The European Union has adopted a new General Data Protection Regulation (GDPR), which entered into force in Germany on 25 May 2018. Since we process personal data, we must provide details of this processing to comply with this Regulation. The information below is therefore intended to provide an overview of how we process your personal data and the rights the GDPR grants you in relation to this data.
Data protection is treated as a topic of great importance by the Post Emergency Organization at the Lufthansa Group on behalf of Germanwings. The processing of personal data – which includes the name, address, email address or telephone number of a data subject – is carried out at all times in line with the EU General Data Protection Regulation, and also complies in full with the applicable national data protection regulations.
Our privacy policy informs you about the nature, scope and purpose of the collection and processing of personal data. Here, ‘processing’ means actions such as collection, storage, usage, transfer and deletion. Personal data is data that identifies or could be used to identify you as a person, and in particular by assignment to an identifier such as a name or a code number that can then be used to identify you as an individual.
Deutsche Lufthansa AG
Post Emergency Organization
on behalf of Germanwings
Department FRA JE
60546 Frankfurt/Main
Germany
Please direct data protection inquiries to the Data Protection Officer at Deutsche Lufthansa AG, Dr Barbara Kirchberg-Lennartz (email: datenschutz@dlh.de).
The personal data that we process depends on your inquiry and the services and benefits that we provide, and may include:
We process your data for the following purposes:
Please be advised that we are required to process this data in order to properly handle inquiries and claims for services or benefits.
We use your data during the following activities:
When users visit our website https://flt4u9525.germanwings.com, our system automatically collects data about the user’s computer or device. This data is collected on a per-visit basis. The following data is collected when accessing the family website:
These items of technical information are collected for reasons of network security (to be able to combat cyberattacks, for example) and also to ensure that all visitors can access the website properly on their user devices.
Our website uses ‘cookies’. Cookies are small text files that are stored in or by the browser on the user’s computer system. Accessing a website may therefore result in cookies being saved in the user’s operating system. These cookies contain a unique string of characters that allows the website to uniquely identify your browser when you access the website again.
Cookies are saved on the user’s device, from where they can be read by the web page on our website. As a user, you therefore have full control over the use of cookies by your device. You can deactivate or limit the use of cookies by changing the settings in your web browser. Any cookies already saved can be deleted at any time. This can also be set up as an automatic option. If you deactivate cookies for our website, this may mean that some of the functionality of our website then becomes unavailable to you.
We do not use cookies to track you across different websites.
We process and store your personal data only for as long as it is necessary in order to fulfill our contractual and legal obligations. If we no longer need data to fulfill our contractual or legal obligations, this data is deleted during our regular data deletion cycles. Data is retained for further processing for the following periods of time and reasons:
In the course of our business activities, access to your data is granted to several parties who require access to fulfill our contractual and legal obligations. We may also share data with our service providers for this reason. These providers include local authorities, legal counsel, travel agencies, hotels, logistics partners etc.
Data transfers to organizations in countries outside the European Union (known as ‘third countries’) take place during the registration and return of identified or unidentified personal effects. To this end, your personal data is shared with a service provider in a third country who processes the data while maintaining a level of data protection equivalent to that in the EU.
All data subjects have the right of access, the right of rectification, the right of erasure, the right of restriction of processing and the right of data portability.
You can notify us to withdraw your consent to the processing of your personal data by the Post Emergency Organization at any time.
Please note, however, that each case must be reviewed individually to determine the data that is needed to handle inquiries and claims for services or benefits, for example. If you withdraw your consent, we will stop processing your personal data unless we can provide acceptable reasons for continuing processing that necessarily take priority over your interests, rights and freedoms, or if we are processing your data for the purposes of asserting, exercising or defending legal claims.
To exercise this right, please write to us at the address below, using ‘Withdrawal of Consent’ as the title and stating your name, address and date of birth:
Deutsche Lufthansa AG
Post Emergency Organization
on behalf of Germanwings
Department FRA JE
60546 Frankfurt/Main
Germany
Email: gdpr.flt4u9525@dlh.de
If you believe that your personal data has been processed improperly, you have the right to object to this processing by writing to the Data Protection Officer (DPO) at Deutsche Lufthansa AG, Dr Barbara Kirchberg-Lennartz ( datenschutz@dlh.de). You may also contact the responsible supervisory authority (GDPR art. 77). The responsible supervisory authority for Deutsche Lufthansa AG is the Data Protection and FOI Commissioner for the State of North Rhine-Westphalia (https://www.ldi.nrw.de/).
