Data Protection

Your data are safe!

Data protection statement for website

§ 1 Information about the collection of personal data

(1) The following passages provide information about the collection of personal data in the context of using our website pursuant to Article 13 of the EU General Data Protection Regulation (GDPR). The term personal data refers to any data that relates to you personally, such as your name, address, email addresses, or user behaviour.

The data controller pursuant to Article 4, Paragraph 7 of the GDPR is:

WINDROSE AIR Jetcharter GmbH

BER Airport
Georg-Wulf-Str. 3 (GAT)
D-12529 Schönefeld
Germany

Imprint

Phone: +49 (0) 30 / 64 31 70-100

Telefax: +49 (0) 30 / 64 31 70-111

Email: privacy@windroseair.de

Our data protection officer, Ms. Anja Schwager, is available at:

DSKC

Datenschutz-Arbeitssicherheit-Kompetenz-Center GmbH

Sielower Landstraße 68

03044 Cottbus

Telefon: +49 (0)355 / 48 67 94 10

E- Mail: info@dskc.de

(2) If you contact us via email or via a contact form, the data provided by you (your email address, name and phone number) will be saved in order to answer your questions.
The data collected in this context will either be deleted when it is no longer needed or its processing will be restricted, should the data be subject to statutory storage obligations.

(3) Below you will find detailed information about the processes that apply in the event that we instruct service providers to perform individual parts of our services or if we would like to use your data for advertising purposes. The stipulated criteria for the storage period are also given.

§ 2 Your rights

(1) Pursuant to Article 13, Paragraph 2, letter b of the GDPR, you have the following rights regarding your personal data:

· Right of access,

· Right of correction or erasure,

· Right of restriction of processing,

· Right to object to processing,

· Right of data portability.

(2) Furthermore, you have the right to lodge a complaint with a supervisory authority on data protection regarding our processing of your personal data.

§ 3 Collection of personal data during visits to our website

(1) If you use our website for information purposes only and do not register or otherwise provide information to us, we will only collect the personal data that is transmitted to our server by your browser. If you wish to view our website, we will collect the following data that is technically required by us to display our website to you and to ensure stability and security (the legal basis of this is Article 6, Paragraph 1 first sentence, letter f of the GDPR):

· IP address

· Date and time of access

· Content accessed (specific page)

· Access status / HTTP status code

· Respective amount of data transmitted

· Website from which you accessed our page (referrer URL)

· Browser

· Operating system and its interface

· Language and version of browser software

(2) Our website uses cookies. Cookies are small text files that are saved in a user’s internet browser or that are saved to their computer system by the browser. If a user accesses a website, a cookie may be saved to the user’s operating system. This cookie contains a character string that enables the browser to be clearly identified when the website is called up again. We use cookies in order to make our services more user-friendly, more effective, and more secure. Cookies also enable our systems to identify your browser after you have moved from one page to another, and to offer you services. Some of the functions of our website are not available without the use of cookies. These functions require that the browser be recognised after the user has moved to another page.

Furthermore, we use cookies on our website to be able to analyse the surfing behaviour of visitors to our website. We also use cookies in order to subsequently show visitors to our website targeted, interest-based advertisements on other websites.

Data processing is pursuant to Article 15, Paragraph 3 of the German Telemedia Act (TMG) and Article 6, Paragraph 1, letter f of the GDPR on the basis of our legitimate interest in the objectives specified above. The data that is collected in this manner is pseudonymised via technical measures. The data can therefore no longer be attributed to you as an individual. This data is not stored together with any other personal data relating to you. On the basis of Article 6, Paragraph 1 f GDPR, you have the right to object at any time and for reasons that arise due to your particular situation to the processing of personal data relating to you.

Cookies are saved to your computer. You therefore have full control over the use of cookies. Choosing the relevant technical settings can prevent cookies being saved to your internet browser as well as the transmission of any data contained therein. Cookies that were saved in the past can be erased at any time. However, we would like to point out that if you do so, you may not be able to fully utilise all the functions of this website. Information about how cookies can be managed (including deactivation)
on the most common browsers is available at the following links:

· Chrome Browser

· Internet Explorer

· Mozilla Firefox

· Safari

In addition to the data mentioned above, cookies are saved to your computer when using our website. Cookies are small text files that are assigned and saved to your hard drive by your browser. They provide the party sending the cookie (in this case us) with certain information. Cookies cannot run any programs or transmit viruses to your computer. Cookies are generally intended to make online services more user-friendly and effective.

§ 4 Duration of storage of personal data

The duration of storage of personal data is determined on the basis of the relevant statutory storage periods (e.g. retention periods pursuant to commercial or tax law). Upon expiry of such period, the respective data is erased as part of a routine process, provided that it is no longer required for fulfilling or creating any contracts, and / or that we do not have a legitimate interest in retaining the data.

Data protection statement for applications

§ 1 Information about the collection of personal data

(1) The following passages provide information about the collection of personal data in
the context of your application at Windrose Air Jetcharter GmbH pursuant to
Article 13 of the EU General Data Protection Regulation (GDPR). The term
personal data refers to any data that relates to you personally, such as your
name, address, email addresses, picture.

The data controller pursuant to Article 4, Paragraph 7 of the GDPR is:

WINDROSE AIR Jetcharter GmbH

BER Airport

Georg-Wulf-Str. 3 (GAT)

D-12529 Schönefeld

Germany

Imprint

Phone: +49 (0) 30 / 64 31 70-100

Telefax: +49 (0) 30 / 64 31 70-111

Email: privacy@windroseair.de

If questions regarding your application arise, please get in touch with the HR team:

Email: jobs@windroseair.de

Our data protection officer, Ms. Anja Schwager, is available at:

DSKC

Datenschutz-Arbeitssicherheit-Kompetenz-Center GmbH

Sielower Landstraße 68

03044 Cottbus

Phone: +49 (0)355 / 48 67 94 10

Email: info@dskc.de

(2) If you contact us via email or via a contact form, the data provided by you (e.g. your email address, name, phone number and address) and the documents (e.g. cover letter, resume, certificates and references) will be saved in order to process your application. The data collected in this context will either be deleted when it is no longer needed or its processing will be restricted, should the data be subject to statutory storage obligations.

§ 2 Your rights

(1) Pursuant to Article 13, Paragraph 2, letter b of the GDPR, you have the following rights regarding your personal data:

· Right of access,

· Right of correction or erasure,

· Right of restriction of processing,

· Right to object to processing,

· Right of data portability.

(2) Furthermore, you have the right to lodge a complaint with a supervisory authority on data protection regarding our processing of your personal data.

§ 3 Legal basis for processing your data

(1) Pursuant to Article 6, Paragraph 1, letter b of the GDPR, your data is processed for the realization of precontractual measures, which are taken at your request.

(2) For the safeguarding of legitimate interest your data is stored up to 6 months after the completion of the application process, pursuant to Artcle 6, Paragraph 1, letter f of the GDPR. Our interests is the assertion or defence of claims.

§ 4 Who receives your data

(1) Your data will be processed only by the human resource department as well as the employees responsible for the advertized position and will not leave our company. Only people who are involved in the selection process have access to your data.

(2) If further relevant vacancies are created, we will ask for your consent in order to transfer any of your data. No data will be transferred without your approval.

§ 5 Duration of storage of personal data

The duration of storage of personal data is determined on the basis of the relevant statutory storage periods (e.g. retention periods pursuant to commercial or tax law). Upon expiry of such period, the respective data is erased as part of a routine process, provided that it is no longer required for fulfilling or creating any contracts, and / or that we do not have a legitimate interest in retaining the data.

Data protection statement for flight operation

§ 1 Information about the collection of personal data

(1) The following passages provide information about the collection of personal data in
the context of any flight operation pursuant to Article 13 of the EU General
Data Protection Regulation (GDPR). The term personal data refers to any data
that relates to you personally, such as your name, address, email addresses, or
user behaviour.

The data controller pursuant to Article 4, Paragraph 7 of the GDPR is:

WINDROSE AIR Jetcharter GmbH

BER Airport

Georg-Wulf-Str. 3 (GAT)

D-12529 Schönefeld

Germany

Imprint

Phone: +49 (0) 30 / 64 31 70-100

Telefax: +49 (0) 30 / 64 31 70-111

Email: privacy@windroseair.de

If questions regarding your flight order and our flight operation arise, please get in touch with the Charter Service department:

Email: fly@windroseair.de

Phone: +49 (0) 30 / 64 31 70-100

Our data protection officer, Ms. Anja Schwager, is available at:

DSKC

Datenschutz-Arbeitssicherheit-Kompetenz-Center GmbH

Sielower Landstraße 68

03044 Cottbus

Phone: +49 (0)355 / 48 67 94 10

Email: info@dskc.de

(2) If you contact us via email or via a contact form, the data provided by you (e.g. your
name, birth date, sex, address, email address, phone number and payment details)
and identity information (e.g. from your passport or identity card) will be
saved in order to process your flight order including all additional services
that has been requested by you and instructed on your behalf.

(3) The data collected in this context will either be deleted when it is no longer
needed or its processing will be restricted, should the data be subject to
statutory storage obligations.

§ 2 Your rights

(1) Pursuant to Article 13, Paragraph 2, letter b of the GDPR, you have the following rights
regarding your personal data:

· Right of access,

· Right of correction or erasure,

· Right of restriction of processing,

· Right to object to processing,

· Right of data portability.

(2) Furthermore, you have the right to lodge a complaint with a supervisory authority on data
protection regarding our processing of your personal data.

§ 3 Legal basis for processing your data

(1) Pursuant to Article 6, Paragraph 1, letter b of the GDPR, your data is processed for the
realization of precontractual measures, which are taken at your request.

(2) For the safeguarding of legitimate interest your data is processed pursuant to
Article 6, Paragraph 1, letter f of the GDPR. Our interest is to fulfil your charter
request in accordance with the charter contract.

§ 4 Who receives your data

(1) Your data will be processed only by those departments in charge and responsible for the operation of your flight. The
employees of Windrose Air Jetcharter GmbH are obligated to commit the data secrecy and are regularly trained on the subject of data protection.

(2) In order to instruct additional services requested by you, we must pass on your data to external service
providers. In this case, we only pass on data that is required to provide the
respective service. As far as possible, your data will be anonymized.

(3) Data which is not explicitly necessary for order processing requires your written consent for disclosure.

(4) According to the Act on the Processing of Passenger Data (Gesetz über die
Verarbeitung von Fluggastdaten zur Umsetzung der Richtlinie (EU) 2016/681),
we are required to forward your data to the Passenger Data Centre. This law
specifies which data must be forwarded.

§ 5 Duration of storage of personal data

The duration of storage of personal data is determined on the basis of the relevant statutory storage
periods (e.g. retention periods pursuant to commercial or tax law). Upon expiry
of such period, the respective data is erased as part of a routine process,
provided that it is no longer required for fulfilling or creating any
contracts, and / or that we do not have a legitimate interest in retaining the
data.