Data Protection

Information on data protection
The following information on data protection is applicable with effect from May 25, 2018 and reflects the increased transparency requirements under the EU General Data Protection Regulation.

  • In the following paragraphs, we, Lufthansa Industry Solutions BS GmbH (Am Messeplatz 1, D-65479 Raunheim, Germany) are providing information on the processing of your personal data when you use our app myIDgo (“app”) or our website https://www.myidgo.com (“website”).

  • Travel items are booked via booking providers like:

    Additionally, flight data delivered by website www.myIDTravel.com may be shown, if requested by the app user / myIDTravel user.

    Whom can I approach?

    If you have any questions on data protection in connection with our app, our website or the services offered on it, feel free to contact our Data Protection Officer:

    Group Data Protection Officer for the Lufthansa Group
    Deutsche Lufthansa AG
    E-Mail: datenschutz@dlh.de

    Requests for information can be addressed to:
    Lufthansa Industry Solution BS GmbH
    Information Office
    Am Messeplatz 1
    D-65479 Raunheim
    Germany

    or by e-mail to:
    dataaccess@lhind.dlh.de
    Communications by e-mail are not encrypted.

  • We process personal data in keeping with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (DPA).

    We process personal data to comply with our contractual obligations under (b) of Article 6 (1) GDPR. We also process your data to safeguard our legitimate interests under (f) of Article 6 (1) GDPR:

    • Guaranteeing IT security and the IT operation in the app and on the website
    • Optimization of the respective online product or service and personalization/customization of the products and services offered to the user
    • Recognition of and attribution of characteristics to the user, e.g., for advertising-funded offers
    • Fraud prevention, protection against service-disrupting requests (denial-of-service attacks) and use of bots

    We process your data based on your consent under (a) of Article 6 (1) GDPR for specific purposes, especially:

    • booking travel items incl. confirmation emails
    • retrieving myIDTravel leisure flight data
    • for analytical purposes in order to optimize our offering for you.

  • For statutorily prescribed or contractual requirements, we have marked the input fields in the input forms in our app and on our website that are mandatory in order to enable us to enter into a contract with you or provide you the required service.

  • myIDgo is an app that enables airline employees to book travel items via partner companies and show myIDTravel flight information. For that reason, myIDgo stores user profiles that have been created on demand of myIDgo users, as well as details of bookings/refunds issued by myIDgo users.

  • Your personal data is deleted once it is no longer required for the purposes specified. We may possibly need to store your data until the duties and periods of preservation prescribed by the legislature or supervisory authorities arising out of the German Commercial Code (HGB = Handelsgesetzbuch), the German Fiscal Code (AO = Abgabenordnung) or the German Money Laundering Act (GWG = Geldwäschegesetz) lapse or expire; these are generally 6 to 10 years. In addition, we may preserve your data until the expiry of the statutory period of limitation (generally 3 years, but could also extend to 30 years in specific instances) if required to enforce, prosecute or defend legal claims. The data is deleted thereafter.

  • LHIND considers it important to make the procedures for processing data fair and transparent. We therefore firmly believe that affected persons should be able to exercise the following rights in addition to the right of objection, provided the statutory prerequisites in each case are met:

    • Right of access, Article 15 GDPR
    • Right to rectification, Article 16 GDPR
    • Right to erasure (“Right to be forgotten”), Article 17 GDPR
    • Right to restriction of processing, Article 18 GDPR
    • Right to data portability, Article 20 GDPR
    • Right to object, Article 21 GDPR

    To exercise these rights, you can contact us by email at support@myidgo.com
    We will need the following information for identification purposes:

    • Name
    • Postal address
    • E-mail address and optionally: customer number

    If you send us a copy of your identity card, please blank out everything except the last name, first name and address.

    Please note that in order to handle your request as well as for identification purposes, we will process your personal data in accordance with (c) of Article 6 (1) GDPR.

    In addition, you have the right to lodge a complaint with a supervisory authority under Article 77 GDPR read with Article 19 DPA. The supervisory authority competent for Lufthansa Industry Solutions is

    Independent National Center for Data Protection, Schleswig-Holstein
    Postfach 71 16
    24171 Kiel

    Holstenstrasse 98
    24103 Kiel

    Telephone: +49 4 31/988-12 00
    Fax: +49 4 31/988-12 23
    E-mail: mail@datenschutzzentrum.de

  • If you have given us consent to process your personal data, please note that you can withdraw your consent at any time.

    If you have given us your consent in the app or on the website and wish to withdraw your consent, please contact support@myidgo.com.

    Please note that a withdrawal of consent has prospective effect only and does not affect the lawfulness of any processing performed in the past. In some cases, we are entitled to continue to process your personal data in spite of your withdrawal on some other legal basis - such as to satisfy a contract.

  • You have the right, for reasons dictated by your own circumstances, to file an objection at any time against the processing of your personal data under (e) or (f) of Article 6 (1) GDPR.

    The controller will stop further processing of your personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing serves to establish, exercise or defend legal claims.

    You may exercise your right to object by automated means using technical specifications in the context of the use of information society services – notwithstanding Directive 2002/58/EC.

  • These data protection instructions address only processing in the app on this website. Other websites are not covered by these data protection instructions; these provide their own specific data protection instructions.

  • When a user uses our app, our system collects data and information from each visit using automated means. The following data (“technical information”) is collected:

    1. The user’s operating system
    2. Device information (type, model, resolution) including localization settings
    3. The IP address of the user
    4. Date and time of access
    5. Actions of the user performed in the app including search requests, booking request etc.
    6. Personal data entered by the user

    This data is also stored in our logfiles. The data is stored along with the user’s other personal data.

    We collect and use this technical information for purposes of (network) security (in order to fight cyber attacks, for instance) and for marketing purposes as well as to gain a better understanding of our users’ needs and to continually enhance our app and website and facilitate delivery of the app and website on the user’s system.

    The legal basis for the temporary storage of data and log files is our legitimate interest under (f) of Article 6 (1) GDPR.

  • Our app uses technical / authentication cookies. Cookies are text files that are stored within the Internet browser or by the Internet browser on the user's device. When a user visits a website, a cookie may be stored within the user’s operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when the website is accessed again. The user-related information that is stored in the cookies can be reused when called up again. This means that the settings made in previous website visits are also available for a revisit.

    Cookies are stored on the user's device and transmitted to our app. As a user, therefore, you have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing settings in your Internet browser. Cookies saved previously can be deleted at any time. This can also happen automatically. If cookies are disabled for our app, it is possible that not all features on the app will be fully usable.

  • The Ombudsman is a freelance attorney who is not an employee of the Lufthansa Group. As a neutral, independent contact, the Ombudsman takes complaints in writing or by telephone and provides them to the Corporate Compliance Office in an anonymized form, if this is what the complainant wishes. The identity of the complainant is protected by attorney-client privilege. Moreover, the Lufthansa Group has contractually agreed not to request access to any legally privileged information and to be informed of the complainants´ name only following his/her express consent.

    Contact details: https://investor-relations.lufthansagroup.com/en/corporate-governance/compliance/ombudsman-system.html