QF Korean booking site.

[Guvner]

Reading through the "Important Information" when transferred to the Korean booking site, the following consent "options" appear:



Essentially this is saying to you as an Australian, in Australia, booking travel via an Australian travel agent, that if you don't consent to providing unknown 3rd parties in Korea or anywhere in the world with your personal information, you cannot use the Australian travel agent's services.

How many people would actually read, acknowledge and understand the implications of agreeing to those conditions?
The method employed doesn't sit well with me. Yes I know I have a choice, save the flippant responses. It's the principle.
If a data form came up and requested your personal information with a big bold red message that read "Your personal info, and that of your family, could end up with anyone, anywhere, anytime and we have no control over it" I'll bet most people would consider their actions a little more carefully.
But yeah, tick this little box. No problem.

If I walked in to a travel agent down the road and booked a flight from ICN would I be expected to consent to the same? Would they refuse the booking if I didn't consent?

 

[TheInsider]

Reading through the "Important Information" when transferred to the Korean booking site, the following consent "options" appear:

View attachment 271922

If I walked in to a travel agent down the road and booked a flight from ICN would I be expected to consent to the same?

Ultimately you are not booking with an Australian agent for a flight originating in Korea, you are using a Korean agent.

If you book with a Travel Agent, then you are bound by their privacy policy and their data sharing arrangements.

 

[Guvner]

Which Korean agent?
I went through the whole booking process (QF rewards, AA flights ICN <> LAX) right to "Pay Now" and nowhere does it mention any company other than Qantas.

I am booking with Qantas, an Australian company. Qantas collects my information in Australia, they are ultimately responsible for it's protection.

Their Privacy Policy specifically referred to above states:
This Privacy Policy applies to Qantas Airways Limited and its related bodies corporate (referred to as “Qantas”, “we” and our), excluding Qantas Superannuation Limited and excluding all Jetstar branded entities.

 

[TheInsider]

Which Korean agent?
I went through the whole booking process (QF rewards, AA flights ICN <> LAX) right to "Pay Now" and nowhere does it mention any company other than Qantas.

I am booking with Qantas, an Australian company. Qantas collects my information in Australia, they are ultimately responsible for it's protection.

Their Privacy Policy specifically referred to above states:
This Privacy Policy applies to Qantas Airways Limited and its related bodies corporate (referred to as “Qantas”, “we” and our), excluding Qantas Superannuation Limited and excluding all Jetstar branded entities.

You are booking through their 'korean' office to issue you the ticket. You are dealing with a Korean merchant to take your payment. You are dealing with Korean IT contractors and possibly consolidators to create and sell you the flight.

It's all here: https://www.qantas.com/au/en/support/privacy-and-security.html#disclosure-of-personal-information

including:

• Other carriers on your itinerary so they can provide goods and services to you
• Airline and non-airline partners participating in our programs and clubs to allow you to receive offers and benefits in our programs and clubs
• Operators of other programs and clubs to allow you to receive offers and benefits in their programs and clubs
• various law enforcement agencies, regulatory authorities and governments around the world and their service providers
• such other third parties mentioned in the “How we use your personal information” section above

For example:

• travel operators and travel agents, ground handling service providers (such as check-in agents, freight handling, specific assistance and ground transport, airport lounge operators, chauffeur services, catering services), and other members of the Qantas group may need the information in connection with these purposes
• we are required to maintain a register of shareholders and make it available for inspection by the public under the Australian Corporations Act 2001 (Cth) and we may also disclose information collected in connection with your shareholding to regulatory bodies such as the Australian Taxation Office.
• US federal law requires airlines, including Qantas, to collect an attestation in relation to the COVID-19 pandemic for passengers arriving in the US from a foreign country. We are required to retain a copy of each attestation for 2 years, and to provide this to the US Centers for Disease Control and Prevention (CDC) upon request. Visit the CDC's websiteOpens external site in a new window for more information.

In addition to the above third parties, we may use service providers for the services listed below, many of whom handle your personal information on our behalf.

• Billing and payment processing, including detecting and preventing fraudulent or suspicious bookings
• Catering
• Chauffeur services
• Airport lounge operations
• Ground handling (such as check-in agents, freight handling, specific assistance and ground transport)
• Customer service and call centres
• Corporate and government travel sales and fulfilment functions
• Market research and analysis
• Marketing, printing and distribution (including mailing and email) services
• Information technology services such as data storage, passenger and freight booking and distribution systems, communication networks, software and system development, maintenance and support, incident investigation and resolution, and information processing, analysis and reporting
• Investigating and responding to incidents

 

[Guvner]

Maybe, maybe not, but under Australian law Qantas in Australia is still responsible if they are the collectors of PI data. You can’t just stick an “office” in another country and circumvent the Privacy Act.
But it’s a moot point, my original point was that the method used to gain consent is what I have an issue with.

 

[TheInsider]

Third Parties outside of Korea: Would be entities like the CPT call centre or the Fiji call centre. Would be the actual airlines because they are not based in Korea.

Third Parties inside of Korea: Would be banks, ticketing systems, agents acting on behalf of QF and then agents acting on behalf of AA. The airport authorities in ICN, along with the ground handlers in ICN

Post automatically merged: Feb 25, 2022

But it’s a moot point, my original point was that the method used to gain consent is what I have an issue with.

An issue with a tick box?

The disclosure you'd be agreeing to, would be based on Korean privacy laws and disclosure. Same thing if you are in the EU, you have to press those stupid cookie things every website.

 

[Guvner]

A paper contract? No.
A clear warning which distinguishes the difference between agreeing to “Korean” law and Australian law when the consumer is transacting in Australia via an Australian company would be the ethical thing to do. If everyday people are OK with consciously agreeing to waive their data privacy rights under Australian law via a little tick box with no understanding of the possible implications then tick away. Be careful what you wish for.

 

[TheInsider]

A paper contract? No.
A clear warning which distinguishes the difference between agreeing to “Korean” law and Australian law when the consumer is transacting in Australia via an Australian company would be the ethical thing to do. If everyday people are OK with consciously agreeing to waive their data privacy rights under Australian law via a little tick box with no understanding of the possible implications then tick away. Be careful what you wish for.

It literally states before you can even look at the flights that you are agreeing to that information you are agreeing to. It is prefectly clear, it won't even let you go past it with out agreeing to it.

​

You are booking a flight with another carrier, out of another country with their own privacy laws. What else do you want?!

Australian laws are not applicable to overseas countries. Qantas handles it's privacy as an Australian company in Australia as legislated.




If you don't want to book, then don't book. I really don't understand the issue here.

 

[Guvner]

If you don't want to book, then don't book. I really don't understand the issue here.

At least we agree on something.

 

[RooFlyer]

Third Parties inside of Korea: Would be banks, ticketing systems, agents acting on behalf of QF and then agents acting on behalf of AA. The airport authorities in ICN, along with the ground handlers in ICN

... and anyone else in the world who they choose to give/sell your data to.

If you don't want to book, then don't book. I really don't understand the issue here.

You don't understand the issue of concerns of privacy of personal information?? Its pretty big these days. If its just a matter of 'if you don't like it, don't book', then we can dismiss just about all the flying threads on AFF.

And how weasley is it that they say "you may not be able to book..." Why can't they say "... we won't allow you to book ..."

The OP has raised a very valid issue, and even if its an everday matter in modern commerce, it is still useful for it to be flagged from time to time. A number of times I have refsed to deal with a merchant whse T&Cs are just so open-ended that its insulting.

 

[Guvner]

Australian laws are not applicable to overseas countries. Qantas handles it's privacy as an Australian company in Australia as legislated.

a) it’s the consumer’s privacy, not Qantas’.
b) Aust Privacy Act covers data collected in Australia. It also covers cross border information sharing. You can’t just send/store/share personal data with an overseas entity and absolve responsibility.
Again, my point is that the average consumer would not understand that by ticking a box they are agreeing to waive their privacy rights.
Stating on a page in standard font that you are subject to <whatever country> terms and conditions is in no way the same thing as clearly stating
“You agree to waive your data privacy rights under Australian Law”.
Read up on APP 8.1
c) the post was about awareness for those of us who care about our personal data.