Data Privacy Statement

Information about Data Protection

Here, you will find detailed information about data protection statements.

A. Data Privacy Policy Statement

The Controller within the meaning of the GDPR is:Fraport AG Frankfurt Airport Services Worldwide
60547 Frankfurt am Main
Management Board: Dr. Stefan Schulte (Chairman), Anke Giesen, Michael Müller, Dr. Pierre Dominique Prümm, Dr. Matthias Zieschang
Local Court Frankfurt am Main, HRB 7042
Tel.: +49 69 690-0
E-Mail: info@fraport.de(hereinafter “Fraport, or “we” or “us”)

We naturally have a firm commitment to responsibly managing your data. The access and usage data captured when you visit this website are used by us in full compliance with the provisions of European and German Data Privacy Law. This data privacy policy statement explains the extent to which Fraport captures and processes data that are captured when users visit this website or use (mobile) Web services or the Fraport App and what these data are used for.

1. Applicability of This Data Privacy Policy Statement

This data privacy policy statement applies to the websites at www.frankfurt-airport.de and www.frankfurt-airport.com, the related (mobile) Web services, and the Fraport App (hereinafter “App”) operated by Fraport and to the services and functions (hereinafter “Services”, “Frankfurt-airport.com”, or “Airport Portal”) offered via them.
Our services link to other websites and services of Fraport, for example https://parken.frankfurt-airport.de for parking at Frankfurt Airport and our Service Shop at https://serviceshop.flughafen-frankfurt.de/de (e.g. for services in connection with “Create Your Stay”, transportation, and passenger care).
In addition, we link to or integrate services of other providers. Separate data privacy policies and rules may apply to these third-party services. For more information, please refer to the data privacy policies posted on the corresponding websites or within the services.

2. Capture and Use of Data While Using Our Services

2.1 General Information

Personal data are defined as all data that can be assigned to a certain individual (e.g. name, address, phone number, and e-mail address).
When you visit our websites and use our services, user data are automatically captured both for providing and administering the services and for security purposes. They include, for example, the IP address that has been assigned to you by your Internet provider, the website, if any, from which you have linked to us, the pages you visit, your browser type (including the version and language), the type and attributes (e.g. screen resolution) of the device you are using to visit us, device IDs (e.g. your MAC address or a comparable ID) and information on your operating system, the date and duration of your visit, and additional information on your use of our services (e.g. searches, pages viewed, and items clicked).

All of these data are processed and used for the above-mentioned purposes and stored for a limited time. They do not permit us—except in the special cases discussed further below—to draw any conclusions about the identity of a natural person. The MAC address is only stored in anonymized form. Without such data we cannot or not fully provide our services to you.The collection and processing of the respective personal data is carried out on the basis of Art. 6 Sec. 1 Sent. 1 lit. b GDPR (purpose of contract) to the extent necessary to enable you to use our services.Furthermore, in particular cases processing is necessary for safeguarding the legitimate interests pursued by us or by a third party (Art. 6 Sec. 1 Sent. 1 lit. f GDPR). Our interest in processing relevant data such as browser type or other log files in particular is to ensure the functionality and security of our IT systems and to optimize the website. In addition, cookies as well as analytics services are used upon visiting our website. For further details please see Section 2.3 and 2.4 of this Data Privacy Policy Statement.
You may visit and use many of our services without registering or identifying yourself. Some services, however, require prior registration (e.g. our Online Retail Platform, which is also called “Frankfurt Airport Online Shopping”).

Your data will not be disclosed to any other parties unless this is essential for fulfilling the contract or safeguarding legitimate interests of Fraport, we for this purpose contract other companies (such as technical service providers, payment service providers, logistics service providers) to perform certain services or work to facilitate the operation, security and availability of our IT systems, or when we are required by law to do so (e.g. in response to official requests). More detailed information on these and other aspects can be found below and in the separate data privacy policies and information for individual services (e.g. the special data privacy policy for Frankfurt Airport Online Shopping).Your data will only be transferred to a third country or an international organization, when it is necessary for the performance of the contract, to safeguard the legitimate interests of Fraport or in the course of engaging a service provider (usually as processor), or when we are required by law to do so. In any case, we will inform you of such a transfer according to the statutory provisions and particularly with regard to whether or not an adequacy decision of the EU Commission exists, or using suitable or appropriate guarantees.

2.2 Using Our Services Via the App

When you use services via our App, additional personal data are captured and used depending on the functions and services and how they are used.If we receive any personal data from you via the App’s feedback form, we process and use it in strict compliance with the applicable data privacy regulations and exclusively for processing your request. We do not release these data to any third parties unless it is required for processing your request or falls under special provisions of this data privacy policy statement.

When our services are used via the App, additional App-specific data are automatically captured, such as the name of the mobile device, the screen resolution, and device-specific IDs that—except when using certain functions described in the following—are always processed in a form so that we cannot link those to a natural person.

If you enable the notification service (“push notification”, e.g. for obtaining updates on flights) after entering certain requested information, an automatically generated identification number (“token”) is additionally captured, together with the language for the notifications, for as long as the notification service is used. It is then automatically deleted. The token is generated by the provider of the app store from which you obtained the App (Apple Inc. for IoS devices and Google LLC for Android devices) and sent to Fraport. For the notification service, the token is sent together with the content of each notification to Apple Inc. or Google LLC., which then retransmits it via their own services. The information sent to Apple Inc. or Google LLC may allow conclusions to be drawn about the user’s identity. However, these data are only temporarily stored on systems operated by Fraport. Consequently, if you use the notification service you also use services of Apple Inc. (IoS) or Google LLC (Android) that Fraport is unable to influence. In this connection, personal data may also be sent and used outside the EU or EEA. For more information on the handling of personal data by Apple Inc. or Google LLC in connection with use of the notification service, please consult the relevant provisions of that provider’s own data privacy policy.If you use location-based services or have consented to the capture and use of location data, your mobile device also transmits information on your location. Subject to your explicit consent, we use this information to provide location-based services to you (e.g. for finding your position at the airport and the navigation function). You can usually disable the transmission of location-based data by appropriately adjusting the settings of your mobile device (e.g. by turning off Wi-Fi reception), whereby you will not be able to use certain services. For more information on how to change settings of this kind, please refer to your mobile device’s instructions.In order to improve the App’s navigation function, QR codes have been posted around the terminals. If you scan one of these with the App, you receive precise information on your location. In order to keep improving the navigation function, and for statistical purposes, Fraport may evaluate these actions and all data captured in connection with them. It is impossible to deduce the user’s identity from this information.The collection and processing of the personal data as described above is necessary so that we can provide you with the relevant functions of the App (performance of contract, see Art. 6 Sec. 1 Sent. 1 lit. b GDPR). As far as we use data to improve our services, it is to safeguard our legitimate interests (Art. 6 Sec. 1 Sent. 1 lit. f GDPR), in particular to improve the functionality and security of our IT systems.

2.3 Cookies and Internet Technologies

Cookies are small text files that are stored locally in the cache of your Internet browser. To optimize user-friendliness we use temporary cookies that are stored in your terminal device for a set period of time. These cookies allow us, among other things, the recognition of the web browser, to prevent entered data from being lost during an interruption (e.g. because the Internet collection is lost) or when switching to another of our services and back again.We on the other hand use cookies to document the use of our website statistically and to optimize our services. These cookies are automatically erased after each set period of time.For further information on services that use cookies, please refer to the notes under Section 2.4.You can prevent cookies from being stored on your computer or device by appropriately setting your browser, whereby in this case you will not e.g. be shown offers tailored to your interests anymore and neither login nor re-registration are possible. Please note that you will nevertheless still be shown advertising in our services.
The data captured with the above-mentioned technologies are not used to personally identify you as the website user unless you have explicitly given permission for this to be done, and are not merged with any personal data of the pseudonym’s user unless you have explicitly allowed us to do so in another context or it is permitted by law. At any time you may also revoke your permission and forbid Fraport to capture and process any more such data.The use of relevant technologies is carried out either on the basis of a law permitting such use (e.g. Para. 15 Sec. 3 Telemedia Act) or for the safeguard of our legitimate interests (Art. 6 Sec. 1 Sent. 1 lit. f GDPR), in particular for ensuring the functionality and security of our IT systems and the provision of advertisement tailored to your interests.

2.4 Use of Analytics and Tracking Tools

We use various analytics and tracking tools (by, amongst others, embedding advertising networks) on our website. The processing of data by such analytics and tracking tools is necessary to safeguard our legitimate interests (Art. 6 Sec. 1 Sent. 1 lit. f GDPR).Our interest in the data processing is, amongst others, to optimize the website and the services. In addition, the services help to increase the usability of our services and therefore the satisfaction of the users and customers. Furthermore, they enable us to provide advertisement tailored to your interests. For more details on how to object to the use of such services, please refer to the following notes.

2.4.1 Use of Google Analytics

Our services use Google Analytics, a web analysis service provided by Google, LLC. (“Google”). Google Analytics uses cookies, which are stored on your device to analyze how you use our services. The information generated by the cookies about your use of our services is transmitted to and stored by Google on servers in the United States. If IP anonymization is enabled on this website, Google crops your IP address beforehand in countries that belong to the European Union or have signed the EEA Agreements. Only in exceptional cases is the full IP address first sent to a Google server in the USA and then cropped.
At our request, Google uses this information to evaluate your use of the services, compile reports on the service activities, and provide other services to the operator related to use of the services and the Internet. The IP address sent by your browser in connection with Google Analytics is not mingled with other Google data. You can prevent cookies from being stored on your device by selecting the appropriate browser settings; however, please note that if you do this you may not be able to fully use all services.Furthermore, you can prevent the collection of data generated by the cookie and related to the use of the services (including your IP address) by Google as well as the processing of these data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de As an alternative to the browser plugin, you can click on this link to prevent collection by Google Analytics on this website in the future. In doing so, an opt-out cookie will be stored on your terminal device. If you delete cookies, you must click on the link once again. For more detailed information please visit: http://tools.google.com/dlpage/gaoptout?hl=de or http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection).

2.4.2 CI360 von SAS

Our services include CI360, a web analysis solution from SAS Institute Inc. (“SAS”). Cl360 uses cookies that are stored on your computer and allow us to analyse your use of our services. The information generated by the cookie about your use of our services are transferred to SAS’s servers within Europe (more precisely: Ireland) and stored there after shortening of the IP address. The data is used for displaying interest-based content and analysing the usage of the website (web tracking). SAS processes the data exclusively on our behalf, in accordance with our instructions and not for their own purposes. You can prevent the installation of the cookies by activating the relevant setting of your browser software; however, please note that if you do this you may not be able to fully use all of our services. Furthermore, you can prevent the collection of data generated by the cookie and related to the use of the services (including your IP address) by SAS as well as object to the processing of such data by SAS by activating the checkbox below, by which an opt-out cookie is placed: Deactivate CI360 Webtracking

2.4.3 Google AdWords Remarketing and Doubleclick

We use advertising and web display services AdWords Remarketing and Doubleclick by Google LLC (Google) on our website. They enable the placement of interest-based advertising by allowing users who have visited or used websites and offers to be redirected to matching offers on the Google Partner Network. Google uses cookies for this purpose. Cookies consist of a specific sequence of numbers (cookie ID). The cookies are placed and stored on your computer. Google uses these cookies to recognize your browser when visiting other websites and provide interest-based advertising. The information generated by the cookie may be transferred to and stored on servers operated by Google in the US. Google may also use your browser’s IP address for displaying relevant advertising.Please note that these Google services are services of an independent third party company (Google), whose data processing operations we cannot influence. More information on how Google handles collected data and Google’s privacy policy can be found under: http://www.google.com/intl/de/policies/privacy/If you don’t want to receive interest-based advertising based on AdWords Remarketing you can prevent the installation of the cookies by activating the relevant setting of your browser software (no storage of cookies).If you want to object to the use of cookies for AdWords Remarketing and/or Doubleclick, you can do that at any time with effect for the future, by deactivating the use of the respective cookies according to the specifications of the website under this link: http://www.google.com/settings/ads.

2.4.4 Bing Ads

We use Bing Ads on our websites, a program of Microsoft Corporation (“Microsoft”), using Universal Event Tracking (UET) for the implementation of remarketing and conversion tracking. For this purpose, a cookie is placed on your computer, when you get directed to our website via the search engines Bing or Yahoo or through another website that displays Bing Ads. The cookie stores information about your use of our website. The stored information includes, amongst others, your IP address, the URL of the visited website and the URL of the website that directed you to our website. The remarketing function enables the display of advertising specially tailored to you on a later search on the search engines Bing or Yahoo or when visiting other websites that contain Bing Ads.

If you do not agree with the collection of such information, you can deactivate the cookie in the settings of your internet browser. Please note that if you do so you may not be able to fully use all of our services.Furthermore, you can check on the deactivation page for consumers of the Network Advertising Initiative (NAI) http://www.networkadvertising.org/choices/ which of the participating sites place cookies in your browser and deactivate those.As an alternative you can click on the following link to place an opt-out cookie which prevents the future collection of your data when visiting this website: https://account.microsoft.com/account/privacy.You will find Microsoft’s privacy statement on the handling of collected personal data under: https://privacy.microsoft.com/de-de/privacystatement/.

2.5 Data security

Our websites use the widely-used SSL- system (Secure Socket Layer) in conjunction with the respectively highest level of encryption that is supported by your browser (usually a 256 bit encryption). If your browser does not support this encryption, a 128 bit v3 technology is used instead. You can recognize whether the contents of our website are transferred encrypted by a key or a lock icon displayed in the lower status bar of your browser, which is displayed as encrypted (marked with a key icon).We also use appropriate technical and organizational security measures to prevent accidental or intentional manipulation, partial or total loss, destruction or access by unauthorised persons as far as possible. These measures are continuously adapted according to the technological development.

2.6 Your rights, questions or suggestions

As far as the processing of your personal data is based on consent (Art. 6 Sec. 1 Sent. 1 lit. a GDPR or Art. 9 Sec. 2 lit. a GDPR) you have the right to withdraw your consent at any time with effect for the future, without affecting the lawfulness of the processing based on the consent before its withdrawal.You may also object to the use of your personal data for advertising purposes by means of direct advertising at any time to Fraport AG, Frankfurt Airport, 60547 Frankfurt am Main, if and to the extent it is carried out on the basis of a legitimate interest of Fraport. Furthermore, you may object to the use of your personal data at any time for reasons that arise from your particular situation. We will inform you hereupon separately for each processing operation.In addition, you have the right to at any time obtain information about personal data stored by Fraport about you, rectification or deletion or restriction of processing, and in certain cases a right to data portability.Under [please add URL] we have set up a website for the implementation of the GDPR by Fraport AG, which also gives you the opportunity to contact us directly and to conveniently assert your rights. We recommend you to assert your above-mentioned rights on the above-mentioned website’s dedicated features (such as our Inquiry Form) to allow for the most timely processing of your request.Of course, you will still be able to send your requests directly to Fraport's data protection officer by other means: Data protection officerFraport AG – VA160547 Frankfurt am MainE-Mail: datenschutz@fraport.deFinally, you have the right to lodge a complaint with a competent regulatory authority if you believe that the processing of your personal data violates data protection requirements.For further questions or suggestions concerning data protection please contact the data protection officer of Fraport. 3. Use of Additional Services and Services Requiring Registration

3.1 Information Services and Contact

If, after having registered, you access special information available through our services (e.g. to bookmark flights, products, or services, set a notification, or request information and documents in connection with “Create Your Stay”), or use our contact forms to contact us, we will process and use the data captured thereby (e.g. your e-mail address or flight information) only to the extent that is necessary to provide the service or information concerned, unless you have explicitly given us permission to use them in other ways or it is permitted by law.

3.2 Use of Fraport Travel Services and Other Purchasable Offerings of Fraport

If you use a booking screen in our services to book travel services (e.g. flights or hotel accommodations) or other services (e.g. tours at the airport), we or the contracted service provider capture the data that are required to fulfill and execute your booking request and pass it on to third parties (e.g. airlines, travel offices, etc.) to the extent required to meet your request. In some cases additional data privacy conditions may apply to these services and associated services provided by third parties (e.g. preparation of data for processing by an airline). For details, please consult the information available from the provider in question. Fraport may use the data received for calculating and settling commissions.

3.3 Frankfurt Airport Online Shopping and the Fraport Rewards Program (“Frankfurt Airport Rewards”)

You can—after specially registering or as a guest—purchase products and services from Fraport or other sellers at Frankfurt Airport Online Shopping. In this connection, you may additionally register for the Rewards Program. Additional data policy statements and requirements may apply to these services; they are communicated during registration, ordering, or use.

3.4 Using Our Services via the App as a Registered User

If you use our services via the App as a registered user, you may provide us with additional personal data (e.g. your e-mail address, password, or the items in your watchlist. Provided that you have explicitly permitted us to do so or it is allowed by law, we use these data to meet your requests and provide our services. So that we can offer services to you, our systems generate a token and a user-specific ID that is assigned to your device and permits synchronization and exchange of data with the App.

If you join Fraport’s rewards program, we also provide you via the App with a digital membership card that you can use when making purchases at the airport. The just-mentioned identification numbers make it possible for the card readers in shops to recognize your digital membership card and transmit data related to purchases to our system for registering you and assigning reward points to your account.
For additional details on how personal data are treated, please consult the data privacy information on use of the Airport Portal by registered users and use of Frankfurt Airport Online Shopping and/or participation in the Rewards Program.

3.5 Information and Related Services

If you register for or use our services, you can subscribe to or cancel our newsletters and advertising services. Additional information is provided by service-specific notes and requirements that are communicated in connection with service requests and registration.

3.6 Necessity of provision and legal basis

Unless previously (and subsequently under the letters B. to D.) described otherwise, the collection and processing of the corresponding personal data is carried out for the purpose of providing the respective service (e.g. registration for Fraport Airport Shopping) and is therefore required in order to be able to offer and provide you with the respective services. The legal basis for data processing is then Art. 6 Sec. 1 Sent. 1 lit. b GDPR (purpose of contract). In the event of non-provision of the required personal data, we therefore cannot or not fully provide you with the services offered by us or third parties. 3.7 Duration of storage of your personal dataWe only process and store your data for as long as it is necessary for the provision of our services.Storage can go on as long as claims against Fraport can be asserted against the provided services and/or we may require the relevant data for purposes of legal defense. In addition, we are often required by law to keep the data for a longer period of time, usually for a period of 6 to 10 years for retention purposes. B. Special Notes on Data Privacy and Consent by Registered Users of the Airport Portal

1. General Notes on Use of Your Personal Data

The following special data privacy notes deal with handling of the personal data of individuals who use the Airport Portal as registered users via the websites of Fraport, (mobile) Web services, the Fraport App, or other services that can be reached via those (including www.frankfurt-airport.com). These are not covered by the consent (see Section 2 below) and may insofar change from time to time.
In connection with registering for and using the Airport Portal, the corresponding (mobile) Web services, the App, and other services and functions offered via these, you provide us with personal data (e.g. your name, address, payment data, e-mail address, location, flight data, or product preferences for use of the watchlist and notification function). We use these data—provided that you have given us special permission to do so or it is allowed by law—to meet your requests and enable you to use our services and/or we forward them to third parties to the required extent.The collection and processing of the corresponding personal data is based on Art. 6 Sec. 1 Sent. 1 lit. b GDPR (purpose of contract), as far as this is necessary to enable you to use the services of the airport portal.The use of personal data for the purpose of advertising is carried out on the basis of the consent(s) given for this purpose (see Art. 6 Sec. 1 Sent. 1 lit. a GDPR and the following Section 2).

2. Consent to the Use of Personal Data for Customer Care and Advertising

When registering for Fraport Airport Online Shopping and/or the Rewards Program, you may submit an extended privacy statement for the use of personal data for the purposes of customer service and advertising by activating the respective checkbox. In this case, by activating the checkbox you declare that you have taken note of these special data protection notices and give the following declaration of consent: I hereby consent to the use of my personal data (e.g. membership number, purchase history with the date, time, article numbers, and prices for each purchase, names of connected retailers, modes of payment, coupon data) that are provided to Fraport AG (hereinafter “Fraport”) or automatically captured by Fraport during registration for and participation in the Rewards Program of the services of the Airport Portal via the various available channels (websites of Fraport, (mobile) Web services, the App, purchases made in physical shops, the hotline, e-mails) for storing in Fraport’s central databases of prospects and customers, carrying out market, opinion and customer satisfaction surveys, and sending me current information and offers and surveys on any aspect of the airport itself or the merchandise and services that are normally offered there by Fraport and all partner companies operating at the airport (e.g. operators of shops at Frankfurt Airport). I hereby give my consent for Fraport to merge personal data of mine that are provided to Fraport or automatically captured by Fraport from me or partner companies participating in the Rewards Program in connection with registering for and participating in the Rewards Program with other personal data of mine that are already stored in Fraport’s central databases of prospects and customers (e.g. user data after registration for and use of the Airport Portal or Frankfurt Airport Online Shopping and data from my participation in special campaigns or promotions such as prize draws) and to use them for the previously mentioned advertising purposes. I hereby give my explicit consent for my personal data to be statistically evaluated by Fraport for customer care and advertising purposes as described in the foregoing. I consent to being assigned to different interest and customer groups on the basis of my profile and utilization data so that personalized customer care can be offered and appropriate advertising displayed to me. I consequently also consent to participating partner companies contacting the individual interest and customer groups via Fraport.
I am aware that Fraport enables me to use the services of the airport portal that require registration (e.g. the use of the Frankfurt Airport Online Shopping) free of additional charge. In return, by granting this consent, I authorize Fraport to use my personal data for the above-mentioned purposes.
At any time you may withdraw your consent until further notice free of charge by sending a corresponding statement to Fraport AG, Frankfurt Airport, 60547 Frankfurt am Main, Germany, without affecting the lawfulness of processing carried out on the basis of the consent before its withdrawal. Such a withdrawal covers all of the statements made in Section 2, which constitutes one single consent. A partial withdrawal regarding individual aspects of the consent is not possible.
Please note that withdrawing this consent will prevent you from continuing to use the Airport Portal as a registered user, will terminate the corresponding contractual relationships, and may subsequently cause you to be locked out and your account to be deleted.

To the extent that it is necessary to obtain declarations of consent in order to carry out advertising activities, these activities are only conducted after the relevant permissions have been obtained. The right to use personal data (to carry out advertising activities amongst others) when permitted by law or sanctioned by specially obtained declarations of consent is not affected by the foregoing declaration of consent or its revocation. These data privacy notes, including the declaration of consent, can be called up and viewed in your customer account as well as in our Data Privacy Policy Statement at any time.

3. Additional Data Privacy Notes

You can find additional information on how we treat your personal data in connection with the use of our services in the further notes of our Data Privacy Policy Statement (see aforesaid under letter A).Please note that the data privacy policy statement only contains information on the handling of personal data, is not part of these data privacy notes or covered by the consent given therein, and may change from time to time.

C. Special Data Privacy Notes and Consent to the Use of Frankfurt Airport Online Shopping

1. General Notes on Use of Your Personal Data

The following special data privacy notes deal with handling of the personal data of individuals who use Frankfurt Airport Online Shopping as registered users via the websites of Fraport, (mobile) Web services, the Fraport App, or other services that can be reached via these, are not covered by the consent (see Section 3 hereto), and may change from time to time.
We also capture information on your use of Frankfurt Airport Online Shopping, such as your purchases, ordering history, or viewed products. We store and use these data—provided that you have given us special permission to do so or it is allowed by law—to fill your orders, support the functions of Frankfurt Airport Online Shopping (e.g. with a summary of your past orders or an overview showing the status of orders), and provide customer support (e.g. if you have questions on the use of Frankfurt Airport Online Shopping). For processing your orders, we also relay your data to the respective seller and to reliable payment service providers.The collection and processing of the relevant personal data is based on Art. 6 Sec. 1 Sent. 1 lit. b GDPR (purpose of contract), as far as this is necessary to enable you to use the services of Frankfurt Airport Shopping (e.g. to place an order).

In addition, the processing of the named data in individual cases is necessary for the protection of our or a third party’s legitimate interests (Art. 6 Sec.1 Sent. 1 lit. f GDPR), e.g. the permanent storage of your purchases, order history or view products in order to document and make comprehensible to you your use of our services (for the use of relevant data for advertising purposes, see Section 2 below). The use of personal data for the purpose of advertising is based on the consent(s) given for this purpose (see Art. 6 Sec.1 Sent. 1 lit. a GDPR and following Section 3).

2. Notes on Verification of Flight Data

In order to check the available delivery options for your order and display them to you (e.g. pickup in a shop in the post-security area of the airport), during the ordering process we ask you to enter information on your booked flight and then use an in-house flight database operated by Fraport to verify your entries (flight date/departure time, flight number, airline, gate, destination).
If you purchase duty-free merchandise, we access an external database (Amadeus) to check whether you have a valid airline ticket or boarding pass and are therefore entitled and permitted to purchase items of this kind. The data we provide to Amadeus are used exclusively for this check and not stored by Amadeus. In this connection, personal data may be sent to countries outside the European Economic Area. However, such a transmission is necessary, since otherwise the necessary checks to use the respective services cannot be performed.

3. Legal Consent Under Data Policy Law to Use Personal Data for Customer Care and Advertising

When registering for Fraport Airport Online Shopping and/or the Rewards Program, you may submit an extended privacy statement for the use of personal data for the purposes of customer service and advertising by activating the respective checkbox. In this case, by activating the checkbox you declare that you have taken note of these special data protection notices and give the following declaration of consent: I hereby consent to the use of my personal data (e.g. membership number, purchase history with the date, time, article numbers, and prices for each purchase, names of connected retailers, modes of payment, coupon data) that are provided to Fraport AG (hereinafter “Fraport”) or automatically captured by Fraport during registration for and participation in the Rewards Program of the services of the Airport Portal via the various available channels (websites of Fraport, (mobile) Web services, the App, purchases made in physical shops, the hotline, e-mails) for storing in Fraport’s central databases of prospects and customers, carrying out market, opinion and customer satisfaction surveys, and sending me current information and offers and surveys on any aspect of the airport itself or the merchandise and services that are normally offered there by Fraport and all partner companies operating at the airport (e.g. operators of shops at Frankfurt Airport). I hereby give my consent for Fraport to merge personal data of mine that are provided to Fraport or automatically captured by Fraport from me or partner companies participating in the Rewards Program in connection with registering for and participating in the Rewards Program with other personal data of mine that are already stored in Fraport’s central databases of prospects and customers (e.g. user data after registration for and use of the Airport Portal or Frankfurt Airport Online Shopping and data from my participation in special campaigns or promotions such as prize draws) and to use them for the previously mentioned advertising purposes. I hereby give my explicit consent for my personal data to be statistically evaluated by Fraport for customer care and advertising purposes as described in the foregoing. I consent to being assigned to different interest and customer groups on the basis of my profile and utilization data so that personalized customer care can be offered and appropriate advertising displayed to me. I consequently also consent to participating partner companies contacting the individual interest and customer groups via Fraport.
I am aware that Fraport enables me to use the services of the airport portal that require registration (e.g. the use of the Frankfurt Airport Online Shopping) free of additional charge. In return, by granting this consent, I authorize Fraport to use my personal data for the above-mentioned purposes.
At any time you may withdraw your consent until further notice free of charge by sending a corresponding statement to Fraport AG, Frankfurt Airport, 60547 Frankfurt am Main, Germany, without affecting the lawfulness of processing carried out on the basis of the consent before its withdrawal. Such a withdrawal covers all of the statements that are made in Section 3, which constitutes one single consent. A partial withdrawal regarding individual aspects of the consent is not possible.
Please note that withdrawing this consent will prevent you from continuing to use the Online Retail Platform as a registered user, will terminate the corresponding contractual relationships, and may subsequently cause you to be locked out and your account to be deleted.

To the extent that it is necessary to obtain declarations of consent in order to carry out advertising activities, these activities are only conducted after the relevant permissions have been obtained. The right to use personal data (e.g. to carry out advertising activities) when permitted by law or sanctioned by specially obtained declarations of consent is not affected by the foregoing declaration of consent or its revocation. These data privacy notes, including the declaration of consent, can be called up and viewed in your customer account at any time.

4. Additional Notes on Data Privacy

You can find additional information on how we treat your personal data in connection with the use of our services in this Data Privacy Policy Statement. Please note that the data privacy policy statement only contains information on the handling of personal data, is not part of these data privacy notes or covered by your consent, and may change from time to time

D. Special Data Privacy Notes and Consent for the Use of Frankfurt Airport Online Shopping as a Guest

1. General Information on Use of Your Personal Data

The following special data privacy notes deal with handling of the personal data of anyone who uses Frankfurt Airport Online Shopping as a guest via Fraport’s websites, (mobile) Web services, the Fraport App, or other services that are reachable via these, and they may change from time to time.

When you register for and use the services of Frankfurt Airport Online Shopping, you provide us with personal data (e.g. name, address, payment data, e-mail address). We store and use these data—provided that you have given us special permission to do so or it is allowed by law—to process your orders. For fulfilling your orders, we also relay your data to the respective seller and to reliable payment service providers.

2. Notes on Verification of Flight Data

In order to check the available delivery options for your order and display them to you (e.g. pickup in a shop in the post-security area of the airport), during the ordering process we ask you to enter information on your booked flight (flight date/departure time, flight number, airline, gate, destination and then use an in-house flight database operated by Fraport to verify your entries; please also see letter C.2. above).

3. Additional Data Privacy Notes

E. Special Data Privacy Notes and Consent for Participation in the Rewards Program

1. General Notes on Use of Your Personal Data

The following special data privacy notes deal with handling of the personal data of individuals who participate in the Rewards Program, especially via the websites of Fraport, (mobile) Web services, the Fraport App (hereinafter “App”), or other services that can be reached via these. They are not covered by the consent you have given (in Section 2) and may change from time to time.

When you register for and use the Rewards Program, you and the participating partner companies provide us with additional personal data on you (e.g. membership number, purchase history, name of the connected retailer, mode of payment, coupon details). We store and use these data—provided that you have given us special permission to do so and/or it is allowed by law—to implement your participation in the Rewards Program (e.g. redemption of points to purchase merchandise or display of information on reward points when you use Frankfurt Airport Online Shopping or the App).

When you use your membership card to purchase merchandise or services from Fraport (e.g. at Frankfurt Airport Online Shopping or on the Airport Portal) or in a shop of a participating partner company at Frankfurt Airport, Fraport captures the relevant transaction and discount data in order to pay and settle accounts with the participating partner companies.

When you use your membership card at Frankfurt Airport Online Shopping or in a shop of a participating partner company at Frankfurt Airport, the participating partner company submits the relevant transaction data to Fraport.

Fraport does not disclose any personal data to the participating partner companies in connection with your participation in the Rewards Program.
To implement and administer the Rewards Program, Fraport contracts other companies to process the associated data on Fraport’s behalf while complying with the applicable legal requirements. This may also be done outside the EU or EEA (including on the basis of EU standard contractual clauses).

We also provide you with a “digital membership card” in the App that you can use, for example, when making purchases in shops at Frankfurt Airport. So that you can use it on your mobile device, our systems generate a token and, using your data for the Rewards Program (e.g. your membership number) among other things, a unique user ID. The token and user ID serve to keep the data in your digital membership card up to date.
The collection and processing of the relevant personal data is generally based on Art. 6 Sec. 1 Sent. 1 lit. b GDPR (purpose of contract), as far as this is necessary to enable you to participate in the rewards program (e.g. redeem bonus points).The use of personal data for the purpose of advertising that are collected in the context of participation in the rewards program is based on the consent given thereto (see Article 6 Sec. 1 Sent. 1 lit. a GDPR and the following Section 2).

2. Consent to the Use of Personal Data for Customer Care and Advertising

When registering for Fraport Airport Online Shopping and/or the Rewards Program, you may submit an extended privacy statement for the use of personal data for the purposes of customer service and advertising by activating the respective checkbox. In this case, by activating the checkbox you declare that you have taken note of these special data protection notices and give the following declaration of consent: I hereby consent to the use of my personal data (e.g. membership number, purchase history with the date, time, article numbers, and prices for each purchase, names of connected retailers, modes of payment, coupon data) that are provided to Fraport AG (hereinafter “Fraport”) or automatically captured by Fraport during registration for and participation in the Rewards Program of the services of the Airport Portal via the various available channels (websites of Fraport, (mobile) Web services, the App, purchases made in physical shops, the hotline, e-mails) for storing in Fraport’s central databases of prospects and customers, carrying out market, opinion and customer satisfaction surveys, and sending me current information and offers and surveys on any aspect of the airport itself or the merchandise and services that are normally offered there by Fraport and all partner companies operating at the airport (e.g. operators of shops at Frankfurt Airport). I hereby give my consent for Fraport to merge personal data of mine that are provided to Fraport or automatically captured by Fraport from me or partner companies participating in the Rewards Program in connection with registering for and participating in the Rewards Program with other personal data of mine that are already stored in Fraport’s central databases of prospects and customers (e.g. user data after registration for and use of the Airport Portal or Frankfurt Airport Online Shopping and data from my participation in special campaigns or promotions such as prize draws) and to use them for the previously mentioned advertising purposes. I hereby give my explicit consent for my personal data to be statistically evaluated by Fraport for customer care and advertising purposes as described in the foregoing. I consent to being assigned to different interest and customer groups on the basis of my profile and utilization data so that personalized customer care can be offered and appropriate advertising displayed to me. I consequently also consent to participating partner companies contacting the individual interest and customer groups via Fraport.
I am aware that Fraport enables me to use the services of the Airport Portal that require registration (e.g. the use of the Frankfurt Airport Online Shopping) free of additional charge. In return, by granting this consent, I authorize Fraport to use my personal data for the above-mentioned purposes.
At any time you may withdraw your consent until further notice free of charge by sending a corresponding statement to Fraport AG, Frankfurt Airport, 60547 Frankfurt am Main, Germany, without affecting the lawfulness of processing carried out on the basis of the consent before its withdrawal. Such a withdrawal covers all of the statements made in Section 2, which constitutes one single consent. A partial withdrawal regarding individual aspects of the consent is not possible.
Please note that withdrawing this consent will prevent you from continuing to participate in the Rewards Program, will terminate the corresponding contractual relationships, and may subsequently cause you to be locked out and your account to be deleted.

3. Additional Notes on Data Privacy

You can find additional information on how we treat your personal data in connection with the use of our services in thisData Privacy Policy Statement. Please note that the data privacy policy statement only contains information on the handling of personal data, is not part of these data privacy notes or covered by your consent, and may change from time to time.

Finalized: [As of: 25.05.2018]

Special note:
Although this translation has been executed with the greatest possible care and diligence, the original German version of this document shall be binding for resolving any disputes that may arise.