Privacy Policy

1. Controller

We, the Lufthansa Systems FlightNav AG (Stelzenstrasse 6, 8152 Glattpark (Opfikon), Switzerland), hereinafter also called “LSY”, “we”, “us”, wish to inform you how your personal data is processed when you use our website developer.lidowebportal.com, hereinafter also called “website”.

If you have any further queries regarding data protection in connection with our website or the services offered, please contact our data protection officer or coordinator:
 

Group Data Protection Contact for the Lufthansa Group:

Deutsche Lufthansa AG
FRA CJ/C
Airportring
60546 Frankfurt a. M.
Deutschland
E-Mail: datenschutz@dlh.de


Data Protection Contact at Lufthansa Systems GmbH:
E-Mail: dataprotection@lhsystems.com

2. Scope, purpose and legal basis of processing personal data

We collect and use personal data directly from our users and other sources (mentioned below) in the following situations:

2.1. Provision of the website and log file creation

By visiting our website the system automatically records data and information about the user’s computer system each time the website is accessed. The following data (“technical information”) are collected:

  1. Information on the browser type and version used

  2. The user’s operating system (including device type, such as PC, smartphone, etc.)

  3. IP address

  4. Date and time of access

  5. Websites from which the user’s system accesses our website (e.g. via Google link)

The collected data is saved in so-called logfiles, which are erased daily. Before the deletion, we readout the log files and use the information for analyzing.  We use this technical information for the purposes of (network) security (to for example ward off cyber-attacks), marketing and to better understand our users’ needs as well as to continuously improve our website and enable users to access the website from their computers.

The legal basis for this data processing is our legitimate interest in delivering an optimized and functional, as well as profitable website to our customers, Art. 6(1)(f) GDPR.

2.1.1. Use of cookies

Our website uses cookies. Cookies are small text files stored in the web browser or by the web browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive character string that allows for the unique identification of the browser when the website is accessed again.

Cookies are stored on the user’s computer, which transmits these to our website. Therefore, users have full control over the use of cookies. You may disable or restrict the transmission of cookies by changing your web browser settings. Previously stored cookies can be deleted at any time. This may also be done automatically. If cookies are disabled for our website, you may no longer be able to use all of its functionality.

To enable you to select the data protection settings for your visits to our website that best suit your requirements, we give you the option of adjusting your preferences with respect to the categories of operational necessity, statistics and comfort.

2.2. Use of the services offered on our website

We offer a range of different services on our website. We must collect and process user or customer personal data in order to perform these.

2.2.1. Contact via e-mail

On our website, you can contact us via e-mail, if you have a question or a comment. For this purpose we collect the following personal data:

  1. Your name (if given)

  2. E-mail address

  3. The content of your message

  4. Date and time  

  5. IP-address

The collected data won’t be pushed to third parties. We only use this data to reply to your inquiry as soon as possible. For getting back to you, we will use your e-mail address. IP-addresses are collected to prevent are react to misuse.

The legal basis of present data processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR for the purposes of ensuring a dialog between our customers and ourselves, as well as securing it.
 

2.2.2. Contact via "Request API access" form  

On our website, you have the possibility to receive information from us via contact form. The following data is collected for this purpose:

  1. Company Legal Name

  2. Company Common Name

  3. Company Adress (Optional)

  4. Company Phone

  5. Country

  6. Industry Sector

  7. Indended Use Case

  8. Organization Representative First Name

  9. Organization Representative Last Name

  10. Organization Representative Role/Title/Position (Optional)

  11. Organization Representative Phone number

  12. Organization Representative E-mail address

The data will be used exclusively for the management of upcoming events of Lufthansa Systems and is stored in Lufthansa Systems’ customer database (Microsoft Dynamics 365).
Microsoft Dynamics 365 is provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For more information about how Microsoft Dynamics 365 works, see the Microsoft Privacy Statement, available at https://privacy.microsoft.com/en-us/privacystatement.

2.2.5 Customer contact data

Contact data which a sales employee at a Lufthansa Systems company receives from the employees of our potential or actual customers for the purpose of business communication is recorded in our shared CRM system and is thus also available to other companies in the Lufthansa Systems Group for that purpose. 
 
The legal basis for processing this data are Article 6(1)(a) and Article 6(1)(f) of the GDPR.
 
The processing of user data on our customer platforms is described in the privacy policies there.
 
In the process, personal data may be transferred to third countries. In order to protect you and your personal data, there are suitable safeguards in such cases as stipulated by and in compliance with statutory requirements (in particular the use of EU standard contractual clauses) or there is an adequacy decision adopted by the EU Commission (Article 45 of the GDPR).

2.3. Our legitimate interest in processing personal data

If Art. 6(1)(f) GDPR forms the legal basis for the processing, our legitimate interests are, in addition to the purposes listed above:

  • To protect the company against material and immaterial damage (e. g. because of cyber-attacks)

  • Procedure and Professionalism of our products and services

  • Cost optimization (control and minimization)

2.4. Other processing commitments

If obliged to do so by law, we process personal data in order to meet duties of retention under commercial or tax law or to meet legal security requirements (such as Section 7 of the Aviation Security Act [LuftSiG]). For further information on retention periods, please refer to “Duration of the data processing”.

2.5. Obligation to provide personal data

The input fields which are mandatory to be filled out for performing the requested service are marked accordingly on the website. The input is either mandatory because of legal or contractual requirements.

3. Duration of the data processing

Your personal data are deleted as soon as they are no longer needed for the specified purposes. In certain circumstances, personal data are kept for the period of time during which claims against the Lufthansa Systems GmbH may be enforced (statutory limitation period of three to thirty years). Personal data are also saved to the extent that and for so long as LSY is legally obliged to do so. Corresponding burdens of proof and duties of retention arise from, among others, the Commercial Code, Tax Code and Money Laundering Act. These prescribe retention periods for up to ten years.

4. Right to object pursuant to Art. 21 GDPR

You have the right to object, on reasons relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.

The controller shall no longer process your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or processing is necessary for the establishment, exercise or defense of legal claims.

Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data, which includes profiling to the extent that it is related to such direct marketing.

Where you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

When processing data for scientific, historical or statistical research purposes:

Where personal data concerning you are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, you, on grounds relating to your particular situation, also have the right to object to this.

Your right to object may be limited in so far as it is likely to render impossible or seriously impair the achievement of the research or statistical purposes and the limitation is necessary for the fulfillment of the research or statistical purposes.

5. Disclosure of personal data to third parties

Data we process on our website will not be disclosed to third parties.

However, we are, in some cases, legally obliged to disclose personal data to German or to international authorities. The legal basis for disclosing personal data in the present case ist Art. 6(1)© GDPR.

 6. Rights of the data subject

We are committed to ensuring fair and transparent processing. That is why it is important to us that data subjects can not only exercise their right to object but also the following rights where the respective legal requirements are satisfied:

  • Right of access, Art. 15 GDPR

  • Right to rectification, Art. 16 GDPR

  • Right to erasure (“right to be forgotten”), Art. 17 GDPR

  • Right to restriction of processing, Art. 18 GDPR

  • Right to data portability, Art. 20 GDPR

To exercise your right, please email one of the contacts named under “1. Controller”. In order to process your request and for identification purposes, please note that we will process your personal data in accordance with Art. 6(1)(c) GDPR.

You also have the right to lodge a complaint with a supervisory authority. The relevant supervisory authority for the Lufthansa Systems GmbH is:
 

Landesbeauftragter für Datenschutz in Hessen
Herr Prof. Dr. Alexander Roßnagel

P. O. Box 3163
65021 Wiesbaden

Gustav-Stresemann-Ring 1
65189 Wiesbaden

phone: +49 611 1408 - 0
e-mail:

7. Consent

If you give your consent to us for processing your personal data, please note that you may withdraw this consent at any time. For this, please contact one of the persons named under “1. Controller”.

If you have consented to receive our newsletter, you may withdraw this consent by using the “Unsubscribe” link in the newsletter.

Please note that your consent can only be withdrawn with future effects and such a withdrawal does not have any influence on the lawfulness of past processing. In some cases, we may be entitled in spite of your withdrawal to continue to process your personal data on a different legal basis – e.g. to perform a contract.

8. SSL-encryption

Our website is cryptographically secured using Secure Socket Layer-encryption (SSL). This ensures a safe communication between the browser and the server as well as a safe data transfer. If a website is using this encryption is easily spotted by checking the web address of the website. If it starts with “https://”, it’s using named encryption.

In case your browser is technologically not able to use the SSL-encryption, please download the newest version of a browser that is.

9. Disclaimer and limitations of these data protection notices

These data protection notices only apply to the processing for the website https://developer.lidowebportal.com. Other websites are not covered by these data protection notices and provide their own specific data protection notices.