Data Protection
We take the protection of your personal data seriously and want you to feel safe and comfortable when you visit our websites. Protection of your privacy in processing of personal data is an important matter to us that we consider in our business processes.
Data Protection
We take the protection of your personal data seriously and want you to feel safe and comfortable when you visit our websites. Protection of your privacy in processing of personal data is an important matter to us that we consider in our business processes.
Controller for data protection:
Avantiair GmbH & Co. KG (hereinafter also: “Avantiair”, “we”, “us”) will inform you about processing of your personal data within the context of our offers below.
Avanti Air GmbH & Co KG
Allendorfer Str. 58
D-35708 Haiger
Germany
Phone: +49 (0) 27 73 – 91 693 - 0
fly@avantiair.com
Registered in the commercial register of the district court Wetzlar – register no. HRA 7904, HRB 8233
VAT ID: DE 812224042
Contact details of the data protection officer:
René Seidel
Data protection officer of Avantiair
Allendorfer Str. 58
D-35708 Haiger
Phone: 0049 2773 91693 14
Fax: 0049 2773 9169319
datenschutz@avantiair.com
Purpose of processing and legal basis
We process personal data in coordination with the provisions of the EU general data protection regulation (GDPR) and the Federal Data Protection Act (Bundesdatenschutzgesetz; BDSG):
We process personal data to meet contractual obligations in accordance with sect. 6 para. 1 p. 1 lit. b) GDPR. This specifically comprises:
- Issuing of a flight ticket
- Submission of a booking confirmation
- Provision of flight-related services booked by you and flight-related information
- Processing of check-in from invitation to waiting list processing and baggage processing
We also process your data to preserve our legitimate interests in accordance with sect. 6 para. 1 s. 1 lit. f) GDPR
- in order to supply you with relevant information on your booked flight and travel destination
- for purposes of preventing fraud, e.g. credit card abuse, identity fraud, fraudulent obtaining of special conditions or rates
- for assertion of legal claims, including cash collection, and defences in legal disputes
- for purposes of auditing
- to ensure IT security and IT operation of the airline
- to ensure flight security
- for marketing as far as you have not objected to use of your data
- for purposes of compilation of statistics for international flights
We process your data for certain purposes based on your consent in accordance with sect. 6 para. 1 s. 1 lit. a) GDPR.
Consent once given may be revoked at any time. This shall also apply to revocation of declarations of consent that were given to us before the application of the GDPR, i.e. before 25 May 2018. Revocation of consent shall only by effective for the future and shall not affect lawfulness of the data processed until the revocation.
If we are legally required to do this, we will process personal data in order to meet obligations under commercial or tax law or to meet requirements under the law on security (e.g. § 7 LuftSiG). For further information on archiving time limits, see “Duration of processing activities”.
In the following cases, we will transmit data based on legal requirements to public authorities or are obligated to provide your data:
API (Advance Passenger Information)
1. a) API (Advance Passenger Information): Recording and transmission of required passenger data
An increasing number of destination countries are committing airlines to transmit the data of passengers who enter or leave the country, and in part also when flying over the respective country. Such legal provisions usually include transmission of data on identity and travel documents (passport, visa) of the fliers taken on board and the crew members.
These data are usually not available to the airline and therefore must be recorded briefly before departure; this is increasingly often done using the “machine-readable zone” in newer travel documents. Recording serves only direct transmission to the public authorities of the destination country. Expansion of the API obligation to travels into the European Union is intended for the next years.
Duration of processing activities
Your personal data are deleted as soon as they are no longer required for the purposes named. We may need to continue to store your data until the end of the archiving obligations and time limits imposed by the legislator or the supervisory authorities that may result from the Commercial Code, the Tax Code and the Anti-Money-Laundering Act, and that usually are between 6 and 10 years. We may also store your data until the end of the legal expiration periods (i.e. usually 3 years; in individual cases also up to 30 years), as far as this is required to assert, exercise or defend against legal claims. The corresponding data will be deleted routinely after this.
Who will receive your data?
In the context of the above processing activities and the respective legal basis named (execution of the contract, legitimate interest, with consent or due to statutory processing obligations), your data may be passed on to the following categories of recipients:
- Agents, e.g. service providers for ground processing and other connected supplementary services
- Other airlines that perform part of the transport
- Other service providers, e.g. provision of the website, newsletter dispatch, feedback handling, compilation of statistics of international flight traffic
- Official authorities and public authorities, e.g. due to immigration provisions or police and investigative activities.
It is possible that personal data may be transmitted to third countries or international organisations in this context. To protect you and your personal data, appropriate safeguards are intended for such data transmissions in accordance and in harmony with the legal prerequisite.
As far as such transfers are not based on a legal basis or take place into a country for which no resolution of appropriateness that was passed by the EU Commission is available, we use the EU standard contract clauses.
Information on EU standard contract clauses can be found on the websites of the European Union.
Data protection rights of data subjects
We want to design our processing activities transparently. It is important to us that data subjects can exercise the following rights in addition to the right to object when the respective statutory condition is met:
- Right to information, sect. 15 GDPR
- Right to rectification, sect. 16 GDPR
- Right to erasure (‘right to be forgotten’), sect. 17 GDPR
- Right to restriction of processing, sect. 18 GDPR
- Right to data portability, sect. 20 GDPR
- Right to object, sect. 21 GDPR
In order to exercise your rights, you can turn to datenschutz@avantiair.com by email.
In addition to this, you have the right to lodge a complaint with a supervisory authority in accordance with sect. 77 GDPR in conjunction with § 19 BDSG. The supervisory authority relevant for Avantiair is:
Hessischer Beauftragter für Datenschutz und Informationsfreiheit
Gustav-Stresemann-Ring 1
D-65189 Wiesbaden
Phone: +49 (0) 611 1408146
Email: poststelle@datenschutz.hessen.de
Withdrawal right
If you have given your consent to processing of your personal data, we hereby inform you that you can withdraw this consent in writing at any time towards the data protection officer.
Please note that the consent withdrawn by you will only be effective for the future and does not influence lawfulness of processing in the past. In some cases, we have the right to continue to process your personal data on another legal basis – such as to perform a contract – in spite of your withdrawal.
Security
The provider Avanti Air GmbH & Co KG will store your data on particularly secured servers in Germany. Access to this is limited to few persons authorised by the provider Avanti Air GmbH & Co KG who are charged with the technical, commercial or editorial support of these servers.
Use of cookies
Cookies collect text information during an online session and store it in a special file on the user’s hard disc in ASCII format (cookie.txt). The WWW browser of the user determines where the cookie is stored on the user’s computer. Cookies are information that is sent back to the server at the next online visit. They can only be read by the server that also placed them.
The provider Avanti Air GmbH & Co KG will only use cookies when they are urgently required and, e.g., make navigation of the websites easier. The information is not provided to any third party, since cookies are only used for the above purposes.
Most browsers are set so that they accept cookies automatically. This function can, however, be deactivated in the browser at any time. You can set your browser so that it will inform you when cookies are placed.
Links to other websites
The websites of the provider Avanti Air GmbH & Co KG may receive links to other websites. The provider Avanti Air GmbH & Co KG cannot influence the editorial content of third-party websites and compliance with the provisions on data protection by their providers.
Advertisements
The websites of the provider Avanti Air GmbH & Co KG usually do not receive any advertising areas. If this is not the case, advertisements are delivered via external AdServers. The data recorded in connection with online marketing (AdImpressions, AdKlicks) serve only statistical evaluation and compilation of reports to marketing customers. No personal data are used for this.
Cookies may be used when delivering advertisements without the provider Avanti Air GmbH & Co KG being able to influence this.
Data Protection Settings
Reset Settings
In order to optimise the design of our website for you and to continuously improve it, we use analysis tools from third-party providers. Cookies, tracking and (re-)targeting technologies are only used after you have given your express consent. Here, you can reset to your previously chosen settings.
Reset Settings