Download Privacy Statement as PDF
Last update: 24 July 2019
SkyTeam Airline Alliance Management Coöperatie U.A. (SkyTeam) is a global airline alliance that coordinates and provides commercial activities on behalf of the SkyTeam Member airlines (Members) in the aviation industry. When you use our website, sign-up for our newsletters or do business with us as our business partner or supplier, it is important to us to process your personal data carefully and securely in a transparent manner. In this Privacy Statement we explain when we collect your personal data, what personal data we collect, how we use such personal data, and how long we keep your personal data.
The Privacy Statement may be updated from time to time. This Privacy Statement supersedes any previous versions of our Privacy Statement. When there are any updates, we will inform you thereof in this Privacy Statement. Please check this Privacy Statement regularly for the most current version.
SkyTeam is the data controller of the processing of your personal data if SkyTeam determines the purpose and means of processing. Members may also be a data controller for the processing of your personal data of which they determine the purpose and means. SkyTeam is not responsible for the Privacy- or Cookie Statements as implemented by Members or other third parties.
When do we collect personal data?
|
What personal data do we collect of you? |
Why do we collect this personal data? |
Legal ground for using your personal data? |
How did we obtain your personal data? |
How long do we retain your information? |
If you visit our website or use our app |
-If you visit our website or use our app, we may process cookies. Please read our Cookie Statement for further information about cookies, the personal data collected via cookies and the legal ground for using cookies. |
|
|
|
|
If you use our Global Meetings service (“GMS”) on our website
and/or
If you use our Round the World Planner (“RtWP”) on our website |
- Personal details, such as name, title, gender, date of birth, nationality. - Contact details, such as (e-mail) address, telephone number, country of residence. - Information regarding your Global Meetings or/and RtWP account, such as your account password, security question and answer. - Financial information, such as credit or debit card number, security code, associated billing address and expiration date of your credit or debit card. - Information about your visits to our website, such as your IP address, internet service provider, browser type, operating systems, pages opened on the website, date and time of visits and referring websites. - Other information provided by you.
In relation to GMS: - Other information required for event organisation and registration, such as event name, dates, location, attendees, job function, company and website. - Other information required for issuance of an air ticket, including saved and purchased itineraries.
In relation to RtWP: - Travel related information, such as passport number, known traveller number, frequent flyer account number, travel company, emergency contacts, seating preferences, medical needs and dietary requests and preferences. - Information related to our request for help form and feedback form.
|
- To provide our Global Meetings products and services and/or our Round the World Planner services. - To optimize our Global Meetings products and services and/or our Round the World Planner services. - To record your preferences in respect of our products and services. - To get into and maintain in contact with you, including for direct marketing purposes. - To organize events and other promotional activities. - To analyse your interests and possible business opportunities for us. - To provide you with our customer services. - To comply with legal obligations, a court order or to exercise or defend legal claims. |
- Performance of a contract with you. In some cases, we may need your personal data to perform a contract with you. If you refuse to provide us with the information we need for the performance of a contract, we may not be fully able to meet the agreements in the contract depending on the type of contract that is concluded. - Legal obligation. We process your information if necessary,for complying with one of our legal obligations. We may be required by law to collect and share your information with public authorities or governmental organizations for administrative formalities necessary for immigration and customs, anti-fraud and on-board security. If you refuse to provide us with the information we need for compliance with a legal obligation, we may not be able to provide services requested by you. - Legitimate interests. We may process your information as necessary for achieving our legitimate interests when performing our Global Meetings or RtWP services. For our interests we may for example gather, analyse and interpret information about our customers to find new opportunities to sell and develop products and services to satisfy the preferences and needs of our customers. - In certain cases, we have a legitimate interest to get into contact with you. This is for instance the case if you requested us to contact you via a contact form. We may also have a legitimate interest to use your personal data for marketing purposes. This may for instance be the case if SkyTeam has obtained your e-mail address in the context of the sale of its product or service and uses this address for direct marketing of its own similar products or services. In these instances, we have a legitimate business interest for contacting you. |
- From yourself. - From parties who refer us to you. - From parties to whom you provided consent to share your data with us. - Third parties engaged by us in the context of our marketing activities. - The internet (including social media) for as far as allowed under applicable law. - Other third parties in incidental cases. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than two years after handling the GMS and /or RtWP products and services.
In some cases, we may retain your personal data longer than is necessary for the purposes for which they are used, for example when we are legally obligated to retain your personal data longer or when it is necessary regarding legal claims. |
If you visit our premises, including camera surveillance |
- Personal details, such as name, title, gender and company name. - Information on the access granted and details of appointment. - Image recording from video surveillance systems in SkyTeam's premises. - Time collection information through access badge control devices for access control. -Photograph for issuing a access badge. -Other information provided by you. |
- Internal control and corporate security, including control and security of IT and communications facilities. - To comply with legal obligations, a court order or to exercise or defend legal claims. |
- Legitimate interests. We may process your information as necessary for achieving our legitimate interests of internal control and security. We may for example gather information about you via camera surveillance to establish secure premises. |
- From yourself. - From camera surveillance. - Through access badge control devices. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that: - Image recordings from camera surveillance systems placed in SkyTeam's premises will not be retained longer than four weeks. - Time collection information through access badge control devices for access control will not be retained longer than six months. - In some cases, we may retain your data longer than is necessary for the purposes for which they are used, for example when we are legally obligated to retain personal data longer or when it is necessary regarding legal claims. |
If you participate in customer satisfaction surveys |
- Personal details, such as name, title,gender, date of birth, and nationality. - Contact details, such as (e-mail) address, telephone number, and country of residence. - Information regarding your opinions on your experience with SkyTeam. - Information regarding your flights, such as flight information, frequent flyer membership, booking number and any comments related to your flight. - Information about your visits to our website, such as your IP address, internet service provider, browser type, operating systems, pages opened on the website, date and time of visits and referring websites. - Other information provided by you. |
- To perform customer surveys to analyse and optimize our services and products. - To possibly provide a prize after you have indicated that you want to participate in the prize draw. - To get into and maintain in contact with you, including for direct marketing purposes. - To comply with legal obligations, a court order or to exercise or defend legal claims. |
Consent: - We will process your personal data if you provided your consent to participating to the survey. - You can withdraw your consent at any time, by contacting us. Withdrawing your consent will not affect the lawfulness of our use of your personal data before your withdrawal.
Legitimate interests: - We may process your information as necessary for achieving our legitimate interests when performing our customer satisfaction surveys. For our interests we may for example gather, analyse and interpret information about our customers to find new opportunities to sell and develop products and services to satisfy the preferences and needs of our customers. |
- From yourself. - Third parties engaged by us in the context of customer research, such as Members or InSites Consulting. - Other third parties in incidental cases. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than 12 months.
In some cases, we may retain your data longer than is necessary for the purposes for which they are used, for example when we are legally obligated to retain personal data longer or when it is necessary regarding legal claims. |
If you get into contact with us |
- Your name. - Your e-mail address. - Information provided by you through your question or message. - Information provided by you in our SkyTeam Support Desk chat. - Other information provided by you. |
- To answer any questions that you may have or to respond to any of your comments. - To provide you with our customer services. - To comply with legal obligations, a court order or to exercise or defend legal claims. |
- Legitimate interests. We have a legitimate interest for our processing activities in case you have contacted us. This may, for example, be the case when you contact us via a contact form or via our SkyTeam Support Desk chat. |
- From yourself. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than two years after termination of our business relationship.
In some cases, we may retain your data longer than is necessary for the purposes for which they are used, for example when we are legally obligated to retain personal data longer or when it is necessary regarding legal claims. |
If you are a business contact |
- Contact details of contact person, including name, address, phone number and e-mail address. - Payment details. - Other information provided by you |
- Drafting and verification of contracts, including negotiations and contract management. - Credit and debtor administration. - Maintaining business contacts. - To comply with legal obligations, a court order or to exercise or defend legal claims. |
- Performance of a contract with you: In some cases, we may need your personal data to perform a contract with you. If you refuse to provide us with the information we need for the performance of a contract, we may not be fully able to meet the agreements in the contract depending on the type of contract that is concluded. - Legal obligation: We process your information if necessary, for complying with one of our legal obligations. We may be required by law to collect and share your information with public authorities or governmental organizations for administrative formalities necessary for immigration and customs, anti-fraud and on-board security. If you refuse to provide us with the information we need for compliance with a legal obligation, we may not be able to provide services requested by you. - Legitimate interests. We may process your information as necessary for achieving our legitimate interests when performing our marketing activities. For our business interests we may for example gather, analyse and interpret information about our customers to find new opportunities to sell and develop products and services to satisfy the preferences and needs of our customers. - In certain cases, we have a legitimate interest to get into contact with you. This is for instance the case if you requested us to contact you via a contact form. We may also have a legitimate interest to use your personal data for marketing purposes. This may for instance be the case if SkyTeam has obtained your e-mail address in the context of the sale of its product or service and uses this address for direct marketing of its own similar products or services. In these instances, we have a legitimate business interest for contacting you. |
- From yourself. - From parties who refer us to you. - The internet (including social media) for as far as allowed under applicable law. - Other third parties in incidental cases. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than two years after termination of our business relationship.
In some cases, we may retain your data longer than is necessary for the purposes for which they are used, for example when we are legally obligated to retain your personal data longer or when it is necessary regarding legal claims. |
Your information may be collected by, shared with and processed by persons working for or on behalf of SkyTeam on a need-to-know basis for the purposes described above.
Your personal data may be shared with Members, who will act as a data controller. SkyTeam has no control over the privacy practices of Members. Please read their privacy statements carefully for information on how they handle your personal data. You can find a list of the Members here.
We may work with other partners, such as travel agencies, partners and other companies involved in facilitating travel arrangements as well as WTC Amsterdam, or Schiphol Airport Authorities. For this purpose, we may share your personal data with these partners, who will act as data controllers. SkyTeam has no control over the privacy practices of these partners. Please read their privacy statements carefully for information on how they handle your personal data.
We also use third party service providers such as IT suppliers, social network providers, marketing agencies, credit card companies and anti-fraud screening service providers to provide our services. Therefore, your personal data will be processed by the third party service provider. When we use services of a party who processes your personal data on our behalf, acting as a data processor, we have concluded appropriate data processing agreements in line with applicable data protection laws.
The processing of your personal data may entail the transfer of your personal data to third country that does not provide the same level of protection as within the European Economic Area. This may be the case if we share your personal data with our Member airlines or with selected other third parties, with whom we have partnership agreements.
Where applicable, we have taken appropriate safeguards to transfer your personal data to a country located outside the EEA, if that country does not provide an adequate level of protection according to the applicable data protection laws, including standard contractual clauses approved by the European Commission. In addition, it may also happen that the transfer of personal data is necessary for the execution of an agreement in your interest between us, so that the personal data may also be transferred without adequacy decision or appropriate safeguards. You can contact us if you would like to receive more information on the measures we have taken to safeguard your information in this respect.
We are committed to ensuring that your personal data is kept secure. In order to prevent unauthorized access or disclosure, we have put in place appropriate physical, technical and organizational measures to safeguard the information we collect and process.
As a data subject, you have certain rights concerning our processing of your personal data. You may:
You may send us a request using the contact details below. We will handle your request carefully and in line with the applicable data protection rules.
Please contact us if you have any questions:
SkyTeam Airline Alliance Management Coöperatie U.A.
Postbus 350
1180 AJ AMSTELVEEN
THE NETHERLANDS
website@skyteam.com
Data Protection Officer