Data priva‌cy infor‌mation

General matters

1   Information about gathering personal data

(1) We provide information about how we gather personal data when people use our website in the following text. Personal data involves any data that specifically refers to you as a person – e.g. your name, address, e-mail addresses or user behaviour.

(2) The Controller according to Article 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is Mitteldeutsche Flughafen AG, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@mdf-ag.com. You can reach our data protection officer at datenschutz@mdf-ag.com or via our postal address; please address your letter to the “Data Protection Officer”.

(3) In addition to purely providing information on our website, we offer various services, which you can use if you are interested in them. You will normally have to specify more personal data for this and we will use this to provide the service in question; the principles governing data processing, which are cited in the relevant sections, then apply to this work.

2. Passing on data to third parties

(1) We only pass on your personal data to third parties if:

  • you have specifically provided your consent for this according to Article 6 Para. 1 Sentence 1 (a) of the GDPR,
  • passing on the data is necessary to assert, exercise or defend legal claims according to Article 6 Para. 1 Sentence 1 (f) of the GDPR and no reason exists to assume that you have an overriding interest, which needs to be protected, in not having your data passed on,
  • a statutory obligation exists for passing on data according to Article 6 Para. 1 Sentence 1 (c) of the GDPR, and
  • this is legally permissible and is necessary to handle contractual relations with you according to Article 6 Para. 1 Sentence 1 (b) of the GDPR.

(2) We sometimes make use of outside third parties to process your data. We have carefully selected and commissioned them; they are bound by our instructions and we regularly check them. We inform you in the relevant sections of the appropriate services about whether we involve any service partners or not.

(3)  We may also pass on your personal data to third parties if agreements are concluded or similar services are provided by us together with partners. You can obtain more detailed information about this in the relevant sections.

(4)  If our service providers or partners have their headquarters in a country outside the European Economic Area, we will inform you about the consequences of this in our description of the service in the relevant section.

3   Your rights

(1)   You have the following rights as far as we are concerned with regard to any personal data involving you:

  • the right to information,
  • the right to have data corrected or deleted,
  • the right to have the processing work restricted,
  • the right to object to any processing work,
  • the right to data portability.

(2)  You also have the right to lodge a complaint to a data protection supervisory authority about our processing of your personal data.

This site uses website tracking technologies provided by third parties to offer their services, make constant improvements and display advertising in line with users’ interests. We use this consent management platform so that we are able to manage and document any consent in line with the statutory provisions. 

 

Processing company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

 

Purposes of data processing

This list contains the purposes for collecting and processing data. The data that is collected cannot be used or stored for any other purposes than those listed below.

  • To comply with statutory obligations
  • To store your consent

Technologies used

  • Local storage
  • Cookies

Data collected

This list contains all the (personal) data that is collected when or through using the service.

  • Device information
  • Browser information
  • Anonymised IP address
  • Opt-in and opt-out data
  • Date and time of your visit
  • Request for URLs on the website
  • Page path on the website
  • Geographical location

 

Legal basis

The legal basis required by Article 6 Para. 1 (c) of the GDPR for processing any personal data is mentioned below. The collection and storage of the data is necessary to meet our legal obligations.

 

Place of processing

European Union (the consent database is located in Belgium)

Storage period

The storage period is the time during which the data that has been gathered is stored for the processing work. The data must be deleted as soon as it is no longer required for the specified processing purposes.  

The consent data (consent granted and any cancellation of your consent) is kept for three years.  

Data recipient

  • Usercentrics GmbH

Data protection officer of the processing company  

Please find below the e-mail address of the data protection officer of the processing company.

datenschutz@usercentrics.com

 

Click here to read the data protection regulations for the data processor:https://usercentrics.com/privacy-policy/

When you use our website, cookies are also stored on your computer in addition to the data that is stored, as mentioned in “VISITS TO THE WEBSITE”. Cookies are small text files that are stored on your hard drive and assigned to the browser that you are using; thanks to them, particular information flows to the place that sets the cookie. Cookies cannot execute any programmes or transfer viruses to your computer. They are there to help make the Internet services more user-friendly and more effective overall.

Our website uses the following kinds of cookies and we explain their scope and way of operating below:

–    transient cookies (cf. paragraph a)

–    persistent cookies (cf. paragraph b)

–    tracking cookies (cf. the section entitled GOOGLE ANALYTICS”)

  1. Transient cookies are automatically deleted when you close your browser. They particularly include session cookies. They store a so-called session ID, with which various enquiries by your browser can be assigned to the joint session. This makes it possible to recognise your computer again if you return to our website. The session cookies are deleted when you close your browser.
  2. Persistent cookies are automatically deleted after a pre-defined time and this may differ, depending on the type of cookie. You can delete the cookies in the security settings of your browser at any time. The system cookies, which we use, are stored for 24 hours.

c)    You can configure your browser setting in line with your wishes and, for example, reject the acceptance of third-party cookies or any cookies. However, we would point out that you may not be able to make use of all the functions of this website, if you do this.

Activating and using the cookies that are required for technical reasons takes place on the legal basis of a legitimate interest (Article 6 Para. 1 (f) of the GDPR). You have a right to object to this. You will find more detailed information about this in the relevant section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

We process any cookies, which are not necessary for the technical operations, on the basis of your consent (Article 6 Para. 1 (a) of the GDPR). You have the right to cancel your consent at any time. You can find more detailed information in the relevant section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Cookie 

Validity

Is set

Type

Description

fe_typo_user

24h

After logging in at the travel agency section

System function

This cookie enables TYPO3 to recognise that the user is registered in a protected area

PHPSESSIONID

Until the browser is closed

As soon as a session is started in the PHP

System function

This cookie enables PHP to recognise where the user’s current session data is stored

_ga

2 years

After opt-in via the cookie banner, then when each page is loaded

Tracking, not relevant for system function

Contains a random-generated user ID. Using this ID, Google Analytics can recognise repeat users of this website and bring together the data from earlier visits.

_gid

24 hours

After opt-in via the cookie banner, then when each page is loaded

Tracking, not relevant for system function

Contains a random-generated user ID. Using this ID, Google Analytics can recognise repeat users of this website and bring together the data from earlier visits.

_gat

1 minute

After opt-in via the cookie banner, then when each page is loaded

Tracking, not relevant for system function

Certain data is sent to Google Analytics no more than once a minute. The cookie has a service life of one minute. As long as it is set, certain data transfers are prevented.

_dc_gtm_UA-150837493-1

1 minute

After opt-in via the cookie banner, then when each page is loaded

Tracking, not relevant for system function

Certain data is sent to Google Analytics no more than once a minute. The cookie has a service life of one minute. As long as it is set, certain data transfers are prevented.

_gat_gtag_UA-150837493-1

1 minute

After opt-in via the cookie banner, then when each page is loaded

Tracking, not relevant for system function

Certain data is sent to Google Analytics no more than once a minute. The cookie has a service life of one minute. As long as it is set, certain data transfers are prevented.

OAID365 daysAfter the opt-in via the cookie banner, set on pages where advertisements are integratedNot relevant for system functions, for displaying advertisementsThe OAID cookie is set by the Revive AdServer software, which is used to display advertisements. No personal data is stored or passed on via the OAID cookie. The cookie may be necessary to display advertisements.

ucConsents

Persistent

After confirmation of the cookie consent box

System function

Saves the confirmation from the UserCentrics cookie consent box after the website visitor has activated it so that the box is not repeatedly displayed.

ucSettings

Persistent

After confirmation of the cookie consent box

System function

Saves the settings selected by the website visitor in the UserCentrics cookie consent box.

usercentrics

persistent

After confirmation of the cookie consent box

System function

Saves the settings selected by the website visitor in the UserCentrics cookie consent box.

NID

6 months

After the opt-in via the cookie banner, then when each page is loaded

Not relevant for system functions, for displaying Google Maps material

Saves user information via an individual user ID

_Secure-3PAPISID

Up to 1 year

After the opt-in via the cookie banner, then when each page is loaded

Not relevant for system functions, for displaying Google Maps material

Is used for advertising purposes to prepare a profile of the interests of the website visitors and display relevant and personalised Google advertising.

_Secure-3PSID

Up to 1 year

After the opt-in via the cookie banner, then when each page is loaded

Not relevant for system functions, for displaying Google Maps material

Is used for advertising purposes to prepare a profile of the interests of the website visitors and display relevant and personalised Google advertising.

_Secure-3PSIDCC

Up to 1 year

After the opt-in via the cookie banner, then when each page is loaded

Not relevant for system functions, for displaying Google Maps material

Is used for advertising purposes to prepare a profile of the interests of the website visitors and display relevant and personalised Google advertising.

Please note: Google will process the personal data about you, which is collected from this website, in the USA: If you click on “Allow/Accept cookies”, you agree that your personal data may be transferred to the USA and processed there. The data is transferred on the basis of the adequacy decision in line with Article 45 Para. 3 of the GDPR. This guarantees that a level of data protection, which is comparable to EU standards, is followed there. However, this does not rule out the possibility that US authorities may process your data for control and monitoring purposes and you may not have any opportunities to exercise any means of redress either. If you click on “Deny cookies” or disable the cookies setting provided by Google, none of the transfer activity described here takes place.

This website uses Google Analytics 4, a service that is provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), and this makes it possible to analyse the usage of websites.

When using Google Analytics 4, so-called “cookies” are used as the standard feature. Cookies are text files; they are stored on your terminal device and enable an analysis of your usage of a website. The information collected by cookies about the usage of the website (including the IP address communicated by your terminal device, but abbreviated by omitting the final digits and letters – cf. below on this matter) is normally transferred to a Google server and stored and processed there. It is possible that some information is also sent to the servers operated by Google LLC, which has its headquarters in the USA, where the information is subject to further processing.

When using Google Analytics 4, the standard and automatic feature is that the IP address communicated by your terminal device when using the website is only collected and processed in anonymised form at all times so that there is no possibility of directly attributing the information, which has been collected, to you personally. This automatic anonymisation takes place because Google abbreviates the IP address communicated by your terminal device by omitting the final digits and letters within the member states of the European Union (EU) or by other countries that have signed the Agreement on the European Economic Area (EEA).

Google uses this and other information in our name to assess your usage of the website in order to compile reports about your website activities or your usage behaviour and provide other services associated with your website usage and Internet use on our behalf. The abbreviated IP address, which is communicated by your terminal device within Google Analytics 4, is not combined with any other data held by Google. The data collected as part of using Google Analytics 4 is stored for two months and is then deleted.

Google Analytics 4 uses a special function to enable so-called “demographic reports” to be prepared and draws up statistics with statements about the website users’ age, sex and interests on the basis of assessing interest-related advertising and drawing on information from third-party providers. This makes is possible to determine and distinguish groups of people who use the website for the purpose of optimising the thrust of marketing measures to particular target groups. However, it is not possible to attribute the data that is collected as part of the “demographic reports” to any particular person and therefore not to you personally either. The data collected via the “demographic reports” function is stored for two months and is then deleted.

The “UserIDs“ function is also used as an extension to Google Analytics 4 in conjunction with this website. By issuing individual UserIDs, we can enable Google to draw up cross-device reports (so-called “cross-device tracking”). This means that your user behaviour can also be analysed across different devices if you have granted the relevant consent for the use of Google Analytics 4 according to Article 6 Para. 1 a of the GDPR, provided that you have set up a personal account when registering on this website and are logged into different terminal devices with this related registration data in your personal account. The data that is collected in this way shows, among other things, the terminal device, on which you clicked on an advert for the first time and on which terminal device the interaction related to this took place.

Legal basis

All the processing work described above, particularly setting Google Analytics cookies to store and read information on the terminal device that you are using to access the website, only takes place if you have granted your explicit consent for this according to Article 6 Para. 1 a of the GDPR. Google Analytics 4 remains inactive while you are using the website, if you have not provided your consent for it. You can cancel your consent, which you have previously provided, with effect for the future at any time. In order to exercise your cancellation, please deactivate this service by using the “cookie consent tool” that is made available on the website.

We have concluded a so-called order processing agreement with Google to cover our usage of Google Analytics 4 and this obliges Google to protect the data of our website users and not forward it to any third parties.

Transfer to third countries

Google makes use of the adequacy decision in the EU – U.S. Data Privacy Framework in order to guarantee that the European level of data protection is followed if any data is possibly transferred from the EU or the EEA to the USA, where further processing may also take place. You can find more information about this here: https://www.dataprivacyframework.gov/s/participant-search

You can find more legal information about Google Analytics 4 by using the following link: https://policies.google.com/privacy?hl=de&gl=de
You can find details about the processing work initiated by Google Analytics 4 and how Google handles data from websites here: https://policies.google.com/technologies/partner-sites

 

This website uses the Google Tag Manager. The Google Tag Manager is a solution provided by Google Inc. so that companies can manage website tags via one user interface. The Google Tool Manager simply handles tags. The Google Tag Manager is a domain that is free of cookies and it does not collect any personal data. The Google Tool Manager triggers other tags and they in turn collect data. We would particularly draw your attention to this. However, the Google Tag Manager does not access this data. If any deactivation was completed at the domain or cookie level, it remains in force for all the tracking tags, if they have been handled by the Google Tag Manager.

Wir nutzen das Angebot von Google Ads Conversion, um mit Hilfe von sogenannten Google Ads (Werbemittel), auf externen Webseiten, auf unser Recruiting-Kampagne aufmerksam zu machen. Durch den Einsatz von Google Ads sind wir in der Lage, in Relation zu den Daten der Anzeigen zu ermitteln, wie erfolgreich die einzelnen unserer unterschiedlichen Maßnahmen sind. Durch das Ermitteln der Wirksamkeit wird es uns ermöglicht, die Kampagne so auszugestalten um möglichst viele interessierte Menschen zu erreichen.

Diese Werbemittel werden durch Google über sogenannte „Ad Server“ ausgeliefert. Dazu nutzen wir Ad Server Cookies, durch das bestimmte Parameter zur Erfolgsmessung, wie Einblendung der Anzeigen oder Klicks durch die Nutzer, gemessen werden können. Sofern Sie über eine Google-Anzeige auf unsere Website gelangen, wird von Google Ads ein Cookie auf Ihrem Endgerät gespeichert. Zu diesem Cookie werden in der Regel als Analyse-Werte die Unique Cookie-ID, Anzahl Ad Impressions pro Platzierung (Frequenz), letzte Impression (relevant für Post-View-Conversions) sowie Opt-out-Informationen (Markierung, dass ein*e Nutzer*in nicht mehr angesprochen werden möchte) gespeichert.

Über die gesetzten Cookies wird es Google ermöglicht, den Internetbrowser des Nutzers wiederzuerkennen. Ebenfalls lässt für Google und Ad-Kunden nachvollziehen, wenn ein Nutzer bestimmte Webseiten von Ads-Kunden besucht, dass dieser Nutzer auf eine bestimmte Anzeige geklickt hat und zu dieser Seite weitergeleitet wurde. Hierbei gilt zu beachten, dass jeder Ads-Kunde hierfür ein anderes Cookie nutzt. Eine Nachverfolgung der Cookies über die Webseite der Ads-Kunden hinaus ist damit nicht möglich.

In diesem Zusammenhang werden durch uns keine personenbezogenen Daten erhoben oder verarbeitet. Google stellt uns rein statistische Auswertungen zur Verfügung über diese wir die Wirksamkeit der unterschiedlichen Werbemaßnahmen Wir erhalten von Google lediglich statistische Auswertungen zur Verfügung gestellt. Anhand dieser Auswertungen können wir erkennen, welche der eingesetzten Werbemaßnahmen besonders effektiv sind. Darüber hinaus erhalten wir keine weiteren Daten. Eine Identifikation der Nutzer anhand der bereitgestellten Daten ist für uns ausgeschlossen.


Durch die Nutzung von Google-Ads wird automatisch eine Verbindung zwischen ihrem Browser und dem Server von Google aufgebaut. Durch die Einbindung von Ads Conversion erhält Google die Information, dass Sie den entsprechenden Teil unseres Internetauftritts aufgerufen oder eine Anzeige von uns angeklickt haben. Sofern Sie bei einem Dienst von Google registriert sind, kann Google den Besuch Ihrem Account zuordnen. Selbst wenn Sie nicht bei Google registriert sind bzw. sich nicht eingeloggt haben, besteht die Möglichkeit, dass Google Ihre IP-Adresse in Erfahrung bringt und speichert. Wir weißen an dieser Stelle ausdrücklich darauf hin, dass wir keinen Einfluss auf den Umfang und die weitere Verwendung der Daten, welche Google durch den Einsatz dieses Tools erhebt haben.

Google Ads Remarketing

Wir verwenden die Remarketing-Funktion innerhalb des Google Ads-Dienstes. Mit der Remarketing-Funktion können wir Nutze unserer Webseite auf anderen Webseiten innerhalb des Google Werbenetzwerks (in der Google Suche oder auf YouTube, sog. „Google Anzeigen“ oder auf anderen Webseiten) auf deren Interessen basierende Werbeanzeigen präsentieren. Dafür wird die Interaktion der Nutzer auf unserer Webseite analysiert, z.B. für welche Angebote sich ein Nutzer interessiert hat, um den Nutzern auch nach dem Besuch unserer Webseite auf anderen Seiten zielgerichtete Anzeigen einblenden zu können. Hierfür speichert Google Cookies auf den Endgeräten der Nutzer, die bestimmte Google-Dienste oder Webseiten im Google Displaynetzwerk besuchen. Über diese Cookies werden die Besuche dieser Nutzer erfasst. Die Cookies dienen zur eindeutigen Identifikation eines Webbrowsers auf einem bestimmten Endgerät und nicht zur Identifikation einer Person.

Bei den von Google genutzten Cookies handelt es sich um Marketing Cookies. Nähere Informationen dazu entnehmen Sie bitte dem Reiter „Cookies“.

Empfangende:
Hauptdienstleistende: Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Irland.

Übermittlungen in Drittstaaten sind möglich. Als geeignete Garantien wurden sog. Standardvertragsklauseln gem. Art. 46 DSGVO abgeschlossen. Für Drittländer/Unternehmen, für die ein Angemessenheitsbeschluss vorliegt, insbesondere für die USA, gilt der Angemessenheitsbeschluss ebenfalls. Weitere Informationen dazu befinden sich hier: . https://www.dataprivacyframework.gov/s/participant-searchhttps://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de

Weitere Empfangende sind im Abschnitt 1.4. über die allgemeinen Empfangenden zu finden.

Rechtsgrundlage:
Art. 6 (1) a DSGVO (Einwilligung) – nähere Informationen dazu finden sie im Reiter „Cookies“.

Löschung/Widerruf:
Sie können die Einwilligung zur Nutzung von Google-Ads jederzeit über das Consent-Managmenttool (Icon unten rechts auf der Webseite) wiederrufen. Beachten Sie hierzu bitte auch den Reiter „Widerspruch oder Widerruf gegen die Verarbeitung ihrer Daten“  und „Cookies“.

 

 

The receiving body:
The main service provider: Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.

Data may possibly be transferred to third countries. So-called standard contractual causes have been concluded as suitable guarantees in line with Article 46 of the GDPR. The adequacy decision also applies to third countries/companies, for which an adequacy decision exists, particularly the USA. You can find more information about this here: https://www.dataprivacyframework.gov/s/participant-search, https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de

The Controller according to Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Mitteldeutsche Flughafen AG, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@mdf-ag.com. You can contact our data protection officer at datenschutz@mdf-ag.com or send a letter to the “Data Protection Officer” at our aforementioned address. 

Revive is an open source software tool designed for integrating advertisements and providing anonymous statistical assessments about them (banners).


Legal basis
We process any cookies, which are not necessary for technical operations, on the basis of your consent (Article 6 Para. 1 a of the GDPR). You have the right to cancel your consent for this at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

The Revive Adserver software has a function that generates a cookie called OAID in the visitor’s browser. This cookie always exhibits the same value when first coming in contact with the browser, so that it is not possible to clearly recognise the user.  

The tracking functions of the OAID cookie are not used by Revive Adserver itself or the bundled plugins.

Data processing is performed in order to analyse the website and display advertising banners with the help of cookies and pixels. The data that is gathered through this involves user and traffic data.

The retention period is the time in which the data that has been gathered is stored for processing purposes. The data must be deleted as soon as it is no longer required for the specified processing purposes or you have cancelled your consent for this. Please take account of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” for more details.

 

The Controller according to Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Mitteldeutsche Flughafen AG, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@mdf-ag.com. You can contact our data protection officer at datenschutz@mdf-ag.com or send a letter to the “Data Protection Officer” at our aforementioned address. 

The Cloudfront CDN makes available duplicates of data from a website on various Amazon Web Services (AWS) servers that are distributed around the world. This enables a faster loading time for the website, greater safeguards against any malfunctions and increased protection against any loss of data. Some of the photos and videos included on this website are obtained from Cloudfront CDN when the site is opened. In response to this request, it may be appropriate to transfer information about the way that you use our website (e.g. your IP address) to Amazon servers located abroad within the EU and stored there. This depends on where you are when you access the Internet and the utilisation rate and availability of the Cloudfront servers. This takes place as soon as you enter our website. We make use of Amazon Web Services and the Amazon CDN Cloudfront in the interests of providing a higher loading speed for this website. This represents a legitimate interest in the sense of Article 6 Para. 1 f of the GDPR. You can discover more about the data privacy measures at Amazon Web Services here: Data Protection in Germany – Amazon Web Services (AWS)
You can find the latest data privacy notice from Amazon Web Services here: https://aws.amazon.com/de/privacy/
We have an order processing agreement, which includes the so-called EU standard contractual clauses, with Amazon Web Services. We have conducted the prescribed risk analysis (TIA) in relation to these data transfer procedures. Taking into consideration the need to protect the data and the very small amount of processing of personal data, the processing risk has been classified as very low. Processing must therefore be considered to be lawful overall. You can find the agreements related to data protection law here: AWS_GDPR_DPA.pdf (awsstatic.com)

Legal basis

The data is processed on the legal basis of Article 6 Para. 1 f of the GDPR, what is known as our legitimate interest. The legitimate interests, which are achieved by using Cloudfront, particularly involve increasing the reliability of our website as well as the delivery speed of the data that is requested. You have the right to object to this processing of data. Whether your objection is successful or not has to be determined by weighing up different interests. Please take account of the re

The Controller according to Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Mitteldeutsche Flughafen AG, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@mdf-ag.com. You can contact our data protection officer at datenschutz@mdf-ag.com or send a letter to the “Data Protection Officer” at our aforementioned address. 

Third party requests involve all the enquiries that you make to third parties via our site when using our website – for example, if you are operating with plugins from social networks or may be using the services of an online payment provider. If this is the case, no cookies are stored in your browser, but we cannot exclude the possibility that personal data may be sent to the third-party provider as a result of this interaction. This is the reason why we inform you in great detail about the tools and applications that we use in our data protection statement.   

Visitor tours at Dresden

It is possible to take part in visitor tours at Dresden Airport. Before doing so, however, you must make a booking. We describe here how we process your personal data in conjunction with bookings or booking inquiries.

 

The Controller in the sense of Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Flughafen Dresden GmbH, Flughafenstrasse, 01109 Dresden, info@dresden-airport.de. You can contact our data protection officer at datenschutz@dresden-airport.de or send a letter to the “Data Protection Officer” at the aforementioned address.  

1. Booking a tour
If you would like to book one of the tours mentioned on our website, this takes place via the booking system operated by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The services for handling online payments [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers] are provided by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle the procedure that you want to arrange, it is necessary to collect and process personal data about you. The information, which is absolutely essential in order to process your booking inquiry, is marked by a star* and involves your surname, first name, e-mail address and postal address. Your payment data is also collected in order to conclude the payment procedure directly as part of the booking process. You may also make other data available to us. The boxes that are not marked by a star* involve information that is not compulsory and this can be entered on a voluntary basis.

The processing of the compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to fulfil a contract or fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we pursue when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits: tours can be planned in a better way and this eases the pressure on personnel at many points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess and forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have a right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

Bookings
The booking procedure takes place directly in the booking system integrated on our website, which is provided by bookingkit. The data is stored and processed for the purpose of processing and completing your booking or order. You can find more detailed information about the conditions of use and data protection and the possible commissioning of third parties to process the data by bookingkit at: https://bookingkit.net/de/datenschutzerklaerung/.

Payments
Our service provider, bookingkit, collects personal data, which is then forwarded to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider. MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfer, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business atMANGOPAY.

Deletion
We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

2. Ordering a voucher
If you would like to order a voucher on our website, this takes place via the booking system provided by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The services for handling online payments [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers] are provided by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle the procedure that you want to arrange, it is necessary to collect and process personal data about you. In this connection, we gather your surname and first name, your e-mail address and your postal address. You can also make other data available to us. The information, which is absolutely essential for processing your booking inquiry, is marked by a star*. The boxes that are not marked by a star* involve information that is not compulsory and this can be entered on a voluntary basis.

Processing any compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to fulfil a contract or fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we pursue when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits: tours can be planned in a better way and this eases the pressure on personnel at many points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess and forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have a right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

Placing orders
The ordering procedure takes place directly in the booking solution integrated on our website, which is provided by bookingkit. Your personal data is forwarded to bookingkit and processed there, with the exception of your payment data. The data is stored and processed for the purpose of processing and handling your order. You can find more detailed information about the conditions of use and data protection and the possible commissioning of third parties to process the data by bookingkit at: https://bookingkit.net/de/datenschutzerklaerung/.

Payments
Our service provider, bookingkit, collects personal data and then forwards it to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider.

MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfer, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business atMANGOPAY.

Deletion
We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

3. Booking enquiries for tours
Please note that the booking system provided by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”) is used for making reservations and bookings. In addition to this, online payments [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers] are handled by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle your booking enquiry, we have to collect and process personal data about you via the enquiry form. Please take note of the tab entitled “MAKING CONTACT BY E-MAIL OR VIA THE CONTACT FORM” in this respect.

In this connection, we gather your surname and first name, your e-mail address and your postal address. You can also make other data available to us. The information, which is absolutely essential for processing your booking inquiry, is marked by a star*. The boxes that are not marked by a star* involve information that is not compulsory and this can be entered on a voluntary basis.

The processing of the compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to fulfil a contract or fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we pursue when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits: tours can be planned in a better way and this eases the pressure on personnel at many points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess and forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have a right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

Bookings
Once we receive your booking inquiry, we examine whether the date that you have requested is still available. If this is the case, we make a reservation for you in the booking system that we use for this purpose, which is provided by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The booking system then sends you a confirmation of the reservation, including the payment details, to the e-mail address that you have specified. The payment for the reservation then takes place directly online via the booking system. Please note that online payments are handled by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

If the date is not available, we will contact you to find an alternative date.

Payments
Our service provider, bookingkit, collects personal data, which is then forwarded to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider.

MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfer, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business atMANGOPAY.

Deletion
We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

Visitor tours at Leipzig/Halle

It is possible to take part in visitor tours at Leipzig/Halle Airport. Before doing so, however, you must make a booking. We describe here how we process your personal data in conjunction with bookings or booking inquiries.

The Controller in the sense of Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Flughafen Leipzig/Halle GmbH, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@leipzig-halle-airport.de. You can contact our data protection officer at datenschutz@leipzig-halle-airport.de or send a letter to the “Data Protection Officer” at the aforementioned address. 

We want to use the information below to describe how we process your personal data in connection with the various tours:

1. Booking a tour for individual participants, a children’s birthday tour

If you would like to book one of the tours mentioned on our website, this takes place via the booking system operated by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The services for handling online payments [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers] are provided by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle the procedure that you want to arrange, it is necessary to collect and process personal data about you. The information, which is absolutely essential in order to process your booking inquiry, is marked by a star* and involves your surname, first name, e-mail address and postal address. Your payment data is also collected in order to conclude the payment procedure directly as part of the booking process. You may also make other data available to us. The boxes that are not marked by a star* involve information that is not compulsory and this can be entered on a voluntary basis.

The processing of the compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to fulfil a contract or fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we pursue when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits: tours can be planned in a better way and this eases the pressure on personnel at many points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess and forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have a right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

Bookings
The booking procedure takes place directly in the booking system integrated on our website, which is provided by bookingkit. The data is stored and processed for the purpose of processing and completing your booking or order. You can find more detailed information about the conditions of use and data protection and the possible commissioning of third parties to process the data by bookingkit at: https://bookingkit.net/de/datenschutzerklaerung/.

Payments
Our service provider, bookingkit, collects personal data, which is then forwarded to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider. MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfer, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business atMANGOPAY.

Deletion
We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

2. Ordering a voucher

If you would like to order a voucher on our website, this takes place via the booking system provided by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The services for handling online payments [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers] are provided by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle the procedure that you want to arrange, it is necessary to collect and process personal data about you. In this connection, we gather your surname and first name, your e-mail address and your postal address. You can also make other data available to us. The information, which is absolutely essential in order to process your booking inquiry, is marked by a star*. The boxes that are not marked by a star* involve information that is not compulsory and this can be entered on a voluntary basis.

Processing any compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to fulfil a contract or fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we pursue when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits: tours can be planned in a better way and this eases the pressure on personnel at many points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess and forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have a right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

 

Placing orders
The ordering procedure takes place directly in the booking solution integrated on our website, which is provided by bookingkit. Your personal data is forwarded to bookingkit and processed there, with the exception of your payment data. The data is stored and processed for the purpose of processing and handling your order. You can find more detailed information about the conditions of use and data protection and the possible commissioning of third parties to process the data by bookingkit at: https://bookingkit.net/de/datenschutzerklaerung/.

Payments
Our service provider, bookingkit, collects personal data and then forwards it to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider.

MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfer, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business atMANGOPAY.

Deletion
We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

3. Group tours, children’s tours for groups, young people’s tours for groups
Please note that the booking system provided by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”) is used for making reservations and bookings. In addition to this, online payments [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers] are handled by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle the procedure that you want to arrange, it is necessary to collect and process personal data about you via the enquiry form. Please note the information about this on the tab entitled “MAKING CONTACT BY E-MAIL OR VIA THE CONTACT FORM”.

In this connection, we gather your surname and first name, your e-mail address and your postal address. You can also make other data available to us. The information, which is absolutely essential for processing your booking inquiry, is marked by a star*. The boxes that are not marked by a star* involve information that is not compulsory and this can be entered on a voluntary basis.

The processing of the compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to fulfil a contract or fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we pursue when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits: tours can be planned in a better way and this eases the pressure on personnel at many points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess and forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have a right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection related to processing data at bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

 

Bookings
Once we receive your booking inquiry, we examine whether the date that you have requested is still available. If this is the case, we make a reservation for you in the booking system that we use for this purpose, which is provided by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The booking system then sends you a confirmation of the reservation, including the payment details, to the e-mail address that you have specified. The payment for the reservation then takes place directly online via the booking system. Please note that online payments are handled by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

If the date is not available, we will contact you to find an alternative date.

Payments
Our service provider, bookingkit, collects personal data, which is then forwarded to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider.

MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfer, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business atMANGOPAY.

Deletion
We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

Fire training at Leipzig/Halle

This service is included on our website by means of an iframe.

The visitor’s IP address, date/time, resource requested (page/photo), user agent, data that is entered on the forms are all stored.

Flughafen Leipzig/Halle GmbH, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@leipzig- halle-airport.de, is the Controller according to Article 4 Para. 7 of the EU General Data Protection Regulation (GDPR). You can contact our data protection officer at datenschutz@leipzig-halle- airport.de or use the postal address just mentioned; please address your letter to the “Data Protection Officer”.

Enquiries about dates and booking courses
We have to gather and process personal data about you from the contact form so that we can process your enquiries about dates or make bookings for courses.

Please take note of the section on this entitled: “MAKING CONTACT BY E-MAIL OR THE CONTACT FORM”.

If you contact us on the phone, we store the data that you give us (your surname, your first name, possibly your phone number and address for booking enquiries, your e-mail address) so that we can answer your questions and/or process your enquiry. This data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract or perform pre- contractual measures. We process the data that you voluntarily make available to us on the basis of your consent according to Article 6 Para. 1 (a) of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information in the appropriate section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Any data that accumulates in this connection is deleted once it is no longer necessary to store it or you have cancelled your consent – if the processing work has taken place on the basis of your consent. If it is not possible to delete it because of statutory retention periods or other circumstances, we will restrict the processing work.

Photo and filming enquiries at Dresden airport

If you wish to shoot film, take photos or conduct a survey among passengers and guests at our airport, you can get in touch with us about this using our contact form.

If you make any enquiries at Dresden Airport, the Controller according to Article 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is Flughafen Dresden GmbH, Flughafenstrasse, 01109 Dresden, info@dresden-airport.de. You can contact our data protection officer at datenschutz@dresden-airport.de or use the postal address just mentioned; please address your letter to the “Data Protection Officer”.

You will find more details about processing and storing your data in the section entitled “MAKING CONTACT BY E-MAIL OR THE CONTACT FORM”.

If you contact us on the phone, we store the data that you give us (your surname, your first name, possibly your phone number and address for booking enquiries, your e-mail address) so that we can answer your questions and/or process your enquiry. This data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract or perform pre- contractual measures. We process the data that you voluntarily make available to us on the basis of your consent according to Article 6 Para. 1 (a) of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information in the appropriate section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Any data that accumulates in this connection is deleted once it is no longer necessary to store it or you have cancelled your consent – if the processing work has taken place on the basis of your consent. If it is not possible to delete it because of statutory retention periods or other circumstances, we will restrict the processing work.

Photo and filming enquiries at Leipzig/Halle airport

If you wish to shoot film, take photos or conduct a survey among passengers and guests at our airport, you can get in touch with us about this using our contact form. If you make any enquiries at Leipzig/Halle Airport, the Controller according to Article 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is Flughafen Leipzig/Halle GmbH, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@leipzig-halle-airport.de. You can contact our data protection officer at datenschutz@leipzig-halle-airport.de or use the postal address just mentioned; please address your letter to the “Data Protection Officer”.

You will find more details about processing and storing your data in the section entitled “MAKING CONTACT BY E-MAIL OR THE CONTACT FORM”.

If you contact us on the phone, we store the data that you give us (your surname, your first name, possibly your phone number and address for booking enquiries, your e-mail address) so that we can answer your questions and/or process your enquiry. This data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract or perform pre- contractual measures. We process the data that you voluntarily make available to us on the basis of your consent according to Article 6 Para. 1 (a) of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information in the appropriate section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Any data that accumulates in this connection is deleted once it is no longer necessary to store it or you have cancelled your consent – if the processing work has taken place on the basis of your consent. If it is not possible to delete it because of statutory retention periods or other circumstances, we will restrict the processing work.

Google Maps and my google maps

We include the maps provided by Google by means of the “Google Maps” service. We also use Google’s “My Maps” service to draw up individual maps.   

The Controller according to Article 4 Para. 7 of the General Data Protection Regulation (GDPR) is Google Ireland Limited, Google Building, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland.

Data processing purposes

This list contains the purposes for collecting and processing data. Consent only applies to the specified purposes. The data that is collected cannot be used or stored for other purposes than those listed below.

  • Displaying maps

Technologies used

  • Cookies

Data collected  

This list includes all the (personal) data that is collected when or through using the service.

  • IP address
  • Location information
  • Usage data
  • Date and time of your visit
  • URLs

Legal basis

The legal basis required by Article 6 Para. 1 of the GDPR for processing personal data is mentioned below.

  • Article 6 Para. 1 Sentence 1 (a) of the GDPR

Place of processing

  • European Union

    Rights of data subjects

You can cancel your consent with effect for the future at any time by objecting to any storage of the cookies using the cookie banner that is displayed on one occasion during your first visit to the website or in the data protection section on the right edge of your screen; however, we would point out that you may not be able to make full use of all the functions of this website if you do this. You can also prevent Google from collecting the data generated by the cookie and related to your usage of the website (including your IP address) or from processing this data by downloading and installing this browser add-on: https://tools.google.com/dlpage/gaoptout?hl=de

Cancelling your declaration of consent for Google Maps prevents your data from being collected in future when you visit this website. In order to prevent any collection of data across different devices, you must activate the opt-out on all the systems that you use. This takes place by deleting the Google Maps opt-in cookie. You can manage your consent for the use of this service via the “Data protection” section on the right edge of your screen and delete the cookie yourself.

Storage periods

The storage period is the time in which the data that has been gathered is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.

The data is deleted as soon as it is no longer required for the processing purposes.

Data recipients

  • Google Ireland Limited
  • Google LLC
  • Alphabet Inc

Data privacy officer at the processing company

You will find the e-mail address of the data privacy officer at the processing company here.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Forwarding data to third countries

Some services forward the data that has been collected to a different country. Please find below a list of the countries to which the data is forwarded. This may be the case for various purposes, e.g. for storage or processing.

Worldwide

Click here to read the data privacy regulations of the data processorhttp://www.google.com/intl/de/policies/privacy/

Click here to cancel on all the domains of the processing companyhttps://safety.google/privacy/privacy-controls/

Click here to read the cookie guidelines of the data processorhttps://policies.google.com/technologies/cookies?hl=en

.

Handling request for Dresden airport

The Controller in the sense of Article 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is Flughafen Dresden GmbH, Flughafenstrasse, 01109 Dresden, info@dresden-airport.de. You can contact our data protection officer at datenschutz@dresden-airport.de or use the postal address just mentioned; please address your letter to the “Data Protection Officer”.

If you contact us as part of a handling request, we store the data of the specified contact partner (surname, first name, address data – normally a business address – and e-mail) so that we can answer the enquiry and process it. This data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract or perform pre-contractual measures. We process the data that you voluntarily make available on the basis of your consent in line with Article 6 Para. 1 (a) of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information in the appropriate section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Any data that accumulates in this connection is deleted once it is no longer necessary to store it or you have cancelled your consent – if the processing work has taken place on the basis of your consent. If it is not possible to delete it because of statutory retention periods or other circumstances, we will restrict the processing work.

 

Handling request for Leipzig/Halle airport

The Controller in the sense of Article 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is Flughafen Leipzig/Halle GmbH, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@leipzig-halle-airport.de. You can contact our data protection officer at datenschutz@leipzig-halle-airport.de or use the postal address just mentioned; please address your letter to the “Data Protection Officer”.

If you contact us as part of a handling request, we store the data of the specified contact partner (surname, first name, address data – normally a business address – and e-mail) so that we can answer the enquiry and process it. This data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract or perform pre-contractual measures. We process the data that you voluntarily make available on the basis of your consent in line with Article 6 Para. 1 (a) of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information in the appropriate section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Any data that accumulates in this connection is deleted once it is no longer necessary to store it or you have cancelled your consent – if the processing work has taken place on the basis of your consent. If it is not possible to delete it because of statutory retention periods or other circumstances, we will restrict the processing work.

Making contact by e-mail or the contact form

If you contact us by e-mail or using the contact form, we store the data that you give us (your surname, your first name, possibly your phone number and address for booking enquiries, your e-mail address) so that we can answer your questions and/or process your enquiry. This data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract or perform pre-contractual measures. We process the data that you voluntarily make available to us on the basis of your consent according to Article 6 Para. 1 (a) of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information in the appropriate section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Any data that accumulates in this connection is deleted once it is no longer necessary to store it or you have cancelled your consent – if the processing work has taken place on the basis of your consent. If it is not possible to delete it because of statutory retention periods or other circumstances, we will restrict the processing work.

Booking a car park space at Dresden

You can book a car park space at Dresden Airport on our website. You are forwarded to an outside site at Dresden Airport for this. The booking procedure takes place completely at the following website: https://parken.dresden-airport.de/ You will find the data protection information for using the website and for making the booking directly on the external site under “Data Protection Guidelines”.

Booking a car park space at Leipzig/Halle

You can book a car park space at Leipzig/Halle Airport on our website. You are forwarded to an outside site at Leipzig/Halle Airport for this. The booking procedure takes place completely at the following website: https://parken.leipzig-halle-airport.de/ You will find the data protection information for using the website and for making the booking directly on the external site under “Data Protection Guidelines”.

Dresden airport in the social media networks

Dresden Airport maintains online accounts within social media networks in order to communicate with active users there or offer information about itself there.

We would point out at this juncture that user data may be processed outside the European Union if you visit these networks. This may expose users to risks, because it may be difficult for users to assert their rights, for example. As for US providers that are certified under the Privacy Shield or offer comparable guarantees of safe data protection levels, we would point out that they therefore promise to comply with the data privacy standards that apply within the EU.

User data within social media networks is normally processed for market research and advertising purposes too. It is therefore possible that usage profiles are drawn up on the basis of usage behaviour and the user’s resulting interests, for example. The usage profiles can then be used to display advertisements that probably reflect the user’s interests, both inside and outside the networks, for example. To achieve this, cookies are normally stored on the user’s computer and the usage behaviour and the user’s interests are stored in them. Data may also be stored in the usage profiles, regardless of the devices that the user employs (particularly, if the users are members of the relevant platforms and have logged into them).

We would refer you to the data privacy statements and specifications published by the operators of the relevant networks if you wish to obtain a detailed description of the types of processing in each case and the opt-out opportunities.

Even if you are making enquiries about information or asserting data subject rights, we would also point out that they can be most effectively asserted with the providers themselves. Only these providers have access to the user’s data and can directly adopt appropriate measures and provide information. If you still require some assistance, you can contact the following address:

Flughafen Dresden GmbH
Data Protection Officer           
Flughafenstrasse                                                   
01109 Dresden                                
datenschutz@dresden-airport.de

The types of data that are processed involve the following: user-related data (e.g. names, addresses), contact data (e.g. e-mail, phone numbers), content data (e.g. text input, photos, videos), usage data (e.g. websites visited, interest in content, access times), meta/communications data (e.g. information on devices, IP addresses).

The persons concerned are: users (e.g. website visitors, users of online services).

The purposes of the processing work: contact enquiries and communications, tracking (e.g. profiling based on interests/behaviour, usage of cookies), remarketing, measuring coverage (e.g. access statistics, recognising repeat visitors).

Legal basis: legitimate interests (Article 6 Para. 1 Sentence 1 (f) of the GDPR).

Services and service providers that are used:

Services and service providers that are used:

Instagram: social media network; service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website: https://www.instagram.com; data privacy statement: http://instagram.com/about/legal/privacy.

Facebook: social media network; service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; data privacy statement: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing the data privacy level when data is processed in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; opt-out opportunities: settings for advertisements: https://www.facebook.com/settings?tab=ads; additional information on data privacy: Agreement on Joint Processing of Personal Data on Facebook Sites: https://www.facebook.com/legal/terms/page_controller_addendum; data privacy information for Facebook sites: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Twitter: The airport makes use of the technical platform and the services of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A. for the short message service that it provides. Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland is responsible for processing any data related to people who live outside the United States.

We would point out that you alone are responsible for making use of the Twitter short message service that is offered here and its functions. This particularly applies to using the interactive functions (e.g. share, like/don’t like). 

You will find the details about the data that Twitter processes and for what purposes the company uses it in Twitter’s data privacy statement: https://twitter.com/de/privacy

Twitter Inc. is committed to the principles of the EU-US Privacy Shield. You can find more details about it here:  https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

The airport does not have any influence on the type or amount of data that Twitter processes, the type of processing and usage or any forwarding of this data to third parties. In this sense, it does not have any effective control opportunities either. If you use Twitter, Twitter Inc. will collect, transfer, store, disclose and use your personal data and, regardless of where you live, transfer it to the United States, Ireland or any other country where Twitter Inc. has business operations, store it and use it there.

Firstly, Twitter processes the data that you have voluntarily entered, such as your name and user name, your e-mail address, your phone number or the contacts in your address book, if you upload or synchronise this information.

Secondly, Twitter also assesses the content that you have shared with a view to discovering which topics are interesting for you; it stores and processes confidential messages that you send directly to other users and it can determine where you are by using your GPS data, information about wireless networks or your IP address in order to send you advertisements or other content. 

For evaluation purposes, Twitter Inc. may use analysis tools like Twitter or Google Analytics. The airport does not have any influence on the use of these kinds of tools by Twitter Inc. and has not been informed about any such potential use either. If Twitter Inc. makes use of these kinds of tools for the airport account, the airport has not commissioned this work or given it its blessing or supported it in any other way. The data that is obtained through the analysis process is not made available to the airport either. The airport can only see certain, non-personal information about Tweet activity, e.g. the number of profile or link clicks generated by a particular Tweet, via its account. The airport does not have any opportunity of preventing or stopping the use of these kinds of tools on its Twitter account either. 

Finally, Twitter also receives information if you view content, for example, even if you have not created an account. This so-called “log data” may involve the IP address, the type of browser, the operating system, information on the website that was accessed prior to this and the sites that you have accessed, your location, your mobile phone provider, the terminal device that you are using (including the device ID and application ID), the search terms that you use and cookie information.

Twitter is able to log your visits to these websites and assign them to your Twitter profile via the Twitter buttons or widgets that are embedded in websites and by using cookies. Content or advertisements can then be tailored to you by means of this data.

You have opportunities to restrict the processing of your data in the general settings in your Twitter account and under the “Data privacy and security” menu item. You can also restrict Twitter’s access to contact and calendar data, photos, location data etc. on mobile devices (smartphones, tablet computers) in the settings available there. However, this depends on the operating system that you are using.

You can obtain further information about these issues from the following Twitter support sites:

https://support.twitter.com/articles/105576# 

https://help.twitter.com/de/search?q=datenschutz

You can find out about the opportunity to view your own data at Twitter here:

https://support.twitter.com/articles/20172711#

You will find information about the conclusions that Twitter draws about you here:
https://twitter.com/your_twitter_data

You will find information about the current personalisation and data privacy setting options here (with further information):

https://twitter.com/personalization

You also have the opportunity of requesting information via the Twitter data privacy form or the archive requirements: 

https://support.twitter.com/forms/privacy

https://support.twitter.com/articles/20170320#

LinkedIn: Social media network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website: https://www.linkedin.com; data privacy statement: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (guaranteeing the data privacy level when data is processed in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; opt-out opportunity: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 

Website: www.facebook.com;

Data privacy statement: https://www.facebook.com/about/privacy;

Adequacy decision in the EU-U.S. Data Privacy Framework (guaranteeing the level of data privacy when processing data in third countries): https://www.dataprivacyframework.gov/s/participant-search

You can find more information about the agreement on shared responsibility here:

https://www.facebook.com/legal/terms/page_controller_addendum.

 

Leipzig/Halle airport in the social media networks

Leipzig/Halle Airport maintains online accounts within social media networks in order to communicate with active users there or offer information about itself there.

We would point out at this juncture that user data may be processed outside the European Union if you visit these networks. This may expose users to risks, because it may be difficult for users to assert their rights, for example. As for US providers that are certified under the Privacy Shield or offer comparable guarantees of safe data protection levels, we would point out that they therefore promise to comply with the data privacy standards that apply within the EU.

User data within social media networks is normally processed for market research and advertising purposes too. It is therefore possible that usage profiles are drawn up on the basis of usage behaviour and the users’ resulting interests, for example. The usage profiles can then be used to display advertisements that probably reflect the user’s interests, both inside and outside the networks, for example. To achieve this, cookies are normally stored on the user’s computer and the usage behaviour and the user’s interests are stored in them. Data may also be stored in the usage profiles, regardless of the devices that the user employs (particularly, if the users are members of the relevant platforms and have logged into them).

We would refer you to the data privacy statements and specifications published by the operators of the relevant networks if you wish to obtain a detailed description of the types of processing in each case and the opt-out opportunities.

Even if you are making enquiries about information or asserting data subject rights, we would also point out that they can be most effectively asserted with the providers themselves. Only these providers have access to the user’s data and can directly adopt appropriate measures and provide information. If you still require some assistance, you can contact the following address:

Flughafen Leipzig/Halle GmbH            

Data Protection Officer                                 

Terminalring 11                                                       04435 Flughafen Leipzig/Halle             datenschutz@leipzig-halle-airport.de

 

The types of data that are processed involve the following: user-related data (e.g. names, addresses), contact data (e.g. e-mail, phone numbers), content data (e.g. text input, photos, videos), usage data (e.g. websites visited, interest in content, access times), meta/communications data (e.g. information on devices, IP addresses).

The persons concerned are: users (e.g. website visitors, users of online services).

The purposes of the processing work: contact enquiries and communications, tracking (e.g. profiling based on interests/behaviour, usage of cookies), remarketing, measuring coverage (e.g. access statistics, recognising repeat visitors).

Legal basis: legitimate interests (Article 6 Para. 1 Sentence 1 (f) of the GDPR).

 

Services and service providers that are used:

Services and service providers that are used:

Instagram: social media network; service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website: https://www.instagram.com; data privacy statement: http://instagram.com/about/legal/privacy.

Facebook: social media network; service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; data privacy statement: https://www.facebook.com/about/privacy; Privacy Shield (guaranteeing the data privacy level when data is processed in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; opt-out opportunities: settings for advertisements: https://www.facebook.com/settings?tab=ads; additional information on data privacy: Agreement on Joint Processing of Personal Data at Facebook Sites: https://www.facebook.com/legal/terms/page_controller_addendum; data privacy information for Facebook sites: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Twitter: The airport makes use of the technical platform and the services of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A. for the short message service that it provides. Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland is responsible for processing any data related to people who live outside the United States.

Twitter: We would point out that you alone are responsible for making use of the Twitter short message service that is offered here and its functions. This particularly applies to using the interactive functions (e.g. share, like/don’t like). You will find the details about the data that Twitter processes and for what purposes the company uses it in Twitter’s data privacy statement: https://twitter.com/de/privacy Twitter Inc. is committed to the principles of the EU-US Privacy Shield. You can find more details about it here:  https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

The airport does not have any influence on the type or amount of data that Twitter processes, the type of processing and usage or any forwarding of this data to third parties. In this sense, it does not have any effective control opportunities either.

If you use Twitter, Twitter Inc. will collect, transfer, store, disclose and use your personal data and, regardless of where you live, transfer it to the United States, Ireland or any other country where Twitter Inc. has business operations, store it and use it there.

Firstly, Twitter processes the data that you have voluntarily entered, such as your name and user name, your e-mail address, your phone number or the contacts in your address book, if you upload or synchronise this information. Secondly, Twitter also assesses the content that you have shared with a view to discovering which topics are interesting for you; it stores and processes confidential messages that you send directly to other users and it can determine where you are by using your GPS data, information about wireless networks or your IP address in order to send you advertisements or other content.

For evaluation purposes, Twitter Inc. may use analysis tools like Twitter or Google Analytics. The airport does not have any influence on the use of these kinds of tools by Twitter Inc. and has not been informed about any such potential use either. If Twitter Inc. makes use of these kinds of tools for the airport account, the airport has not commissioned this work or given it its blessing or supported it in any other way. The data that is obtained through the analysis process is not made available to the airport either. The airport can only see certain, non-personal information about Tweet activity, e.g. the number of profile or link clicks generated by a particular Tweet, via its account. The airport does not have any opportunity of preventing or stopping the use of these kinds of tools on its Twitter account either.

Finally, Twitter also receives information if you view content, for example, even if you have not created an account. This so-called “log data” may involve the IP address, the type of browser, the operating system, information on the website that was accessed prior to this and the sites that you have accessed, your location, your mobile phone provider, the terminal device that you are using (including the device ID and application ID), the search terms that you use and cookie information.

Twitter is able to log your visits to these websites and assign them to your Twitter profile via the Twitter buttons or widgets that are embedded in websites and by using cookies. Content or advertisements can then be tailored to you by means of this data.

You have opportunities to restrict the processing of your data in the general settings in your Twitter account and under the “Data privacy and security” menu item. You can also restrict Twitter’s access to contact and calendar data, photos, location data etc. on mobile devices (smartphones, tablet computers) in the settings available there. However, this depends on the operating system that you are using. You can obtain further information about these issues from the following Twitter support sites:

https://support.twitter.com/articles/105576# or 

https://help.twitter.com/de/search?q=datenschutz

You can find out about the opportunity to view your own data at Twitter here:

https://support.twitter.com/articles/20172711#

You will find information about the conclusions that Twitter draws about you here:
https://twitter.com/your_twitter_data

You will find information about the current personalisation and data privacy setting options here (with further information):

https://twitter.com/personalization

You also have the opportunity of requesting information via the Twitter data privacy form or the archive requirements: 

https://support.twitter.com/forms/privacy

https://support.twitter.com/articles/20170320#

LinkedIn: Social media network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website: https://www.linkedin.com; data privacy statement: https://www.linkedin.com/legal/privacy-policy; Privacy Shield (guaranteeing the data privacy level when data is processed in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; opt-out opportunity: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Website: www.facebook.com;

Data privacy statement: https://www.facebook.com/about/privacy;

Adequacy decision in the EU-U.S. Data Privacy Framework (guaranteeing the level of data privacy when processing data in third countries): https://www.dataprivacyframework.gov/s/participant-search

You can find more information about the agreement on shared responsibility here:

https://www.facebook.com/legal/terms/page_controller_addendum.

 

Travel agency platform

(1) If you would like to use our travel agency platform, you must register by specifying your surname, first name as well as your form of address, your e-mail address, the name and address of your travel agency a password that you choose yourself and a user name that you can freely select and to upload your travel agency pass.  It is not necessary to provide your real name. We use the so-called double opt-in procedure for registration, i.e. your registration has only been completed if you first confirm your registration through a confirmation e-mail, which is sent to you for this purpose, and you click on the link that it contains. If you do not provide this confirmation within 24 hours, your registration is automatically deleted from our database. You must specify the data mentioned above – but you are free to provide any other information on a voluntary basis.

If you have confirmed your registration, we will check the legitimacy of your registration and activate your access if our check is positive. We will send you another confirmation e-mail for this purpose. If the check is negative, we will immediately delete your data.

(2) If you use our platform, we store the necessary data about you in order to complete the agreement until we finally delete your access. The legal basis for this is Article 6 Para. 1 (b) of the GDPR. We also continue to store any voluntary data that you have specified during the time that you use the portal, if you do not object to this use. The legal basis for this is Article 6 Para. 1 (a) of the GDPR. If you wish to cancel your consent, please read the section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

(3) The link is encrypted using TLS technology in order to prevent any unauthorised access by third parties to your personal data, particularly your financial data.

(4) We involve outside providers in order to make this service available to you. We have carefully selected and commissioned them, they are bound by our instructions and we regularly check them. They have also been bound by a contract to adopt the same protective precautions as we do to protect your personal data.

Wi-Fi for guests

The Controller according to Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Mitteldeutsche Flughafen AG, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@mdf-ag.com. You can reach our data protection officer at datenschutz@mdf-ag.com or use our postal address; please address your letter to the “Data Protection Officer”.  

In order to make Wi-Fi for guests available to you, it is necessary to process some of your personal data.

By providing Wi-Fi for guests, we enable you to make use of an Internet hotspot free of charge during the time of your visit as a guest of Mitteldeutsche Flughafen AG, Flughafen Leipzig/Halle GmbH, PortGround GmbH, Flughafenservicegesellschaft mbH or Flughafen Dresden GmbH. Each guest receives an individual access code to enable you and other guests to gain secure access.

Which data is processed?

 

a.) Generating the access code

Personal data is required in order to generate the access code. The processing work covers your surname, your first name and an e-mail address, to which your individual access code is sent.

 

b.) Usage data

 

When people use our Wi-Fi services for guests, information is automatically logged and stored in our router. This involves the following data:

  • the MAC address of the device that you are using to access our guest Wi-Fi system
  • the time when you logged in or logged out of the guest Wi-Fi system

 

The MAC address (Media Access Control Address) is the name of a hardware address that is assigned on one occasion and by means of which each device can be clearly designated. It is stored in the hardware, particularly in network cards in computers, phones, laptops or even access points.

 

We make use of the data mentioned here for the following purposes:

  • to guarantee that our guest Wi-Fi services run smoothly in line with what is technically necessary,
  • to uncover, identify and follow up any infringements against the conditions of use of our guest Wi-Fi system.

We process your data on the basis of the usage agreement that exists between you and us according to Article 6 Para. 1 Sentence 1 b) of the GDPR.

Data may also be processed on the legal basis of Article 6 Para. 1 Sentence 1 f) of the GDPR. We have a legitimate interest in processing your data, for example, if the processing work is necessary to defend our rights and claims and this does not oppose your interests. Please also take note of the section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. 

 

The employees in the IT Department, who are responsible for the guests’ Wi-Fi system, have access to your data within our corporate group. Your data is only forwarded to outside bodies:

  • to safeguard our legitimate interests, particularly if it is necessary to forward the data to assert any legal claims;
  • to which we are obliged to provide information, notification or forward data or if forwarding the data is in the public interest;

Apart from this, we will not forward your data to any third parties. 

The data for your personal access is deleted 30 days after your user account expires.

The usage data is deleted from our router after 30 days. 

No data is forwarded to agencies in countries outside the European Union (EU) or the European Economic Area (EEA) (so-called third countries).

Rights of data subjects

(1) You have the following rights with us with regard to the personal data that concerns you:

  • the right to information,
  • the right to correction or deletion,
  • the right to have the processing work restricted,
  • the right to object to the processing work,
  • the right to data portability.

(2) You also have the right to complain to a data protection supervisory body about the way that we are processing your personal data.

Parking for travel agency clerks

The Controller in the sense of data protection law is Mitteldeutsche Flughafen AG, Terminalring 11, 04435 Flughafen Leipzig/Halle, e-mail: info@mdf-ag.com; you can contact our data protection officer at datenschutz@mdf-ag.com or please address your letter to the “Data Protection Officer”.

We need some personal data from you to be able to offer you car parking discounts as a travel agency clerk. We collect the following information about you on the application form:

  • personal data (name, first name, signature)
  • contact data (e-mail address, phone number and similar data)
  • address data (name of the travel agency, address of the travel agency and similar data)
  • travel data (flight, destination and parking time)

Your personal data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract that exists between us or perform pre-contractual measures. It is not possible for you to make use of any car parking discounts if we cannot process your data. Your data is particularly collected and processed for contract-related communications with you, to identify you as a person and to prove that you meet the conditions to make use of the discount.

We may also process your data, if necessary, to maintain our legitimate interests (Article 6 Para. 1 (f) of the GDPR), for example, for purposes like:

  • advertising or market or opinion research, if you have not objected to your data being used;
  • statistical assessments or market analysis;
  • the restricted storage of data, if deletion is not possible or only possible with a disproportionate amount of effort because of the special type of storage.

You have the right to file an objection to any processing of your data on the basis of the rights that you have. You can find more information in the relevant section entitled CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

We process and store your data for the duration of our business relationship. This also includes preparing for a contract (pre-contractual legal relationship) and processing a contract.

We are also subject to various storage and documentation obligations, which arise from the German Commercial Code and the Fiscal Code, among other things. The periods prescribed there for storage or documentation continue for up to 10 years beyond the end of the business relationship or the pre-contractual legal relationship.

Making contact by e-mail or the contact form

If you contact us by e-mail or via a contact form, we store the data that you give us (your e-mail address, your surname, your first name, possibly your phone number and address for booking enquiries) so that we can answer your questions and/or process your enquiry. This data is processed on the basis of Article 6 Para. 1 (b) of the GDPR in order to complete a contract or perform pre-contractual measures. We process the data that you voluntarily make available to us on the basis of your consent according to Article 6 Para. 1 (a) of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information in the appropriate section entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

Any data that accumulates in this connection is deleted once it is no longer necessary to store it or you have cancelled your consent – if the processing work has taken place on the basis of your consent. If it is not possible to delete it because of statutory retention periods or other circumstances, we will restrict the processing work.

Dresden conference center

The Controller in the sense of Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Flughafen Dresden GmbH, Flughafenstrasse, 01109 Dresden, info@dresden-airport.de. You can contact our data protection officer at datenschutz@dresden-airport.de or send a letter to the “Data Protection Officer” at the aforementioned address. 

 

We collect and process your data in order to initiate and complete a business relationship or for a pre-contractual relationship or for other enquiries. You only need to make available the data that is necessary for this or the data that we must collect for statutory reasons. Without this data, we will not normally be able to conclude or perform the agreement or answer your enquiries. This may also refer to data that is necessary at a later date as part of the business relationship. If we request any data beyond this, you will be informed that its disclosure is voluntary.

a) Purposes to conclude an agreement or for pre-contractual measures (Article 6 Para. 1 b of the GDPR)

The processing of personal data takes place to perform our agreements with you and complete your orders or to perform measures and activities as part of pre-contractual relationships, e.g. with interested parties. The processing work therefore particularly serves to provide the services in line with your orders and wishes and covers the services, measures and activities that are necessary for this. They largely include the communications with you related to the agreement, the verifiability of transactions, orders and other arrangements or for quality control purposes through appropriate documentation, measures to control and optimise business processes, compliance with the general obligations to exercise care or for management and control by associated companies (e.g. the parent company), if this is necessary as part of the pre-contractual relationship or to satisfy the contractual arrangements.

b) Purposes as part of a legitimate interest for us or for third parties (Article 6 Para. 1 f of the GDPR)

We may process your data beyond actually performing the agreement or preliminary contract too if it is necessary to maintain our legitimate interests or those of third parties. These purposes may involve, for example:

- advertising or market or opinion research, provided that you have not objected to the use of your data for this; you can find more information about this in the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”;

- statistical assessments or market analysis;

- the restricted storage of the data, if deletion is not possible because of the special type of storage or only with a disproportionate degree of effort and expense;

- building and equipment safety (e.g. through access checks and video monitoring), if this goes beyond the general obligations to exercise care.

You have a right to object to any processing on the basis of a legitimate interest. You can find more information about this in the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

 

c) Purposes to fulfil statutory provisions (Article 6 Para. 1 c of the GDPR) or if they are in the public interest (Article 6 Para. 1 e of the GDPR)

Any processing of your personal data can also take place for the purpose of fulfilling statutory provisions (Article 6 Para. 1 c of the GDPR) or if it is in the public interest (Article 6 Para. 1 e of the GDPR). This may involve statutory requirements (e.g. commercial and tax laws), but also supervisory provisions or those imposed by other public authorities.

You have a right to object to any processing on the basis of Article 6 Para. 1 e of the GDPR. . You can find more information about this in the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

 

Types of data:

The data about you, which we process, may particularly involve the following:  

- personal data (e.g. your name, profession/sector and comparable data);

- contact data (e.g. your address, e-mail address, phone number and comparable data);

- address data (e.g. your registration data and comparable data);

- payment data.

The data is sent to the internal offices or organisational units within our company, which require the data to meet our contractual or statutory obligations or as part of processing and implementing our legitimate interest. Data is only passed on to outside organisations:

- in conjunction with handling the agreement;

- for the purposes of fulfilling statutory provisions;

- if we are obliged to disclose, register or pass on data or forwarding the data is in the public interest (cf. section c));

- if outside service companies are processing data as a contract processor on our behalf (e.g. external data centres, support/maintenance of computer/IT applications, archiving, processing receipts, data destruction, purchasing/procurement, data disposal companies, courier services, logistics);

- because of our legitimate interest or the legitimate interest of the third party for the purposes mentioned in section b) (e.g. companies within the corporate group, committees and supervisory bodies).

 

How long your data is stored

We process and store your data throughout the duration of our business relationship. This also includes preparing the way for an agreement (pre-contractual legal relationship) and handling an agreement.

We are also subject to various retention and documentation obligations, some of which arise from the Commercial Code and the Tax Code. The retention or documentation periods prescribed in these documents continue for up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.

Special statutory provisions may require a longer retention period, e.g. when maintaining evidence as part of the statutory period of limitation provisions. The normal statutory period of limitations is three years according to Sections 195ff in the German Civil Code, but statute of limitation periods of up to 30 years may also apply.

If the data is no longer necessary to meet contractual or statutory obligations and rights, it is regularly deleted, unless its – restricted – further processing is necessary to meet the purposes listed under b) arising from an overriding legitimate interest. This kind of overriding legitimate interest exists, if, for example, deletion is not possible because of the special type of storage or only with a disproportionate degree of effort and expense and any processing for other purposes is excluded because of suitable technical and organisational measures.

 

Your data processed in a third country or by an international organisation

Data is only passed on to offices in countries outside the European Union (EU) or the European Economic Area (EAA), so-called third countries, if this is prescribed in law to perform an order/agreement by or with you (e.g. tax law notification requirements), if it affects our legitimate interest or that of a third party or if you have provided your consent for this.

The processing of your data in a third country may also take place in conjunction with making use of service companies in the form of contract processing. If the EU Commission has not decided that an appropriate level of data security exists in the country involved, we will guarantee through relevant agreements that your rights and liberties are protected and guaranteed appropriately. We can make the relevant detailed information available to you on request.

You may ask for information about the suitable or appropriate guarantees and the possibility of obtaining a copy of them by sending a request to the company’s data protection officer.

 

Rights of data subjects

(1) You have the following rights with us with regard to the personal data that concerns you:

  • the right to information,
  • the right to correction or deletion,
  • the right to have the processing work restricted,
  • the right to object to the processing work,
  • the right to data portability.

(2) You also have the right to complain to a data protection supervisory body about the way that we are processing your personal data.

Leipzig/Halle Airport conference center

The Controller in the sense of Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Flughafen Leipzig/Halle GmbH, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@leipzig-halle-airport.de. You can contact our data protection officer at datenschutz@leipzig-halle-airport.de or send a letter to the “Data Protection Officer” at the aforementioned address. 

 

We collect and process your data in order to initiate and complete a business relationship or for a pre-contractual relationship or for other enquiries. You only need to make available the data that is necessary for this or the data that we must collect for statutory reasons. Without this data, we will not normally be able to conclude or perform the agreement or answer your enquiries. This may also refer to data that is necessary at a later date as part of the business relationship. If we request any data beyond this, you will be informed that its disclosure is voluntary.

a) Purposes to conclude an agreement or for pre-contractual measures (Article 6 Para. 1 b of the GDPR)

The processing of personal data takes place to perform our agreements with you and complete your orders or to perform measures and activities as part of pre-contractual relationships, e.g. with interested parties. The processing work therefore particularly serves to provide the services in line with your orders and wishes and covers the services, measures and activities that are necessary for this. They largely include the communications with you related to the agreement, the verifiability of transactions, orders and other arrangements or for quality control purposes through appropriate documentation, measures to control and optimise business processes, compliance with the general obligations to exercise care or for management and control by associated companies (e.g. the parent company), if this is necessary as part of the pre-contractual relationship or to satisfy the contractual arrangements.

b) Purposes as part of a legitimate interest for us or for third parties (Article 6 Para. 1 f of the GDPR)

We may process your data beyond actually performing the agreement or preliminary contract too if it is necessary to maintain our legitimate interests or those of third parties. These purposes may involve, for example:

- advertising or market or opinion research, provided that you have not objected to the use of your data for this; you can find more information about this in the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”;

- statistical assessments or market analysis;

- the restricted storage of the data, if deletion is not possible because of the special type of storage or only with a disproportionate degree of effort and expense;

- building and equipment safety (e.g. through access checks and video monitoring), if this goes beyond the general obligations to exercise care.

You have a right to object to any processing on the basis of a legitimate interest. You can find more information about this in the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

 

c) Purposes to fulfil statutory provisions (Article 6 Para. 1 c of the GDPR) or if they are in the public interest (Article 6 Para. 1 e of the GDPR)

Any processing of your personal data can also take place for the purpose of fulfilling statutory provisions (Article 6 Para. 1 c of the GDPR) or if it is in the public interest (Article 6 Para. 1 e of the GDPR). This may involve statutory requirements (e.g. commercial and tax laws), but also supervisory provisions or those imposed by other public authorities.

You have a right to object to any processing on the basis of Article 6 Para. 1 e of the GDPR. . You can find more information about this in the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”.

 

Types of data:

The data about you, which we process, may particularly involve the following:  

- personal data (e.g. your name, profession/sector and comparable data);

- contact data (e.g. your address, e-mail address, phone number and comparable data);

- address data (e.g. your registration data and comparable data);

- payment data.

The data is sent to the internal offices or organisational units within our company, which require the data to meet our contractual or statutory obligations or as part of processing and implementing our legitimate interest. Data is only passed on to outside organisations:

- in conjunction with handling the agreement;

- for the purposes of fulfilling statutory provisions;

- if we are obliged to disclose, register or pass on data or forwarding the data is in the public interest (cf. section c));

- if outside service companies are processing data as a contract processor on our behalf (e.g. external data centres, support/maintenance of computer/IT applications, archiving, processing receipts, data destruction, purchasing/procurement, data disposal companies, courier services, logistics);

- because of our legitimate interest or the legitimate interest of the third party for the purposes mentioned in section b) (e.g. companies within the corporate group, committees and supervisory bodies).

 

How long your data is stored

We process and store your data throughout the duration of our business relationship. This also includes preparing the way for an agreement (pre-contractual legal relationship) and handling an agreement.

We are also subject to various retention and documentation obligations, some of which arise from the Commercial Code and the Tax Code. The retention or documentation periods prescribed in these documents continue for up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.

Special statutory provisions may require a longer retention period, e.g. when maintaining evidence as part of the statutory period of limitation provisions. The normal statutory period of limitations is three years according to Sections 195ff in the German Civil Code, but statute of limitation periods of up to 30 years may also apply.

If the data is no longer necessary to meet contractual or statutory obligations and rights, it is regularly deleted, unless its – restricted – further processing is necessary to meet the purposes listed under b) arising from an overriding legitimate interest. This kind of overriding legitimate interest exists, if, for example, deletion is not possible because of the special type of storage or only with a disproportionate degree of effort and expense and any processing for other purposes is excluded because of suitable technical and organisational measures.

 

Your data processed in a third country or by an international organisation

Data is only passed on to offices in countries outside the European Union (EU) or the European Economic Area (EAA), so-called third countries, if this is prescribed in law to perform an order/agreement by or with you (e.g. tax law notification requirements), if it affects our legitimate interest or that of a third party or if you have provided your consent for this.

The processing of your data in a third country may also take place in conjunction with making use of service companies in the form of contract processing. If the EU Commission has not decided that an appropriate level of data security exists in the country involved, we will guarantee through relevant agreements that your rights and liberties are protected and guaranteed appropriately. We can make the relevant detailed information available to you on request.

You may ask for information about the suitable or appropriate guarantees and the possibility of obtaining a copy of them by sending a request to the company’s data protection officer.

 

Rights of data subjects

(1) You have the following rights with us with regard to the personal data that concerns you:

  • the right to information,
  • the right to correction or deletion,
  • the right to have the processing work restricted,
  • the right to object to the processing work,
  • the right to data portability.

(2) You also have the right to complain to a data protection supervisory body about the way that we are processing your personal data.

 

Share content

The website has a function to enable you to share content. You can share material through the link to other platforms or via the Messenger app etc. or by sending an e-mail.

We also make use of so-called social media buttons. You can discover more about them by referring to the “SOCIAL MEDIA BUTTONS” tab.

Social Media Buttons

By using the social media BUTTONS (logos) for specific platforms, which are connected to the press releases, you can share them in social networks. The inclusion of the buttons enables us to increase the coverage of our content. We make use of the following buttons:

  • Facebook
  • Twitter
  • WhatsApp
  • Xing
  • LinkedIn
  • E-mail
  • Hyperlinks

We use the so-called 2-click solution to stop any unauthorised transmission of data to the social networks. This means that data is only forwarded if you have clicked on the relevant button. You can find out about other ways of sharing content under the tab called “SHARING CONTENT”.

When sharing material via social media buttons, a link is forwarded and is published in the relevant social network.

Dresden Airport Lounge

It is possible to use the Dresden Airport Lounge at Dresden Airport before take-off. However, you must make a booking in advance to use the Lounge. We describe here how we process your personal data in conjunction with bookings or booking inquiries.

The Controller in the sense of Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is Flughafen Dresden GmbH, Flughafenstrasse, 01109 Dresden, info@dresden-airport.de You can reach our Data Protection Officer at datenschutz@dresden-airport.de or send a letter to our postal address; please address your letter to the “Data Protection Officer”.  

1. Usage

If you would like to make a booking for the Airport Lounge on our website, this takes place via the booking system operated by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The services for handling online payments (bank transfers, credit and debit cards, SEPA direct debits, immediate bank transfers) are handled by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle the procedure that you have requested, it is necessary to collect and process personal data from you. The information, which is absolutely necessary to process your booking enquiry, is marked by a star* and involves your surname, your first name(s), your e-mail address and your postal address. Your payment data is also collected in order to conclude the payment procedure directly as part of the booking process. You can also make other data available to us. The boxes that are not marked by a star* involve information that is not compulsory and this can be specified on a voluntary basis.

The processing of the compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to complete a contract or to fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data protection provided by bookingkit. You will find this at: https://bookingkit.net/de/datenschutzerklaerung/.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we purse when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits – we are able to plan the occupancy rate at the Airport Lounge in a better way and this eases the pressure on personnel at any points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess the forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have the right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about the conditions of use and data processing provided by bookingkit. You will find this at: https://bookingkit.net/de/datenschutzerklaerung/.

Bookings

The booking procedure takes place directly in the booking system integrated on our website, which is provided by bookingkit. The data is stored and processed for the purpose of processing and completing your booking or order. You can find more detailed information about the conditions of use and data protection and the possible commissioning of third parties to process the data by bookingkit at: https://bookingkit.net/de/datenschutzerklaerung/.

Payments

Our service provider, bookingkit, collects personal data, which is then forwarded to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider.

MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business at MANGOPAY.

Deletion

We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

2. Ordering a voucher

If you would like to order a voucher on our website, this takes place via the booking system provided by bookingkit GmbH, Sonnenallee 233, 12059 Berlin (“bookingkit”). The services for handling online payments [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers] are provided by MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg (“MANGOPAY”).

In order to handle the procedure that you have requested, it is necessary to collect and process personal data from you. In this connection, we gather your surname and first name, your e-mail address and your postal address. You can also make other data available to us. The information, which is absolutely essential for processing your booking inquiry, is marked by a star*. The boxes that are not marked by a star* involve information that is not compulsory and this can be specified on a voluntary basis.

Processing any compulsory information takes place on the basis of Article 6 Para. 1 b of the GDPR in order to complete a contract or to fulfil pre-contractual measures. We process the data that you make available to us voluntarily on the basis of your consent according to Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about conditions of use and data processing provided by bookingkit. You will find this information at: https://bookingkit.net/de/datenschutzerklaerung/.

We base the usage of the booking system, the online payment functions and the associated transfer and processing of your data by bookingkit and MANGOPAY on Article 6 Para. 1 f of the GDPR – our so-called legitimate interest – provided that this has not already been covered by the aforementioned legal principles. The legitimate interests that we pursue when using a digital booking solution particularly involve the increased range and the related ability to market our services more efficiently as a result of having better contact with our customers. The digitalisation of the booking process also enables us to organise this in a more customer-friendly manner, because the booking can be made quickly, comfortably and from any place and at any time. Using a digital booking solution also provides other benefits: we are able to plan the occupancy rate at the Airport Lounge in a better way and this eases the pressure on personnel at any points. In addition to mapping the booking process in a timely manner, digitalisation also enables us to assess the forecast the bookings in a better way and simplify the collection of feedback so that we can continually improve our service.

You have the right in certain circumstances to cancel any processing work that takes place on the basis of Article 6 Para. 1 f of the GDPR. You will find more detailed information about this under the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”. Please also note the further information about the conditions of use and data processing provided by bookingkit. You will find this at: https://bookingkit.net/de/datenschutzerklaerung/.

Placing orders

The ordering procedure takes place directly in the booking solution integrated on our website, which is provided by bookingkit. Your personal data is forwarded to bookingkit and processed there, with the exception of your payment data. The data is stored and processed for the purpose of processing and handling your order. You can find more detailed information about the conditions of use and data protection and the possible commissioning of third parties to process the data by bookingkit at: https://bookingkit.net/de/datenschutzerklaerung/.

Payments

Our service provider, bookingkit, collects personal data and then forwards it to the payment provider, MANGOPAY S.A, 10 boulevard Royal, L-2449 Luxembourg, so that the latter can process the payment. The personal data collected by bookingkit for this purpose involves your name and your e-mail address. bookingkit does not collect any other data and forward it to MANGOPAY as the payment service provider.

MANGOPAY itself then collects your actual payment data in order to handle payments by [bank transfers, credit and debit cards, SEPA direct debits, immediate transfers]. To enable you to use these services, MANGOPAY collects, stores and processes personal data according to MANGOPAY’s conditions of use and it is responsible for handling this data in a lawful manner. You can find more information about this in the data privacy guidelines provided by MANGOPAY at: https://www.mangopay.com/privacy. Please note that it may be necessary to forward data to the actual provider of the payment method, depending on which payment method has been selected; this is the case, for example, with SOFORT Klarna. Please take note of the aforementioned terms of business at MANGOPAY.

Deletion

We shall delete the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent – or, if we are processing your data on the basis of our legitimate interest, we are obliged to delete your data if you object to this. Please also take note of the relevant tab entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA” in this respect. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

Air freight

If you are interested in our air freight services, you can make contact with us using the contact data that is specified here. This involves collecting some personal data from you.

The Controller in the sense of Article 4 Para. 7 of the EU’s General Data Protection Regulation (GDPR) is PortGround GmbH, Terminalring 11, 04435 Flughafen Leipzig/Halle, info@portground.com. You can contact our Data Protection Officer at datenschutz@portground.com or send a letter to our postal address; please address your letter to the Data Protection Officer.

When you make contact with us by e-mail, we store the data that you communicate to us (your e-mail address, surname, first name and possibly phone number and address for booking enquiries) so that we can answer your questions and/or process your enquiry. We process this data on the basis of Article 6 Para. 1 b of the GDPR to complete a contract or to fulfil pre-contractual measures. We process the data, which you voluntarily make available to us, on the basis of your consent in line with Article 6 Para. 1 a of the GDPR. You can cancel the consent that you have given us at any time. You will find more detailed information about this under the relevant tab entitled “Cancelling or objecting to the processing of your data”. 

We shall delate the data that has accrued in this connection once storage is no longer necessary or if you have cancelled your consent – if processing has taken place on the basis of any consent. If it is not possible to delete the data because of statutory storage periods or other circumstances, we shall restrict our processing work.

Visits to the website

Gathering personal data when you visit our website

If you only use our website for information purposes, i.e. if you do not register or send us any other information, we only gather the personal data that your browser sends to our server. If you wish to view our website, we gather the following data, which is technically essential for us so that we can display our website for you and guarantee its stability and reliability (the legal basis is Article 6 Para. 1 Sentence 1 (f) of the GDPR – please bear in mind the section on this topic entitled “CANCELLING OR OBJECTING TO THE PROCESSING OF YOUR DATA”

  • The IP address
  • The date and time of the enquiry
  • The time zone difference in terms of Greenwich Mean Time (GMT)
  • The content of the request (specific page)
  • The access status/HTTP status code/li>
  • The amount of data transferred in each case
  • The website, from which the request comes
  • The browser
  • The operating system and its user interface
  • The language and version of the browser software
  • Cookies – you can find more information about them in the relevant section entitled “COOKIES”

Cancelling or objecting to the processing of your data

1. Cancellation

If you have granted your consent to have your data processed, you can cancel it at any time. This kind of cancellation, however, does not affect the legitimacy of the processing work on your personal data until you have sent us your cancellation. The legitimacy of any processing work that has taken place up to this time is not affected by your cancellation.

2. Objection

(1) If we base the processing of your personal data on a balancing of interests, you can lodge an objection to the processing work. If you make use of this kind of objection, we would ask you to outline the reasons why we should not continue to process your personal data as we have done in the past. If your objection is justified, we will check the circumstances and will either halt the processing of your data or adapt it or indicate to you our mandatory reasons that need to be protected, on the basis of which we will continue to process the information.

(2) You can naturally object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can inform us of your objection to advertising by using the following contact data:

Mitteldeutsche Flughafen AG
Data Protection Officer
Terminalring 11
04435 Flughafen Leipzig/Halle

datenschutz(at)mdf-ag.(dot)com

Legally binding version

The German version of the data protection stipulations is legally binding.

Contact:
Mitteldeutsche Flughafen AG
Data Protection Officer
Terminalring 11
04435 Flughafen Leipzig/Halle
Mail: datenschutz(at)mdf-ag.com