Data protection

Changes in the purpose of processing and data use
‍
‍Since the processing methods used may change/develop due to technical progress and organizational changes, we reserve the right to further develop this privacy policy in accordance with the new technical framework conditions. We therefore ask you to review airtürk's privacy policy from time to time. If you do not agree with the further developments that occur over time, you can request in writing, in accordance with Article 17 EU GDPR, the deletion of data that is not stored on the basis of other legal requirements, such as commercial or tax storage obligations.

Anonymous data collection
‍
‍In principle, you can visit the websites of the responsible body without telling us who you are. We only learn the name of your Internet service provider, the website from which you visit us, and the websites that you visit on our website. The legal basis for this data collection is Article 6 (1) (b) GDPR. This information is evaluated for statistical purposes. As an individual user, you remain anonymous.
‍
Collection and processing of personal data Personal data is only collected if you provide it to us of your own accord, for example to subscribe to the newsletter and give your consent to use the data (Art. 6 para. 1 lit. a GDPR). The responsible body complies with the requirements of Art. 5 and 6 EU GDPR. As part of the personalized services provided by the responsible body, your registration data will be processed, subject to your consent, for the purpose of sending our newsletter or designing the electronic services offered in line with your needs. You have the option to object to the storage of your personal data at any time. To do so, please send an email to dpo-extern@aer.de with the subject “Remove databases” and please indicate the website.
‍
Your personal data is processed and used in accordance with the requirements of the EU GDPR. Storage period
‍
We only store your personal data as long as we need it to provide the website you use or to fulfill contractual relationships with you or as long as we have your consent or we have another legitimate interest in data processing. Any further storage is carried out only on the basis of legal regulations.

Rights of those affected

Insofar as we process your personal data, you have the following rights:

Right to withdraw a given consent

If the processing of personal data is based on consent given, you have the right to withdraw this consent. The revocation is valid for the future.

Right to information

‍You can request confirmation from us as to whether we are processing personal data relating to you. If this is the case, you can provide the following information:
‍
the purposes of processing; which personal data is processed;
the recipients of the data in the event of data transfer to third parties, as well as the name and country of residence of the third party;
the storage period of the data;
the existence of a right of appeal to the competent supervisory authority;
If the data was not collected directly from you, all available information about the origin of the data.

The requested information will be provided to you no later than one month after receipt of the written request for information. We would like to point out that information can only be provided if the identity of the petitioner can be clearly established.

Right to rectification
‍
You have the right to request that we correct your personal data immediately if it is incorrect.Right to delete data (“right to be forgotten”) You have the right to request that we delete your personal data if one of the following reasons applies:
‍
The personal data is no longer necessary for the purposes for which they were collected or processed.
‍
We have no legal obligation to store the data.
You withdraw your consent on which the processing was based and there is no other legal basis for storage.
‍
You object to processing and there is no legal basis for further storage.
‍
The personal data was collected and processed unlawfully from the outset.

‍Right to restrict processing
‍
You have the right to ask us to restrict the processing of your personal data if one of the following conditions is met:

you dispute the accuracy of the processing of your personal data for a period of time that enables us to verify the accuracy of the personal data;

The processing of your personal data is actually unlawful and you request that the use of the personal data be restricted instead of deletion;

we no longer need the personal data for processing purposes, but you need them to assert your legal claims, or

You have objected to the processing, but it is not yet clear whether our legitimate interests outweigh your legitimate interests.

Right to data portability

‍You have the right to object at any time to the processing of your personal data based on Article 6 (1) (e) or (f) GDPR. We will then no longer process this data unless we can prove legitimate reasons for processing that outweigh your interests.

Right to object
‍
You have the right to object at any time to the processing of your personal data based on Article 6 (1) (e) or (f) GDPR. We will then no longer process this data unless we can prove legitimate reasons for processing that outweigh your interests.
‍
‍Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with the data protection supervisory authority responsible for the responsible body.
‍
Export and processing of data to countries outside the European Economic Area
‍
There is no export of your personal data to countries outside the European Economic Area (hereinafter referred to as the EEA).

However, personal data is not transmitted to Google as part of the use of analysis programs by the responsible body, as your IP address is only transmitted anonymously. Please read the “Use of analysis programs” section of this privacy policy.

The service providers engaged by the responsible body are based and operate their IT infrastructure exclusively within the EEA. This also applies to any use of cloud-based services. There are contracts with service providers that comply with the data protection and data security requirements of the EU GDPR. Even if external service providers are involved, airtürk remains responsible for processing.

‍
Use and transfer of personal data
‍
The personal data collected on the websites of the responsible body will only be used without your consent to process the contract and to process your inquiries. In addition, your data will only be used for advertising and market research purposes by the responsible body if you have given your prior consent. Otherwise, there will be no transfer to other third parties. You can, of course, withdraw your respective consent at any time with effect for the future.
‍
‍External links
‍
For your information, you will find links on our pages that link to third-party sites. If this is not obvious, we would like to point out that this is an external link. The responsible body has no influence on the content and design of these pages from other providers. The guarantees in this privacy policy therefore do not apply to external providers.

‍Right to restrict processing
‍
The responsible body uses so-called “cookies” to individually design and optimize the customer's online experience and online time. A cookie is a text file that is either stored temporarily in the computer's memory (“session cookie”) or stored on the hard disk (“permanent” cookie). Cookies contain, for example, information about the user's previous access to the corresponding server or information about which offers have been accessed so far. Cookies are not used to run programs or load viruses onto your computer. Rather, the main purpose of cookies is to provide an offer specifically tailored to the customer and to make the use of the service as convenient as possible.

The person responsible uses session cookies as well as persistent cookies.

session cookies
‍
The responsible body mainly uses “session cookies”, which are not stored on the customer's hard drive and which are deleted when the browser is left. Session cookies are used here for login authentication and load balancing (balancing the system load). These cookies are absolutely necessary to provide our website (Art. 6 para. 1 lit. b DSGVO).
‍‍
‍Persistent cookies

In addition, the responsible body uses “persistent cookies” to save the personal usage settings that a customer enters when using the services of the responsible body and thus to be able to personalize and improve the service, provided that you give your consent to this (Art. 6 para. 1 lit. a GDPR). Permanent cookies ensure that the customer regains his personal settings when he visits the websites of the responsible body again. In addition, the service providers that the responsible body has commissioned to analyze user behavior use permanent cookies to be able to recognize returning users. These services store the data transmitted by the cookie exclusively anonymously. An assignment to the customer's IP address is not retained.

Avoiding cookies

The visitor has the option to refuse the setting of cookies at any time. This is usually done by choosing the appropriate option in the browser settings or by using additional programs. For more information, see the help function of the browser used by the customer. If the customer decides to switch off cookies, this may reduce the scope of the service and have a negative impact when using the services of the person responsible.

Using analysis programs
‍
The responsible body carries out analyses of the behavior of its customers when using its service or has them carried out. For this purpose, anonymized or pseudonymized user profiles are created. The user profiles are created for the sole purpose of constantly improving the service provided by the responsible body.

Only the Matomo web analytics tool is used on the website https://airtuerk.de. Since this tool is not hosted by an external service provider, but is implemented directly on the server environment of the responsible party, no data transfer to third parties takes place. This privacy policy therefore applies directly to Matomo.

Use of social media buttons

To share the content of our online offerings via social networks, we offer so-called social media buttons. For this purpose, we use the “c't Shariff” solution developed by Heise Medien GmbH & Co. KG, which provides privacy-compliant social media buttons.
The buttons offered directly by social network operators inadmissibly transmit personal data such as the IP address or entire cookies when loading a website on which they are integrated and thus provide precise information about your surfing behavior to social services without being asked. To do this, you do not need to be logged in or a member of the respective network. On the other hand, a Shariff button only establishes direct contact between social network and visitor when the latter actively clicks on the share button. Shariff thus prevents you from leaving a digital trail on every page you visit and improves data protection. By using Shariff, we can protect your personal data and still integrate buttons for social sharing. For more information about c't Shariff, visit: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.er

You have objected to the processing, but it is not yet clear whether our legitimate interests outweigh your legitimate interests.

Online offers on social media platforms

‍We offer online services on various social media platforms in order to provide information and to be able to get in touch with you.
‍
We have no influence on the processing of personal data by the respective platform operator. As a rule, when you visit our social media offerings, the platform operator stores cookies in your browser, which store your usage behavior and interests for market research and advertising purposes. The platform operators use the user profiles obtained in this way - usually across devices - to show you personalized advertising. Persons who are not registered as users of the respective social media platform may also be affected by data processing. Your data may be processed outside the European Union, which may make it difficult to enforce your rights. However, when selecting such social media platforms, we make sure that the operators commit themselves to complying with EU data protection standards.

Your personal data when you visit one of our social media offerings is processed on the basis of our legitimate interests in presenting our company in a diverse public image and using an effective means of information and communication with you. The legal basis for this is Art. 6 para. 1 lit. f DSGVO. You may also have given a platform operator consent to data processing, in which case Art. 6 para. 1 lit. a GDPR is your legal basis. Detailed information about data processing in connection with the use of our social media offers, options for objection (opt-out) and the assertion of information rights can be found in the privacy policy of the corresponding platform operator. The links to the privacy policies of the platform operators can be found below.

Using the YouTube plugin

We use the provider YouTube, among others, to integrate videos. YouTube is operated by YouTube LLC with headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc., based in 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The privacy policy, both for Google+ and for YouTube, can be found at: https://policies.google.com/privacy or in German at: www.google.de/intl/de/policies/privacy/Opt-out with effect for the future is possible at: https://adssettings.google.com/authenticated

Using the Vimeo plugin
‍
We use the provider Vimeo to integrate explanatory videos. Vimeo is operated by Vimeo Inc., with registered office at 555 West 18th Street in Ney-York, Ney-York 10011. Vimeo Inc.'s privacy policy can be found at: https://vimeo.com/privacy

More information and contacts

If you have any further questions about “data protection at the responsible body”, please contact our company's data protection officer. You can ask which of your data is stored by us. In addition, you can send information, requests for deletion and correction of your data and suggestions at any time by letter or e-mail to the following address:

Prof. Dr. Fabian Schmieder (data protection officer),
Kai Korte (Deputy)
‍
lexICT data protection advice
Hanover office
Eichenbrink 5
30453 Hanover

Email: dpo-extern@aer.de