Privacy Policy and Cookies

last updated on Nov. 3, 2025

Safeguarding the personal data entrusted to UNI AIR (hereinafter referred to as "the Company") and Your privacy is the responsibility of the Company. You are encouraged to know all Your rights regarding personal data and privacy, enabling You to use the tailored services provided by the Company with peace of confidence. By commencing or continuing the use of the Company's services, You signify that You have read, understood, and agreed to the Company's Privacy Policy (hereinafter referred to as "this Policy"). The Company may revise this Policy to protect Your personal data and privacy. The Company hereby makes the following statement in accordance with Article 8 of the Personal Information Protection Act of Taiwan and Article 7 of General Data Protection Regulation, which includes the guidelines we use for protecting the information You provide us during a visit to our website.

The Company collects personal information for the following purposes: flight booking process, establishment of related ticketing information, ticketing notice, issue of itinerary, transportation management, consumer/passenger services and management, exception handling, payment processing, baggage claims, marketing activities, service, online advertising and statistical surveys and analyses in order to improve service quality and strengthen personalized services.

In addition to the aforementioned scope of this Policy, the Company may use or exceptionably utilize Your information for specific purposes due to the following situations:

1. To comply with the applicable laws and regulations of both domestic and international jurisdiction, including but not limited to civil aviation, customs, diplomacy, public health (quarantine), law enforcement, and judicial investigation.
2. In the interest of public interest.
3. To prevent risks to Your life, body, freedom, or property.
4. To prevent significant harm to the rights and interests of individuals other than Yours.
5. With Your consent or when it is in Your best interests.
6. In accordance with Article 6, paragraph 1, subparagraphs of the Personal Data Protection Act of Taiwan and Article 9(2) of the GDPR.

The Company will collect Your personal data through the following methods and channels:

1. When you book, purchase, or pre-order products or services, including various add-on services, or participate in offline or online activities including online advertisements.
2. When you use online services (such as seat selection, check-in, flight feedback) or contact our customer service centers, ticketing offices, or airport counters for after-sales or exception handling.
3. During airport operation procedure.
4. When you consent to UNI AIR use of cookies and similar tracking technologies.
5. The Company may collect or receive Your personal data through other third parties:

Please be well noted that when You book or purchase travel-related products other than those sold by the Company through its channels, Your personal data may be collected, processed, and used by third parties. The third parties’ collection and use Your personal data will be subject to their own privacy policies and please read their privacy policies carefully before deciding whether to consent to them.

The conditions listed in Article 9, paragraph 2 of General Data Protection Regulation are not limited to this.

Through the aforementioned methods and channels of personal data collection, the Company may collect, process, and utilize Your personal data, including but not limited to:

• Identifiable Personal Information, including but not limited to: name, job title, home address, work address, previous addresses, home phone numbers, cell phone numbers, online platform accounts, mailing and registered addresses, photographs, email addresses, records of online identification/queries, log-in password, IP addresses, Cookies, mobile device identifiers or any other information for identifying a person.
• Identifiable Financial Information, including but not limited to: Financial institution account numbers and names, credit card or debit card numbers and other personal numbers or accounts.
• Personally identifiable information (PII) contained in government data, including but not limited to: Personal I.D. card number, ROC Uniform ID number, disability card number, retiree certificate number, license numbers, passport number, etc.
• Information About Personal Descriptions, including but not limited to: age, gender, date of birth, place of birth, nationality, voice, etc.
• Details About Other Family Members (Personal family member information), including but not limited to: information about the children, dependents, other members in the family or relatives, parents, cohabiters, or relatives living in China and elsewhere.
• Information About Residence and Facilities, including but not limited to: home address.
• Details About Travel and Other Migration, including but not limited to: details about previous migrations/travels, passports of foreign countries, residence certificates, work permits, etc.
• Occupational Information, including but not limited to: Various occupations, job titles, etc.
• Compensation Information, including but not limited to: the details and amount of compensation/claims.
• Health Record Information, including but not limited to: medical reports, treatment and diagnostic records, medical diagnosis certificate, test results, type of disabilities, levels, validity periods, disability handbook certificate numbers, and contacts, etc.
• Other Data (Data Uncategorized): Unclassifiable letters, files, reports, recordings, emails or Your feedback (letters, emails), etc.

It is particularly emphasized that if You are unable to provide the personal data necessary for the selected service scope, the Company may be unable to complete all or part of the service and transaction.

The Company will use Your personal data upon Your consent in the following ways to fulfill the services per Your request, as well as safeguarding Your rights:

1. When you use the Company ticket purchasing service

   (1)	Ticketing notice, Certificate of Ticket Issuance, Receipt, Invoice, fare information and online related services, etc.
   (2)	Financial transactions and authorization: the finance-related information provided by passengers in their ticket will be submitted to respective financial institution in the ticket purchase process (e.g. for credit card authorization) before completing a ticket purchase.
   (3)	Email, App and text messaging services: UNI AIR will send flight-related information to the e-mail address and/or mobile phone No. provided by passengers.

2. Transfer of Your personal data to the Company and its contractors, agencies, affiliates, group, and/or business partners for the provision of products and services which include but not limited to: general/online booking, ticketing, check-in, text-messaging, online events, social media activities, and various off-line activities and airport operations. As well as information survey, exchange, statistics and analysis to provide You with the information or services You need.
3. Promoting the services and products of the Company and/or of a third-party contract partner, and the Company's partners. Opt-out will be provided to You during the initial and subsequent marketing campaigns to secure your rights. You can always choose to opt out of receiving such marketing information through the aforementioned options even You’ve agreed before.

We promise that, without Your consent, we will neither disclose Your personal information to a third party irrelevant to the named service nor use it for any purpose other than that aforementioned, with the following exceptions: Your personal information may be disclosed, or used, in cooperation with legal investigations initiated by judicial authorities or authorities concerned as per duties and responsibilities.

The Personal Data Usage Period is based on the duration necessary for the specific collection purposes, the period stipulated by relevant laws and regulations (such as the Civil Code , Personal Data Protection Act of Taiwan, etc.), the period required for the execution of business operations (which may be longer than the periods specified in the laws and regulations), or retention periods specified in individual contracts. The Company will delete Your personal data automatically when it is no longer required for the purpose of collection or when the retention period expires.

Your personal data will be transmitted (including cross-border transfer) and stored in a secure information environment. It will be processed and utilized by the Company’s domestic offices to fulfill the services You require. To achieve the above purposes, the Company will adopt adequate safeguard measures to comply with applicable personal data protection laws, relevant regulations, and the requirements of this Policy.

To ensure that all personnel of the Company, as well as employees of vendors and their temporary employees, visitors, and others with business dealings with the Company, comply with relevant laws in the collection, processing, and utilization of Your personal data, the Company has established guidelines (UNI AIR Personal Data File Security Maintenance Plan) as regulations for various operational processes.

The following security measures are adopted to protect the personal data You provide to the Company, ensuring the confidentiality, integrity, and availability of Your personal data:

1. Access to Your personal data must pass through the Company's identity and access control mechanisms.
2. The Company and its employees and outsourced vendors are contractually obligated to maintain confidentiality when collecting, processing, or utilizing Your personal data. They must also adhere to the Company's information security policies and regulations.
3. Annual information security and personal data protection education and training are provided to employees to enhance compliance awareness.
4. Annual internal compliance audits of the collection, processing, and utilization of Your personal data are conducted, reviewing the legality of internal policies. External and internal issues are collected, and requests from relevant stakeholders are incorporated into risk assessments, integrated into risk management procedures to identify potential risks and address them promptly.
5. Once a year, external independent organizations audit the Company's personal data protection management measures to strengthen control mechanisms from an independent and objective perspective for effective implementation.
6. The Company's network infrastructure ensures secure transmission through high-tech encryption methods for online transactions and personal confidential data. All data is encrypted before transmission to prevent interception and misuse.
7. The Company adopts a zero-tolerance policy for violations of personal data protection. If an investigation reveals confirmed involvement in violations of applicable personal data protection regulations, including failure by individuals with supervisory responsibilities to report misconduct, the Company will immediately review and improve management measures. Disciplinary actions will be taken in accordance with employment contracts, internal disciplinary regulations, and procedures.
8. If You have any opinions on this Policy, You can contact us through the following channels:
   UNI AIRWAYS CORPORATION
   Data Protection Officer
   8F, No. 117, Section 2, Chang-An East Road, Zhongshan District, Taipei City 10455, Taiwan
   communication@uniair.com.tw

Once You have provided Your personal data to the Company, You are entitled to the following rights in accordance with Article 3 of the Personal Data Protection Act of Taiwan and Articles 16 to 20 of the EU General Data Protection Regulation:

• Inquiry or Request for Access.
• Request for Copy.
• Request for Supplementary or Correction.
• Restriction of Collection, Processing, or Utilization.
• Request for Restriction of Processing.
• Restriction of Automated Decision-Making.
• Request for Deletion: You may request the deletion or erasure of Your personal data. However, if the processing of Your personal data is deemed necessary and compliant with relevant personal data regulations, the data may not be subject to deletion or erasure, and the Company may be unable to proceed or respond accordingly.
• Request for Data Portability.

Based on legitimate interests, service provision requirements, or relevant legal obligations, it is necessary to retain certain personal travel data for a specific period. We will keep the information, so we can fulfil the specific travel arrangements You have made and after that, we will keep the information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the travel agreement and the information may also be retained so that we can continue to improve Your experience with us.

You can exercise any of the aforementioned rights through the Company's official website or business offices; Your request will be handled as soon as Your identity is verified. If You provide incorrect or incomplete personal information which prevents us from verifying Your real identity, we might be unable to uphold Your privacy rights. In accordance with applicable laws, the Company may reject Your request and will provide reasons for such refusal. Additionally, in accordance with Article 14 of the Personal Data Protection Act, the Company may charge a reasonable administrative processing fee.

A 'cookie' is a small piece of data sent by a web server to be stored on a web browser. The data collected from cookies is to differentiate the preference of the individual user. Most of the websites may use cookies to provide services to their customers. However, a cookie will only identify the use of the computer other than the user. Therefore, you can configure your browser to not accept cookies if you choose, however, if you disable your cookies, you will not have access to certain personalized features or participate in all of the activities on the websites.

Keeping our commitment:

The Company will not disclose the data obtained from the Cookies in order to safeguard your privacy. The Company may use cookies to collect information through your web browser for the following purposes:

• To provide you with the personalized services and invite you to participate in all of the activities on the website.
• To identify your web preferences for us to help provide you with better services.

• Essential Cookie - Essential cookies are essential for the operation of our website that will let you move around our website freely and use functions on the websites. These cookies don’t gather your personal identifiable information that could be used for marketing and are not disclosed to any third party.
• Functional cookies – Functional cookies are used to remember choices you make and improve functionality and your personal features on our website.
• Performance cookies - Performance cookies collect information about which pages visitors go to most often, and if you experienced any errors. These cookies help us to improve the performance and user experience of our website.

An Internet Protocol address (IP address) is a numerical label assigned to each device participating in internet that uses the Internet Protocol for communication. When you access our website and mobile services, we collect your IP address. We store this information to help us manage security, analyze how our website and mobile services interact with you and do the product marketing and advertisement. We also use IP address to block the visitor, who is unable to comply with the terms of service, from accessing to our website and mobile services.

The Company will follow the guidelines for “ Categories of Collected Personal Data” in using your e-mail addresses obtained to deliver information relevant to our customers, including a wide range of services and special privileges, and will make known on the e-mail that it is sent by the Company.

Please safeguard your personal information, additional services and all kinds of online services. Do not disclose your personal information to others. To prevent others from collecting and abusing your personal information, DO REMEMBER TO LOG OUT of the site when you complete a transaction and close the window before you leave the site if you share a computer with others.

The Company reserves the right to change these guidelines and disclaimers from time to time, and the content presented on this page is considered to be the latest version. Should a material modification to our Privacy & Security statement occur, we will post those changes on our website so that you are aware of the changes. The Company also reviews privacy protection/security statements to comply with applicable laws and regulations.

In order to protect yourself in the Cyber world, you should validate whether or not the website you're visiting is indeed a legitimate website. UNI AIR website(www.uniair.com.tw) is a secure site with the Global Digital of which enable secure communications between your browser and our website.

The Company protects passenger transaction and privacy information with Secure Socket Layer (SSL) encryption technology, an industry standard for encrypting over the Internet, where text will be automatically encrypted before being securely dispatched over the Internet.

This Privacy and Security Statement is governed by and shall be construed in accordance with the laws of Taiwan. Any dispute on claim arising out of this statement will be subject to the exclusive jurisdiction of Taiwan Taipei District Court, R.O.C.

Please contact us if you have any questions and comments regarding our Privacy and Security Statement.