Data protection information
These are the data protection notices for our Flightpass service. The sale and provision of the service is carried out by Swiss International Air Lines Ltd. The website is operated by Lufthansa Innovation Hub GmbH. You can contact us at any time about all topics relating to data protection and the fulfilment of individual rights.
Swiss International Air Lines Ltd.
Corporate data protection officer
post office box
8058 Zurich Airport
Lufthansa Innovation Hub GmbH
Rosenthaler Str. 32
2. Collection of personal data
You can visit the website and inform yourself about our offers without revealing any personal data. We only ask for personal data where this is necessary to provide our own services and to process transactions you make with SWISS or our partners. We collect and process your personal data carefully and only for the purposes described in this data protection declaration and only to the extent necessary for this purpose. We only store your personal data to the extent and for as long as it is necessary to provide our services or we are obliged by law to do so.
3. Data processing for the provision of services
In order to provide our own services and to process transactions, we require personal information to varying degrees. When a profile is opened, contact information is requested, in particular surname, first name, date of birth, telephone number and e-mail address. We also require the following information to process flights booked by you and operated by SWISS or our partners: Your preferred payment method, your address and your Miles & More membership number (if available and desired). For regulatory reasons it is also necessary for us to pass on certain personal and booking data to authorities in Switzerland and abroad in connection with security and entry clarifications (e.g. advanced passenger information data ("API data") to the authorities in the USA). If you carry out transactions directly with our partners or other third parties via the website, a contract is concluded between you and the service provider concerned. The service provider is entitled to process your personal data to process the transaction and any other services directly provided by him. The data protection principles of the service provider concerned apply. If you have any questions in this regard, please contact the respective contractual partner directly.
4. SWISS Marketing measures
We will keep you up to date on relevant developments and SWISS offers. We use the so-called double opt-in procedure to send our newsletter: If you order our newsletter on our website, e.g. by clicking on a confirmation field, we will send you a notification e-mail. You can confirm your order by activating an appropriate link. If you no longer wish to receive newsletters from us at a later date, you can unsubscribe at any time free of charge either in the newsletter itself or in your profile.
5. Data security
We protect your personal data through appropriate security measures and on secure servers. The website is protected by appropriate technical and organisational measures against loss, destruction and manipulation as well as against access, alteration or distribution by unauthorised persons. Particularly sensitive data (e.g. access data to the profile account) are encrypted during transmission via the Internet (SSL).
6. Email dispatch via Mailchimp
If you sign up for our service, we will notify you via email about current activities in your user account. In this context, we use the provider Mailjet, which takes care of the email dispatch. With the processing of data for the dispatch of product-related emails, there is no transfer to third parties.
7. Passing on the data to third parties
We do not process your data completely ourselves but use programs and services from other companies ("tools"). We will change the tools we use from time to time if we consider it appropriate for legal, technical or economic reasons. Here, too, we do not process all your data ourselves, but use the programs and services of other companies ("tools"). We will change the tools we use from time to time if this makes sense for legal, technical or economic reasons. We currently use the following tools for the administration and provision of data (in particular IP addresses, cookies and log files):
- Google Analytics und Google Tag Manager:
This website www.swiss-flightpass.ch uses functions of the web analysis service Google Analytics and the Google Tag Manager. Provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States.
If IP anonymisation is activated on this website, your IP address will first be shortened by Google in the member states of the European Union or by other contractual partners in the European Economic Area. Only in exceptional cases will the complete IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to create reports on website activity and to provide other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.
- Other tools we use to manage and deliver data:
Compensaid - CO2 compensation. Link for further information: https://compensaid.de/
If you do not allow us to use these tools, we may no longer be able to fulfil existing contracts between us or may have to resort to solutions that are less convenient for you. Passing on the data to providers or storage locations in countries outside the European Union only to the extent necessary for the completion of orders. We only transfer your data to providers or storage locations in countries outside the European Union to the extent necessary to process orders and execute contracts.
9. Rights of the data subject and right of appeal
The Lufthansa Innovation Hub attaches great importance to ensuring that our manufacturing processes are fair and transparent. They are entitled to the following rights:
- Right of access, Art. 15 DSGVO
- Right to rectification, Art. 16 DSGVO
- Right to cancellation ("right to be forgotten"), Art. 17 DSGVO
- Right to limitation of processing, Art. 18 DSGVO
- Right to data transferability, Art. 20 DSGVO
- Right of objection according to Art. 21 DSGVO
If you have given us permission to process your personal data, we hereby inform you that you can revoke this permission at any time.
You can exercise your rights by sending an e-mail to email@example.com or firstname.lastname@example.org . In order to process your application and for identification purposes, we would like to point out that we process your personal data in accordance with Art. 6 Para. 1 lit. c DSGVO and delete it after a period of 3 years.
In addition, you have the right to complain to a supervisory authority. You can find out which supervisory authority is responsible for you on the website of the Federal Commissioner for Data Protection and Freedom of Information at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html