Data Protection Declaration

We, Star Wings Dortmund Luftfahrtgesellschaft mbH (Star Wings Dortmund Aviation Company) and Star Wings Aviation Training Center GmbH thank you for your interest in our company. We are very serious about the protection of your personal data and its confidential handling. The processing of your personal data is carried out exclusively within the framework of the statutory regulations of the European Union Data Protection Directive, in particular the General Data Protection Regulation (“GDPR” hereinafter) and any further applicable regulations.

1. Which personal data do we collect?

1.1

In the following we are informing you how your personal data is collected when you use our website. Personal data means all data that refer to your person, e.g. name, address, email addresses, user behaviour. By doing this we would like to give you information on our processing procedures while at the same time fulfilling the statutory requirements arising in particular from the EU General Data Protection Regulation (GDPR).

1.2

Responsible for data protection as per Section 4 (7) EU Data general Protection Regulation (GDPR) are Star Wings Dortmund Luftfahrtgesellschaft mbH (Star Wings Dortmund Aviation Company) and Star Wings Training Center GmbH, Flugplatz 21, 44319 Dortmund (see Imprint).

1.3

You can reach our data protection officers at datenschutz@star-wings.com or at our postal address adding “Data Protection Officer”.

1.4

If you contact us by email, via the contact request form or via another contact form as well as via third-party providers, we will store the disclosed data (your email address, your name and company name if applicable, your phone number) in order to answer your queries or deal with your request. The data raised in this respect will be deleted once its storage is no longer required for the purpose described or its processing will be restricted if there should be statutory retention periods.

1.5

In case we rely on contracted providers for individual functions of our offer or would like to use your data for commercial purposes, we will take great care in choosing and monitoring these providers, and we will always inform you about the relevant processes as you can see below. When doing this, we will also name the defined criteria for the duration of the data storage.

1.6

SSL encryption – in order to keep your data secure in transfer, we use encryption methods corresponding to state-of-the-art technology (e.g. SSL) via HTTPS.

2. Your rights in protecting your personal data

2.1

– right to information,
– right to correction or deletion,
– right to restrict the processing,
– right to object to the processing,
– right to data portability.

2.2

Furthermore, you have the right to complain to a supervisory authority on data protection about the processing of your personal data by us.

3. Which personal data do we collect when you visit our website?

3 The processing of personal data when you visit our website

When you use our website for information, meaning that you simply look at it without registering or giving us information in any other way, we process the personal data that your browser transmits to our server. The data listed in the following is technically necessary for us to be able to display the website to you and to ensure stability and security, and therefore, we need to process it. The legal basis for this is Section 6 (1) (1) (f) GDPR:6

– IP address
– date and time of the request
– time zone difference to Greenwich Mean Time (GMT)
– content of the request (webpage visited)
– access status/HTTP status code
– amount of data transferred in each case
– previously visited webpage
– browser
– operating system

4. Objection to or revocation of the processing of your data

(1) When you consent to your data being processed, you can revoke your consent at any time. Such a revocation has effect on the processing of your data being admissible after you have communicated it to us. The processing of your data up to the time of your revocation is not touched by this.
(2) Insofar as we base the processing of your personal data on the balance of interests, you can object to the processing. In particular, that is the case if the processing does not serve to fulfil a contract with you, and that is something we will refer to in the following description of the functions. When you make such an objection, we ask you to name the reasons why we should not process your data the way we are doing it. In the case of an objection, we will consider the relevant facts and will stop or adapt the processing or inform you of our overriding legitimate reasons on the basis of which we will continue the processing.
(3) However, you can object to the processing of your data for advertising and data analysis purposes at any time. You can best submit your objection to advertising purposes using the contact details given above.

5. Processing Data from your Terminals (“Cookie Guideline”)

(1) In addition to the above-named data, we use technical tools for various functions, cookies in particular, that can be stored on your terminal. When you go to our website and also at any later time, you have the choice to generally allow cookies or which individual additional functions in particular you want to select. You can make these changes in your browser or via our consent manager link cookie settings. In the following, we first describe cookies from a technical point of view (2), before looking at your individual choices in more detail by describing technically necessary cookies (3) and those you can select or deselect as you wish (4).

(2) Cookies are text files or information in a data bank that are stored on your hard drive and allocated to the browser you use, so that the company that places the cookies can receive certain information. Cookies cannot run programmes or transmit viruses to your computer, but primarily serve to make the use of the internet faster and more user-friendly. This website uses the following types of cookies, the functionality and legal basis of which we explain here:
– Transient cookies: These are especially ession cookies, that are automatically deleted when the browser is closed or when you log out. They contain a so-called session-ID. That way various requests made by your browser can be allocated to one session and your computer can be recognized when you return to our website.
– Persistent cookies: These will be deleted after a certain period of time, and this can vary for each cookie. At any time, you can see the cookies and their duration in the settings of your browser and delete the cookies manually.
– Further technologies: These functions do not rely on cookies, but on similar technical mechanisms such as flash-cookies, HTML5 objects or an analysis of your browser settings. The result is equally that we can use the technologies described below. Here you can also agree or object.
(3) Essential functions for the display of the website:
The technical construction of the website demands that we use technologies, in particular cookies. Without these technologies, our website cannot be displayed (completely and correctly) or the support functions cannot be enabled. In this case, we are in principle talking about transient cookies that are deleted after the end of your visit to our website or at the latest when you close your browser. These cookies cannot be deselected if you want to use our website. The individual cookies can be seen in the consent manager. The legal basis for this is Section 6 (1)(1)(f) GDPR.
(4) Optional cookies that you agree to:
Various cookies are only set after you have given your consent which you can choose on your first visit to our website with the so-called Cookie-Consent Tool. These functions are only activated in the case of your consent and can serve in particular to allow us to analyse and improve your visits to our website, facilitating the use of the website with different browsers or terminals, to recognize you when you visit again or to display advertising (possibly to target advertising to your interests, measure the effectiveness of adverts or show interest-oriented advertisements). The legal basis for this processing is Section 6 (1)(1)(a) GDPR. You can revoke your consent at any time without this affecting the processing that has occurred up to the time of your revocation.
The functions we use, which you can select and revoke again with the consent manager, are described below.

6. Web Analytics

The use of Matomo
(1) On this website we use the web analysis service Matomo to analyse and check how our website is used. The resulting statistics help us to improve our offers and make them more interesting for you as a user.
(2) We run Matomo in a version that does not need cookies. That means that no Matomo cookies are placed on your computer for web analysis purposes. For the analysis we record the IP address and information such as the time stamp, websites visited and your language settings. The information gained in that way is stored on our server.

This website uses Matomo with the extension “AnonymizeIP”. This means that IP addresses are shortened before processing thus excluding a direct reference to a person. The IP address that your browser sends to Matomo is not linked to other data we collect. The legal basis for this is Section 6 (1)(1)(f) GDPR.2
(3) You can prevent the use of Matomo by removing the following tick and thus activating the opt-out plug-in: [Matomo iFrame]. In this case, an opt-out cookie is placed in your browser that prevents Matomo from saving user data. If you delete your cookies, this leads to the Matomo opt-out cookie also being deleted. When visiting our website again, the opt-out needs to be renewed.
(4) The programme Matomo is an open-source project. Please find information on data protection by this third-party provider at matomo.org/privacy-policy/.

7. Further functions and offers on our website

7.1

Along with using our website solely for information, we offer various other services that you can use if you are interested. For that you usually need to enter further personal data that we use to fulfil the service in question. For this the above-mentioned principles of data processing apply.

7.2

In part, we use external service providers and partners for processing your data. These are chosen very carefully and are instructed by us, are bound by our instructions and are checked regularly. When we receive customer data via our partners for the purpose of contract initiation, the conditions of this data protection declaration for processing data apply in the same way as described above.

7.3

We use the data you give us exclusively as far as they are necessary for a proper job training and for forming, carrying out and ending a contractual obligation either as similar to a legal transaction or as an actual legal transaction. This includes passing on customer data to partners and authorities, in particular the German Federal Aviation Authority.

7.4

On top of that, we process your data to safeguard our rightful interests in so far as your interests or basic rights and basic freedoms that demand the protection of your personal data do not prevail. The legal basis in this respect is Section 6 (1)(f) GDPR.

7.5

As far as our service providers or partners have their place of business in a state outside the European Economic Area (EEA), we will inform you about the consequences of this fact in the offer description.

8. Newsletter

(1) You can subscribe to our newsletter, which gives you information on our current interesting offers, by giving your consent. The goods and services advertised are named in the declaration of consent.
(2) For the subscription of our newsletter we use the so-called double-opt-in procedure. That means that after you have subscribed, we will send you an email to the email address you gave us in which we ask you to confirm whether that is your email address and whether you wish to receive this information.

If you do not confirm your subscription within 24 hours, your information will be blocked and deleted automatically after one month. In addition to that, we store the IP addresses you use as well as the times of subscription and confirmation. The purpose of this procedure is for us to have proof of your subscription and to be able to resolve any possible misuse of your personal data.
(3) The required field for receiving the newsletter is your email address only. Providing further, specially marked data is optional and we use it to be able to address you in person. After your confirmation, we save your email address in order to be able to send you the newsletter. The legal basis for this is Section 6 (1)(1)(a) GDPR.
(4) You can revoke your consent to be sent the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in each newsletter email, by sending an email to [Newsletter@star-wings.com] or by message to the contact details given in the imprint.

9. Social Media

9.1 Use of Social Media Plug-Ins

(1) Currently we use the following social media plug-ins: LinkedIn, Facebook, Instagram, which are only downloaded if you have previously activated the function by giving your consent. Via the plug-ins, we offer you the chance to interact with the social networks and with other users. The legal basis for the use of the plug-ins is Section 6 (1)(1)(a) GDPR, that means the embedding is only done after your consent.
(2) The plug-in provider 3 stores the data collected from you as user profiles and uses these for advertising, market research and/or targeted design of its website. Such an analysis is carried out in particular (even for users that are not logged in) to display targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. However, you have to contact the relevant plug-in provider to make your objection. The transfer of your data is carried out independently of whether you have an account with the plug-in provider and are logged into it or not. If you are logged in with the plug-in provider, the data we collect will be allocated directly to your account with the plug-in provider. If you click on the activated button and e.g. link to a page, the plug-in provider also stores this information in your user account and openly tells your contacts about this. We recommend that you regularly log out after using a social network, in particular before activating the button, as this will allow you to avoid an allocation to your profile with the plug-in provider.
(3) The information collected is stored on the servers of the service providers, in the case of international providers also outside of Europe. According to the provider’s own information, the provider has self-imposed a standard that corresponds to the former EU-US Privacy Shield and has agreed to keep to the data protection laws applicable in international data transfer. In addition to that, we have agreed so-called standard data protection clauses with the providers, the purpose of which is to guarantee compliance with an appropriate data protection level in third states.
(4) Revocation of your consent is possible at any time without this effecting the admissibility of the data processing up to that time. The easiest way to revoke your consent is with the consent manager or with the functions of the social media providers.
(5) Please find more information on the purpose and extent of the data collected and the processing by the plug-in provider in the privacy statements of these providers supplied in the following.
There you can also receive further information on your rights regarding this and optional settings to protect your privacy. Addresses for each of the plug-in providers and URL of their privacy statements:
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Authorised Representative: Gareth Lambe
Registered in Ireland (Companies Registration Office)
Company Registration No. 462932
-https://www.facebook.com/policy.php/

Instagram:
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Facebook Ireland Limited is a company registered under the law of the Republic of Ireland.
Company Registration No.: 462932
Impressum@support.instagram.com
Fax:+1 650 543 5340
LinkedIn Ireland Unlimited Company
Attn: Legal Dept. (Privacy Policy and User Agreement)
Wilton Plaza
Wilton Place, Dublin 2
Ireland
https://de.linkedin.com/legal/privacy-policy?trk=d_org_guest_company_overview_footer-privacy-policy

9.2 Embedding YouTube Videos

Embedding YouTube Videos
(1) We have embedded YouTube videos into our online offers that are stored on YouTube.com and can be played directly from our website. These are all embedded in “enhanced data protection mode”, which means that no data on you as user is transferred to YouTube as long as you do not play the videos. The data named in paragraph 2 is transferred only when you play the videos. We cannot influence this data transfer. The legal basis for showing the videos is Section 6 (1)(1)(a) GDPR, that means the embedding is done only after you have consented.
(2) Through your visit to the website, YouTube receives the information that you have visited the related sub-page of our website. In addition, the above-mentioned basic data such as IP address and time stamp are transmitted. This happens independently of the whether YouTube provides a user account where you are logged in or whether there is no user account. If you are logged into Google, your data are directly allocated to your account. If you do not wish this allocation with your profile on YouTube, you have to log out before activating the button. YouTube stores your data as user profiles and makes use of them for advertising, market research and/or targeted design of its website. In particular such an analysis is done (even for users that are not logged in) to present targeted advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of such user profiles. However, you have to contact YouTube to make your objection.
(3) The information collected is stored on Google’s servers, which can be in the USA. According to the provider’s own information, the provider has self-imposed a standard that corresponds to the former EU-US Privacy Shield for these cases and has agreed to keep to the data protection laws applicable in international data transfer. In addition to that, we have agreed so-called standard data protection clauses with Google, the purpose of which is to guarantee compliance with an appropriate data protection level in third states.
(4) Please find further information on the purpose and extent of data collection and processing by YouTube in the privacy statement. There you can also find further information on your rights and options for your privacy settings.
www.google.de/intl/de/policies/privacy.

9.3 Embedding Google Maps

(1) On our website, we use the service of Google Maps. That allows us to show interactive maps on our website and allows you to use the convenient map function. The legal basis for the use of the maps is Section 6 (1)(1)(a) GDPR, that means the embedding is done only after you have given your consent.

(2) Through your visit to the website, Google gets the information that you have visited the related sub-page of our website. In addition, the above-mentioned basic data such as IP address and time stamp are transmitted. This happens independently of the whether Google provides a user account where you are logged in or whether there is no user account. If you are logged into Google, your data are directly allocated to your account. If you do not wish this allocation with your profile at Google, you have to log out before activating the button. Google stores your data as user profiles and makes use of them for advertising, market research and/or targeted design of its website. In particular such an analysis is done (even for users that are not logged in) to present targeted advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of such user profiles. However, you have to contact Google to make your objection.
(3) The information collected is stored on Google’s servers, which can be in the USA. According to the provider’s own information, the provider has self-imposed a standard that corresponds to the former EU-US Privacy Shield and has agreed to keep to the data protection laws applicable in international data transfer. In addition to that, we have agreed so-called standard data protection clauses with Google, the purpose of which is to guarantee compliance with an appropriate data protection level in third states.
(4) Please find further information on the purpose and extent of data collection and processing by the plug-in provider in the privacy statement of the provider. There you can also find further information on your rights and options for your privacy settings.
www.google.de/intl/de/policies/privacy.

10. Data Protection and Third-Party Websites

The website can contain hyperlinks to and of third-party websites. If you follow a hyperlink to one of these websites, please note that we cannot assume any responsibility or guarantee for third-party content or data protection conditions. Please check the relevant data protection conditions before transferring personal data to such websites.

11. No automated decision making

The provider does not make any automated decisions in the sense of Section 22 (1) GDPR that has legal effect for the user or disadvantages the user considerably in a similar way.

12. Changes to these Data

Protection Regulations
We reserve the right to change these data protection regulations at any time with effect to the future.
A current version will be shown on our website. Please check the website regularly to get information on the valid data protection regulations.