Download Privacy Statement as PDF
Last update: June 2023
SkyTeam Airline Alliance Management Coöperatie U.A., a company registered in Amsterdam, the Netherlands (Chamber of Commerce registration number 34345101), whose address for visitors is at (1180 AJ) Amstelveen at Amsterdamseweg 55 (“SkyTeam”, “us”, “we”), is a global airline alliance that coordinates and provides commercial activities on behalf of and – to some extent – together with the SkyTeam Member airlines (Members) in the aviation industry. When you use our website, sign-up for our newsletters, do business with us as our business partner or supplier and/or make use of our services as indicated in this Privacy Statement, it is important to us to process your personal data carefully and securely in a transparent manner. The processing of your personal data is subject to the rules of the General Data Protection Regulation (EU) 2016/679 (GDPR), and potentially to one or more EU member states’ national implementation acts of the GDPR, as well as the data protection laws and regulations of other countries (if applicable). This Privacy Statement serves to comply with our transparency obligations under the GDPR, namely to explain to you when we collect your personal data in the capacity of a controller under the GDPR, what personal data we collect, how we use such personal data, and how long we keep your personal data.
This Privacy Statement was last updated in June 2023. This Privacy Statement supersedes any previous versions of our Privacy Statement. When there are any updates, we will inform you thereof in this Privacy Statement. Please check this Privacy Statement regularly for the most current version. If we make any changes that may significantly affect you as a data subject, we will endeavour to actively inform you about those changes before the changes come into effect. All changes will take effect as soon as the Privacy Statement has been published on the website.
SkyTeam is the controller, within the meaning of the GDPR, of the processing of your personal data indicated in this Privacy Statement.
Note that SkyTeam may also process your personal data on behalf of the Members (in their capacity of joint or individual controllers). SkyTeam is considered a processor for these processing activities within the meaning of the GDPR. This applies to most of the Member services mentioned on the website www.skyteam.com/en, such as loyalty programs and/or lounge access management. For more information on the personal data processed by the Members in their capacity of individual or joint controllers (and SkyTeam as a processor), please consult the Members’ separate privacy statements. SkyTeam is not responsible for the Privacy or Cookie Statements as implemented by Members or other third parties.
For more information on the personal data processed by us and Members in our capacity of joint controllers in relation to the global airline aviation activities, please consult our Privacy Statement for Joint Controllers.
When do we collect personal data?
|
What personal data do we collect of you? |
Why do we collect this personal data? |
Legal ground for using your personal data? |
How did we obtain your personal data? |
How long do we retain your information? |
If you visit our website |
- If you visit our website, various cookies and similar technologies (hereinafter: “cookies”) are used. We use functional, analytical, social media and advertising cookies. When we place and read cookies, your personal data will be processed. - Please read our Cookie Policy for more detailed information about the use of cookies. In the Cookie Table we have listed per cookie all the categories of (personal) data that will be processed subsequently, as well as the associated processing purposes and applicable cookie lifespan. |
- For the functioning and optimization of the website - To integrate social media plug-ins and marketing activities, such as showing (personalized) advertisements. |
- The legal ground for processing your personal data through the functional and privacy-friendly analytical cookies is our legitimate interest to make our website and app work properly. |
- Via cookies |
- Please refer to the Cookie Policy for the specific retention periods. |
If you visit our premises |
- Personal details, such as name, title, gender and company name.
|
- Internal control and corporate security, including control and security of IT and communications facilities.
|
- Legitimate interests. We may process your information as necessary for achieving our legitimate interests of internal control and security.
|
- From yourself. - Through access badge control devices. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that: |
If you participate in customer satisfaction surveys |
- Personal details, such as name, title, gender |
- To perform customer surveys to analyse and optimize our services and products. |
Consent: Legitimate interests: |
- From yourself. - Third parties engaged by us in the context of customer research, such as Members or InSites Consulting. - Other third parties in incidental cases. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than 12 months. |
If you get into contact with us |
- Your name. - Information provided by you through your question or message. |
- To answer any questions that you may have or to respond to any of your comments. - To provide you with our customer services. - To comply with legal obligations, a court order or to exercise or defend legal claims. |
- Legitimate interests. We have a legitimate interest for our processing activities in case you have contacted us. This may, for example, be the case when you contact us via a contact form or via our SkyTeam Support Desk chat. |
- From yourself. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than two years after termination of our business relationship. |
If you are a business contact |
- Contact details of contact person, including name, address, phone number and e-mail address. - Payment details. - Other information provided by you |
- Drafting and verification of contracts, including negotiations and contract management. - Credit and debtor administration. - Maintaining business contacts. - To comply with legal obligations, a court order or to exercise or defend legal claims. |
- Performance of a contract with you: In some cases, we may need your personal data to perform a contract with you. If you refuse to provide us with the information we need for the performance of a contract, we may not be fully able to meet the agreements in the contract depending on the type of contract that is concluded. |
- From yourself. |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than two years after termination of our business relationship. |
If you participate in our marketing campaigns |
- Your name - Image and video recordings - Other information provided by you |
- To promote, merchandise, advertise and/or to inform in relation with the campaign on different medias (e.g. internet, airport lounges, internal communication of SkyTeam and its member airlines). |
Consent: |
- From yourself |
We will not retain your personal data longer than is necessary for the purposes for which they are used, as mentioned under "Why do we collect this personal data?". In principle, this means that we will not retain your personal data longer than five (5) years after giving consent. |
Your information may be collected by, shared with and processed by persons working for or on behalf of SkyTeam on a need-to-know basis for the purposes described above.
Your personal data may be shared with Members, who will act as an independent or joint controller (without or without the involvement of SkyTeam as a controller). SkyTeam has no control over the privacy practices of Members. Please read their privacy statements carefully for information on how they handle your personal data. You can find a list of the Members here.
We may work with other partners, such as travel agencies, partners and other companies involved in facilitating travel arrangements as well as WTC Amsterdam, or Schiphol Airport Authorities. For this purpose, we may share your personal data with these partners, who will act as independent controllers. SkyTeam has no control over the privacy practices of these partners. Please read their privacy statements carefully for information on how they handle your personal data.
We also use third party service providers such as IT suppliers, social network providers, marketing agencies, credit card companies and anti-fraud screening service providers to provide our services. Therefore, your personal data will be processed by these third party service providers. When we use services of a party who processes your personal data on our behalf, acting as a processor, we have concluded appropriate data processing agreements in line with applicable data protection laws.
The processing of your personal data may entail the transfer of your personal data to a third country that does not provide the same level of protection as within the European Economic Area (EEA). This may be the case if we share your personal data with our Member airlines or with selected other third parties, with whom we have partnership agreements.
Where applicable, we have taken appropriate safeguards to transfer your personal data to a country located outside the EEA, if that country does not provide an adequate level of protection according to the applicable data protection laws, by relying on adequacy decisions issued by the European Commission or by entering into standard contractual clauses approved by the European Commission (with supplementary measures to the extent required). You can contact us if you would like to receive more information on the measures we have taken to safeguard your information in this respect.
We are committed to ensuring that your personal data is kept secure. In order to prevent unauthorized access or disclosure, we have put in place appropriate physical, technical and organizational measures to safeguard the information we collect and process.
As a data subject, you have certain rights concerning our processing of your personal data. You may:
You may send us a request using the contact details below. We will handle your request carefully and in line with the applicable data protection rules.
Please contact us if you have any questions:
SkyTeam Airline Alliance Management Coöperatie U.A.
Postbus 350
1180 AJ AMSTELVEEN
THE NETHERLANDS
website@skyteam.com