Processing of personal data of Users by FlightConnections (as Controller)
Processing of personal data on behalf of Users by FlightConnections (as Data Processor)
Exclusion of the FlightConnections service
Frequently asked questions about privacy
FlightConnections shall process personal data in accordance with European Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”) and applicable data protection laws.
2.1. This Section explains the processing of personal data of Users by FlightConnections as a controller, that is, when FlightConnections decides about the purposes and means for the processing of the data. This only happens regarding the data of the User used by FlightConnections to render the Service (having an account, invoicing…). This does not include the communications sent by the User through the Service and related-data, which shall only be processed in accordance with Section 3 below.
FlightConnections shall process as controller your personal data to provide you with the Service and to manage and improve the Service, including sending of communications regarding the Service or with information about the Service or FlightConnections.
2.2. Personal data of Users processed by FlightConnections for the above purposes may include contact information, such as name or email address, language preferences, current location for the proper price/currency displaying, payment data, and other personal data provided by the User in the context of the provision of the Service.
2.3. The legal basis for the processing of personal data of Users is the contractual relationship between the Users and FlightConnections for the Service and also the legitimate interest of FlightConnections of informing registered Users about the Service and the company, unless they opt out to receive this information .
2.4. Personal data of the Users will be processed by FlightConnections throughout the term of the contractual relationship for the Service and subsequently for the period during which applicable regulations require such personal data be he held thereafter.
2.5. FlightConnections may share the personal data with third parties, some of which may be located outside of the European Economic Area, only for the provision of the Service and at all times subject to the guarantees and requirements provided by applicable data protection laws.
2.6. The User may at all times exercise his rights to access, rectification, erasure and restriction of processing and data portability as provided in the GDPR and applicable regulations by contacting FlightConnections at Bruggertstraat 1, 7545 AP, Enschede, Netherlands; or, by sending an email to firstname.lastname@example.org. The User may also lodge a complaint before the Dutch Data Protection Authority at https://autoriteitpersoonsgegevens.nl/en.
If at any time the User wishes to stop receiving communications regarding FlightConnections or with commercial information about the Service, the User may request so by sending an email to email@example.com.
3.1. This Section explains the processing of personal data by FlightConnections on behalf of Users, as a data processor, that is, when the purposes and means for the processing of the data are decided by the User and FlightConnections only access the data for the rendering of the Service and on behalf of the User.
The Service may imply the access and processing by FlightConnections of personal data controlled by the User and generated within the Service in relation to each electronic mail sent by the User through the Service (“Accessed Data”). In such cases, FlightConnections shall be deemed as the data processor and shall process such personal data only on behalf of the User and not for its own purposes.
The Accessed Data shall comprise:
Information required to identify You as a FlightConnections member:
Login information: firstname, lastname, email address and password;
Information required to charge You as a FlightConnections member:
Payment information: last 4 digits of the User’s credit card, brand of the User’s credit card, expiration date of the User’s credit card;
Accessed Data is the only information to which FlightConnections shall access to provide the Service.
The processing of the above personal data is only carried out for the provision of the Service within the terms and duration stated in the Service Terms and Conditions .
3.2. Accordingly, FlightConnections shall:
(i) not process the Accessed Data for a purpose other than the provision of the Service requested by the User and shall not transfer such data, not even for their storage, to unauthorized parties;
(ii) process the Accessed Data only on documented instructions from the User; and if FlightConnections is aware that or of the opinion that any instruction given by the User breaches the data protection regulations, FlightConnections shall immediately inform the User;
(iii) notify the User promptly if it becomes aware of any data breach and shall provide full details of the relevant breach;
(iv) ensure that persons authorized to process the Accessed Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
(v) taking into account the nature of the processing, assist the User by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Users’ obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR;
(vi) take all measures required pursuant to Article 32 of the GDPR (Security of Processing);
(vii) assist the User in complying with its obligations pursuant to Articles 32 to 36 of GDPR taking into account the nature of processing and the information available to FlightConnections, including but not limited to, assisting the User with:
(viii) at the choice of the User, delete or return all the Accessed Data to the User after the end of the provision of Service, unless the storing of the data is required by applicable law; and
(ix) make available to the User all information necessary to demonstrate compliance with the obligations laid down in Article 28 of GDPR and allow for and contribute to audits, including inspections, conducted by the User or another auditor mandated by the User.
3.3 FlightConnections shall not subcontract third parties for the processing operations which may imply access to the Accessed Data without the authorization of the User.
In this respect, the following sub-processors are deemed as authorized by the User:
3.4. FlightConnections shall guarantee the confidentiality of the Accessed Data, even after the termination of the Service.
3.5. The User is the data controller of the processing of the Accessed Data within the meaning in GDPR. The User is the only one deciding the purposes and means for the processing of Accessed Data, so FlightConnections does not use Accessed Data for its own purposes and only uses them for the rendering of the Service and on behalf of the User. To such extent, the User shall have to comply with applicable obligations under data protection regulations, including relying on an appropriate legal basis for the processing of personal data of the recipients of the emails sent through the Service. The User, and not FlightConnections, shall be solely responsible for the compliance with such obligations.
3.6. The User acknowledges and agrees that the use of the Service and the processing of the Accessed Data as a result of the same is its own free and exclusive decision and has verified that the conditions of the Service and the processing of the Accessed Data are in line with its interests.
FlightConnections shall process all personal data in the strictest confidentiality and implement the appropriate technical and organisational measures as required by applicable regulations. We use industry-standard encryption to protect your data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology.
5.1. The recipient of an email sent by the User of the Service may be excluded of the monitoring conducted by the User if the recipient selects the checkbox “Opt-out” available on the “User Privacy" section.
5.2. Due to technical limitations, the only way to exclude the recipient of the Service from the Service implies the installing of a cookie from the website mailtrack.io. Therefore, in case the recipient proceeds to delete cookies from his browser, the recipient will be included once again in the Service.
5.3. The aforementioned cookie will only work on the browser used by the recipient to select the exclusion. Therefore, in the event of using a different browser, the recipient will have to carry out the exclusion process on such browser.
6.1. Does FlightConnections sell or rent my personal data?
No, FlightConnections does not sell or rent your personal data.
6.2. Do you need a data privacy agreement?
6.3. Where is my information stored?
Information submitted to FlightConnections will be transferred to, processed, and stored in HostEurope.de server facilities in Germany.
6.4. How can I delete my personal data from the Service?
You can remove your Personal Data from the Service at any time by deleting your account.
6.5. How safe is my credit card information?
Your credit card information is safe. FlightConnections does not have access to your credit card information at any point during the transaction, so we do not store your credit card information. We process every payment via Stripe, certified Level 1 third party payment processing services.