PRIVACY POLICY 3. What categories of data we process 1. Administrator of personal data 2. How we collect your data

Similar documents
PRIVACY POLICY KEY DEFINITIONS. Aquapark Wrocław Wrocławski Park Wodny S.A. with the registered office in Wrocław, ul. Borowska 99, Wrocław.

REGULATION (EC) No 1107/2006 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 5 July 2006

Official Journal of the European Union L 7/3

PASSENGER DATA SYSTEM. Information for air carriers and stakeholders

POLISH BORDER GUARD. Technical conditions for transferring PNR data to the Passenger Information Unit (PROJECT) Ver. 0.2

BEFORE THE DEPARTMENT OF TRANSPORTATION ADVISORY COMMITTEE ON AVIATION CONSUMER PROTECTION

General Transport Terms and Conditions

Official Journal of the European Union L 59/1. (Non-legislative acts) REGULATIONS

GUIDELINES FOR THE ADMINISTRATION OF SANCTIONS AGAINST SLOT MISUSE IN IRELAND

LIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 10 February /11 LIMITE GENVAL 8 CATS 10 AVIATION 21 DATAPROTECT 9

MANUAL FREEDOM OF INFORMATION ACTS 1997 TO 2003

Flight Regularity Administrative Regulations

Official Journal of the European Union L 46/1. (Acts whose publication is obligatory)

luxaviation S.A. GENERAL TERMS AND CONDITIONS OF BUSINESS

Summary of the rights of passengers travelling by bus and coach 1

Advice for brokers about the ATOL Regulations and the ATOL scheme

UN SC Resolution 2178 and passenger data exchange

1.2 The Accommodation Contract is always executed in writing, which means at least a written order or reservation confirmation.

COMMISSION DECISION 29/03/2005

1. General Provisions 1. Parties. These Terms & Conditions regulate the legal relationship between us, Skypicker.com s.r.o., ID No.

ARTICLE 29 Data Protection Working Party

Application for Approval, OPS Dry lease-in

Bas Jacob Adriaan Krijgsman v Surinaamse Luchtvaart Maatschappij NV (Case C-302/16)

ICAO Annex 9 : Facilitation Structure and Amendment 26

GENERAL TERMS AND CONDITIONS FOR ONLINE TICKETING

(Japanese Note) Excellency,

Privacy. Newcrest means Newcrest Mining Limited (ACN ) and each of its subsidiaries; and

Conditions of Carriage

Terms and Conditions of Carriage in SkiResort ČERNÁ HORA PEC

Marine Stewardship Council. Privacy Notice for Job Applicants

Amerisearch Background Alliance Privacy Policy

COMMISSION REGULATION (EU) No 255/2010 of 25 March 2010 laying down common rules on air traffic flow management

COMMISSION IMPLEMENTING REGULATION (EU)

WELLNESS HOTEL CHOPOK **** Contractual Terms and Conditions Accommodation Policy and Rules

GHANA CIVIL AVIATION (ECONOMIC)

Audit brief. Passenger rights in the EU

Changes in passenger rights

Terms & Conditions as intermediator travel (travel agent)

Shuttle Membership Agreement

COMMISSION OF THE EUROPEAN COMMUNITIES. Draft. COMMISSION REGULATION (EU) No /2010

Passenger rights: what passengers with reduced mobility need to know when travelling by air

General Terms and Conditions (GTC) of LifeFlight GmbH & Co KG

Maritime Passenger Rights

WIZZ AIR HUNGARY LTD. GENERAL CONDITIONS OF CARRIAGE OF PASSENGERS AND BAGGAGE

Exhibitor ticket portal 2018 prices

operator's guide to passenger rights for regular services longer than 250km

CONTRACT OF CARRIAGE When you buy a ticket to travel with Air Century, you establish a transportation contract with us. The terms are the following:

AIRLINE SCHEME RULES. (Updated July 2017)

TERMS & CONDITIONS. AFL EVENT OFFICE PERTH AFL Authorised ON-SELLER OSAFL17/21

Terms and Conditions of Use of Express Platinum Services, Dublin Airport

ANNEX. to the. Proposal for a Regulation of the European Parliament and of the Council

The Commission states that there is a strong link between economic regulation and safety. 2

Official Journal of the European Union. REGULATION (EC) No 793/2004 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL.

Ricardo G. Delgado Regional Officer Aviation Security and Facilitation North America, Central America and Caribbean (NACC ) Regional Office

WORKING TOGETHER TO ENHANCE AIRPORT OPERATIONAL SAFETY. Ermenando Silva APEX, in Safety Manager ACI, World

Terms and Conditions of Use of Express Platinum Services, Dublin Airport

FACILITATION (FAL) DIVISION TWELFTH SESSION. Cairo, Egypt, 22 March to 2 April 2004

Act on Aviation Emissions Trading (34/2010; amendments up to 37/2015 included)

March 2015 Version 1

OVERSEAS TERRITORIES AVIATION REQUIREMENTS (OTARs)

REGULATION NUMBER 66/2015 REGARDING UNSCHEDULED INTERNATIONAL NON-COMMERCIAL AND COMMERCIAL AIR

PART III ALTERNATIVE TRADING SYSTEM (SPA)

Terms and Conditions of the Carrier

UNITED STATES OF AMERICA DEPARTMENT OF TRANSPORTATION OFFICE OF THE SECRETARY WASHINGTON, D.C.

General Conditions of Carriage for Passengers and Baggage

We may retain and use the personal information that you transmit to us relating to yourself and members of your party for the purposes of:

LaudaMotion GENERAL TERMS AND CONDITIONS OF BUSINESS (GTCB) VERSION OF LAUDAMOTION GMBH

COMMISSION OF THE EUROPEAN COMMUNITIES. Draft. COMMISSION REGULATION (EU) No /

REVISION OF REG. 1371/2007 ON RAIL PASSENGERS RIGHTS AND OBLIGATIONS: THE POSITION OF PUBLIC TRANSPORT OPERATORS AND ORGANISING AUTHORITIES

Official Journal of the European Union

Bellevue Hotel Český Krumlov Dear guests, Here we would like to inform you about our business conditions and all the essential information regarding

Dott.ssa Benedetta Valenti

WIZZ AIR UK LTD. GENERAL CONDITIONS OF CARRIAGE OF PASSENGERS AND BAGGAGE. Effective as of 10 October, 2018

Revision of the Third Air Package

I agree that Messe Berlin GmbH may store and process my personal data and disclose

International Civil Aviation Organization HIGH-LEVEL CONFERENCE ON AVIATION SECURITY (HLCAS) Montréal, 12 to 14 September 2012

3.1. Unless otherwise agreed between INFLITE and the Charterer and specified in the Charter Booking Confirmation, normal terms of payment will be:

OVERSEAS TERRITORIES AVIATION REQUIREMENTS (OTARs)

GENERAL CONDITIONS OF CARRIAGE

REGULATION (EU) No 1177/2010 COPY FOR FREE CONSULTATION

General Terms and Prony Conditions of Use of the Relais & Châteaux Club 5C Programme

Security Check Consent Form

COMMUNICATION FROM THE COMMISSION

(i) When the passenger has booked a ticket in advance when the Carrier provides a confirmation of the booking.

United Kingdom Civil Aviation Authority

Guideline: Rules and appropriate practices for disabled aircraft removal

EVALUATION ROADMAP. A. Purpose

LIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 1 August /08 LIMITE CRIMORG 124 AVIATION 162 DATAPROTECT 55

L 342/20 Official Journal of the European Union

UNITED STATES OF AMERICA DEPARTMENT OF TRANSPORTATION OFFICE OF THE SECRETARY WASHINGTON, D.C.

General Authority of Civil Aviation (GACA) Customer Protection Rights Regulation

Airworthiness Directive Policy PO.CAP

Jitu Thaker Technical Officer/Facilitation, ICAO

As a disabled person or a person with reduced mobility (PRM), you should be able to enjoy the same opportunities to travel by air as everyone else.

DRAFT COMMISSION REGULATION (EU) / of XXX. laying down rules and procedures for the operation of unmanned aircraft

FLIGHT OPERATIONAL QUALITY ASSURANCE (FOQA) PROGRAM

Civil Aviation Administration - Denmark Regulations for Civil Aviation

PROPOSED REGULATION OF JCAR CONSUMER PROTECTION

Official Journal of the European Union L 146/7

AGREEMENT BETWEEN JAPAN AND THE KINGDOM OF SAUDI ARABIA FOR AIR SERVICES

Transcription:

www.enterair.pl PRIVACY POLICY This document ("Privacy Policy") prepared by ENTER AIR sp. o. o. with its registered office in Warsaw (postal code: 02-146) Komitetu Obrony Robotników No. 74 (hereinafter referred to as "Administrator" or "we" or "ENTER AIR"): The purpose of this Privacy Policy is to provide information about the terms, rules and principles applied to the processing of personal data of passengers, regardless of the method of concluding the contract of carriage. 1. Administrator of personal data The Administrator of your personal data is ENTER AIR sp.o.o. with its registered in Warsaw (02-146) at 74 Komitetu Obrony Robotników, KRS: 339408. The company appointed Personal Data Protection Officer. In matters of processing your personal data by the Inspector, including the execution of the rights you are entitled to, please contact the Inspector at e-mail address: dataprivacy@enterair.pl or by instrument in writing to the Administrator's address. 2. How we collect your data The company may obtain your personal data through various channels, depending on whether you purchased the ticket directly from the Company (through our website), through the charterer of the given flight (e.g. travel agents) or using an external platform to book a flight with our lines. If the ticket is purchased through a charterer (e.g. at a travel agency), the Company receives from the charterer personal data necessary to complete the passenger clearance process, boarding and other activities related to the flight (e.g. on-board sales or catering). The company sometimes receives personal data from state authorities and public institutions in connection with the tasks they carry out. Your personal data may also be collected for the purpose of their further transfer to the competent public authorities, acting in compliance with the legal obligation incumbent on the Company. We may in particular be required to provide information regarding passengers on board the aircraft (Article 202a of the Air Law) or date regarding the passenger s flight (PNR data, see points 3 c) and 3 d) below. Personal data may in this case be collected by a ground service agent performing the check-in on our behalf, to the extent necessary to fulfil the obligation imposed by law. The company may also collect your personal data if you use our dedicated applications, communicate with us via social media (e.g. Facebook) or subscribe to our newsletter. We may also receive personal data from companies in our group, partners or other service providers. 3. What categories of data we process a. Data necessary for the performance of the air transport contract We may process your personal data to the extent that it is necessary for the purposes of conclusion and performance of the contract of carriage. If the ticket is purchased through a charterer (e.g. at a travel agency), the Company receives personal data from the charterer to the extent necessary to complete the passenger clearance process and boarding, including: 1) name, 2) surname, 3) gender and 4) information on the passenger's age. In the case of contracts concluded directly with the company, the scope of the data is broader and includes additional data necessary for the correct identification of the person, conclusion and settlement of the contract, information on accompanying persons during the trip. In addition, we may process information regarding any additional services purchased by you, as indicated in the General Conditions of Carriage. Providing the above data is necessary to establish, shape and implement the contract of carriage. b. Data on travel arrangements We process information about your trip, including the date and route of the trip, the charterer of your flight (e.g. travel agencies). We also process all necessary information, voluntarily provided by passengers, related to their specific needs, including health information (e.g. information on reduced mobility), medical or dietary needs (including information on the passenger allergy, in the case of special catering). c. Data on incidents involving passengers In order to ensure the safety of air transport and for the comfort of our passengers, any incidents involving passengers that take place on board the aircraft or when boarding or leaving the deck are recorded. In justified Strona 1 z 5

situations the reports are prepared that contain personal data of a passenger directly related to a given incident as well as of other participants, such as a witnesses of an incident. We have the right to record information and personal data about a passenger breaking the rules of order who does not follow crew orders related to the order on board or security commands. d. Information on passengers on board the aircraft (API) Many countries require airlines to provide data on passengers arriving or departing from a given country (the so-called API data - Advance Passenger Information). Personal data contained in the passenger's travel documents (and other flight and luggage details) are collected in this case before departure and immediately after the passenger check-in. Data is transmitted electronically to border control authorities in the destination country. Due to the need to provide data that are obtained immediately before departure (e.g. travel document data, seat on board), the data are sometimes transmitted directly by a ground service agent who collects and transmits data on behalf of our airlines. The obligation to provide API data for flights outside the Schengen zone is also provided for by national regulations. API data are in this case transmitted at the request of the Border Guard post commander competent for the place of crossing the state border of the Republic of Poland. API information in accordance with national law includes: 1) full name, names or surname; 2) date of birth; 3) number and type of travel document; 4) citizenship; 5) the name of the border crossing where the state border of the Republic of Poland will be crossed; 6) flight number; 7) date and time of take-off and landing of the aircraft; 8) number of passengers on the aircraft; 9) the airport where the passenger embarks the board of the aircraft in order to fly. e. Passenger Name Records (PNR) We are obliged to provide you with information about your flight to the competent authorities of the Member States. The obligation to provide data is laid down in the Directive (EU) 2016/681 of 27 th April 2016 on the use of passenger name record (PNR) data to prevent terrorist offenses and serious crimes, their detection, conducting pre-trail proceedings in such cases and prosecute such crimes). The Directive is implemented by individual member states and detailed rules regarding the transmission of these data to the competent authority (e.g. Border Guard) and processing of such data by such authorities may be different in individual EU countries. We provide the PNR data that are We provide PNR data that we have in our possession, we do not obtain any additional data in addition to what we have already collected as part of our business. In our case, the scope of transferred PNR data may include: name, surname, date of booking, date of travel, contact details (if purchased directly from the carrier), name of the travel agency, information on the status of check-in, data on minors and their guardians, number of the seat on the plane, baggage information and API data collected. In the case of Poland, PNR data are transferred to the Border Guards and processed on the basis of national regulations (see chapter: Passenger s Flight Data) f. Data processed in connection with handling complaints In the event of a complaint, we process your personal data provided by you to confirm your right to file a complaint and to review it. g. Data collected via website ("cookies") When you use our website, we collect information through cookies and similar technologies. For more information, please refer to our cookies policy on the website. h. Special categories of data We can process your health data to the extent that it is necessary for the organization of air transport, including information about reduced mobility, disability, pregnancy or special medical needs. Information about your health or indirectly religious beliefs may result from special catering needs. The transfer of such data is voluntary but without this information we are unable to provide you with additional services related to your special situation. 4. Passenger s Flight Data (PNR) - Polish regulations Every flight during which the state border is crossed and the takeoff or landing takes place on the territory of the Republic of Poland, including an intra-community flight, is covered under Polish regulations by the obligation to transfer your flight details to the National Passenger Information Unit (hereinafter referred to as : "JIP"), which is the organizational unit of the Border Guard. a. Purpose, scope, method and period of PNR data processing by JIP PNR data are transferred to the Border Guards unit for the sole purpose of preventing, detecting, combating and prosecuting perpetrators of terrorist offenses or serious crimes or tax offenses - the upper limit of which is at least three years imprisonment. For our lines, the scope of transferred PNR data may include: name, surname, date of booking, date of travel, contact details (if purchased directly from the carrier), travel agency or tourist agency, information on the status of check-in, data on minors and Strona 2 z 5

their guardians, seat on the aircraft, baggage information and API data collected (hereinafter referred to as: "PNR Data"). The relevant national laws oblige the Border Guards to ensure an adequate level of security in the processing of PNR data. In order to monitor the processing of PNR data by the Border Guards (JIP), the Inspector for the protection of passenger data was appointed. b. PNR data administrator The controller (administrator) of your PNR data is: Chief Commander of Border Guards: E-mail address: gabinet.kg@strazgraniczna.pl Telephone number (headquarters): +48 22 500 40 00 Address: al. Niepodległości 100, 02-514 Warsaw c. Rights of persons who PNR data refer to You have the right to access your personal data processed by the Chief Commander of Border Guards and request their completion, updating, correction or deletion if they are incomplete, out-of-date, untrue or have been collected in violation of the law. In the event of a breach of the processing rules of your personal data, you have the right to compensation and the enforcement of your rights in the court. You also have the right to submit an application for information about your rights or to submit a complaint to the Inspector General for Personal Data Protection regarding the processing of your personal data in connection with the processing of PNR data. d. Inspector for passenger data protection You have the right to contract the Passenger Data Protection Officer. The Inspector's contact details are as follows: Lt. Col. SG Grzegorz Rawski e-mail: inspektor-pnr@strazgraniczna.pl phone: 22 513 54 87 address:: al. Niepodległości 100, 02-514 Warsaw 5. Legal basis, purposes of data processing and period of their storage a. Processing of personal data for the purpose of performing the contract of carriage Your personal data are processed in order to conclude and execute the air transport contract. Personal data are in this case processed to the extent that it is necessary for the performance of the contract of carriage by air (art. 6 par. 1 letter b) OF THE RODO), including its settlement and consideration of any grievances and complaints. We keep the collected data for the period of prescription of claims raised by passengers. Processing of personal data in connection with the implementation of specific legal obligations imposed on the air carrier The need to process your personal data may result from the implementation of other obligations imposed on the air carrier by the applicable national law, EU law or foreign law, including: implementation of the provisions of the Commission Regulation (EU) No 965/2012 of 5 th October 2012 laying down technical requirements and administrative procedures for air operations in accordance with Regulation (EC) No. 216/2008 of the European Parliament and of the Council of Europe dated 20 th February 2008 on common rules in the field of civil aviation and establishing a European Aviation Safety Agency and repealing Council Directive 91/670/EEC, Regulation (EC) No. 1592/2002 and Directive 2004/36/EC; fulfilling the obligations arising from Regulation No. 1107/2006 of the European Parliament and of the Council of Europe dated 5 th July 2006 on the rights of disabled persons and persons with reduced mobility when traveling by air - as regards special categories of personal data including data on mobility; Personal data are processed for the time necessary to perform our obligations as well as for the whole period specified in the provisions requiring data storage for a specified period (legal obligation) or a period during which we could suffer the consequences of non-performance of our obligation (legally justified interest art. 6 par. 1 letter f of RODO). c. Consent of the data subject The basis for data processing regarding your health information other than those relating to mobility as well as data related to special catering, is your explicit consent (art. 9 para. 2 letter a of RODO). The data are processed in order to meet your special needs, such as medical needs or catering requirements for a period necessary to perform such obligation and possible settlement of additional services as well as for the duration of the risk of legal consequences for non-compliance with rights granted to disabled people and persons with reduced mobility. d. Other purposes and grounds for processing personal data: Your personal data may be processed: Strona 3 z 5

in order to conduct on-board sale pursuant to art. 6 par. 1 letter b) of RODO (necessity to perform the contract). We keep the collected data for a period of limitation of claims; to keep records of passengers not admitted to a given country or deported under the provisions of Regulation (EU) 2016/399 of the European Parliament and of the Council of Europe dated 9 th March 2016 on the EU Code of the rules governing the movement of persons across borders (Schengen Borders Code) (art. 6 para. 1 letter (c) of RODO). Data on persons not admitted or deported are kept for a period of time when there is a risk of imposing a penalty on the carrier or charging us with other amounts by the competent public authority (national or foreign) of the country of refusal or deportation; in order to meet the requirements related to the crossing of the border by the passenger, including immigration and customs requirements, for the time of need to perform such duties; on the basis of art. 6 par. 1 letter f) of RODO, in order to implement the legitimate interests of the Administrator consisting, in particular, in determining, investigating or defending against claims. We keep the collected data for the period of prescription of claims raised by passengers; to prevent terrorism and other serious crimes, including by transferring information on persons on board the aircraft (API) and passenger s flight data (PNR) information to the competent border control authorities. Passenger s flight data provided to the Border Guards of the destination country (PNR, API data) are deleted by the air carrier immediately after they have been transferred to the competent authority; to ensure air transport safety and comfort of travel, 6. Recipients and categories of recipients of personal data Your personal data may be provided to: a) Enter Air contractors with whom we cooperate to the extent that it is necessary for the provision of air transport services including: travel agencies, payment agents, air transport; b) Enter Air subcontractors, including, ground service agents, companies handling complaints applications and baggage handlers, companies maintaining and servicing the EnterAir technical infrastructure; c) entities related to Enter Air, in particular to: Enter Air Services sp. o.o., Enter Air S.A.; d) to the extent permitted by applicable law to state authorities and other entities in respect of which the obligation to disclose your personal data to them results from the generally applicable law in the destination country. 7. Transfer of Data to the Third Countries Your personal data may be made available to entities cooperating with Enter Air, located outside the European Economic Area ("EEA"), which may not guarantee an adequate level of data protection. In this case, transfers outside the EEA will be implemented in accordance with the requirements of RODO and may be based on standard contractual clauses developed by the European Commission to guarantee an adequate level of data protection. You can obtain further information on the measures applied by contacting the Inspector. 8. The rights you are entitled to a) Access to personal data. You have the right to access your data at any time. b) Correction and completion of data. You have the right to promptly correct any your personal data that are incorrect as well as to request the completion of incomplete personal information. c) The right to delete data. You have the right to request immediate deletion of your personal data when personal data are no longer necessary for the purpose for which they were collected, when they are processed illegally and when personal data should be deleted in accordance with the applicable law. We will, however, be able to leave your personal details to the extent that their processing will be necessary (i) to exercise the right to freedom of expression and information, (ii) to comply with a legal obligation requiring processing under European Union law or Polish law, (iii) to determine, assert or defend claims. d) The right to withdraw consent. To the extent that the processing of your data is based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the legality of the processing which was carried out on the basis of consent before its withdrawal. e) The right to limit data processing. You have the right to request a processing restriction if you dispute the accuracy of personal data, you consider that the processing is illegal and you are opposed to deleting them or if the data are no longer necessary to achieve the purposes of processing. f) Right to object. You have the right to object to the processing of your personal data if we process these data in a legitimate interest, including for direct marketing purposes. To the Strona 4 z 5

extent that the data are processed for purposes other than direct marketing, we may disregard your objection if we demonstrate the existence of valid legally justified grounds for processing, overriding your interests, rights and freedoms, or grounds for determining, investigating or defending claims. g) The right to transfer data. You have the right to receive from Enter Air in a structured, commonly used machine-readable format the personal data that you have provided to us. You also have the right to request that the data shall be sent directly to another entity. h) The right to complain. You have the right to lodge a complaint about the processing of personal data to the President of the Office of Personal Data Protection. The rights referred to in points a) -h) above can be exercised by contacting the Administrator. 9. Automated decision making Enter Air does not carry out automated decision-making, including profiling based on personal data provided by you. Strona 5 z 5

2024 © travelsdocbox.com Privacy Policy | Terms of Service | Feedback