Privacy  Policy

Data protection statement

1. Controller

We, AVIATION DataHub GmbH, Weg beim Jäger 193, 22335 Hamburg, Germany, (hereinafter also referred to as "AVIATION DataHub", "we" or "us"), hereby provide you with information on the processing of your personal data collected as part of your use of our website https://www.aviation-data-hub.com/ ("website").

If you have further questions on the subject of data protection in connection with our website or the services offered on it, please contact our data protection officer:

Data protection officer of the Lufthansa Group
E-mail: datenschutz@dlh.de 

2. Scope and purpose of and legal basis for the processing of personal data

We collect and use personal data directly from our users or from other sources (see below) in the following situations:

2.1. Provision of the website and creation of log files

Whenever users visit our website, our system automatically records data and information from the computer system used to call our website. The following data ("technical information") is collected in the process:

  • Information on the type of browser used and its version
  • The user's operating system
  • The user's Internet service provider
  • The user's IP address
  • The date and time of access
  • Websites from which the user's system accesses our website
  • Websites that the user's system calls from our website

We collect and use this technical information for purposes of (network) security (such as to combat cyberattacks), marketing, and to be able to better understand our users' needs, as well as to continuously improve our website and to enable us to deliver the website to the user's computer system.

The log files contain IP addresses or other data that may, in some cases, be able to be associated to a user. That may be the case, for example, if personal data is contained in the link to the website from which the user enters our website, or the link to the website to which the user switches.

The data is likewise stored in our system's log files. This data is not stored together with other personal data of the user.

The legal basis for the temporary storage of data and log files is Article 6(1)(f) of the EU General Data Protection Regulation (GDPR). 

2.1.1. Use of cookies

Our website uses cookies. Cookies are text files that are stored in your web browser. If you call a website, a cookie may be stored on your operating system. This cookie contains a characteristic string that allows your browser to be identified unambiguously if you call the website again. There are two types of cookies:     

- session cookies, which are temporary and are erased when you close your browser at the end of your surfing session. The next time you visit our website it will not recognize you and will treat you as a new visitor.

- persistent cookies, which stay in one of your browser's subfolders until you delete them manually or your browser deletes them based on the duration period contained within the persistent cookie's file.

Cookies are stored on your computer system and are transferred to our site. You can disable or restrict the transfer of cookies by changing the settings in your web browser. Cookies that have already been stored can be deleted at any time. This process can be automated. If cookies are disabled for our website, you may no longer be able to use all of the website's features in full. 

We use cookies to provide you with the following functionality or information:

- your recent search terms (up to five) 
- management of different banners
- geolocalization (see section 2.2.5)

By deleting the cookies you are able to delete the stored information of our website at any time.

2.2. Use of the services offered on our website

We offer a number of services on our website. To provide those services, we must collect and process personal data from our users. 

2.2.2. Contact forms

You can address inquiries to us and get in touch with a specific contact person. To do this, you must provide your contact information.

2.2.3. Customer contact data

Contact data which an employee at AVIATION DataHub receives from the employees of our potential or actual customers for the purpose of business communication is recorded in our CRM system. 

2.2.4 Statistical analyses

We analyze your data in a data warehouse so that our users' preferences can be evaluated ("statistical analyses"), to enable marketing oriented to users' interests, personalized user address and the continuous optimization of our business processes. We process the data in this way to gain a better understanding of what our customers expect from us and to be able to offer them personal communication tailored to their needs. These analyses also help us in fraud detection, auditing, and ensuring security, i.e. we process the data to safeguard our legitimate interests in accordance with Article 6(1)(f) of the GDPR. 

2.2.5 Geolocalization

Besides persistent cookies we use your location (country and region) determined from your IP.

2.3. Our legitimate interests in processing personal data

Where Article 6(1)(f) of the GDPR is the legal basis for processing, our legitimate interests – apart from the purposes stated above – are:

- Protecting the company against material or non-material damage
- Making our products and services more professional
- Optimizing (controlling and minimizing) costs

2.4. Other processing obligations

Where we are obligated by law, we process personal data to comply with retention obligations under commercial law or to meet statutory requirements relating to security (such as those pursuant to Section 7 of the German Aviation Security Act (LuftSiG)). You can find more information on retention periods in the section "Duration of data processing" below.

3. Duration of data processing

Your personal data is erased as soon as it is no longer required for the specified purposes. It may be the case that personal data is retained for the period of time in which claims may be asserted against AVIATION DataHub. In addition, personal data is stored if and for as long as AVIATION DataHub is obligated by law to do so. Such documentation and retention obligations are stipulated by the German Commercial Code (HGB), the German Fiscal Code (AO) and the German Money Laundering Act (GwG), among others. Under this legislation, storage may be required for up to ten years.

4. Right to object in accordance with Article 21 of the GDPR

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) of the GDPR, including profiling based on those provisions.

The controller shall no longer process the personal data concerning you unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.

5. Disclosure of personal data to third party

AVIATION DataHub is committed to the fair and transparent processing of data. We therefore believe it to be important that data subjects not only have the right to object, but can also exercise the following rights if the relevant legal requirements are fulfilled:

Right to access personal data and obtain information (Article 15 of the GDPR)
Right to rectification (Article 16 of the GDPR)
Right to erasure ("right to be forgotten") (Article 17 of the GDPR)
Right to restriction of processing (Article 18 of the GDPR)
Right to data portability (Article 20 of the GDPR)

You can contact Michael.Britzke@aviation-datahub.com by e-mail to exercise your rights. To handle your request and for the purpose of identification, we note that we will process your personal data in accordance with Article 6(1)(c) of the GDPR.

You also have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for AVIATION DataHub is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
(Hamburg Commissioner for Data Protection and Freedom of Information)
Ludwig-Erhard-Str 22, 7. OG
20459 Hamburg
Germany
Phone: +49 40 42854-4040
Fax: +49 40 4279-11811
E-mail: mailbox@datenschutz.hamburg.de

6. Rights of data subjects

AVIATION DataHub is committed to the fair and transparent processing of data. We therefore believe it to be important that data subjects not only have the right to object, but can also exercise the following rights if the relevant legal requirements are fulfilled:

- Right to access personal data and obtain information (Article 15 of the GDPR)
- Right to rectification (Article 16 of the GDPR)
- Right to erasure ("right to be forgotten") (Article 17 of the GDPR)
- Right to restriction of processing (Article 18 of the GDPR)
- Right to data portability (Article 20 of the GDPR)

You can contact Michael.Britzke@aviation-datahub.com by e-mail to exercise your rights. To handle your request and for the purpose of identification, we note that we will process your personal data in accordance with Article 6(1)(c) of the GDPR.

You also have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for AVIATION DataHub is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
(Hamburg Commissioner for Data Protection and Freedom of Information)
Ludwig-Erhard-Str 22, 7. OG
20459 Hamburg
Germany
Phone: +49 40 42854-4040
Fax: +49 40 42854-4000
E-mail: mailbox@datenschutz.hamburg.de

7. Changes to this Privacy Policy

We may change the terms of this Privacy Policy from time to time. If a change in terms would reduce any protection with respect to information previously collected by us, then such information will continue to be dealt with in accordance with such protection that was contained in our policy that was in effect at the time of collection.

Last modified: 16 February 2023