4
You have the right to request the provision of personal data that you have directly communicated to
us in a structured, commonly used and machine-readable format, if their processing is automated and
based on the collection of your consent. This right does not apply to other legal bases for processing.
Where applicable and technically possible, you also have the option of requesting the transfer of this
data directly to another data controller.
f) The right to object
You have the right to object to the processing of your personal data when the processing is legally based
on the legitimate interests of the Entity.
However, this right of opposition cannot be exercised for processing that is necessary for the Entity to
comply with its legal obligations.
g) The right to decide what happens to your personal data after your death
You have the right to organize the status of your personal data post-mortem by adopting general or
specific guidelines. The Entity undertakes to respect your respective instructions.
9. HOW TO EXERCISE YOUR RIGHTS:
If you wish to exercise your rights, simply send a request to the Entity's Data Protection Department:
AIR FRANCE
Délégué à la Protection des Données/Data Protection Officer - ST.AJ IL
45, rue de Paris 95747 Roissy CDG Cedex
France
In order to process your request as efficiently as possible, we kindly ask you to include the necessary
identification details (surname, first name, e-mail) with your request, as well as any other information
required to confirm your identity. If there is any doubt about your identity, you may be asked to
provide an identity document.
Requests are processed as quickly as possible, and in any event within one month of receipt. If
necessary, this period may be extended to two months, depending on the complexity and number of
requests we receive. In this case, you will be informed of the extension and the reasons thereof.
If, after contacting the Entity and despite its efforts, you believe that your rights have not been
respected, you may also file a complaint to the Commission Nationale de l'Informatique et des Libertés
(CNIL) in France (3 Place de Fontenoy - TSA 80715 - 75334 Paris Cedex 07 or https://www.cnil.fr) or any
other competent data protection authority.
10. DATA SECURITY
As the confidentiality and security of personal data is one of the Entity's core concerns, technical and
organizational security measures are put in place to preserve their security and, in particular, to prevent
any accidental or unlawful destruction, loss, alteration, disclosure, intrusion or unauthorized access to
such data.
The Entity implements such technical and organizational measures in order to ensure that personal data
is conserved securely for the time necessary to fulfil the purposes for which it is to be used, in
accordance with applicable law.