Privacy Policy
The following gives a simple overview of what happens to your personal information when you visit our website.
Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below
1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator.
The operator’s contact details are the following:
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website.
These data are primarily technical data such as the browser and operating system you are using or when you accessed the page.
These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website.
Other data can be used to analyse how visitors use the site.
How long do we store your data?
We store your personal data in accordance with our data retention policy.
This policy is reviewed and updated internally to ensure we do not store your data for longer than is necessary.
We also review how and where we store any data to ensure that we meet our obligation to store data securely. In addition, some of the data we hold may be subject to certain legal and regulatory obligations, which provide a minimum retention period for different types of data.
The retention period varies depending on the data we hold.
What rights do you have regarding your data?
Data subjects enjoy the following rights in relation to personal data that is processed and recorded:
The right to make access requests in respect of personal data that is held and disclosed.
The right to refuse personal data processing, when to do so is likely to result in damage or distress.
The right to refuse personal data processing, when it is for direct marketing purposes.
The right to be informed about the functioning of any decision-making processes that are automated which are likely to have a significant effect on the data subject.
The right not to solely be subject to any automated decision-making process.
The right to claim damages should they suffer any loss as a result of a breach of the provisions of the GDPR.
The right to take appropriate action in respect of the following: the rectification, blocking and erasure of personal data, as well as the destruction of any inaccurate personal data.
The right to request that the relevant supervisory authority carry out an assessment as to whether any of the provisions of the GDPR have been breached.
The right to be provided with personal data in a format that is structured, commonly used and machine-readable.
The right to request that his or her personal data is sent to another data controller; and
The right to refuse automated profiling without prior approval.
Under the GDPR and the Act, you may ask for a copy of the information we hold about you and you may request rectifications be made to this information if it is inaccurate or not up to date.
Please write to the data protection officer (‘DPO’) at the AVIAREPS AG or email dataprotection@aviareps.com.
Lawful processing
The lawful bases for processing are set out in Article 6 of the GDPR. At least one of these must apply whenever
personal data is to be processed:
Consent: you have given AVIAREPS AG or one of its subsidiaries (e.g. any of the following depending on the
situation freely, specific, informed or unambiguous) consent for your personal data to be processed for a
specific purpose.
Contract performance: the processing is necessary for the performance of a contract you have with AVIAREPS AG or
one of its subsidiaries, which had asked you to take specific steps before entering into a contract.
Compliance with legal obligation: the processing is necessary for AVIAREPS AG or one of its subsidiaries to
comply with the law (e.g. the tax/social security obligation/employment law) (not including contractual
obligations).
Protection of vital interests: the processing is vital to an individual’s survival
Public interest: the processing is necessary for AVIAREPS AG or one of its subsidiaries to perform a task that
is in the public interest or for its official functions, and the task or function has a clear basis in law.
Legitimate interests: the processing is necessary for AVIAREPS AG or one of its subsidiaries legitimate
interests, or the legitimate interests of a third-party, unless there is a good reason to protect the
individual’s personal data that overrides those legitimate interests
Data security
To help protect the privacy of data and personally identifiable information you transmit through use of this our
website, we maintain physical, technical and administrative safeguards. We update and test our security technology
on an ongoing basis. We restrict access to your personal data to those employees who need to know that information
to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality
and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures
to enforce our employees’ privacy responsibilities..
Data transfer
Personal data shall not be transferred to a country outside of the EU unless the country provides appropriate
protection of the data subject’s ‘rights and freedoms’ in relation to the processing of personal data. The following
safeguards and exceptions are in place to ensure that data is not transferred to a country outside of the EU, with
the transfer being off limits, unless one or more of the safeguards or exemptions listed below apply:
Safeguards: Assessing the adequacy of the transfer, by reference of the following:
The nature of the personal data intended to be transferred
The country of origin and country of intended destination
The nature and duration of the personal data use
The legislative framework, codes of practice and international obligations of the data subject’s country
of residence; and
the security measures to be implemented in the country of intended destination in relation to the
personal data
• Binding corporate rules: AVIAREPS is free to implement approved binding corporate rules in relation to
personal data transfer outside of the EU, however only with prior permission from the relevant regulatory body.
• Model contract clauses: AVIAREPS is free to implement model contract clauses in relation to personal data
transfer outside of the EU and there will be an automatic recognition of adequacy of transfer, should the model
contract clauses receive approval from the relevant regulatory body
Exceptions: In the absence of an adequacy decision, including binding corporate rules and model contract clauses, no
transfer of personal data to a third country may take place unless one of the following preconditions is
satisfied:
Explicit consent has been provided by a fully informed data subject, who has been made aware of all possible
risks involved considering appropriate safeguards and an adequacy decision;
The personal data transfer is a prerequisite to the performance of a pre-existing contract between the data
controller and the data subject or when the data subject requests that pre-contractual measures are implemented
The personal data transfer is a prerequisite to the conclusion or performance of a pre-existing contract between
the data controller and another person, whether natural or legal, if it is in the interest of the data subje
The personal data transfer is in the public interest
The personal data transfer is required for the creation, exercise or defense of legal claims
The data subject is not capable of giving consent, whether due to physical or legal limitations or
restrictions and the personal data transfer is necessary for the protection of the key interests of the data
subject or of other persons
The personal data transfer is made from an approved register, confirmed by EU or Member State law as having
the intention of providing public information and which is open to consultation by the public or by an
individual demonstrating a legitimate interest, but only so far as the legal requirements for consultation are
fulfilled.
Analytics and third-party tools
When visiting our website, statistical analyses may be made of your surfing behaviour. This happens primarily using
cookies and analytics. The analysis of your surfing behaviour is usually anonymous, i.e. we will not be able to
identify you from this data. You can object to this analysis or prevent it by not using certain tools. Details can
be found in our privacy policy under the heading “Third-party modules and analytics.”
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information and mandatory information
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data
as confidential and in accordance with the statutory data protection regulations and this privacy policy
If you use this website, various pieces of personal data will be collected. Personal information is any data with
which you could be personally identified. This privacy policy explains what information we collect and what we use
it for. It also explains how and for what purpose this happens
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security
breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
AVIAREPS AG
Josephspitalstrasse 15
80331 Munich
Fax: +49 89-54 50 68 42
Management Board:
Edgar Lacker (CEO), Heinz Knolle, Marcelo Kaiser, Thomas Drechsler
Telephone: +49 89-55 25 33 73
Email: info@aviareps.com
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and
means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time
with future effect. An informal email making this request is sufficient. The data processed before we receive your
request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the
competent regulatory authorities. The competent regulatory authority for matters related to data protection
legislation is the data protection officer of the German state in which our company is headquartered. A list of data
protection officers and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.htmlhttps://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfilment of a contract automatically
delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer
of data to another responsible party, this will only be done to the extent technically feasible
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your
personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed.
You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the
address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements
with regard to sending promotional and informational materials not expressly requested. The website operator
reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is
received
3. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company:
PROLIANCE GmbH
www.datenschutzexperte.de
Leopoldstr. 21
80802 München
E-Mail: datenschutzbeauftragter@datenschutzexperte.de. When contacting the data protection officer, please state the company to which your inquiry relates. Please refrain from enclosing sensitive information such as a copy of an ID card.
4. Data collection on our website
Cookies
Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help
make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your
computer and saved by your browser
Most of the cookies we use are so-called “session cookies.” They are
automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These
cookies make it possible to recognize your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case
basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept
cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your
browser. Disabling cookies may limit the functionality of this website.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use
(such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of GDPR. The website operator has a
legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If
other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately
in this privacy policy.
Contact form
Should you send us questions via the contact form, we will collect the data entered on the form, including the
contact details you provide, to answer your question and any follow-up questions. We do not share this information
without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a)
GDPR. You may revoke your consent at any time. An informal email making this request is sufficient. The data
processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for
its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory
statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this
provision.
Registration on this website
You can register on our website in order to access additional functions offered here. The input data will only be
used for the purpose of using the respective site or service for which you have registered. The mandatory
information requested during registration must be provided in full. Otherwise, we will reject your registration.
To inform you about important changes such as those within the scope of our site or technical changes, we will
use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) GDPR. You may
revoke your consent at any time with future effect. An informal email making this request is sufficient. The data
processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our
website. Statutory retention periods remain unaffected.
5. Social media
Facebook plugins (Like & Share buttons)
Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California
94025, USA. The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. For an
overview of Facebook plugins, see
https://developers.facebook.com/docs/plugins/.
When you visit our site, a direct connection between your browser and the Facebook server is established via the
plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you
click on the Facebook “Like button” while you are logged into your Facebook account, you can link the content of our
site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please
note that, as the operator of this site, we have no knowledge of the content of the data transmitted to Facebook or
of how Facebook uses these data. For more information, please see Facebook’s privacy policy at https://de-de.facebook.com/policy.php.
If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of
your Facebook account.
6. Analytics and advertising
Google Analytics
This website uses Google Analytics, a web analytics service. It is operated by Google Ireland Limited, Google
Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow
an analysis of the use of the website by you. The information generated by the cookie about your use of this website
is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest
in analyzing user behavior to optimize both its website and its advertising.
IP anonymization
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within
the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the
United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened
there. Google will use this information on behalf of the operator of this website to evaluate your use of the
website, to compile reports on website activity, and to provide other services regarding website activity and
Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will
not be merged with any other data held by Google.
Browser plugin
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to
point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also
prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to
Google, and the processing of these data by Google, by downloading and installing the browser plugin available at
the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie
will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
For more information about how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
Outsourced data processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the
strict requirements of the German data protection authorities when using Google Analytics.
Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Ireland Limited, Google
Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a
conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer.
These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit
certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user
clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an
AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for
the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who
clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any
information that can be used to personally identify users. If you do not want to participate in tracking, you can
opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In
doing so, you will not be included in the conversion tracking statistics.
Conversion cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in
analyzing user behavior to optimize both its website and its advertising.
For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy: https://www.google.de/policies/privacy/.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case
basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept
cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your
browser. Disabling cookies may limit the functionality of this website.
7. Newsletter
Newsletter data
If you would like to receive our newsletter, we require a valid email address as well as information that allows us
to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No
additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested
information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a)
GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the
newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive
your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel
your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for
the members area) remain unaffected.
8. Plugins and tools
YouTube
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901
Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established.
Here
the YouTube server is informed about which of our pages you have visited.
If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly
with
your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1)
(f)
GDPR.
Further information about handling user data, can be found in the data protection declaration of YouTube und
https://www.google.de/intl/de/policies/privacy
Google Maps
This site uses the Google Maps map service via an API. It is operated by Google Ireland Limited, Google Building
Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a
Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of
places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.