version April 2025
In this privacy statement, we explain how we collect and use your personal data. This privacy statement applies to all personal data that Transavia processes when customers use our website and our mobile apps, book a flight or contact us. We process your personal data primarily to handle your bookings, arrange your trips and purchases, and answer your questions. We may also use your data to send you offers that match your interests and preferences.
In this privacy statement, we provide more information about the personal data we collect and use, and we explain what your rights are. Please click on the relevant paragraph below for more information.
We are Transavia Airlines C.V. (also known as Transavia), a Dutch airline, and Transavia France S.A.S. (also known as Transavia France), a French airline. Wherever we use the terms ‘we’ or ‘Transavia’ in this privacy statement, we mean each individual airline unless indicated otherwise. Both airlines are individually responsible for the collection and use of personal data described in this privacy statement.
Transavia is part of the Air France-KLM Group. Visit our corporate website for more information.
Air France-KLM Group
• Koninklijke Luchtvaart Maatschappij NV (also known as KLM Royal Dutch Airlines or KLM), is a Dutch airline that has its registered office at Amsterdamseweg 55, 1182 GP in Amstelveen, the Netherlands.
• Société Air France S.A. (also known as Air France) is a company established in France having its registered office at 45 Rue de Paris, Tremblay-en-France 95747, Roissy CDG Cedex.
You can find their privacy statement on the website of KLM and Air France.
• KLM and Air France offer the Flying Blue loyalty programme. For the purposes of processing your personal data connected to the Flying Blue programme, Transavia only processes your email address, Flying Blue number and amount of Flying Blue Miles to enable you to save Miles and spend them on Transavia products.
• Transavia Airlines C.V. exchanges personal data with KLM of passengers who have been (seriously) unruly. For more information, see sections 2.1(k), 3(e), 4.1(f) and 5.3.
We may collect and use the following categories of personal data:
a. Name, passport details and other identifying data
When you make a reservation or book a flight with us, we collect your name, title, gender and date of birth. We might also collect your nationality, country of residence and passport details. If you make a reservation or book a flight for other people, we also collect their identifying data. Please make sure that they understand that we collect their personal data and how we use it.
b. Your contact details and your personal account or registration details
We may collect your address, telephone number and email address. If you register for a service, event, contest or campaign or create a personal account, we may also record your login details and other information you provide during registration or when completing the account form.
c. Information about your reservations, bookings and purchases
When you make a reservation or book a flight with us, we collect and use your reservation and booking details. Those details may include information about your flight, prices and the date of your reservation or booking. In addition, we collect and use information on additional services (such as seats and luggage) and products you purchase from us.
d. Information related to your trip
When you travel with us, we collect and use information about your trip, such as your itinerary, online or airport check-in, mobile or hard copy boarding pass, and information about your travelling companions.
We may also record your specific medical needs and any additional assistance you require. If biometric boarding is applicable, we usually receive a confirmation from the external party that facilitates biometric boarding (such as facial recognition) that your identity has been verified. Unless indicated otherwise, we do not receive any identifiers about you (such as facial images) other than the personal data we already have at our disposal (such as passport details). For more information on the collection and use of your personal data in the context of biometric boarding, please check the privacy statement of the organisation that facilitates the biometric boarding.
We may also be statutorily required to carry out health checks or collect your health data for public health purposes prior to boarding or disembarking.
e. Information about your payment
When you pay for a flight or buy a product on board, we process your payment details. These include the payment method used and the date on which you paid.
f. Your Flying Blue programme membership
Whenever you 'earn' or 'spend' Flying Blue Miles on a Transavia product, we process your email address, membership number and the miles.
g. Our communication with you
When you send us an email or chat with us online or via social media, we register your messages. If you call us, our Service Centre registers your questions or complaints in our database. We may also record telephone calls for training purposes or to prevent or combat fraud. We register your communication preferences. For example, when you subscribe to one of our newsletters through channels other than email (such as WhatsApp or Facebook Messenger).
h. Information we collect when you use our websites, mobile apps or other digital services
• When you visit our websites, use our mobile apps or any other digital service, we may register your IP address, browser type, operating system, referring website, web browsing behaviour and app use. We collect this information through cookies and similar technologies. We may add the information we collect through cookies and similar technologies to other information we already have about you. For example, regarding your current or past booking/bookings, to personalise our website and make it more relevant for you. You can find more information in our cookie policy.
• We use Google services, such as Google Analytics (including Google Signals) and Google Enhanced Conversion. Google’s website explains how Google uses the data from sites and apps that use Google’s services. Our cookie policy also explains which Google services we use.
• We receive an automatic notification when you open our emails or click on a link in such emails in DeployTeq. We may combine this information with other data we already have about you.
• With your consent, we may receive your location data.
• You can give us your consent to access certain data stored on your mobile phone, such as photos and contacts.
i. Information about social media
Depending on your settings, we may receive information from the social media platforms you use. For example, if you log in to our services using a Meta or Google account, we may collect your profiles from these social media platforms, including your contact details, interests and contacts.
We also receive the visitor statistics from Meta in connection with our Meta fan page. Although Transavia and Meta are jointly responsible for these visitor statistics, Meta Platforms Technologies Ireland Limited is your primary point of contact for handling requests to exercise your rights and any complaints you may have. Where necessary, we will assist Meta in responding to your requests or complaints.
For more information on the personal data that we receive from social media platform providers and how to change your settings, please check the websites and privacy policies of these providers.
j. Information you choose to share with us
We collect and use information that you choose to share with us, e.g. when you share your interests and preferences on our website, leave a comment on our social media page, complete a customer survey or enter a competition or contest.
k. Passengers who are unruly or misuse our services
Transavia keeps a list of passengers who have been unruly before or after the flight, or on board one of our aircraft. Unruly behaviour may include obstructing safety, not obeying instructions, disturbing public order, inflicting injury to our ground crew, crew or fellow passengers or causing damage to our property. For this list, we process the names of the passengers, their gender, date of birth, email address, flight details, a brief factual description of the incident and the severity of the unruly behaviour, the type and duration of the measures taken and, if applicable, a copy of the official report. Transavia Airlines C.V. may share a limited amount of this data (first and last name, date of birth and the duration of the imposed safety measure) with KLM (see also section 1 above). We also keep a list of passengers who misuse our services. For this purpose, we process the names, dates of birth and booking numbers of the passengers and a brief description of the incident and the severity of the misuse. For more information, see sections 3(e), 4.1(f) and 5.3.
Some categories of personal data, such as data revealing racial or ethnic origin, religious or philosophical beliefs, health-related data, and personal data relating to criminal law matters, are subject to stricter rules under the applicable privacy laws.
We may need to collect and use these categories of personal data, for example to provide you with assistance or facilities appropriate to your medical needs during your trip, to accommodate your requests, to ensure flight safety or to comply with statutory requirements. Biometric data is also subject to stricter rules. However, explained under 2.1(d), we do not normally collect or use your biometric data.
We collect the categories of personal data referred to above in the following ways:
a. Personal data provided by you
When you book a flight with us, create an online account, contact us through social media, complete a customer survey, contact our Service Centre, subscribe to receive our emails or mobile push notifications, enter a competition or register for one of our events or campaigns.
b. Personal data received from your travel agent, our airline partners and other companies involved in facilitating your trips
We receive your data from these parties to handle your reservations and bookings and to arrange your trips and purchases. For example, when you book a flight through a travel agent or an online platform, we receive your identifying data and booking data from those third parties.
c. When you use our website or mobile apps, we collect information using cookies and similar technologies
Transavia uses its own cookies and third-party cookies. You can find more information in our cookie policy.
d. If you use social networks, we may also receive information from your social network provider
For more information, see section 2.1(i).
e. If you have been unruly, we will collect certain information for flight safety purposes
If you have been unruly before or during a flight, we will make a report. In addition to the data provided to us in the context of your booking or reservation (e.g. name and date of birth), this report may also include information provided by people involved in the incident and/or responsible for handling it (see also sections 2.1(k), 4.1(f) and 5.3).
Main purposes for which we use your personal data:
a. To provide our services to you
We use the information described under 2.1(a)-(k) to handle your reservations and bookings and to arrange your trips and purchases. For example, we use your name, email address and other identifying information to issue your ticket. We use your contact details to inform you of changes to your flight status.
We need to know your specific medical needs to ensure you receive appropriate care. We only use this data to ensure that you receive appropriate medical care.
b. To provide you with our online services and mobile apps
We use your name and flight details when you use our app to check in for your flight. Some of our online services and apps use your location, for example to show you the nearest location of interest.
We may analyse your use of digital media so that we can tailor our communication to the digital channel or device you use (see section 2.1(h)).
If you break off your booking session on our website, we will send you an email with a link to your booking session so that you can continue where you left off. You may receive similar emails if you break off booking sessions on the websites of our partner Airtrade, which offer package deals. We will only send you such emails if you have subscribed to our newsletter or agreed to receive updates and special offers from us by email (see 4.1(d)). You can withdraw your consent to such emails at any time by clicking on the unsubscribe link in the email, changing your communication preferences in your account (if available), or by contacting us (see 8 ‘Your Rights’ below).
• Example: If our research on booking details and data about additional services (seats, luggage) shows that passengers to certain destinations are more inclined to purchase luggage, we may use that information to offer luggage more prominently for those destinations. We also use customer surveys to measure customer satisfaction and to understand what is important to our customers. We combine data from our customer surveys with details about your booking to analyse, for example, whether certain preferences occur frequently with bookings of a similar size.
iii. The legal basis and the right to object: We collect and use your personal data for our legitimate interests described above (see ‘General’). You have the right to object at any time to the processing of your personal data for statistical purposes under grounds related to your specific circumstances (see 8 ‘Your rights’ below).
d. Marketing purposes
i. General: We may use your personal data for direct marketing purposes. This section explains how we use your data for these purposes.
ii. Channels: We use various channels such as email, mobile push notifications, advertising space on websites and social media channels. For example:
We use Census services to manage the collected data and create segments of user visitors based on target groups. To determine our target audiences for specific campaigns, we may use data we collect during your interactions with our websites, mobile apps or other digital media.
We can then synchronise these segments in real-time with various (social media) platforms such as Google, Meta, DeployTeq, Pega, Xandr and TikTok. In order to enable these platforms to determine whether you have an account, we can share certain data, such as a pseudonymised (hashed) email address. With Census, we can also recognise you on the various (social media) platforms you use based on this information. This helps us to determine more precisely which target groups are relevant for specific campaigns. Please consult the privacy policies of these social media platforms for more information.
If you no longer want us to include you in our social media custom audience targeting programmes, you can refuse the use of cookies through your browser settings or revoke options. For more information, please also read our cookie policy.
iii. Personalised offers: We aim to make advertisements and offers as relevant as possible for you. For this reason, we may analyse the categories of personal data described in section 2.1(a)-(j) and 4.1(c). We use the results of this analysis to personalise advertisements and offers. For example, after you have returned from a trip we may send you an email with offers based on your booking history, to give you inspiration for your next trip. We may also use your booking history (e.g. destination, travel period) to make you personalised offers and to tailor our website and the booking process on our website to you.
iv. Legitimate interest and right to object: When we collect and use your personal data as described in this section 4.1(d) on the basis of our legitimate interests and those of third parties, you have the right to object at any time to the use of your personal data for direct marketing purposes, including related profiling activities (see 8 ‘Your rights’ below).
v. Unsubscribe: We send you marketing emails if you have provided us with your consent or if you have previously made use of our services. You can unsubscribe from these marketing emails at any time by clicking the unsubscribe link in the email, by changing your communication preferences in your account (if available) or by contacting us (see 8 'Your rights' below). When you unsubscribe, you will still receive our booking related service emails (such as your booking confirmation, boarding pass and welcome email). If you have opted to receive personalised advertisements and offers through mobile push notifications, you can unsubscribe by changing your smartphone settings (for mobile push notifications). Visit the website of your social network provider for more information on how to unsubscribe from receiving personalised advertisements and offers through social channels. You may object at any time to the use of your personal data for direct marketing purposes (see below ‘Your rights’).
e. To communicate with you
We use your contact details to communicate with you in relation to our services or loyalty programmes, to answer your questions or to handle your complaints.
f. To ensure flight safety and prevent misuse
Transavia keeps a list of passengers who have been unruly or misused our services (see also section 2.1(k), 3(e) and 5.3). Depending on the severity of the conduct, Transavia can either (1) only allow passengers on board under certain conditions, or (2) refuse passengers on flights. For more information review article 7 of our conditions of carriage.
In case of aggravating circumstances (such as repeated misconduct) Transavia Airlines C.V. can in specific cases decide to refuse a passenger on flights for more than five years. In very serious cases, Transavia Airlines C.V. can even decide to refuse a passenger for life. Passengers on the lists will be personally informed (by email if possible) of the fact that they have been placed on the list and why, what security measures have been taken against them, how long these apply to them and where they can lodge a complaint or object to the inclusion. For more information on how to view or amend this data, see section 8 ‘Your rights’ below.
Special information regarding children: Children under the age of 15 who have been unruly will not be placed on the list by Transavia Airlines C.V. For children aged 15 to 16, Transavia Airlines C.V. can decide that for a maximum period of one year, they are only allowed on board under certain conditions.
g. To conduct our business operations or to comply with legal obligations
We collect, use, and retain your personal data to perform our business activities, such as for administrative purposes, to prevent or combat fraud or to settle disputes. In the event of fraud or misuse of our services, we may include your personal data in our internal fraud control and warning systems. As a result of this, your bookings may be subject to careful scrutiny and may be rejected or cancelled in certain cases, or you may no longer be welcome on board our aircraft or only under certain conditions (see section 4.1(f)). We also collect and use your personal data to comply with our legal and tax obligations.
For specific services, apps, events, contests, or campaigns, we may use your personal data for purposes other than those described in this privacy statement. We will inform you about those purposes when you register for the service, event, contest, or campaign, or when you download the relevant app.
We may share your personal data with third parties in the following cases.
a. To facilitate your bookings and trips
To process your reservations and bookings and to arrange your trips and purchases, we often need to share your personal data with our group companies, partner airlines, airport operators and other companies involved in facilitating your trip like (for example) our handler in charge of check-in and boarding (see section 3.1(b)).
b. For support or additional services
To provide our services, we use the support or additional services of third parties, such as IT suppliers, social media providers, marketing agencies and screening service providers. All these third parties are obliged to adequately secure your personal data and only use this data in accordance with our instructions.
Transavia Airlines C.V. and Transavia France S.A.S. conduct their business activities using centralised databases and systems. These centralised databases and systems may be hosted by one of the two parties or managed for the other. In addition, for efficiency purposes, certain operational functions may be performed by one party for the other. That means that Transavia Airlines C.V. and Transavia France S.A.S. could have access to your personal data for these purposes. We may only use your personal data on the basis of the applicable legal basis and purposes.
c. For the Flying Blue programme
If you choose to 'earn' and/or 'spend' miles on Transavia products, we share your personal data with Flying Blue. For more information on how KLM and Air France handle your personal data in this regard, please check their privacy statements.
d. Payment services
To process payments for your trips and purchases, we may work with third-party payment service providers. In many cases, these payment service providers also perform fraud checks. These providers have their own privacy policies regarding the way they use your personal data.
e. Personalised marketing via social media platforms
For more information, see 4.1(d) under ‘Purposes for which we use your data’.
f. To allow our partners to tailor their services to your trip
We may share your non-personal data (e.g. destination, date of travel and duration of the trip) with partners offering additional services (e.g. hotel accommodation, car rental services) so that they can send you offers tailored to your trip. Our partners have their own privacy policies regarding the way they use your personal data.
For specific services, apps, events, contests, or campaigns, we may share your data with third parties other than those described in this privacy statement, for example, when we organise a campaign or an event in collaboration with a partner or when we integrate their services into our apps. We will inform you about this when you register for the service, event, contest, or campaign, or when you download the app.
To increase the scope of the internal safety measures taken, see section 4.1(f). Transavia Airlines C.V. and KLM exchange the personal data of passengers who have been denied boarding for a certain period of time. A person denied boarding by Transavia Airlines C.V. is now also denied boarding on KLM flights (and vice versa).
With KLM, Transavia Airlines C.V. is jointly responsible for the processing of personal data carried out in the context of the exchange. A mutual arrangement defines our mutual responsibilities for compliance with applicable privacy laws including the exercise of your rights (see section 8 'Your Rights' below).
a. General
We may be legally required to collect your personal data before you travel to another country and share it with the government agencies in the countries on your itinerary. For example, under European and national regulations (including Dutch regulations implementing the PNR Directive (EU2016/281) and the API Directive (EU2004/82)) and international treaties, Transavia must provide so-called PNR and API data to authorised government agencies, such as Passenger Information Units (PIUs). Here you will find more information from the European Commission about the PNR and API data requirements, including a list of all PIUs.
We may also be legally required to share your health data with the government agencies in the countries on your itinerary for public health purposes (see section 2.1(d)).
b. PNR (Passenger Name Record) data
These are personal data we collect from you for the purpose of processing your booking and carrying out your flight, including full name and contact details of all passengers in the booking, booking number and booking date, travel and ticket information (such as travel dates and itinerary, flight number and ticket number), payment information, travel status information (check-in or no-show information), seat information, baggage information and Flying Blue number(s).
European Directive 2016/681 and applicable local laws and regulations require us to provide PNR data to certain government bodies. This means that for each flight, we are required to provide PNR data of passengers to the PIU of the country of departure and arrival. Which PIUs we transfer your PNR data to therefore depends on your travel itinerary.
c. API (Advance Passenger Information) data
These are personal data about you, your travel document and your flight and booking, including your name, gender, date of birth and nationality, the nature, number, date and place of issue and expiry of the travel document, flight number, dates and route of travel, and booking number.
European Directive 2004/82 and applicable local laws and regulations require us to provide API data to certain government bodies. This means that we are required to provide API data of passengers to the local authorities of the country of departure and arrival. This is applicable for each flight from or to a country outside the EU or Schengen area and therefore also depends on your travel itinerary.
d. Specific conditions per country
i. Netherlands: For flights from the Netherlands to a country outside the EU and of flights from outside the EU to the Netherlands, Transavia is also obliged to provide PNR data of passengers to Dutch Customs.
ii. France: Pursuant to Article L 237 -7 of the French Homeland Security Code, we may be required to provide your reservation, checking and boarding data (API/PNR) to the French national government agencies and competent authorities for the purposes of and subject to conditions defined in Decree No. 2014-1095 of 26 September 2014, as amended by Decree No. 2018/714 of 3 August 2018.
Transavia will take appropriate technical and organisational measures to protect your personal data against loss or unlawful use.
Everyone plays an important role in protecting personal data. If you make a booking, you will be sent booking references. These booking references must remain confidential at all times. Disclosing them to other passengers may allow them to access your booking details through our systems or those of third parties involved in the provision of your trip (e.g. travel agencies or online search and booking sites). If you travel with others and do not want your personal data disclosed to them, we recommend making separate bookings.
We also recommend that you do not disclose the passwords you use to access our services to third parties, that you systematically log out of your profile and social account (especially in the case of linked accounts) and that you close the browser window at the end of your session, especially if you are using the internet on a public computer. This prevents other users from accessing your personal data. To avoid the risk of hacking, we recommend using different passwords for each online service you use. We cannot be held liable for the theft of your personal data on a platform that is not managed by us.
In addition, we strongly recommend that you do not to provide to third parties any documents issued by Transavia containing your personal data (your boarding pass, bag tags, ticket number, etc.) or any other information related to your trip or to publish them on social media. If you decide to publish these documents on social media, you are responsible for reviewing and understanding the terms and conditions of use, information security practices and privacy policies applicable to those third-party social media. We cannot be held liable for how personal data is processed on these platforms.
Transavia may transfer your personal data to countries other than your country of residence, including countries outside the European Economic Area. This is done to handle your booking or arrange your trip, or because our group companies, partners, or service providers provide their services from other countries.
Transavia will ensure that adequate safeguards are in place to comply with the requirements for the international transfer of personal data under applicable privacy laws. For transfers of personal data to countries outside the European Economic Area and in the absence of an adequacy decision by the European Commission, Transavia may use European Commission approved Standard Contractual Clauses as safeguards.
You can contact our Privacy Office (see 8.4 below) to exercise your rights under applicable privacy laws, including (1) the right to access your data, (2) the right to rectify your data, (3) the right to erasure, (4) the right to restrict the processing of your data, (5) the right to data portability and (6) the right to object to processing.
a. Right to access
You can ask us whether we collect or use any of your personal data and, if so, you have the right to access that data in the form of a copy. To submit a request for access to your personal data, please use our online form.
b. Right to rectification and completion
You have the right to have your data rectified if it is inaccurate or incomplete. On request, we will correct inaccurate personal data about you and, considering the purposes of the processing, supplement incomplete personal data, which may include the provision of a supplementary statement.
c. Right to (data) erasure
You have the right to have your personal data deleted. This means that we will delete your data. Erasure of your personal data only takes place in certain cases, as prescribed by law and listed in Article 17 of the General Data Protection Regulation (GDPR). This includes situations where your personal data is no longer necessary for the purposes for which it was originally processed and situations where your data has been unlawfully processed. To submit a request for the deletion of your personal data, please use our online form.
d. Right to restriction of processing
You have the right to restrict the processing of your personal data. This means that we will suspend the processing of your data for a certain period. Circumstances which may give rise to this right include situations where the accuracy of your personal data is being contested and we need time to verify its accuracy or inaccuracy. This right does not prevent us from continuing to store your personal data. We will inform you before the restriction is lifted.
e. Right to data portability
Your right to data portability means that you can request us to provide your personal data in a structured, commonly used and machine-readable format and have such data transferred directly to another data controller, insofar as technically feasible. On request and to the extent this is technically feasible, we will transfer your personal data directly to the other controller.
f. Right to object
You have the right to object to the processing of your personal data. This means that you can ask us to stop processing your personal data. This only applies if the ground of ‘legitimate interests’ (including profiling) constitutes the legal basis for processing (see section 4.3).
You may object, at any time and free of charge, to direct marketing if your personal data is processed for such purposes, including profiling if it relates to direct marketing. If you exercise this right, we will no longer process your personal data for such purposes.
You may withdraw your consent at any time by following the specific instructions related to the processing for which you have your consent. For example, you can withdraw your consent by clicking the unsubscribe link in the email, changing your communication preferences in your account (if available) or changing your smartphone settings (for mobile push notifications and location data).
You can also contact the Transavia Privacy Office. For more information on how to withdraw your consent to cookies and similar technologies that we use when you visit our websites or use mobile apps, please check our cookie policy.
There may be situations in which we are entitled to deny or limit your rights as described in section 8.1 above. In all cases, we will carefully consider whether such an exemption applies and inform you accordingly.
For example, we may deny your request for access if it is necessary to protect the rights and freedoms of other people or refuse to erase your personal data if the processing of such data is necessary to comply with legal obligations. The right to data portability, for example, does not apply if the personal data has not been provided by you or if we process the data on grounds other than your consent or for the performance of a contract.
c. Koninklijke Luchtvaart Maatschappij N.V.
If you wish to exercise your rights related to the processing of your personal data resulting from your unruly behaviour before or during a KLM flight, please contact:
KONINKLIJKE LUCHTVAART MAATSCHAPPIJ N.V.
Privacy Office - AMSPI
PO Box 7700, 1117 ZM Schiphol Airport.
The Netherlands
Email: [email protected]
This privacy statement took effect in April 2025 and replaced our previous privacy statement of January 2025. We amend this privacy statement from time to time. We will notify you of any changes before they take effect.