information about these individuals.

4.6. Sensitive Information

We may collect or receive sensitive personal information, such as that relating to health, disabilities, race, ethnicity, political opinions, biometrics, or religion, where permitted by applicable law. For example, we may collect and receive sensitive personal information from you when you:

  • provide such information to us, a travel agent, or another third party involved in your travel arrangements at the time of or following your booking;
  • disclose to us that you have a specific medical condition, will have an accompanying service animal, or request specific medical care or assistance, such as the provision of an accompanying nurse or wheelchair assistance, from us, an airport, or a third party involved in your travel arrangements; or
  • make a request that implies or suggests something about you which could be interpreted as sensitive personal information, such as a request for a specific type of meal that may suggest that you have a certain medical condition or hold a particular religious belief.

By providing any personal information that is or could be sensitive personal information, you agree that you have given us your consent to collect, store, use, and transfer this personal information for the purposes for which it was provided and otherwise in accordance with the terms of this Privacy Policy.

We occasionally receive personal information from law enforcement agencies and other sources relating to criminal activity (or alleged criminal activity) and may use that information where necessary, and where permitted by applicable law, to detect or prevent unlawful activity occurring during air travel. We consider this to be in the substantial public interest.

5. DATA RETENTION

We store your information for as long as legally required or for so long as necessary to support business purposes described in section 4 of this Privacy Policy and consistent with our record retention policies. In general, this storage will be (i) at least for the duration of our relationship, (ii) for as long as you can bring a claim against us and for us to be able to defend ourselves, and (iii) for any period required by tax, aviation, and other applicable laws and regulations.

Our App will store user-provided data for as long as you use the related feature of the App, unless you choose to delete the App. Only information provided for travel clearance, purchases, and related activities will be stored in our operational systems as needed to provide your requested services. As with the Website, if you delete your Delta SkyMiles Account, we will delete the data stored in that account.

6. HOW DELTA USES COOKIES, TAGS, AND SIMILAR TECHNOLOGIES

6.1. Cookies

Delta uses cookies, tags, and other similar technologies. For simplicity, we refer to all these technologies as "cookies". These technologies allow us to recognize your preference information, keep track of your purchases, remember your SkyMiles number, and facilitate effective Website administration. We use the information we collect to enhance your visit to the Website and to provide you with information tailored to your needs.

Your Internet browser(s) will offer you the option to refuse cookies, but doing so may affect your use of some portions of Delta’s and our SkyMiles Partners' and Promotional Partners’ web services. Please refer to your browser options to learn more about cookie management.

Delta has engaged third party tracking and advertising providers to act on Delta's behalf to track and analyze your usage of our Website through the use of cookies, pixel tags / web beacons, and similar technologies. At our request, these third parties collect, and share with us, usage information about visits to our Website, measure and research the effectiveness of our advertisements, track page usage and paths followed during visits through our Website, help us target our Internet banner advertisements on our Website and on other sites, and track use of our Internet banner advertisements and other links from our marketing partners' sites to our Website. To learn about the available mechanisms for opting out of cookies and technologies related to interest-based advertising, see the descriptions and links in the table below.

Our Website and App are not configured to read or respond to “do not track” settings or signals in your browser headings or mobile device settings, which vary by provider. In lieu of a browser- or device-based opt-out solution, we have identified in the table below certain Digital Advertising Alliance and other approved methods for placement of “opt-out” cookies. Our Website and those of our third party advertisers or other vendors are configured to read and honor these opt-out cookies, so long as they are present on your computer or device. If you delete all cookies, you will need to reset your opt-out cookies. Please be aware that Delta does not control these opt-out processes.

6.2. Types of cookies and tags on our Website

We use these kinds of cookies and tags on our Website and App:

Cookie name / provider / type

What these cookies do

These cookies remain

Performance cookies, such as those used for Google Analytics

These cookies collect information on how users use our Website, in order to help us fix technical issues or errors, and highlight areas such as navigation where we can improve our Website. For example, Google Analytics uses cookie identifiers to track the number of visitors to the Website, providing us with the volumes and sources of web page traffic.  This allows us to analyze web traffic patterns and run tests to optimize web pages and visits against key metrics.

The information collected by Google Analytics itself is anonymous, but if you respond to a marketing email, then a random ID is generated for Google Analytics which we can use along with your email address to manually identify you from other information we already hold in your customer profile. We may then use this information to generate potential sales leads or advertising.

You can find more information about how Google Analytics safeguards your data at:

https://www.google.com/intl/en/analytics/privacyoverview.html 

30 days from last visit to our Website or App, respectively

Targeting cookies, such as those used by advertising platforms we may use, such as Facebook or Twitter

We may use other cookies to target and re-target visitors to our Website and App with digital advertising that is most relevant to the user.  These cookies are also used to limit the number of times you see an advertisement or particular content, as well as help measure the effectiveness of an advertising or marketing campaign. Using existing cookies from many sites already on your computer, we partner with third party companies to deliver advertising to specific computers.

For more information about digital advertising visit AdChoices at: https://www.youradchoices.com.

30 days from last visit to our Website or App, respectively

Social media cookies

We allow users to share our Website on social media such as Facebook and Twitter through the use of their cookies. These cookies are not within our control. Please refer to the respective privacy policies of the social media provider for how their cookies work.

n/a

Functionality cookies, such as language preference

These cookies help us customize our Website content based on a user's preferences. They remember the user's choices, their language, the country pages visited, and any changes the user makes to text size or other parts of our Website pages. The information these cookies collect may be anonymized and they cannot track browsing activity on other websites.

30 days from last visit to our Website or App, respectively

Essential cookies, such as jsessionid, xssid, xssidsec, and dlsite

These cookies are essential for parts of our Website or App to operate. They enable users to move around our Website and allow us to recognize a user within our Website or using our App, so that we can provide users with service they asked for, such as remembering the user's sign-in details.

A preference cookie is required to maintain a record of your Do Not Track preferences, so that we may respect them for future visits.

30 days from last visit to our Website or App, respectively

6.3. Website tracking preferences and opt out

To opt out of first party tracking (that is, tracking with cookies placed by Delta) on our Website, you may choose from these options:

  • Click here to opt out of analytics and usage tracking on our Website

  • Click here to opt out of content targeting on our Website

To opt out of third party tracking (that is, tracking with cookies placed by persons other than Delta):

  • Click here to visit the Network Advertising Initiative site to set preferences and opt out of third party targeting programs

  • Click here to opt out of the Google Ad Network (DoubleClick,  AdSense)

  • Click here to opt out of Google Analytics

  • Click here to opt out of Adobe Site Services

EU visitors can find general information and opt-out resources at https://youronlinechoices.eu and US visitors can see https://aboutads.info.

6.4. App tracking preferences and opt out

You may opt out of all information collected via the App by uninstalling it. You may use the standard uninstall, application, and data management processes available through your mobile device. Once you have uninstalled the App, all information that is stored in the App is deleted, including any preferences you previously set for location permissions and whether you have allowed Delta to send you push notifications. Once the App is uninstalled and preferences are deleted, push notifications from the App will stop. You may also refrain from using application features that collect specific types of data. 

You may at any time opt out from allowing the App’s access to your location data by disabling location tracking features as provided in your mobile device settings. If you use our App without disabling location tracking features, you consent to our use of your location data as provided in section 4.1 of this Privacy Policy.

The “limited tracking” or similar advertising-related privacy settings offered by device manufacturers do not change how your device is tracked by Delta.

7. WITH WHOM DOES DELTA SHARE YOUR INFORMATION?

7.1. In general

We do not sell your name or other personal information to third parties, and do not intend to do so in the future.

We may disclose your information we collect or receive:

  • to third parties to process your information on our behalf, or to assist us in providing our services and/or products, such as our customer care center operators and providers of technical services such as data centers; however, Delta requires that third parties comply with Delta’s Privacy Policy when processing your information.

  • to the party providing the service or product when you request or purchase services or products through Delta that are to be provided by another party (for example, a travel segment on another carrier, hotel accommodations, or rental car).

  • to you or those acting on your behalf. Where local regulations require, we may obtain your consent in writing for the purpose of allowing someone else to act on your behalf.

  • to our SkyMiles PartnersPromotional Partners and other Delta group companies for the purposes described in and in accordance with this Privacy Policy.

  • to other airlines, including members of our SkyTeam alliance, for the purpose of servicing your travel, servicing your flight reservation, or rebooking your flight in the event of an unexpected disruption in your travel.

  • to banks, financial firms and payment services for the purposes of processing payments and refunds.

  • to government agencies and authorities, law enforcement officials, law courts, or to third parties: (a) if we believe disclosure is required by applicable law, regulation or legal process (such as pursuant to a subpoena or judicial order); or (b) to protect and defend our rights, or the rights or safety of third parties, including to establish, make, or defend against legal claims.

  • to customs and immigrations authorities, which require by law access to booking and travel itinerary information including "Advanced Passenger Information" (passport and  associated personal information) for all passengers prior to travel.

  • to passengers traveling under the same booking as you.

  • to persons providing services to Delta, including its professional advisers (e.g. auditors, lawyers, and technical consultants).

  • to persons with whom we are discussing selling any part of our business or to whom we sell any part of our business.

We may share with third parties anonymous, aggregated information about all our users.

If your ticket is purchased pursuant to a corporate incentive agreement, we may disclose information concerning your travel to your employer or corporate travel manager.

When you use the App, a unique ID (which varies by device manufacturer and operating system) is read from or associated with your device to be used as an anonymous identifier for analytics and performance purposes. This ID might be generated by or shared with third parties providing us with analytics services, such as Adobe.

7.2. Social Media

You may wish to share information regarding your travel or other activities with Delta on social media platforms provided by third parties. To utilize social media sharing features, you will be prompted to grant permissions within those third-party platforms, as you choose. For example, you will need to allow account login and publishing permissions. If you choose to contact or interact with us on a third-party social media platform, you understand that you are responsible for reviewing and understanding the terms and conditions and privacy policy applicable to the third-party platform. The activity on third-party social media platforms, and the data processed, stored, and provided on them, including data regarding interactions with Delta, is covered by the terms and conditions and privacy policy of those third-party platforms.

7.3. Disclosure of personal information to passengers travelling under the same booking

When you make a booking, you will be provided with a booking reference such as a confirmation number or record locater number. Your booking reference should be kept confidential at all times. Disclosing your booking reference to other passengers may allow them to access your booking details through our systems. If you are travelling with others under the same booking and would not like your individual booking details to be disclosed to them, you may prefer to have each person make and pay for separate bookings.

7.4. Delta Biometrics optional facial recognition technology at participating airports

Our customers at certain participating airports in the United States (currently, Hartsfield-Jackson Atlanta International Airport Terminal F), including customers flying on Aeromexico, Air France-KLM or Virgin Atlantic, will have the option of using facial recognition technology when flying direct to an international destination to:

  • Check-in at the self-service kiosks in the lobby;
  • Drop checked baggage at the counters in the lobby;
  • Serve as identification at the TSA check point;
  • Board the aircraft at the departure gate; and
  • Go through U.S. Customs and Border Protection (CBP) processing when arriving into the U.S. on an international flight.

Any Delta Biometrics experience or biometric test with Delta is optional. If you choose to use facial recognition at a participating airport, your image, once captured, is encrypted and sent to CBP. To protect the security and privacy of your image, no additional information, such as name, document number, or date of birth, is sent with the image. CBP uses your image to verify your identity by comparing your image against images associated with your passport, other travel documents, or prior CBP border inspections, and Delta receives confirmation of your identity from CBP. Delta does not retain your biometric information. If you are a U.S. citizen, CBP deletes your image following verification in accordance with CBP policy. For certain non-U.S. citizens, CBP uses your image as biometric confirmation of departure from the United States. For more information, visit www.CBP.govopens in a new window.

8. CORRECTING OR UPDATING YOUR INFORMATION OR MARKETING PREFERENCES

If you believe that any information we hold about you is incorrect or incomplete, or if you want to change your marketing preferences, you have a number of options:

  • You can log in and visit our SkyMiles Partners and Promotional Partners on our Website if you want to modify your subscription, email or contact preferences.

  • You can withdraw consent you have given us to process your information at any time by opting out in your SkyMiles Profile, or by contacting us by using the Email Us page.

  • You may by using the Email Us page if you have questions about removing your name from our subscription lists.

  • You may call our Customer Care Offices at +1-404-773-0305 if you have any questions about changing your contact preference or require assistance in removing your name from our subscription lists.

  • Assistance in changing contact preferences for those with disabilities is available at +1-404- 209-3434.

We will make reasonable efforts to revise any information that is incorrect, or update or change your information or preferences as we are required to do by applicable law.

Please see section 6 regarding consents to cookies and tracking.

9. YOUR RIGHTS

This section 9 applies only to individuals in the European Union and other countries which grant the rights described here. These rights will apply only in certain circumstances.

9.1. Requesting a copy of your information

To the extent you are legally entitled, you can request confirmation of whether or not we process your personal information, and details of the information that we hold about you and how we use it.

You also have a right to access your personal information and to be provided with a copy.

9.2. Right to rectification of personal data

If you believe that the personal data we hold about you is inaccurate, you may request that we correct it. You may also request us to complete personal data about you which is incomplete.

9.3. Right to restrict processing of personal data

You have the right to request that we restrict processing of your personal information where one of the following applies:

  • You claim that the personal data is not accurate. The restriction will apply until we have taken steps to ensure the accuracy of the personal data.
  • The processing is unlawful, but you do not want us to erase the personal data.
  • We no longer require the personal data for the purposes of processing, but you still need it in connection with a legal claim.
  • You have exercised your right to object to the processing. The restriction will apply until we have taken steps to verify whether we have compelling legitimate grounds to continue processing

9.4. Right to request deletion of personal data ("right to be forgotten")


    You may request the erasure of your personal information in certain circumstances. For example, you may
    request erasure if:

  • The personal information is no longer necessary in relation to the purposes for which it was collected or otherwise processed.

  • You have withdrawn your consent and we have no other legal basis for processing the personal information.

  •  You have exercised your right to object to processing the personal information, and we have no overriding legitimate grounds to continue processing it.

Under certain circumstances, we may refuse a request for erasure, for example, where we need to use the personal data to comply with a legal obligation or to establish, make or defend legal claims.

If you exercise your right to erasure, this will potentially remove records which we hold for your benefit, such as your SkyMiles account information (including miles that may be in your SkyMiles account) and your presence on a marketing suppression list.

9.5. Right to object to processing of personal data

You have a right, at any stage, to object to our using your personal information to send you marketing information.

You also have the right to object to our using your personal information where our reason is based on our legitimate interests. We will have to stop processing until we can establish that we have compelling legitimate grounds which override your interests, rights, and freedoms, or that we need to continue using it for the establishment, exercise, or defense of legal claims.

9.6. Right to data portability

This right applies where:

  • Our reason for using your personal information is either that you have given consent or that the processing is necessary for us to perform a contract with you; and
  • We process the personal information by automated means.

This is a right to receive all the personal information which you have provided to us in a structured, commonly used, and machine-readable format and to transmit this to another controller directly, where this is technically feasible.

9.7. Complaints to regulator

You have a right to complain to a supervisory authority (i.e., a regulator which oversees data protection law compliance), in particular, in the European Union country where you live or work or where you consider we have infringed on your privacy rights.

9.8. Exercising these rights

We may charge you a small administration fee to respond to your request as allowed by applicable law. In general, we do not charge any fee where the right is based on European Union law. (We can charge an administrative fee for extra copies of your information and in certain exceptional circumstances.)

Where we receive a request to exercise one of these rights, we will provide information on the action we take on the request without undue delay and in any event within one month of receipt of the request. This time may be extended by a further two months in certain circumstances, for example, where requests are complex or numerous.

Where we do not carry out your request, we will tell you without delay and in any event within one month of receipt of the request, and we will explain our reasons for not taking the action requested.

Any request you make must be in writing and include your name and address and any other information that may identify you, such as where your request relates to a travel booking, please provide your booking reference (e.g., confirmation number or record locater number), SkyMiles Account number if you have one, the dates on which the travel took place, and any other relevant information that will assist us to identify your booking. You must also provide a photocopy of your passport or driver’s license so we can verify your identity. Please send your written requests to:

Data Protection Officer
1030 Delta Blvd
Department 981
Atlanta, GA 30354, USA

Or, you can submit this request to our Data Protection Officer by emailing us at Privacy@delta.com.

10. MINORS

Other than information required to complete a booking, Delta does not knowingly collect personal identifiable information from children under the age of 13. If a child under 13 has provided us with personal information without parental or guardian consent, the parent or guardian may by emailing us at Privacy@delta.com. We will remove the information and unsubscribe the child from any of our electronic marketing lists. Where required by applicable law, we may ask children for consent from their parents or guardians before we book their flight or provide a product or service to them.

11. LINKS

Our Website contains links to other sites. We are not responsible for the content or privacy practices of those sites, and Delta’s Privacy Policy does not apply to information collected from you by those sites. We encourage you to read the privacy statements of each site that collects information from you. When you are leaving our Website via a link to interact with a site that is not governed by our Privacy Policy, a new browser window will open.

12. SECURITY

Information Security is important to Delta. We have established appropriate physical, electronic, and managerial safeguards to protect the information we collect in accordance with our Privacy Policy. These safeguards are regularly reviewed to protect against unauthorized access, disclosure, and improper use of your information, and to maintain the accuracy and integrity of that data.

13. PROMOTIONAL PARTNERS

We want to give you more opportunities to earn miles in the Delta SkyMiles Program. One of the ways we do this is by sharing your information with Promotional Partners. Typically, these promotional offerings are limited in quantity and geographic reach and targeted to specific demographic audiences. If you fall within the audience a Promotional Partner is trying to reach, and (where required under applicable law) you have consented to receive information about their services, you may receive a promotional e-mail or direct mail. Although we select our partners with care, these partners have their own privacy policies that apply to the way they use your personal data.

If you do not want us to share your information with one of these partners, you can always opt out by contacting us by using the Email Us page or by calling the SkyMiles Service Center at +1-800-323- 2323.

14. DATA TRANSFERS

Delta is based in Atlanta, Georgia, USA and we may transfer personal information in compliance with applicable law to the US and other jurisdictions where Delta provides services.

For EU Residents: Some of the countries where Delta provides services may not have the equivalent level of data protection laws as those in your location. If we need to transfer personal data outside the EEA, we will take steps to make sure your personal data is protected and safeguarded once it leaves the EEA. In particular, we require third parties to whom we transfer your data to agree to abide by the Model Clauses approved by the European Commission and permitted under Article 46 of the European Union General Data Protection Regulation ("GDPR"). If you would like to obtain the details of such safeguards, you can request them from the Data Protection Officer at Privacy@delta.com. In some limited circumstances, we may also transfer your information outside the EEA if the GDPR (under Article 49) allows this. This includes where it is necessary for the performance of a contract between us and you and where the transfer is necessary in connection with legal proceedings.

Frequently Asked GDPR Questions