Arrow

DATA PROTECTION STATEMENT (As of 24 May 2018)

  • Up to 600 €* compensation
  • 3 years backdated
* less our commission

I. Name and contact details of the data controller

1. The protection of your personal data is very important to us. In the following, we would like to inform you in detail about what personal data is processed when using our website and offers.
2. The responsible data controller according to Art. 4 (7) General Data Protection Regulation (“GDPR”) is the company

MYFLYRIGHT GmbH
Schauenburgerstraße 61, 20095 Hamburg
Telefon: +49 (0) 40 – 317 086 37
Fax: +49 (0) 32 – 224 25 28 31
E-Mail: info@myflyright.de

(hereafter: “MYFLYRIGHT”). Further information can be found in our imprint.

3. You can reach our data protection officer at info@myflyright.de or alternatively by post at our address with the addition “data protection officer”.

II. Collection and storage of personal data

a) When visiting the website

1. When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention, and stored until automated deletion:

  • IP address;
  • Date and time of the request;
  • Duration of website visit;
  • Time zone difference to Greenwich Mean Time (GMT);
  • Content of the request (specific page);
  • Access Status/ HTTP status code;
  • Amount of data transmitted;
  • Website from which the request comes;
  • Websites you visit with us;
  • Internet service provider;
  • Browser type;
  • Server log files;
  • Operating system and its interface;
  • Language and version of the browser software.

2. The data mentioned is processed by us for the following purposes:

  • Ensuring smooth connection of the website;
  • Ensuring comfortable use of our website;
  • Evaluation of system security and stability as well as for further administrative purposes.

3. The legal basis for the data processing is Art. 6 (1) (f) sent. 1 GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case is the collected data used for the purpose of making assessments or drawing conclusions about you as an individual. In addition, we use cookies, as well as analysis services when you visit our website. Further details can be found under no. IV. and V of this privacy policy.

b) When contacting us

When you contact us by e-mail, telephone, postcard or via a contact form, the data provided by you (e.g. e-mail address, address, name, telephone number or content of the request) will be processed by us to answer your questions and/ or process your request. The legal basis for this is Art. 6 (1) (b) GDPR.

c) During contract fulfilment

1. If you entrust us with the implementation of your passenger compensation, we will collect and use the following personal data from you, for the fulfilment, processing and billing of the contractual services:

Contact details

  • Passenger title;
  • Passenger first name;
  • Passenger last name;
  • Passenger address;
  • Passenger e-mail address;
  • Passenger phone number;
  • Payment details (PayPal or bank account) for payment of compensation;
  • Number of passengers.

Contract and flight data

  • Flight data (e.g. flight number, date, time);
  • Travel information needed to enforce your compensation;
  • Travel documents (e.g. booking, boarding pass, etc.);
  • Information on compensation already received and ongoing complaint procedures;
  • Signed assignment statement.

2. The data processing is based on your request and is required pursuant to Art. 6 (1) (b) GDPR for the stated purposes for the appropriate processing of the mandate and for the mutual fulfilment of obligations arising from the contractual relationship.

III. Transfer of data

1. No transfer of your personal data to third parties will occur for purposes other than those listed below. Transfer of your personal data to third parties will only take place if you have expressly consented to this pursuant to Art. 6 (1) (a) sent. 1 GDPR, the transfer is required pursuant to Art. 6 (1) (f) sent. 1 GDPR to assert, exercise or defend legal claims, and additionally there is no reason to assume that you have a prevailing legitimate interest in not transferring your data, in the event that there is a legal requirement to transfer the data pursuant to Art. 6 (1) (c) sent. 1 GDPR, and if this is permitted by law and in accordance with Art. 6 (1) (b) sent. 1 GDPR is required for the settlement of contractual relationships with you.

2. Insofar as this is required pursuant to Art. 6 (1) (b) sent. 1 GDPR for the settlement of contractual relationships with you, your personal data will be passed on to third parties. This includes, in particular, passing on to our lawyers, experts, opponents of the proceedings and their representatives (in particular their lawyers), as well as courts and other public authorities for the purpose of correspondence, as well as asserting and defending your rights.

3. Your data will be forwarded to supporting service providers for the above purpose, which will of course be carefully selected and bound by instructions. These include, in particular, technical service providers who support the provision of services. Transferred data may only be used by the third parties for the stated purposes. Our obligation to confidentiality remains unaffected.

IV. Cookies

1. We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device and do not contain viruses, Trojans or other malicious software. Information is stored in the cookie which results in connection with the specific device used. However, this does not mean that we are immediately made aware of your identity. On the one hand, the use of cookies serves an added benefit of making the use of our offer more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These cookies are automatically deleted after leaving our page.

2. In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognise that you have already been with us and what inputs and settings you have made so you do not have to re-enter them. On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer (see section V.). These cookies allow us to automatically recognise when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined time.

3. The data processed by cookies is required for the purposes mentioned in order to safeguard our legitimate interests as well as third parties according to Art. 6 (1) (f) sent. 1 GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is stored. However, disableing cookies completely may mean that you cannot use all features of our website.

V. Analysis tools

The tracking measures listed below and used by us are employed on the basis of Art. 6 (1) (f) sent. 1 GDPR. With these tracking measures, we want to ensure the needs-based design and the continuous optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.

Privacy policy for Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. To disable Google Analytics, Google provides a browser plug-in at http://tools.google.com/dlpage/gaoptout?hl=en. Google Analytics uses cookies. These are small text files that make it possible to store specific user-related information on the user’s device. They allow an analysis of the use of our website offer by Google. The information collected by the cookie about the use of our pages (including your IP address) is usually transmitted to a Google server in the USA and stored there. We point out that on this website Google Analytics has been extended by the code “gat._anonymizeIp ();” in order to ensure anonymous collection of IP addresses (so-called IP masking). If the anonymisation is active, Google shortens IP addresses within member states of the European Union or in other contracting states of the Agreement on the European Economic Area, and therefore no conclusion about your identity as a person is possible. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google complies with the “US Safe Harbor” privacy policy and is registered with the US Department of Commerce Safe Harbor Program and uses the information collected to evaluate the use of our website, report on this and contribute to the provision of other such services to us. Find out more at www.google.com/intl/en/analytics/privacyoverview.html.

Privacy policy for Facebook

Our website contains social media plugins from Facebook to personalise the use of the website. We use the “LIKE” and “SHARE” button for this. This is an offer provided by Facebook. If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and incorporated by it into the website. By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are currently not logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there. If you are logged in to Facebook, Facebook can assign the visit to our website directly to your Facebook account. If you interact with the plugins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be posted on Facebook and displayed to your Facebook friends. Facebook may use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook creates user, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website and to further inform you about the use of services related to Facebook. If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for the protection of your privacy, please refer to the Facebook privacy policy (www.facebook.com/about/privacy/).

Privacy policy for Instagram

Our website also uses so-called social plugins (“plugins”) operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram Camera”. When you visit a page of our website that contains such a plugin, your browser connects directly to Instagram’s servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram. This information (including your IP address) is sent from your browser directly to an Instagram server in the US and stored there. If you are logged in to Instagram, Instagram can instantly associate your visit to our website with your Instagram account. If you interact with the plugins, for example by pressing the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information will also be posted on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly associate the data collected through our website with your Instagram account, you must log out of Instagram before visiting our website. For more information, see the Instagram privacy policy (help.instagram.com/155833707900388).

Privacy policy for Twitter

Our web pages integrate plugins from the short message network Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. The Twitter plugins (tweet button) can be recognised by the Twitter logo on our site. An overview of the tweet button can be found here (https://about.twitter.com/resources/buttons). When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter “Tweet Button” while you are logged into your Twitter account, you can link the contents of our site to your Twitter profile. As a result, Twitter can assign the visit to our site to your user account. We point out that we as the provider of the site are not aware of the content of the data transmitted and the use of this data by Twitter. If you do not want Twitter to associate your visit to our site with your Twitter user account, please log out of your Twitter user account. More information can be found on this in the Twitter privacy policy (twitter.com/privacy).

VI. Your rights

1. You have the following rights with respect to us regarding your personal data:

  • Right to information (Art. 15 GDPR);
  • Right to rectification and deletion (Art. 16 and 17 GDPR);
  • Right to restriction of processing (Art. 18 GDPR);
  • Right to object to processing (Art. 21 GDPR);
  • Right to data portability (Art. 20 GDPR).

2. Pursuant to Art. 77 GDPR, you also have the right to appeal to a data protection authority about our processing of your data.

3. We would like to point out that you can revoke any data protection consent that may have been granted to us at any time with effect for the future. The same applies to consent to advertising. You should contact us by e-mail to exercise this right: info@myflyright.de

The respective revocation can lead to our offers being no longer or only partially available.

VII. Right to objection

If your personal data is processed based on legitimate interests in accordance with Art. 6 (1) (f) sent. 1 GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to objection, which must be implemented by us without you being required to specify any particular situation. If you would like to exercise your right of revocation or objection, notice can be sent to the following e-mail address: info@myflyright.de

VIII. Data deletion

1. The data stored with us is deleted as soon as it is no longer necessary for its purpose and the deletion does not conflict with any statutory storage requirements. Unless the data is not deleted, because it is required for other and legitimate purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.

2. According to the legal requirements, the storage takes place for six (6) years according to § 257 (1) HGB (trading books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc.) as well as for ten (10) years according to § 147 (1) AO (Books, records, management reports, accounting records, trade and business letters, tax documents, etc.).

IX. Changes to our privacy policy

Our privacy policy is subject to change. However, in the event of a change, we will not restrict your rights without your express consent. We will post any changes to our privacy policy on our website. If we change important parts of the privacy, we will even e-mail you with information about our changes. You have the right to object to the validity of the new privacy policy within four (4) weeks after receiving the notification. In the event of your objection, we reserve the right to terminate the contract. If no objection occurs within the specified period, the amended privacy policy will be deemed to have been accepted by you. In the notification, we will point out your right to objection and the meaning of the objection deadline.