Flying Sarl, 3 rue Kummel, Beaufort 6310 Luxembourg (hereinafter referred to as the “Company”, “we”, “us” and “our”) commits to ensure security of personal data and protection of the rights of the users using and navigating the Company's Website https://www.flying.lu (hereinafter referred to as the “Website”) as well as other data subjects, interacting with the Company in a number of different ways.
All personal data are processed in accordance with the General Data Protection Regulation (EU) 2016/679 and other legal acts.
1. USE OF PERSONAL DATA FOR DIRECT MARKETING PURPOSES
The Company handles and processes your personal data for direct marketing purposes in the following cases:
– when we obtain your explicit consent to such processing (on the basis of your consent);
– when you are the Company’s client without expressly objecting to processing your data for direct marketing of similar services or products, where you have been duly notified of such processing beforehand (on the basis of our legitimate interest).
For the purposes of direct marketing, the Company may process the following personal data: your name and email address.
Your personal data for direct marketing purposes can be processed in the following ways:
– you may receive a newsletter with our event notifications, promotions, products, and news by e-mail;
– you may receive invitations to events and similar information by e-mail;
You may also refuse receiving information about events or any other information from us by following unsubscribe link on the marketing emails OR sending an email to email@example.com.
2. PROCESSING OF PERSONAL DATA WHEN YOU PROVIDE QUESTIONS, REQUESTS, OTHER INFORMATION
The Company also processes your personal information in cases when you contact us by email, ask questions, give requests and provide any other information on our Website, through e-mail or social networks.
Please observe the care and at least the following minimum requirements for protection of your personal information: please check that your e-mail, letter or request does not contain ID code, bank account number, vehicle registration number, real estate data, health data, other specific (sensitive) data, etc. Please also make sure that the remaining personal information is only indicated to the extent necessary for the purposes for which the message is sent.
The Company process the data you provide to administer requests and complaints, to ensure the quality of the services it provides, while protecting your rights and legitimate interests.
We process the said data on the basis of your consent, which is expressed by your active actions.
3. PROCESSING OF PERSONAL DATA IN THE WEBSITE
Each time you access or visit our Website, our Website automatically collects and manages the following technical data: IP address, date and time of access, the name and URL of the webpage that connects to the Website, visitor’s device operating system data, information of the visitor's internet provider, visitor’s geo-location data, language settings, other relevant technical information.
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We use the cookies on the Website, to customize the functioning of our Website as much as possible, and can contribute to ease of use when navigating our Website.
We would like to inform that certain technical details of your visit (IP address, cookies, technical information of the browser you use, other information related to your browsing activity and site-specific browsing information) can be transmitted or made available for browsing, analysis, and related purposes to the legal entities, operating both within the European Economic Area (hereinafter – “EEA”), and outside EEA (e.g., we use the Google Analytics services). Please note that personal data stored in non-EEA countries may be subject to less protection than in EEA countries, but we will carefully consider the conditions under which such data will be processed and stored after transfer to such entities.
4. DATA RETENTION
Your personal data is generally stored for no longer than legally required or absolutely necessary for the purposes we have collected it.
Your personal data processed for the purposes of direct marketing will be stored for no longer than 2 years from the date of your most recent consent (if we have received a separate consent) or the date of completion or expiration of the relevant contract (as the case may be).
Your personal data will be deleted within a reasonable time after the specified deadline.
Longer periods of personal data retention may be applied where:
- there is a reasonable suspicion of an unlawful act which is a subject to the investigation;
- your data is necessary for the proper resolution of the dispute, complaint or claim;
- the Company has received complaints related to the visitor of the Website or if the Company has noticed any violations committed by the visitor;
- it is necessary for backup copies or related purposes of the functioning of information systems of the Company;
- it is mandatorily required by applicable laws or other legal acts.
5. YOUR RIGHTS
Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.
You can see more about these rights here.
If you wish to exercise any of the rights set out above, please email us at firstname.lastname@example.org.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the National Commission for Data Protection, the Grand-Duchy of Luxembourg supervisory authority for data protection issues (https://cnpd.public.lu/). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
6. HOW TO CONTACT US?
If you have any questions regarding this Policy or if you have any requests related to the processing of your personal data, you can contact us:
By email email@example.com
Phone +352 83 67 86
Registration address: 3 rue Kummel, 6310 Beaufort, Luxembourg
7. FINAL PROVISIONS