Update Date: October 09, 2025
Effective as of: October 16, 2025
China Eastern Airlines Corporation Limited (registered address: 66 Airport Street, Pudong International Airport, Shanghai; email: CEAPrivacyOffice@ceair.com, hereinafter referred to as "CEA", "we", or "us") places paramount importance on the protection of children's privacy and personal information. To better protect children's personal information, in addition to the Privacy Policy, we have formulated the Rules for the Protection of Children's Personal Information (hereinafter referred to as "these Rules") to inform you of how we collect, store, use, provide, and protect children's personal information (hereinafter referred to as "Children's Personal Information"), as well as the rights of children and their guardians.
Notice to Guardians: As a parent or other guardian of your child (hereinafter collectively referred to as "Guardian"), please assist us in protecting your child's personal information and privacy security. Before you or your child use CEA products and/or services, please carefully read these Rules, especially the sections in bold font. After you fully understand and agree to these Rules, you may begin to use or allow your child to use CEA products and/or services. If you or your child has used or continues to use CEA products and/or services and submits personal information, it shall be deemed that you consent to our collection, storage, use, provision, and protection of your child's personal information in accordance with these Rules. If you do not agree to these Rules, you and your child should immediately cease use; however, your child may no longer be able to continue using CEA products and/or services. If you discover that your child has provided information to us without your consent, please promptly contact CEAPrivacyOffice@ceair.com, and we will provide you with a follow-up solution in a timely manner.
Notice to Children: Children must obtain prior consent from their guardian before using CEA products and/or services. If you are a child, please inform your guardian to jointly review these Rules. You may only use our products and services and submit your personal information after obtaining your guardian's consent and under their guidance. If you have any questions regarding these Rules, we recommend that you consult your guardian. If you want to learn more about how CEA handles children's personal information, you may refer to the China Eastern Airlines Privacy Policy(hereinafter referred to as the "Privacy Policy").
These Rules are specifically formulated in accordance with the Privacy Policy. In case of any inconsistency with the Privacy Policy, these Rules shall prevail. Matters not covered herein shall be governed by the Privacy Policy.
1. Definition: For the purposes of these Rules, the terms "children" or "child" refer to users under the age of 14 or minors under a specific age stipulated by their respective jurisdictions (as detailed in Appendix 1).
2. How We Collect Children's Personal Information
When you or your child uses our products and/or services, we may collect certain personal information about your child. We will explain to you the types of information we collect with your consent, the purposes for collecting such information, and the consequences of refusing consent, based on the specific services involved.
(1) Child Ticket Purchase Services
To purchase a child ticket, please provide the following information of your child: name, gender, nationality, date of birth, type of valid identification document,identification document number, document validity period, and issuing country of the document.
(2) Child Passenger and Baggage Check-in Services
To ensure a more pleasant travel experience for you and your child, please allocate sufficient time for check-in procedures. At the airport check-in counter, we are required to verify that your child's valid identification document matches the information provided during ticket purchase.
If you choose to use our self-service check-in, please log in to your account in advance; if you are not logged in, please provide your and your child's ticket number or identification document number used for booking, as well as your child's name for self-service check-in. During the check-in process, we may require you to provide or verify your child's identification document information, including: name, gender, nationality, date of birth, identification document number, document validity period, and issuing country of the document.
(3) Registering Your Child for the "Flying Explorer" Membership
To complete the registration for the "Flying Explorer" membership, we may require the following information about your child: name, nationality, date of birth, mobile phone number, type of valid identification document, identification number, document validity period, and issuing country of the document.
(4) Apply for the "Unaccompanied Minor" Service for Your Child
To apply for the "Unaccompanied Minor" service, we may require you to provide the following information about your child: name (including any nickname), age, and gender.
In addition, for the purpose of verifying guardianship, we may also collect information regarding the familial relationship between you and your child, contact details (including mobile phone numbers and email addresses), residential address, and any other information necessary for the determination of guardianship.
Without the aforementioned information, your child may be unable to access CEA's related services. Our services for children are continuously evolving and improving. If you choose to use services not covered by the Privacy Policy or these Rules, and we need to collect children's information for such services, we will inform you of the scope, purpose, and method of use of information collection through webpage notifications, interactive processes, or agreement terms, and seek your consent.
We do not engage in automated processing of children's personal information to create user profiles, nor do we provide personalized recommendations to children based on such profiles. By default, we do not send direct marketing messages about products and services to children unless you expressly authorize us to do so through "My - Settings - Notifications & Recommendations - Allow App to Push Notifications for Products and Services/Receive Product and Service Information via SMS". You may also easily disable direct marketing through the same path.
For detailed information regarding CEA's general terms and conditions concerning indirect collection of personal information, exceptions to obtaining consent, and third-party links, please refer to Part I "How We Collect and Use Your Personal Information" in the Privacy Policy.
3. How We Use Children's Personal Information
We strictly comply with laws and regulations, and use children's information for the purposes specified in these Rules to provide and optimize CEA products and/or services while protecting children's privacy and security.
We may use anonymized children's personal information for statistical compilation, scientific research, and public record retention purposes. We will implement necessary measures to store and process anonymized information separately from other information, thereby minimizing the risk of re-identification. We will strictly control access rights to ensure the number of individuals authorized to view anonymized data is minimized to the greatest extent practicable. If we intend to use children's personal information for purposes not explicitly specified in these Rules, or to collect additional children's personal information beyond what is expressly outlined herein, we will seek your consent anew.
4. How We Store Children's Personal Information
a) Generally, the personal information we collect (including children's personal information) will be stored within the territory of China. However, in the event of cross-border business requiring the transfer of personal information (including children's personal information) to a third country or region, we will ensure that the personal information (including children's personal information) receives adequate protection in strict compliance with all applicable laws, regulations, and requirements stipulated by relevant regulatory authorities in respective jurisdictions.
b) Generally, we will only retain children's personal information for the period necessary to achieve the purposes outlined in these Rules and as required by applicable laws and regulations in the relevant jurisdiction. After the aforementioned period, we will delete or anonymize the personal information of children in accordance with the laws and regulations of the relevant jurisdiction. Electronic files will be securely deleted or anonymized, while other records, printouts, and written documents will be destroyed by shredding or incineration.
Information required to be retained for a specified period under the laws of a particular jurisdiction shall be stored separately.
c) In the event of termination of our services or operations, we will immediately cease the collection of children's personal information and provide prior notice to the guardians of such children in accordance with relevant laws and regulations. Upon termination of services or operations, we will delete or anonymize children's personal information, unless otherwise stipulated by laws, regulations, or regulatory authorities.
For detailed information regarding CEA's general terms and conditions on personal information storage and cross-border transfer of personal information, please refer to Part IV "How We Store Your Personal Information" and Part VII "How Your Personal Information Will Be Transferred Globally" in the Privacy Policy.
5. How We Protect the Security of Children's Personal Information
a) To safeguard the security of children's personal information and privacy, we implement reasonable and necessary measures and employ state-of-the-art technologies to protect such information, such as physical protection, security technologies, and management systems to minimize risks of loss, misuse, unauthorized access, disclosure, or alteration. These measures include, but are not limited to, encrypted data transmission, firewalls, encrypted storage, physical access controls, and information access authorization controls. To this end, we implement security procedures to protect children's personal information against unauthorized access. All children's personal information shall be encrypted and stored in internal systems that are strictly protected by firewalls.
b) To safeguard the security of children's personal information and privacy, we have established dedicated management systems, procedures, and organizations to protect information security, strictly controlling access to children's personal data and appointing designated personnel responsible for its protection. We adhere to the principle of least privilege, permitting only employees who need to know children's personal information to access it, while implementing stringent access control and monitoring mechanisms. Employees accessing children's personal information shall obtain approval from the Children's Personal Information Protection Officer or authorized management personnel, maintain proper records, and implement technical measures to prevent unlawful copying or downloading of children's personal information. We also require all personnel who may have access to children's personal information to fulfill corresponding confidentiality obligations and undergo audits.
c) We have formulated the emergency response plan for incidents involving children's personal information security. We regularly conduct emergency response training and drills for relevant internal personnel to ensure they have a clear understanding of their job responsibilities, emergency response strategies, and rules and regulations. In the event of a leakage or any other security incident involving children's personal information, we will activate the emergency response plan to prevent the incident from escalating and promptly inform the children and their guardians of the basic situation of the security incident, the response and remedial measures we are about to take or have taken, as well as our suggestions through announcements, push notifications or emails. We will promptly release incident-related information through app push notifications, emails, or SMS messages to the guardian's designated email address or mobile phone. Where individual notification is impracticable, we will issue warnings through reasonable and effective means such as announcements. In addition, we will report the handling of incidents involving children's information security to regulatory authorities as required.
For general security measures regarding personal information protection by CEA, please refer to Section V "How We Protect Your Personal Information" in the Privacy Policy.
6. How You Manage Children’s Personal Information
As CEA provides products and/or services worldwide, you, as the subject of personal information, are entitled to the following rights under applicable laws in your jurisdiction (including but not limited to the GDPR):
(1) Withdrawal of Children's Personal Information
You have the right to contact us through the contact information provided herein to withdraw your consent for our processing of children's personal information. We will process your withdrawal of consent in accordance with relevant laws and regulations, provided that the lawfulness of our processing of children's personal information shall not be affected prior to the formal withdrawal of consent. Note: If you withdraw your consent, your child may no longer be able to continue using our products and/or services.
You may withdraw your consent for the use of children's personal information in advertising and marketing activities at any time. You may exercise this right by following the instructions in the marketing information to opt out of receiving such materials, or by navigating to "My - Settings - Notifications & Recommendations - Allow App to Push Notifications for Products and Services/Receive Product and Service Information via SMS" within the APP.
(2) Access, copy, correct, supplement, request explanation, delete, or cancel children's personal information
To ensure that you and your child can conveniently access and manage your child's personal information while using our products and services, and to safeguard your and your child's rights to access, copy, correct, supplement, request explanations, delete, or cancel accounts regarding personal information, you may follow the guidelines in Section VI "Your Rights to Personal Information" of the Privacy Policy, or contact us directly through the contact information provided in the Privacy Policy.
In the event that our products and/or services cease operations, we will promptly terminate the collection and use of children's personal information in compliance with relevant laws and regulations. We will notify you through individual notices or public announcements, and proceed to delete or anonymize the relevant children's personal information.
(3) Right to Data Portability
If you request the transfer of your child's personal information to a designated personal information processor, please contact us using the contact information provided herein.
(4) Refusal to Provide to Third Parties
You have the right to contact us through the contact information provided in these Rules to refuse our disclosure of your child's personal information to third parties. However, regarding the personal information necessary for us to provide services to you or engage in cooperation with you, if you refuse to allow us to disclose such information to the aforementioned entities, it may result in your inability to use the corresponding services or prevent us from conducting the relevant transactions or cooperation with you.
(5) Rejection of Automated Decision-Making and Advertising Marketing
Please understand that our provision of products and/or services to you may involve the use of automated decision-making function. For users in the European Union (EU), European Economic Area (EEA), Russia and other regions, you have the right not to be subject to automated decision-making.
In addition, you have the right to opt out of receiving our marketing information. You may exercise this right by following the instructions in the marketing information to stop receiving them, or by navigating to "My - Settings - Notifications & Recommendations - Allow App to Push Notifications for Products and Services/Receive Product and Service Information via SMS" within the App. You may also contact us through the methods disclosed in these Rules to opt out of receiving marketing information or emails.
(6) Others
For users in the Republic of Korea, pursuant to Article 26(1) of the Act on the Protection and Use of Location Information, when a guardian consents to the use or provision of personal location information of a child under 8 years of age for the purpose of protecting the child's life or physical safety, such consent shall be deemed as obtained from the child. Upon obtaining consent, the guardian shall have the right to access the child's location information (if any). You must submit a written consent form to the company, accompanied by your written document as the guardian.
For users in Russia, you have the right to refuse the processing of personal information for the purposes of promoting goods, employment, services, or political propaganda.
Please refer to Section VI "Rights of Personal Information Subjects" in the Privacy Policy for further details regarding the rights you and your child are entitled to. In addition, you are entitled to the rights of personal information subjects as stipulated by applicable laws and regulations in your specific jurisdiction. Please contact us through the contact information disclosed in these Rules.
If you request to exercise such rights, please contact us through the contact information provided in these Rules. You may also directly exercise your personal information rights through our Privacy Protection Platform.
When exercising rights on behalf of your child, we may require you to provide identification documents for both you and your child to verify the guardianship relationship between you and your child. If you refuse to provide the aforementioned materials, we have the right to refuse your request for the purpose of protecting children's personal information and preventing data breaches.
For reasonable requests regarding the management of children's personal information, we generally do not charge fees. However, for repeated requests beyond a reasonable limit, we may impose cost-based fees as appropriate. For unreasonable repeated requests beyond a reasonable scope, we will refuse them after explaining the reasons to you.
Under normal circumstances, we will provide a response within 15 working days after verifying your identity (if specific regions have special regulations, we will respond within the prescribed time frame). If we are temporarily unable to respond due to objective reasons, we will extend the period after obtaining your consent and reply within the extended period.
7. External Provision and Disclosure of Children's Personal Information
We will only transfer children's personal information externally for lawful, legitimate, necessary, specific, and explicit purposes upon obtaining your authorized consent with clearly defined content, and we will only provide the information essential for products and/or services. Furthermore, we will evaluate the lawfulness, legitimacy, necessity, and impact on children's rights of transferring children's personal information to third parties. If it is necessary to engage a third party for processing, we will adopt compliance measures in accordance with laws and regulations, including but not limited to security assessments and executing authorization agreements with third parties.
For details on the general terms regarding CEA's processing of personal information, please refer to Part III "How We Share, Transfer, and Publicly Disclose Your Personal Information" in the Privacy Policy.
8. Transfer of Children's Personal Information Worldwide
Under normal circumstances, all personal information collected by CEA will be stored within the territory of China. However, given that CEA is an international carrier with operational entities, offices, affiliated companies, and third-party business partners spanning across the globe. Therefore, for the purposes set forth in this Privacy Policy, the personal information you submit to our company in one country may be accessed, transferred, used, processed, and stored in other countries around the world, particularly in the destination country of your flight.
Prior to the transfer of children's personal information from China or other countries/regions to a third country/region (or access from a third country/region), we shall act in compliance with the requirements of local regulations. Our company will take appropriate measures to make reasonable efforts to ensure that the recipient provides adequate protection for the transmission of your personal information in accordance with applicable laws and regulations.
9. Cookies and Similar Technologies
We may use Cookies (hereinafter referred to as "Cookies") and similar technologies to provide enhanced services. For details regarding the Cookies we employ, the manner in which we use them, their types, and the purposes thereof, please refer to Part II "How We Use Cookies and Similar Technologies" in the Privacy Policy.
Under normal circumstances, we do not collect information without the knowledge of you and your child. However, please understand that due to technical limitations, we are unable to verify users' age when collecting information through Cookies. If you discover or are concerned that we have collected your child's personal information without consent, you may contact us using the contact information provided in Section 10 of these Rules, or adjust the relevant settings regarding modification, management, and/or disabling of Cookies in your browser as outlined in Part II "How We Use Cookies and Similar Technologies" in the Privacy Policy.
10. Application and Updates of the Rules
We may periodically amend the terms of these Rules in accordance with product and service updates as well as relevant legal and regulatory requirements. Any updates to these Rules will be announced via a pop-up window on our website or the CEA App, taking effect from the date of announcement and superseding all prior related content.
Upon the update of these Rules, the CEA App will prompt you to confirm and agree to the updated terms on the login page. If you disagree with the updated terms, you may be unable to continue using our services, and even if access remains available, you shall voluntarily cease using such services; if you and your child continue to use the products or services provided by CEA, it shall be deemed that you have agreed to the updated terms.
11. How to Contact Us
If you have any questions about these Rules, or any related complaints or suggestions, please contact our customer service, official website, or email for consultation or reporting. Our specific contact information is as follows:
Company Address: 36 Hongxiang 3rd Road, Minhang District, Shanghai, China
Company Name: China Eastern Airlines Corporation Limited
Postal Code: 201100
Tel: 95530
Email: CEAPrivacyOffice@ceair.com
You may contact our Personal Information Protection Officer via the aforementioned email address. You may also submit your Personal Information Rights Request through our Privacy Protection Platform.
Upon receipt of your inquiry, we shall handle it promptly and appropriately. If you have any questions about third-party services, you may obtain the contact details of such third parties on the respective service page or obtain it by contacting us.
We have established a Child Information Protection Team. You may contact us by email at CEAPrivacyOffice@ceair.com.
We usually respond within 15 working days (if specific jurisdictions have special regulations, we will respond within the time frame stipulated by the jurisdictions). If you are dissatisfied with our response, particularly if you believe our processing of children's information has infringed upon your lawful rights and interests, you may file a complaint or report with the data protection authority/competent authority in your jurisdiction. Alternatively, you may initiate legal proceedings in the competent court where the defendant is domiciled to seek resolution.
Appendix 1: Minimum Age of Consent for Personal Information
|
Country |
Ages |
|
China (Mainland) |
Under 14 |
|
Japan |
Under 15 |
|
Korea |
Under 14 |
|
Russia |
Under 18 |
|
France |
Under 15 |
|
Germany |
Under 16 |
|
Italy |
Under 14 |
|
Others |
Depending on the regulation of the country (region) |