Data Protection Statement (as of 25th of July 2021)

MYFLYRIGHT

Data Protection Statement
(as of 25th of July 2021)

MYFLYRIGHT GmbH takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal regulations of the relevant data protection laws, in particular the EU General Data Protection Regulation (GDPR) as well as this privacy policy.

This Privacy Policy covers the use of all digital services of MYFLYRIGHT GmbH, including our social media profiles on PCs, smartphones, tablets and all other Internet-enabled mobile devices.

The digital services may contain links to other third party service provider websites that are not covered by this privacy statement.

1.Controller

The data controller for the processing of your personal data is

MYFLYRIGHT GmbH

Schauenburgerstraße 61, 20095 Hamburg

Fax: +49 (0) 40 699 19 59 59

E-mail: info@myflyright.de

If you have any questions about the data protection, please write to us at the aforementioned postal address, with the addition "Data protection" or at the e-mail address provided.

We process data under our own controllership as well as certain data as joint controllers with the respective partner companies when collecting data via partner websites. Please refer to the essence of the joint controllership agreement provided on the partner company's website to find out which processing is carried out under joint controllership: https://www.adac.de/datenschutz-dsgvo/entschaedigungsrechner/

The information on data processing described below applies both in the event that the data is processed under the sole controllership of the aforementioned controller and in the event that the data is processed under the joint controllership of several controllers.

2. Purposes of data processing

2.1 Data processing for the provision of contractual services

We process personal data in order to process the contractual relationships and to be able to submit contractual offers tailored to your requirements. The collection of the data takes place in particular for the conclusion and/or for the performance of a contract.

We collect with all forms obligatorily only those personal data, which are necessary for the completion of the contractual relations and/or for your information inquiry. These sections in the forms are mandatory fields, without which the process cannot be completed. The collection of data, which is not absolutely necessary, but in which we are interested in order to optimise the fulfilment of the purpose, is only optional and not a mandatory field. In this case you decide on a voluntary basis if and which data you want to give us.

In particular, we collect the following data during an enquiry:

  • Passenger(s) title,
  • Passenger(s) first name,
  • Passenger(s) last name,
  • Passenger(s) address,
  • Passenger(s) e-mail address,
  • Passenger(s) phone number,
  • Payment details (PayPal or bank account) for the payment of the compensation,
  • Number of passengers,
  • Flight data (e.g., flight number, date, time),
  • Travel information needed to enforce your compensation,
  • Travel documents (e.g., booking, boarding pass, etc.),
  • Details of baggage contents in the event of baggage loss,
  • Information on expenses for the purpose of enforcing the costs (e.g., meals, hotel accommodation, etc.),
  • Information on compensation already received and ongoing complaint procedures,
  • Signed declaration of assignment (for legitimisation, in particular against foreign airlines as claim debtors),
  • If necessary, a copy of the identification document if it is required for the judicial assertion of the claim.

The data will be processed in order to verify your claim and for the adequate processing of the mandate and for the mutual fulfilment of obligations arising from the contractual relationship, as well as to clarify arising questions.

The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

2.2 Customer area

On our website we offer the possibility to log in to our customer area by entering your provided e-mail-address and your received case number.

In the login area, you can access information about your case, upload documents and change your data.

The personal data entered by you will be processed within the scope of the use of the customer area only in order to be able to offer you the associated services, which can only be offered to customers.

The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

2.3 Data processing for communication with you (contact form, etc.)

In addition to the contract data, we process your communication data (address, telephone number, e-mail address) in order to be able to contact you and communicate with you within the contractual relationship. Personal data that you provide to us by mail, e-mail, chat or via the contact form on this website will only be processed for correspondence with you or only for the purpose for which you have made the data available to us.

The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

2.4 Temporary storage of the entered data

With your consent, we store the data you have already entered in the respective input mask in order to give you the option of interrupting the process and continuing it later at the same point. In addition, we use the e-mail address you have provided to send you a corresponding link to continue the input process.

The aforementioned data processing is based on your consent pursuant to Art. 6 Para. 1 S. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future. An informal message to us is sufficient for this purpose. The legality of the data processing operations already performed remains unaffected by the revocation.

2.5 Newsletter

With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers and travel related topics. The respective content of a newsletter is explained in the respective declaration of consent. If you would like to receive a newsletter offered by us, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. For this purpose, we will send you an e-mail with a confirmation link (double opt-in) to the e-mail address you have entered. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month.

Your e-mail address is the only mandatory information for sending the newsletter. The entering of further, separately marked data is voluntary and will be used to address you personally.

In addition, we store the IP addresses you use and the dates of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, to clarify any possible misuse of your personal data. We do not collect any further data in this context.

We use the services of MailChimp as order processor for sending newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. MailChimp is a service that can be used to organise and analyse the distribution of newsletters. If you enter data for the purpose of subscribing to the newsletter (e.g., e-mail address), these data are stored on the servers of MailChimp in the USA. With the help of MailChimp we can analyse our newsletter campaigns. When you open an e-mail sent with MailChimp, a file contained in the e-mail (so-called web beacon) connects to the servers of MailChimp in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. In addition, technical information is collected (e.g., time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.

If you do not want to receive any analysis by MailChimp, you have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter message.

Important in the context of data processing in the USA: The European Court of Justice considers the data protection standard in the USA to be insufficient and there is a risk that your data may be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The data will be processed on the basis of your consent in accordance with Article 6 paragraph 1 lit. a GDPR in conjunction with Art. 49 Para. 1 sentence 1 lit. a GDPR. You can revoke this consent at any time by unsubscribing to the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data that you provided us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after you unsubscribe from the newsletter. Data, which were stored for other purposes, remain unaffected.

You can find more details in the privacy policy of MailChimp under: https://mailchimp.com/legal/privacy

2.6 Cookies

We use so-called cookies on some of our websites, among other things to be able to offer you website-specific services, to recognize you when you visit our website again, and/or to adapt our offer to your personal preferences.

Cookies are small text files that are stored on a visitor's computer and contain data on the respective user in order to enable access to various functions. Both session cookies and persistent cookies are used on our website. A session cookie is temporarily stored on your computer as you navigate through the site. A session cookie is deleted as soon as you close your Internet browser or as soon as your session has expired after a certain period of time. A persistent cookie remains on your computer until it is deleted. The storage of a cookie ensures that you do not have to repeatedly enter your personal settings and preferences every time you visit our website. This saves you time and makes using our website more convenient for you.

We may work with third parties on some of our websites and therefore, when you visit such a website, cookies from partner companies may also be stored on your hard drive (third-party cookies). We inform you below about the use of such cookies and the scope of the data collected in each case.

You can delete permanently installed cookies via the settings of your browser. Most browsers accept cookies automatically - so if you want to suppress the use of cookies, you may have to actively delete or block cookies or prevent the storage of cookies by setting your browser software. Please note, however, that if you choose not to accept cookies, you may still be able to visit our website, but some features may not work as intended.

We use necessary cookies, which are required to enable the performance of the services we are obliged to provide. The data processing in this respect is then based on Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. In addition, we may use cookies which are indispensable for the functionality of our website. This data processing is then carried out in accordance with Art. 6 para. 1 s. 1 letter f GDPR, which permits data processing to serve the legitimate interests of the data controller, unless the interests or the fundamental rights and freedoms of the data subject outweigh the interest of the data controller in processing the data. Our interest then lies in ensuring the functionality of our website.

We may obtain your consent for the use of other, unnecessary cookies. The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time. The legality of the data processing already carried out remains unaffected by the revocation.

2.7 Cookiebot

This website uses the Cookiebot of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark which sets cookies to save your browser's cookie preference. Cookiebot does not process any personal data. The Cookiebot stores the chosen preference that was selected when you entered the website via the browser you are using. If you wish to revoke these settings for the specific browser, simply delete the cookies in your browser. When you re-enter/reload the website, you will then be asked again for your cookie preference. For more information about Cookiebot privacy, please visit www.cookiebot.com.

2.8 YouTube

On some of our websites we may use plug-ins from the YouTube website. The operator of these sites is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in advanced privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the advanced privacy mode does not necessarily exclude the sharing of information with YouTube partners. For example, YouTube connects to the Google DoubleClick network whether or not you are watching a video.

As soon as you start a YouTube video on our website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can store various cookies on your end device after starting a video. These cookies enable YouTube to obtain information about visitors to our website. This information is used, among other things, to gather video statistics, improve the user experience and prevent fraud. The cookies remain on your terminal device until you delete them.

If necessary, further data processing procedures may be triggered after the start of a YouTube video, over which we have no influence. For more information about YouTube's privacy policy, please see their privacy policy at: https://policies.google.com/privacy

If cookies are set by YouTube, personal data is processed on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR in conjunction with Art. 49 para. 1 s. 1 lit. a GDPR. You may revoke your consent at any time with effect for the future. The legality of the data processing already carried out remains unaffected by the revocation.

2.9 Google Analytics

This website may use Google Analytics - integrated via the Google Tag Manager, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google"), if you have consented to this data processing. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server and stored there, and may also be transferred to the servers of Google LLC in the USA.

However, since IP anonymisation is activated on our website when using Google Analytics, your IP address will be shortened beforehand by Google in member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be transferred to a Google LLC. server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of the website in question, compiling reports on website activity and providing other services relating to website activity and internet usage.

We may also use the "demographic features" feature of Google Analytics in conjunction with Google Analytics. This allows us to generate reports that include information about the age, gender and interests of site visitors. This data is derived from interest-based advertising by Google and from visitor data from third parties. This data cannot be attributed to any specific person. You can disable this feature at any time by changing the ad settings in your Google Account, or generally prohibit Google Analytics from collecting your information as shown below.

The data transmitted by your browser within the framework of Google Analytics is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your anonymised IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de

You can also prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie is set to prevent future collection of your information when you visit this site:

For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/. We would like to point out once again that on this website Google Analytics has been extended by the code "anonymizeIp" to ensure an anonymized collection of IP addresses (so-called IP-Masking).

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The storage of Google cookies and the evaluation for statistical purposes is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out , or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.10 Google Remarketing Tags

We may use Google Remarketing Tags on some of our websites. Provided that you have consented to this data processing. These are Google services that use cookies, which are stored on your computer and allow an analysis of your use of the website. The information collected by the cookie about your use of this website is usually transferred to a Google server as explained in the previous paragraph and stored there. This may also involve a transfer to the servers of Google LLC in the USA. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Third party providers, including Google, place advertisements on Internet sites on the Internet. Third parties, including Google, use stored cookies to serve ads based on a user's previous visits to this website. Google will not associate your IP address with any other data held by Google. You may object to the collection and storage of data at any time with effect for the future. You can deactivate the use of cookies by Google by visiting the page for deactivating Google advertising. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can object to the collection and storage of data at any time with effect for the future. You can find further information on Google's regulations here.

As an alternative to the browser plugin or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent Google Analytics from collecting data within this website in the future. This opt-out cookie only works in this browser and only for this domain. If you delete your cookies in this browser, you will have to click this link again:

For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/.

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The storage of Google cookies and the evaluation for statistical purposes is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.11 Google Tag Manager

This website uses the Google Tag Manager. This service allows website tags to be managed through an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn collect data if necessary. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager. You can find more information about Google Tag Manager under following links: https://support.google.com/tagmanager/?hl=en#topic=3441530, https://policies.google.com/privacy?hl=en.

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The aforementioned data processing is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.12 Google reCAPTCHA

On some of our Internet pages we use the Google service reCaptcha to determine whether a person or a computer makes a certain entry in our contact or newsletter form. Google uses the following data to check whether you are a human being or a computer: IP address of the end device used, the website you visit with us and on which the captcha is integrated, the date and duration of your visit, the identification data of the type of browser and operating system used, Google account if you are logged in at Google, mouse movements on the reCaptcha surfaces as well as tasks in which you have to identify images.

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The aforementioned data processing is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.13 Google Double-Click (including Floodlight and Spotlight), Google AdWords Conversion, Google Dynamic Remarketing

On some of our websites we also use Google Analytics to evaluate data from the Google services AdWords and DoubleClick for statistical purposes. This enables us to analyse what happens after a user clicks on our advertisement, e.g., whether the user has bought our product or called up the advertisement from a mobile phone, in order to improve our offers. You will also receive interest-based advertising through these services. If you do not wish to receive these ads, you can deactivate them using Google's Ads Preferences Manager. DoubleClick sets a cookie on your computer to record (track) your surfing behavior on various websites and to display interest-based advertising. If you want to disable this permanently, you can download a plug-in from the following link to deactivate the DoubleClick cookie.

Information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted in to conversion tracking. This tells us the total number of users who have clicked on an ad from us and been directed to a page with a conversion tracking tag. We do not receive information that personally identifies users. If you do not wish to participate in tracking, you can opt-out of this use by slightly disabling the Google Conversion Tracking cookie on your web browser under User Preferences, or by disabling it through the aforementioned plug-ins or settings.

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The aforementioned data processing is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.14 Google Places API

On our website, we use Google Places API, a service provided by Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“) to complete the address details. The use of Google Places API serves to make the use of our offer more pleasant for you. The transmission of addresses to Google is done anonymously.

For more information about how Google processes data, see: https://www.google.com/policies/privacy/ You can find Google’s terms and conditions on this page: https://policies.google.com/terms?hl=en

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The aforementioned data processing is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.15 Google Maps

This website uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The aforementioned data processing is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.16 Cloudflare

CloudFlareals CDN ("Content Delivery Network") is used to secure this website and optimize the loading times. The provider is CloudFlare, Inc., 665 3rd St. # 200, San Francisco, CA 94107, USA. Therefore, all inquiries are forcibly passed through their server and consolidated into statistics that cannot be deactivated. According to their own statements, the raw data collected is usually deleted within 4 hours, at the latest after 72 hours. For more information, visit the Cloudflare website:
https://www.cloudflare.com/security-policy/

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.

The aforementioned data processing is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g., e-mail, fax, mail). The legality of the data processing operations that have already taken place remains unaffected by the revocation.

2.17 Data processing in the context of our Facebook corporate website and Facebook Pixel

We operate a company page (fan page) in the social network facebook.com. We are jointly responsible with Facebook for the operation of the Facebook fan page in accordance with Art. 26 GDPR. The agreement on shared responsibility can be found here: https://www.facebook.com/legal/terms/page_controller_addendum Primarily responsible for data processing is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").

The type and scope of the information you provide to Facebook, the associated purposes of data processing by Facebook, its legality and information on the exercise of your rights can be found in the Data Policy, as well as other information provided by Facebook on the processing of "Insights data": https://de-de.facebook.com/policy.php

Facebook provides us with so-called page insights for our site. Page Insights (https://www.facebook.com/business/a/page/page-insights) is aggregated data that allows us to understand how people interact with our site. The creation and provision of these page insights is the responsibility of Facebook, we have no influence on it. This also applies to data processing, which is carried out exclusively for the purposes of Facebook. Facebook also assumes all obligations under the GDPR with regard to the processing of Insights data (including articles 12 and 13 GDPR, articles 15 to 22 GDPR and articles 32 to 34 GDPR).

The purpose of data processing of the data provided by Facebook by us is the statistical evaluation of the use of our fan page. This enables us, for example, to determine the preferred visiting and contribution times of our users and to use this information to optimise our contributions and our fan page. In addition, we process personal data made publicly available by you on Facebook (e.g., clear names in the user profile) as well as data directly related to activities on our fan page (e.g., posts, posts, likes, markers), also for the purpose of communicating with you.

We also use Facebook pixels to measure conversions. This allows us to track the behavior of visitors to our online activities when they have been directed to our offers by clicking on a Facebook advertisement. This allows us to evaluate the effectiveness of our Facebook Ads for statistical and market research purposes and to optimize future advertising efforts. The data collected in this process is anonymous to us and we cannot draw any conclusions about the identity of the users who may be recorded in this way. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Usage Policy. This allows Facebook to allow advertisements to be placed on pages within Facebook and outside of Facebook. This use of the data cannot be influenced by us as site operator. You can disable the remarketing feature "Custom Audiences" in the Advertising Settings section of https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook for this. If you do not have a Facebook account, you can opt-out of usage-based advertising from Facebook, including on the European Interactive Digital Advertising Alliance website http://www.youronlinechoices.com/de/praferenzmanagement/ or by setting an opt-out cookie by clicking . We have an interest in the analysis of user behavior in order to optimize both our offer and, if applicable, advertising for our offer by using Facebook pixels.

The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures, insofar as the data is processed in accordance with the Facebook terms of use, otherwise, insofar as we have a data protection responsibility, Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data for the purpose of safeguarding the controller's legitimate interests, unless the interests or fundamental rights and freedoms of the data subject outweigh these. Our interest lies in the provision of content and communication with Facebook users and in improving the reach and effectiveness of our contributions.

Please assert your rights to information, correction, deletion, restriction of processing and data transferability of your stored Insights data against Facebook, as Facebook has assumed the corresponding obligations:

Facebook Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour

Dublin 2, Ireland

Privacy policy: https://www.facebook.com/about/privacy/

Opt-out: https://www.facebook.com/settings?tab=ads

2.18 Online presence in other social networks

We have set up online presences in various social networks to communicate with you, interested parties and customers and to inform them about our services and current offers. In addition to our interaction with you, the social networks process data from visitors to their websites for the purpose of market research and advertising, i.e., that from the respective visit or usage behaviour and the preferences and interests of a visitor derived from this, a user profile may be created by the respective operator of the social network. Such user profiles can be used, among other things, to display advertisements within the respective social network and possibly on other websites, which are individually adapted to the respective user profile. Cookies (see above) may be stored on the visitors' devices, with the help of which data on usage behaviour can be collected. The collection of this data can, especially in the case of logged-in members of the respective social network, also be realized across several browsers and/or end devices used by a user. Even if a visitor does not have a profile with the respective social network, it cannot be ruled out that personal data on this visitor will be stored when visiting the respective website.

Requests for information regarding the data stored in social networks via our online presence or the use of other relevant rights of affected persons (see below) can be addressed to the provider of the respective service. Only the providers of the social networks have access to the respective data stored there and can provide the corresponding information, etc. With regard to the purpose and scope of data processing by the various social networks, we refer additionally to their respective data protection notices and the respective contact options:

Instagram

Facebook Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour

Dublin 2, Ireland

Privacy policy: https://www.facebook.com/about/privacy/

Opt-out: https://www.facebook.com/settings?tab=ads

Twitter Inc.

One Cumberland Place

Fenian Street

Dublin 2, D02 AX07, Ireland

Privacy policy:https://twitter.com/privacy

Opt-out: https://twitter.com/personalization

YouTube LLC

901 Cherry Ave.

San Bruno, CA 94066, USA

Represented by:
Google Inc.

1600 Amphitheatre Parkway

Mountain View, CA 94043, USA

Privacy policy:https://policies.google.com/privacy?hl=de&gl=de

Opt-out: https://adssettings.google.com/authenticated

LinkedIn Ireland Unlimited Company

Wilton Place

Dublin 2, Ireland

Privacy policy: https://www.linkedin.com/legal/privacy-policy

Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

New Work SE (Xing)

Dammtorstrasse 30

20354 Hamburg, Germany

Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung

The processing of data in the context of our online presences in social networks is carried out insofar as we are responsible for data protection due to our legitimate interest in effective information and direct communication with interested parties and customers of our company. The basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data to safeguard the controller's legitimate interests, unless the interests or fundamental rights and freedoms of the data subject outweigh these. Our interest lies in the provision of content and communication with users of the respective social networks and in improving the range and effectiveness of our contributions.

2.19 Hotjar

On some of our Internet pages, we also use Hotjar, a web analytics service provided by Hotjar Ltd, located at Hotjar Ltd, Level 2 St Julians Business Centre,3 Elia Zammit Street, St Julians STJ 1000, Malta, for website analysis, provided that you have consented to this processing of your data. Hotjar automatically collects usage data while you are visiting our website, which allows us to optimise our online services.

Hotjar uses cookies and other technologies to collect information about the behavior of our users and their end devices (including, but not limited to, the IP address of the device (only collected and stored in anonymous form), screen size, device type (Unique Device Identifiers), information about the browser used, location (country only), language preferred to view our site, history data, referring domain, pages visited on our site, and the date and time of your visit). Hotjar stores this information in a pseudonymous user profile. The information is not used by Hotjar or by us to identify individual users, nor is it merged with other data about individual users.

You can prevent Hotjar from collecting your data when you visit our website at any time by going to the Hotjar opt-out page at the URL https://www.hotjar.com/legal/compliance/opt-out and clicking "Deactivate Hotjar" or by activating the "Do Not Track (DNT)" function in your browser.

Further information about data processing by Hotjar can be found at: https://www.hotjar.com/privacy

The use of Hotjar takes place on the basis of your consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR. You can revoke your consent at any time. You can declare the revocation by sending a message to the contact data mentioned under item 1 (e.g., e-mail, fax, mail). The legality of the data processing operations already carried out remains unaffected by the revocation.

2.20 Customer request and chat via Zendesk

We enable customer requests to be made via the website using a ticket system or chat to ask contract-related enquiries or questions about contract initiation and to communicate with you in this regard.

Therefore, we use the ticket system and/or chat from Zendesk, a customer service platform of Zendesk Inc, 1019 Market Street, San Francisco, CA 94103, USA. For this purpose, personal data such as name, first name, address, telephone number, e-mail address are collected via our website in order to be able to answer your support ticket and/or chat request. Zendesk is used as an order processor by us.

For more information about Zendesk's data processing practices, please refer to Zendesk's Privacy Policy at: https://www.zendesk.de/company/customers-partners/privacy-policy

The data processing in this regard is based on Art. 6 para. 1 S. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures, provided that the request serves the purpose of initiating or performing a contract, or according to Art. 6 para. 1 S. 1 lit. f GDPR, which permits data processing to safeguard the legitimate interests of the controller, unless the interests or the fundamental rights and freedoms of the data subject outweigh the interest of the controller in the data processing. Our interest lies in the efficient and fast processing of user requests.

2.21 Credit assessment

We may carry out a credit assessment on customers who assign claims to us but have already settled them, as well as on customers who have had their compensation, ticket costs and / or additional costs paid directly by the claim debtor and we have corresponding repayment claims, after out-of-court requests for payment have failed and we would have to take legal action to enforce our claims. As part of this check, credit rating information is obtained from an external credit agency.

We work together with SCHUFA, from whom we receive the necessary data. For this purpose, we transmit your name and contact details to SCHUFA. The information according to Art. 14 of the EU data protection basic regulation about the data processing taking place at SCHUFA can be found here: www.schufa.de/datenschutz

On the basis of the information on the creditworthiness, a decision can then be made as to whether the claim will be asserted against the debtor in court.

The processing of your data within the framework of the credit assessment is based on the legal basis in Art. 6 para. 1 lit. b GDPR or the legal basis in Art. 6 para. 1 lit. f GDPR. In principle, we have a legitimate interest in carrying out a credit assessment in order to decide on the judicial assertion of claims against defaulting debtors.

2.22 Data processing for customer satisfaction surveys

We may use the data provided by you to send you a request to carry out a customer satisfaction survey by e-mail.

Thererfore, we use the Trustpilot rating system to receive customer feedbacks and to publish them. These feedbacks are on a voluntary basis. For the purpose of using Trustpilot, we forward your e-mail address, your name and our internal case number to Trustpilot A/S, Pilestraede 58, 5. Etage, DK-1112 Kopenhagen (“Trustpilot”). We have concluded an order processing agreement with Trustpilot for this purpose.

You can object to this at any time. A notification in text form to the contact data mentioned under point 1 (e.g., e-mail, fax, mail) is sufficient for this purpose. This will not incur any costs except for the transmission costs according to the base rates.

The basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data to safeguard the controller's legitimate interests, unless the interests or fundamental rights and freedoms of the data subject outweigh these. Our interest is economical and lies in the advertisement of our services and therefore in the promotion of our offered services.

2.23 Data processing for applications

You can send us applications for jobs in our company via our websites and the contact data we have stored there. Insofar as personal data is transferred to us by you in this way or in any other way during applications, we process your data for the purpose of examining, processing and responding to your application and, if necessary, preparing the employment relationship.

The basis for the data processing is either Art. 88 para. 1 GDPR, Art. 26 para. 1 BDSG which allows the processing of data for the purpose of deciding on the justification, for the establishment as well as for the performance of employment relationships or - if you have given your consent - Art. 6 para. 1 s. 1 lit. a GDPR. You may revoke any consent you have given at any time with effect for the future. A notification in text form to the contact data mentioned under point 1 (e.g., e-mail, fax, mail) is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation.

2.24 Data processing to protect legitimate interests

We also process your data if it is necessary to protect the legitimate interests of us or third parties. This may be the case in particular to ensure IT security and IT operation, in particular also for support enquiries, to be able to understand and prove facts in the event of legal disputes, for market and opinion surveys, to statistically evaluate the use of our website, for advertising other products from us or our cooperation partners.

The basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in the above-mentioned data processing. Our interest is either in IT security, in ensuring support for better usability of our website or in our legal interest or in our evaluation and advertising interest.

2.25 Other data processing based on your consent

It may also happen that we ask for your consent to process personal data. Any granting of consent and the relevant data processing is voluntary and you will not suffer any disadvantages if you do not consent.

The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. An informal notification to us is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation.

2.26 Log files

Each time our websites are accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The stored data records contain the following data: Browser type and browser version, operating system used, referrer URL, date and time of server request, shortened IP address, amount of data transferred in each case, duration of the website visit.

These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.

The data processing is based on Art. 6 para. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the data controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail. We have an interest in the prosecution, prevention and punishment of unlawful use of our services.

2.27 Data processing for the processing of payments via PayPal

On our website we offer payment via PayPal among other things. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). If you choose to pay via PayPal, the payment data you enter will be transmitted to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 s. 1 lit. b GDPR, which allows the processing of data for the fulfilment of a contract or pre-contractual measures.

2.28 Data processing for the fulfilment of legal obligations

In addition, we process your data to fulfil legal obligations (e.g., regulatory requirements, commercial and tax storage and proof obligations).

The basis for data processing is Art. 6 para. 1 lit. c GDPR, which permits processing to fulfil a legal obligation.

3. Categories of receipt of personal data

Your personal data will only be passed on to third parties or otherwise transmitted if this is necessary for the purpose of contract processing or billing or if you have given your prior consent or if there is a legal basis for the passing on of such data.

Your contractual and communication data will be forwarded to the responsible department and the responsible employees within our company in order to answer your enquiries, to communicate or to carry out the order or to fulfil contractual obligations.

Insofar as it is necessary for the purpose of contract processing, data will be passed on to partner companies which have been commissioned to support contract processing. Our partners undertake to comply with and observe the provisions of data protection law. Furthermore, our partners are not permitted to use the data in any other way than to process the contract.

The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

We pass on personal data to third parties who process personal data on their own responsibility (so-called controllers, cf. Art. 4 para. 7 GDPR), such as postal and delivery services, house bank, tax advisors/auditors or authorities, within the scope of legal admissibility and necessity.

Service providers who support us in providing our services to you are sales and marketing partners, software (SaaS) providers, IT service providers, especially service providers for software and hardware maintenance, hosting providers, e-mail service providers, chat service providers, tracking service providers, Customer satisfaction survey service providers and newsletter providers.

4. Duration of data storage

In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We store your data on the basis of legal proof and storage obligations, which result among other things from the German Commercial Code and the German Tax Code, according to which the storage periods are up to ten full years. In addition, we keep your data for the period during which claims can be asserted against our company (statutory limitation period of three or up to thirty years).

5. Data Security

Your personal data will be transmitted securely by us through encryption. We use the coding system SSL (Secure Socket Layer). You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.

6.Rights of the data subject

Within the framework of the applicable legal provisions, you have the right to access information free of charge at any time about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to rectification, restriction or erasure of this data.

You can request information about your personal data stored by us and under certain conditions request the correction or erasure of your data by contacting us via our contact data given above. You may also have the right to restrict the processing of your data and to have the data you provide disclosed in a structured, common and machine-readable format. If you have given us your consent to process personal data for specific purposes, you can revoke your consent at any time with effect for the future. You may object to the processing of your data for direct marketing purposes. If we process your data to protect legitimate interests, you may object to such processing for reasons arising from your particular situation. You can also contact a data protection supervisory authority (right to lodge a complaint).


Company name: MYFLYRIGHT GmbH
Address: Schauenburgerstr. 61, 20095 Hamburg
Represented by: Djavad Ali and Igor Maas
Register court: Amtsgericht Hamburg
Register number: HRB 143174
VAT ID: DE308277625
Get up to 600 €* in compensation