How should you handle passenger personal data to comply with privacy regulations?

• A. Only collect what is necessary, store securely, limit access, and share information strictly with authorized personnel and in line with policy.
• B. Share all passenger data with third-party advertisers.
• C. Store data in unsecured files to speed up processing.
• D. Collect more data than needed to anticipate future services.

Answer: (A)

Handling passenger personal data under privacy rules focuses on data minimization and strong data security with controlled access. Collect only what is necessary to provide the service and for a legitimate purpose, and keep a clear record of why each data item is needed. Store the information securely, using appropriate protections and access controls so that only personnel who genuinely need to see it can access it. Share data strictly with authorized staff and only in line with the airline’s privacy policy and applicable laws. This approach reduces risk of breaches, respects passenger rights, and keeps the airline compliant with privacy regulations.

Sharing all data with third-party advertisers would violate consent and purpose limitations. Storing data in unsecured files creates a serious security risk. Collecting more data than needed lacks a lawful purpose and can breach data minimization requirements.