Data protection and data security information

Preamble

This Privacy Notice describes the collection and use of your personal data in the context of your usage of our websites according to legal requirements.

Please note that the usage of particular web content on our websites may involve further processing of your personal data which will be described in complementary Privacy Notices that have to be considered additionally.

 

  1. Contact details of our Data Protection Officer

You can reach our Data Protection Officer:

via E-Mail at Datenschutz@dlh.de

 

via Mail at:

Deutsche Lufthansa AG

FRA CY

Datenschutzbeauftragte/r –

Lufthansa Aviation Center

60546 Frankfurt am Main

Germany

 

In addition to contacting the LSG Data Protection organisation, you moreover have a right to file a complaint at a government agency for data protecion. For LSG, the appropriate authority in Germany is:

 

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit

Postfach 3163

65021 Wiesbaden

Telefon: +49 611 1408 – 0

Telefax: +49 611 1408 – 611

E-mail HBDI via this form: https://datenschutz.hessen.de/über-uns/kontakt

 

  1. Collection of personal data when you visit our website(s)

When visiting our website(s) without personally providing information to us, personal data is collected by our webserver collecting the data transmitted in connection with your access.

The data transmitted includes:

  • IP-Address
  • Name of access provider
  • Browser type, version of browser software and language of browser
  • Operating system
  • Date and time of access
  • Content of access
  • Amount of data transferred
  • Access status (successful transmission/error)
  • Website(s) the access was forwarded to
  • Website(s) accessed

In addition to the aforementioned data collection, our website(s) collect data in connection with the usage of cookies (see Sections 3 and 4 of this Privacy Notice).

 

  1. Cookies

We use cookies on our website(s). Cookies are text files that are stored on a user’s computer system. If a user accesses our website(s) a cookie file can be saved on the local operating system. A cookie contains information that enables the identification of a user returning to our website(s).

Session cookies process information in so called Session-IDs which serve towards identifying a person during continuous access to our website(s). Session-IDs are deleted automatically when closing the browser.

Persistent cookies will remain in the cookie files of your browser after the browser has been closed. Persistent cookies are deleted after a certain period of time has elapsed. The length of this period varies amongst the different cookies used.

The use of cookies can be disabled by changing the security settings on your browser. Further adjustments with regard to the cookie usage can be made in the security settings of your browser to block certain cookies (e.g. cookies of third parties) or disable cookies altogether.

Detailed information concerning third party cookies can be found in Section 4 of this Privacy Notice.

 

  1. Inclusion of third-party services and cookies

Google Analytics

Our website(s) uses Google Analytics (“GA”), a web analysis service of Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“).

GA enables us to analyze the usage of our website(s) by cookie storage. On our behalf GA creates reports concerning the activities on our website(s) and provides us with the respective information for statistical purposes and in order to optimize our website.

Anonymized data only (e.g. anonymized IP addresses, the date and time the page was viewed, the length of your stay or the page from which you came to our website) is stored and used on our server using Google Analytics technology. This information does not enable identification of visitors to this website. IP addresses are anonymized before they are stored. This means that Google will anonymize your IP address while the data is still within member states of the European Union or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and anonymized there. The IP address which is transmitted by your browser will not be brought into contact with other data stored by Google.

You can deactivate GA with the following browser-plugin provided by Google: http://tools.google.com/dlpage/gaoptout?hl=de

 

  1. Contact possibility via E-Mail/contact form/use of comment functions

If you make use of the possibility to contact us via email or a provided contact form, the provided information (your email address, possibly your name and telephone number) will be saved by us in order to process your request. The personal data collected in this context will be deleted if the storage is no longer necessary for this purpose. Alternatively we may restrict access to the stored data if legal retention periods apply.

If you contact us via email a secure transfer can only be guaranteed in case of encrypted communication. A transmission of confidential data shall be sent by registered post.

The usage of comment functions on our website(s) includes the processing of the information provided by you and may include the processing of your IP address in this context.

 

  1. Job applications

If you provide us with a job application via our website the responsible HR department will use this data to handle your application. Your data will be used to get in contact with you, to assess your qualifications and to proceed with the hiring process, if applicable. If your application does not end in an employment we delete the data within six months after we have communicated the outcome to our applicant, unless the applicant has given his/her consent to save the to stay in our pool of applicants to be updated about further positions.

 

  1. Purpose and legal basis of processing your personal data

In addition to the particular purposes mentioned, the processing of your personal data is required to display our website(s), to provide stability and security of our webservers and to improve the usability of our website(s).

Legal basis for processing your personal data is Art. 6 paragraph 1 sentence 1 f) GDPR. If personal data is processed on the basis of a consent, the legal basis is Art. 6 paragraph 1 sentence 1 a) GDPR.

 

  1. Data transfer to third parties

In general data transfer to third parties is only conducted in the cases mentioned in this Privacy Notice. In addition data transfer to third parties may occur if:

  • we have received your explicit consent (Art. 6 paragraph 1 sentence 1 a) GDPR);
  • the processing is necessary in connection with legal claims except if the respective interests are not overridden by the interests or fundamental rights and freedoms of the data subject (Art. 6 paragraph 1 sentence 1 f) GDPR);
  • the processing is necessary for compliance with a legal obligation (Art. 6 paragraph 1 sentence 1 c) GDPR);
  • the processing is necessary for the performance of a contract with the data subject or the performance of steps at the request of the data subject prior to entering into a contract (Art. 6 paragraph 1 sentence 1 b) GDPR)

 

  1. Data deletion and data storage

Collected personal data will be deleted and/or the access to the data will be restricted if the purpose of the processing activity ceases to be relevant. Extended retention periods may apply in case of statutory legal provisions requiring further data retention.

 

  1. Rights of the data subject and the right to lodge a complaint with a supervisory authority

With regard to the personal data processed you have the following rights according to Art. 12 – 23 GDPR:

  • Right to information and access,
  • Right to rectification and erasure,
  • Right to restriction of processing
  • Right to objection
  • Right to data portability

In addition you have the right to lodge a complaint with the competent data protection authority with regard to the processing of your personal data by us.

 

  1. Data security

Personal data processed by us are protected against loss, falsification and unauthorized third-party access by adequate technical and organizational measures.

In order to provide a secure transmission of data between your browser and our systems, we generally use Secure Socket Layer (‘SSL’) encryption technology to encrypt communication between your browser and our webserver. URLs of websites using an SSL-encryption start with https://.

 

  1. Update of the Privacy Notice and contact to our Data Protection Officer

Our Privacy Notice may be updated according to changes of our website(s). You can find the current version of our Privacy Notice on our websites.

For further questions and suggestions in relation to data protection you may contact us at ‘dataprotection@retailinmotion.com’.