IMPORTANT! For international destinations, it is MANDATORY to fill in the online forms requested by the authorities and to present all the documents requested to fulfill the travel conditions for Covid-19. Travel conditions for Covid-19 can be also founded on: https://www.mae.ro.

Privacy policy

Notification of personal data processing

1. Who we are

TAROM – Romanian Air Transport Company is an air carrier in Romania operating over 50 destinations and destinations served by code share partners.

2. Personal data we process

TAROM is a personal data controller. We process the following personal data categories:

  • Name, surname
  • Flight itinerary
  • Booking number
  • Nationality
  • Date of birth
  • Gender
  • Type and series/number of identity document
  • Expiry date of identity document
  • Country issuing the identity document
  • Travel documents required by countries of stopovers or by the country of the traveller's final destination
  • Flight details
  • Seat number
  • Baggage details
  • MEDA form - where applicable.

3. Why do we need this

We need your personal data for the following processing:

On the legal basis of compliance with TAROM's legal obligations under the Council Directive 2004/82/EC of 29 April 2004 on the obligation of carriers to communicate passenger data:

  • Name, surname - this information is transmitted to the authorities in accordance with the law.
  • Nationality - this information is transmitted to the authorities in accordance with the law.
  • Date of birth - this information is transmitted to the authorities in accordance with the law.
  • Gender - this information is transmitted to the authorities in accordance with the law.
  • Type and series/number of identity document - this information is transmitted to the authorities in accordance with the law.
  • Expiry date of identity document - this information is transmitted to the authorities in accordance with the law.
  • Country of issue of the identity document - this information is transmitted to the authorities in accordance with the law.

In compliance with TAROM's legal obligations to verify the identity of passengers and to communicate details of passengers to border protection and customs authorities:

  • Name, surname - this information is transmitted to the authorities in accordance with the law.
  • Email - this information is transmitted to the authorities in accordance with the law.
  • Telephone - this information is transmitted to the authorities in accordance with the law.
  • Nationality - this information is transmitted to the authorities in accordance with the law.
  • Date of birth - this information is transmitted to the authorities in accordance with the law.
  • Gender - this information is transmitted to the authorities in accordance with the law.
  • Type and series/number of identity document - this information is transmitted to the authorities in accordance with the law.
  • Expiry date of identity document - this information is transmitted to the authorities in accordance with the law.
  • Country of issue of the identity document - this information is transmitted to the authorities in accordance with the law.
  • Flight details - this information is transmitted to the authorities in accordance with the law.
  • Place number - this information is transmitted to the authorities in accordance with the law.
  • Baggage details - this information is transmitted to the authorities in accordance with the law.

On the legal basis of complying with TAROM's legal obligations to verify the identity of passengers and to allow only eligible passengers to board the correct flights:

  • Name, first name - we use this information to identify you.
  • Type and series/number of identity document - we use this information to identify you.
  • Expiry date of ID document - we use this information to allow you to board the flight.
  • Country of issue of identity document - we use this information to identify you.
  • Travel documents required by the country of stopover or final destination - we use this information to allow you to board the flight.
  • Booking number - this number is used to identify your booking in the system.
  • Electronic ticket number - this unique number is used to identify your flight in the system.
  • Flight details - we use this information to allow you to board your flight.
  • Seat number - we use this information to allow you to board your flight.
  • Baggage details - we use this information to allow you to board your flight.

With your consent, we also process the following personal data for the following purposes:

Travel of unaccompanied children

  • Form "Unaccompanied Minor - Request for Transport - Accompanying Notice" - form containing data about the unaccompanied minor, name/surname and contact details of the person handing over the minor on departure and the person who will pick up the minor at the final destination.

Medical clearance for a person with special needs

  • MEDA form - form containing medical data about a person with special needs. An information notice and information on the processing of special data is delivered together with this form

4. What we are doing with them

Your personal data is processed within the company CNTAR TAROM SA located in Romania. The hosting and storage of your data takes place in Romania on TAROM servers.

Your personal data is also processed by the airports where your stopovers take place and by the airports of destination of your flights, by the various government authorities responsible for border protection and customs control in the countries of transit and destination, by the institutions in charge of protection against terrorism and crime in the countries of transit and destination and by the institutions responsible for maintaining PIU (Passenger Information Unit) registers. All these entities act as personal data controllers.

Your personal data is also processed by Amadeus IT Group, S.A. of Spain acting as processor for TAROM providing Departure Control System services (boarding and check-in).

Your personal data is also processed by SkyTeam Airline Alliance Management Coöperatie U.A. acting as a personal data processor for TAROM providing services such as mileage credit for Flying Blue members, seamless check-in, seamless seats, Elite Customer Recognition, access to SkyTeam lounges, baggage tracking.

Your personal data is also processed by other airlines operating flights that are part of your itinerary. These airlines are personal data controllers.

Your personal data are also processed by handling companies at the various airports where TAROM flies, acting as personal data processors for TAROM providing baggage and passenger handling services (at boarding, passenger assistance).

5. How long we keep your personal data

Personal data that are contained in the financial-accounting documents or in documents that are attached to the financial-accounting documents (all data from your bookings are included), will be kept for 10 years according to the provisions of art. 38 of Annex 1 to Order no. 2634/2015 on financial-accounting documents, issued by the Romanian Ministry of Public Finance and will not be accessed for any purpose other than the legal purpose for which they are archived. After 10 years these data will be destroyed.

Personal data required for your boarding is kept six months after it is handed over to the authorities.

6. Which are your rights?

If you have reason to believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request to see this information, to rectify it or request that it be deleted, to request restriction of processing or to object to processing, and you also have the right to data portability. To exercise these rights please contact us at data.protection@tarom.ro

You have the right to withdraw your consent for the MEDA form and for the "Unaccompanied Minor - Request for Transport - Accompanying Notice" form. To do so, please contact us at data.protection@tarom.ro

If you wish to submit a complaint about the way we have processed your personal data, please contact the Data Protection Officer at the following e-mail address data.protection@tarom.ro . The Data Protection Officer will contact you to resolve the issue raised.

You can also contact the National Supervisory Authority for Personal Data Processing at www.dataprotection.ro and submit a complaint with them.

 

EV SSL