Data Protection

The protection of personal data provided by internet users and app users is a top priority for LHIND. Please refer to our Data Protection page on how myIDgo ensures compliance with data protection. LHIND collects, processes and uses the personal data (hereinafter referred to as "data") of users only if they have given their consent to do so by creating a myIDgo account or if a legal provi-sion permits the collection, processing or use of the data. LHIND collects, processes and uses only such data as is necessary for the provision of LHIND's services, the use and operation of the web pages and apps or services offered.

Information on data protection
The following information on data protection is applicable with effect from May 25, 2018 and reflects the increased transparency requirements under the EU General Data Protection Regulation.

  • In the following paragraphs, we, Lufthansa Industry Solutions BS GmbH (Am Messeplatz 1, D-65479 Raunheim, Germany) are providing information on the processing of your personal data when you use our app myIDgo (“app”) or our website https://www.myidgo.com (“website”).

  • Travel items are booked via booking providers like:

  • If you have any questions on data protection in connection with our app, our website or the services offered on it, feel free to contact our Data Protection Officer:

    Group Data Protection Officer for the Lufthansa Group
    Deutsche Lufthansa AG
    E-Mail: datenschutz@dlh.de

    Requests for information can be addressed to:
    Lufthansa Industry Solution BS GmbH
    Information Office
    Am Messeplatz 1
    D-65479 Raunheim
    Germany

    or by e-mail to:
    dataaccess@lhind.dlh.de
    Communications by e-mail are not encrypted.

  • We may transfer your personal data to third parties, for example to website storage and software providers, IT service providers, or others. The above mentioned booking providers may receive your personal data stored in your profile or entered into the app or website when you make a booking through the app or website or access an external booking website.

    In the event of a request from a competent authority or court, we may disclose your personal da-ta to that authority or court.

  • All Users:

    We process personal data in keeping with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG = Bundesdatenschutzgesetz / DPA).

    We process personal data to comply with our contractual obligations under (b) of Article 6 (1) GDPR. We also process your data to safeguard our legitimate interests under (f) of Article 6 (1) GDPR:

    • Guaranteeing IT security and the IT operation in the app and on the website
    • Optimization of the respective online product or service and personalization/customization of the products and services offered to the user
    • Recognition of and attribution of characteristics to the user, e.g., for advertising-funded offers
    • Fraud prevention, protection against service-disrupting requests (denial-of-service attacks) and use of bots

    We process your data based on your consent under (a) of Article 6 (1) GDPR for specific purposes, especially:

    • booking travel items incl. confirmation emails
    • retrieving myIDTravel leisure flight data
    • for analytical purposes in order to optimize our offering for you.

    Users in Chile:

    We process your personal data based on your consent for the purposes of providing the app and website and enabling the use of the app and website and the services offered through them by users, and the other purposes set out above for all users.

  • For statutorily prescribed or contractual requirements, we have marked the input fields in the input forms in our app and on our website that are mandatory in order to enable us to enter into a contract with you or provide you the required service.

  • myIDgo is an app that enables airline employees to book travel items via partner companies and show myIDTravel flight information. For that reason, myIDgo stores user profiles that have been created on demand of myIDgo users, as well as details of bookings/refunds issued by myIDgo users.

  • Your personal data is deleted once it is no longer required for the purposes specified. We may possibly need to store your data until the duties and periods of preservation prescribed by the legislature or supervisory authorities arising out of the German Commercial Code (HGB = Handelsgesetzbuch), the German Fiscal Code (AO = Abgabenordnung) or the German Money Laundering Act (GWG = Geldwäschegesetz) or any other applicable laws lapse or expire; these are generally 6 to 10 years. In addition, we may preserve your data until the expiry of the statutory period of limitation (in Germany generally 3 years, but could also extend to 30 years in specific instances) if required to enforce, prosecute or defend legal claims. The data is deleted thereafter.

  • LHIND considers it important to make the procedures for processing data fair and transparent. We therefore firmly believe that affected persons should be able to exercise the following rights in addition to the right of objection, provided the statutory prerequisites in each case are met:

    • Right of access, Article 15 GDPR
    • Right to rectification, Article 16 GDPR
    • Right to erasure (“Right to be forgotten”), Article 17 GDPR
    • Right to restriction of processing, Article 18 GDPR
    • Right to data portability, Article 20 GDPR
    • Right to object, Article 21 GDPR

    (References to GDPR above also include equivalent rights individuals may have under laws ap-plicable to the processing of their personal data).

    To exercise these rights, you can contact us by email at support@myidgo.com
    We will need the following information for identification purposes:

    • Name
    • Postal address
    • E-mail address and optionally: customer number

    If you send us a copy of your identity card, please blank out everything except the last name, first name and address.

    Please note that in order to handle your request as well as for identification purposes, we will process your personal data in accordance with (c) of Article 6 (1) GDPR.

    In addition, if the processing of your personal data is subject to GDPR, you have the right to lodge a complaint with a supervisory authority under Article 77 GDPR read with Article 19 DPA. The supervisory authority competent for Lufthansa Industry Solutions is

    Independent State Center for Data Protection, Schleswig-Holstein (Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein)
    Postfach 71 16
    24171 Kiel

    Holstenstrasse 98
    24103 Kiel

    Telephone: +49 4 31/988-12 00
    Fax: +49 4 31/988-12 23
    E-mail: mail@datenschutzzentrum.de

    Users in Chile also have the following rights:

    • Right to request information on the processing of your personal data
    • Right to request that incorrect or incomplete data be modified
    • Right to request that your personal data be deleted if they are stored without a legal basis or if they are out of date
    • Right to request the deletion or blocking of your personal data, if applicable, if the data have been provided voluntarily or if they are used for commercial communications and you no longer wish to be included in the relevant register, either permanently or temporarily
    • Right to oppose the use of your personal data for advertising, market research or opinion polling purposes.

  • If you have given us consent to process your personal data, please note that you can withdraw your consent at any time.

    Users in Chile may not be able to continue using the website or app after withdrawing their consent.

    If you have given us your consent in the app or on the website and wish to withdraw your consent, please contact support@myIDgo.com.

    Please note that a withdrawal of consent has prospective effect only and does not affect the lawfulness of any processing performed in the past. In some cases, we are entitled to continue to process your personal data in spite of your withdrawal on some other legal basis - such as to satisfy a contract.

  • If the processing of your personal data is subject to GDPR, you have the right, for reasons dictated by your own circumstances, to file an objection at any time against the processing of your personal data under (e) or (f) of Article 6 (1) GDPR.

    The controller will stop further processing of your personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing serves to establish, exercise or defend legal claims.

    You may exercise your right to object by automated means using technical specifications in the context of the use of information society services – notwithstanding Directive 2002/58/EC.

  • These data protection instructions address only processing in the app on this website. Other websites are not covered by these data protection instructions; these provide their own specific data protection instructions.

  • When a user uses our app, our system collects data and information from each visit using automated means. The following data (“technical information”) is collected:

    1. The user’s operating system
    2. Device information (type, model, resolution) including localization settings
    3. The IP address of the user
    4. Date and time of access
    5. Actions of the user performed in the app including search requests, booking request etc.
    6. Personal data entered by the user

    This data is also stored in our logfiles. The data is stored along with the user’s other personal data.

    We collect and use this technical information for purposes of (network) security (in order to fight cyber attacks, for instance) and for marketing purposes as well as to gain a better understanding of our users’ needs and to continually enhance our app and website and facilitate delivery of the app and website on the user’s system.

    In the EU, the legal basis for the temporary storage of data and log files is our legitimate interest under (f) of Article 6 (1) GDPR.

  • Our app uses technical / authentication cookies. Cookies are text files that are stored within the Internet browser or by the Internet browser on the user's device. When a user visits a website, a cookie may be stored within the user’s operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when the website is accessed again. The user-related information that is stored in the cookies can be reused when called up again. This means that the settings made in previous website visits are also available for a revisit. Third-party cookies may transfer data to the respective providers.

    Cookies are stored on the user's device and transmitted to our app. As a user, therefore, you have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing settings in your Internet browser. Cookies saved previously can be deleted at any time. This can also happen automatically. If cookies are disabled for our app, it is possible that not all features on the app will be fully usable.

  • The Ombudsman is a freelance attorney who is not an employee of the Lufthansa Group. As a neutral, independent contact, the Ombudsman takes complaints in writing or by telephone and provides them to the Corporate Compliance Office in an anonymized form, if this is what the complainant wishes. The identity of the complainant is protected by attorney-client privilege. Moreover, the Lufthansa Group has contractually agreed not to request access to any legally privileged information and to be informed of the complainants´ name only following his/her express consent.

    Contact details: Ombudsman-System