The Flughafen Parken GmbH, (hereinafter also known as the “controller” or “we”) takes the security of your personal data very seriously and observes the relevant privacy provisions, in particular the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The purpose of this policy is to explain to you how we process your personal information while using our website www.flughafenparkplatz.com.
We collect and use the personal data of our users only as far as this is necessary to make a functional internet site available, as well as to provide our content and services. The collection and use of personal data is done only where such processing is permitted by statutory provisions, or with the consent of the user
Insofar as we obtain the user’s consent for the processing of personal data on our website, point (a) of Article 6 paragraph 1 GDPR applies.
Where the processing of personal data is necessary for the performance of a contract, where the contractual party is the user, point (b) of Article 6 paragraph 1 GDPR applies. This also applies to processing operations where quasi-contractual or pre-contractual measures are required.
As far as processing of personal data is necessary for the performance of a legal obligation, to which our company is subject, point (c) of Article 6 paragraph 1 GDPR applies.
Where processing is necessary for the purposes of the legitimate interests pursued by our company or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, point (f) of Article 6 paragraph 1 GDPR applies. (So-called balancing of interests).
In addition, there are other statutory legal bases for the processing of personal data. These are – where relevant – specified below.
Personal data will be erased or blocked as soon as the purposes for which they are being processed no longer apply. Personal data may be saved for longer periods when this is provided for by European or national legislators under EU-regulations as well as Union or Member State law or other regulations, to which our company is subject. Blocking or erasure of data also takes place when the storage period provided for in the legal provisions named above expires, unless there is a necessity to retain the data for the purpose of entering into a contract or the fulfilment of a contract.
When we share your personal data we do this only with the airport selected by you for your parking reservation or newsletter registration, as well as, if applicable, service providers which support us with the fulfilment of the aforementioned purposes, e.g. IT service providers. These companies, contracted by us as so-called processors, may use your personal data only to perform tasks on our behalf and are obligated to comply with the relevant data protection provisions.
The processor used by us is: ilogs information logistics GmbH, Krone Platz 1, 9020 Klagenfurt, Austria
Apart from the above, no transfer of personal data to third parties takes place.
The processing of your saved personal data will take place exclusively in countries of the European Economic Area.
Each time our internet site is called up our system automatically registers data and information from the computer system of the server which is calling.
The following data are collected:
The data are stored in the log files of our system. The IP-address of the user, or other data which enable the mapping of the data to a consumer, are not affected. Storage of this data, together with other personal data of the use, does not take place.
The legal basis for the temporary storage of data processing is Article 6, paragraph 1 point f GDPR.
The temporary storage of the IP-address on the system is necessary to enable to provide availability of the internet site to the user’s computer. For this purpose, the IP-address of the user has to be stored for the duration of the session.
In thesepurposes lies our legitimate interest in the data processing in accordance with point (f) of Article 6 paragraph 1 GDPR.
The data are erased as soon as the reason for their collection has been achieved. In the case of the data having been collected for the provision of the website, this means when the session is ended.
The collection of data for the provision of the internet site and the storage of data in log files is essential for the operation of the website. Therefore, there can be no objection on the part of the user.
As part of the airport parking booking process on our website, the following data will be requested:
The legal basis for the data processing is point (b) of Article 6, paragraph 1 GDPR.
The user’s personal data will be erased by us as soon as they are no longer needed by us for the execution and completion of the contract (Arranging the booking of the selected airport parking place), including any follow-up work arising from problem cases (e.g. with the booking or the payment). The personal data of the user will be anonymised by us at the latest 31 days following the exit date booked.
The user may, in principle, object at any time to the storage of his/her personal data. If the data are required for the fulfilment of a contract, an early erasure of data is only possible provided there are no contractual or statutory obligations which preclude erasure.
On our website it is possible to register for the Airport Newsletter. When you have signed up for the newsletter, the information requested in the contact form (first name, last name, Email address) will be used for sending out the newsletter from the airport of your choice. When you have registered you will receive an Email from your selected airport. In order to prevent misuse of data, access to the newsletter will only take place once you have confirmed this Email. Further information regarding the dispatch of the Newsletter can be found in the Private Policy of the respective airport, shown as a link during the registration process for the newsletter.
The legal basis for the processing of personal data following registration for the Email Newsletter is where the user has given his/her consentpoint (a) of Article 6, paragraph 1 GDPR.
The collection of the aforementioned contact information of the user is used to enable the delivery of the Newsletter.
The user’s Email address will be stored only for the period of time during which the subscription to the Email Newsletter is active.
The user can, at any time, using a link in the Newsletter, withdraw his/her agreement to the receipt of the Email Newsletter vis-à-vis the respective Airport.
a) Technically essential cookies
b) Technically non-essential Cookies, Third party cookies
The following technically non-essential cookies are so-called third party Cookies:
c) Note on changing the browser settings
Most browsers are set to automatically accept cookies. The user can, nevertheless, prevent the storage of cookies on his/her computer by changing the browser settings. This can, however, limit the functionality of our Website.
The use of non-essential cookies and third party cookies is carried out for the purpose of improving the quality and content of our website. Through the analysis-cookies we can learn how the website is being used and thereby continually optimise our online offers.
The user data collected through cookies on our website is not used to create user profiles.
In these purposes lies our legitimate right for the processing of personal data in accordance with point (f) of Article 6 paragraph 1GDPR.
On our website, the web analysis tool “Google Analytics” is used. The analysis of user behaviour is important as, in this way, the consumer demand can be analysed and thereby our online offers optimised.
The personal data collected by Google Analytics are not used to create user profiles.
This website uses Google Analytics, a web analysis service provided by Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, U.S.A. (“Google”). Google Analytics uses so-called cookies and text files which are stored on your computer and enable analysis of the use of the website by you. The information generated by the cookie about your use of the website is usually forwarded to a Google server in the U.S.A. where it is then stored. In case of an activation of the IP anonymisation on the website, Google will abbreviate your IP address within the member states of the European Union or in other party states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be forwarded to a Google server in the U.S.A. and abbreviate there. The IP address transmitted by your browser within the scope of Google Analytics will not – according to Google – be merged into other data from Google. We have no influence over the collection of data by Google. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to report on website activity and further to assemble information on the website and internet use with linked services and provide this to the operator.
In these purposes lies our legitimate interest in the processing of personal data.
The legal basis for the processing of personal data for use by Google Analytics in the aforementioned form is point (f) of Article 6 paragraph 1 GDPR.
You can prevent the storage of cookies by adjusting your browser software; we would, however, advise you that in this case you will potentially not be able to fully use all features of the website. You can also prevent the collection of data generated by cookies related to your use of the website (including your IP address) being sent to Google, as well as preventing Google from processing the data, by following this link – http://tools.google.com/dlpage/gaoptout?hl=de – and downloading and installing the available Browser-Plugin.
Further information on this subject can be found under:
We would advise you that, on this website, Google Analytics has been expanded to include the code “ga(‘set’,’anonymizelp’true) to ensure an anonymised collection of IP addresses (so-called IP-Masking).
If your personal data has been collected and processed, you as the data subject, as defined by the GDPR, have the following rights in relation to the responsible parties.
You can ask for confirmation from the controller as to whether we process your personal data.
Should such a processing of your personal data have taken place, you have the right to the following information:
You have a right to ask for information as to whether the personal data collected about you have been forwarded to a third country or to an international organisation. In this context, you can require that you are informed about the appropriate safeguards pursuant to Article 46 GDPR in connection with the transfer.
You have a right to the rectification and/or completion of data against the controller, to the degree that personal data processed that concern you are incorrect or incomplete. The controller must perform the rectification without undue delay.
Under the following conditions, you have the right to obtain the restriction of processing of your personal data:
Where processing of your personal data has been restricted, such data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing according to the aforementioned conditions has been obtained, you will be informed by the controller before the restriction of processing is lifted.
a) Erasure obligation
You have the right to obtain from the controller the erasure of personal data concerning yourself without undue delay and the controller has the obligation to erase such personal data without undue delay where one of the following grounds applies:
b) Information to third parties
Where the controller has made your personal data
public and is obliged according to Article 17 paragraph 1 GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, that personal data.
c) Exceptions to the Erasure Obligation:
The right to erasure does not exist where the processing is necessary:
for the establishment, exercise or defence of legal Claims.
If you have claimed the right to rectification, erasure or restriction of processing vis-a-vis the controller, then the controller is obliged to inform the recipients to whom your personal data have been disclosed of the rectification, erasure or restriction of the processing of such, except where this proves to be impossible or involves a disproportionate effort.
You also have the right to be informed by the controller about these recipients.
You have the right to receive the personal data concerning yourself, which you have provided to a controller, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit that data to another controller
without hindrance from the controller to which the personal data
has been provided, in as much as:
In exercising these rights, you further have the right to have the personal data concerning yourself transmitted directly from one controller to another, where technically feasible. This shall not adversely affect the rights and freedoms of others.
The right to data portability does not apply where the processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of an official authority vested in the Controller.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data where such processing is based on point (e) or point (f) of Article 6, paragraph 1 GDPR; this includes profiling based on those provisions.
The controller will no longer process your personal data unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedom or the processing is for the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where you make an objection to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58 EC, you may exercise your right to object by automated means using technical specifications.
You have the right, at any time, to revoke your data privacy law declaration of consent. The lawfulness of the processing that took place prior to your withdrawal of consent is not affected by the withdrawal of consent.
You have the right not to be subject to a decision based solely on an automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
However, the aforementioned decisions will not be based on special categories of personal data referred to in Article 9 paragraph 1 GDPR, unless point (a) or (g) of Article 9 paragraph 2, applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
In the cases referred to in bullet points (1) and (3) above, the data controller will implement suitable measure to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller to express the point of view and to contest the decision.
Without prejudice to any other administrative or judicial appeal, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.
The supervisory authority, with which the complaint has been lodged, will inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy according to Article 78 GDPR.
Our website may contain links to third party pages. If this is not obviously recognisable, we will indicate that this is an external link. We have no influence over the content and design of the external sites. In that regard, this private policy does not apply.
Controller in the sense of the GDPR and other national data protection laws of the EU Member States, as well as other data protection regulations is:
Flughafen Parken GmbH
Terminalstrasse Mitte 18
Full company details can be found here: Imprint
We have appointed a Data Protection Officer who is monitoring the observance of this policy. You can contact the data protection officer under the mail address firstname.lastname@example.org.
Last Update: May 2018