Privacy Policy

Privacy policy

This privacy policy describes how we process personal data on our websites.

1. Who is the data controller?

Responsible according to Article 4 No. 7 of the General Data Protection Regulation
(GDPR) for the processing of your personal data within the meaning of Article 4 No. 1
GDPR in connection with the use of our website is HTM Helicopter Travel Munich
GmbH, Willy-Messerschmitt-Straße 1, 82024 Taufkirchen near Munich, e-mail: office-
muenchen@helitravel.de.

2. How can I contact the Data Protection Officer?

You can reach our Data Protection Officer at datenschutzbeauftragter-heristo@ds-quadrat.de or by
letter to

ds² Unternehmensberatung GmbH & Co.KG
Falkenstraße 10
33775 Versmold
Germany

In the latter case, please mark the envelope “Data Protection Officer”.

3. For what purposes and on what legal basis is my personal data processed? Will my
personal data be shared with others?

Your personal data will only be processed within the scope of the purposes defined by
us here and will be passed on to third parties in accordance with the need-to-know
principle:

provision, improvement, further development, and security of the website

We process certain log files and device information with personal reference in order to
provide you with our websites including their functionalities in the first place. In
addition, the processing of your personal data serves the purpose of optimizing our
websites and ensuring the security of our IT systems. We carry out this processing in
particular to avoid overloading the servers (especially in the event of abusive attacks,
so-called DDoS attacks), to control the utilization of the servers and to ensure the
stability of the websites.
We use these log files and device information as part of our legitimate interest in the
availability and continuous development of our website. The legal basis for the use of
this data is Article 6 (1) (f) GDPR.
The web hosting provider used by us, Strato AG, Otto-Ostrowski-Straße 7, 10249
Berlin, can access this data. The provision of personal data is neither legally nor
contractually required or necessary for the conclusion of a contract. However, without
the processing of the data, the functionality of our websites cannot be guaranteed.

Contact and communication

Insofar as you provide us with personal data in connection with your contact (e.g. via
contact form, e-mail or telephone), we use this data to be able to answer and process
your request quickly and in the best possible way. In addition, we process your
personal data to ensure the safety of our information technology systems, in particular
to be able to recognize spam mails or to follow up on fraud warnings. Non-commercial
communication with you may also be for other technical, security and / or contractual
purposes.
The use of your data in the context of communication with you corresponds to our
legitimate interest according to Article 6 (1) (f) GDPR. Insofar as it concerns a specific
inquiry about our services, a use of your data for the execution of the contract or for
the execution of pre-contractual measures takes place upon your request pursuant to
Article 6 (1) (b) GDPR.
The web hosting provider used by us, InterNetX GmbH, Johanna-Dachs-Straße 55,
93055 Regensburg, can access this data. The provision of personal data is not
required by law. However, your personal data is required for the conclusion of a
contract or necessary to process your request. Please understand that we reserve the
right not to process your request or to refuse to conclude a contract if you do not
provide us with your personal data.

Processing of your personal data in the context of using cookies or other identifiers

We and other third-party providers process your personal data and store information
(e.g., through cookies or other identifiers) on your terminal device or access it. Insofar
as this information is not absolutely necessary for us to be able to provide you with
the desired telemedia service, we will ask you for your consent in accordance with §
25 (1) TTDSG. Insofar as we use this information further to simplify the use or further
development of our website, this is based on Article 6 (1) (f) GDPR. Insofar as the
processing is legally required, we base the processing on Article 6 (1) (c) GDPR and
insofar as the processing is carried out for the purpose of analysis, personalization and
the presentation of interest-based advertising, we carry out this processing on the
basis of your consent, Article 6 (1) (a) GDPR. We will inform you in more detail about
the processing of your personal data in this context, the modalities and scope of your
consent, which can be revoked at any time, and the notices required under Article 13
of the GDPR in our Consent Manager, or in our Consent Management Platform (CMP).
You can access the Consent Manager or the Consent Management Platform at any
time via our website.

4. How long will my data be stored?

In general, we store your personal data only for as long as it is necessary to fulfill the
purpose underlying the respective processing or to comply with legal requirements.

5. Is personal data also transferred to recipients outside the European Union or outside
the European Economic Area (EEA)?

We also intend to transfer your personal data to recipients located in non-EEA
countries. In this case, we ensure before the transfer that either an adequate level of
data protection exists at the recipient (e.g. based on an adequacy decision of the EU
Commission for the respective country or through the agreement of so-called EU
standard data protection clauses of the European Union with the recipient) or that
sufficient consent has been obtained.
You can obtain from us an overview of the recipients in third countries and a copy of
the specifically agreed arrangements to ensure the appropriate level of data
protection. Please use the information in the contact section for this purpose.

6. Does automated decision-making, including profiling, take place in the context of
the processing of my personal data on this website?

Automated decision-making, including profiling, does not take care place, Article 22
(1), (4) GDPR.

7. What are my rights?

You have the right of access (Article 15 GDPR), right to rectification (Article 16 GDPR)
and right to erasure (Article 17 GDPR) or restriction of processing of your personal
data (Article 18 GDPR). Insofar as we process personal data on the basis of legitimate
interest according to Article 6 (1) (f) GDPR, you may object to further processing
(Article 17 GDPR). Whether your objection is successful is to be determined in the
context of a balancing of interests. n the event of your consent, processing for the
performance of contracts or within the scope of automated processes, you are
generally entitled to a right to data portability (Article 20 GDPR).
Without prejudice to the rights set out above, you have the right to file a complaint
with a supervisory authority, in particular in the member state of your residence,
workplace or the place of the suspected infringement, if you consider that the
processing of personal data relating to you violates the GDPR.
The supervisory authority which received the complaint shall inform the plaintiff of the
status and outcome of the complaint, including the possibility of an appeal under
Article 78 GDPR.
This privacy policy was created by WeData GmbH (www.we-data.de).