Privacy Statement of DFS Aviation Services

Controller within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

DFS Aviation Services GmbH
Heinrich-Hertz-Straße 26
63225 Langen
Germany
Phone: +49 6103 3748-001
Fax: +49 6103 3748-200
Email: info@dfs-as.aero
Website: www.dfs-as.aero
Managing Directors: Andreas Pötzsch, Pierre Hermann

Data Protection Officer:
Email: datenschutzbeauftragter@dfs.de

---

The protection of your personal data and your privacy is very important to us. We comply with the applicable legal provisions and would like to inform you below about all important aspects concerning the protection of your personal data on our website.

1. General legal basis
The legal basis for the processing and protection of personal data on our website is Article 6(1)(a), (b) and (e) of the applicable General Data Protection Regulation (GDPR).

2. Collection of general data in server log files
When you access our website, information of a general nature is automatically transmitted by your web browser to us or to our web host/IT service provider. This information (server log files) includes, for example, the type of web browser, the operating system used, the requested provider, the name of the page accessed, the truncated IP address (without the last two characters), and the amount of data transferred. These are exclusively information that does not allow any conclusions to be drawn about your person. This information is technically necessary in order to correctly deliver the content of websites you request.

The log files are regularly deleted by our web host after 7 days.

3. Purposes of data processing by the controller and third parties
We process your personal data only for the purposes stated in this privacy policy. Your personal data will not be transferred to third parties for purposes other than those mentioned.

4. Deletion of data, storage period
We store your personal data only for as long as is necessary to achieve the purposes stated here or as provided for by statutory retention periods. After the respective purpose ceases to apply or after these periods expire, the corresponding data will be routinely deleted in accordance with legal requirements.

5. Cookies – You have full control
Like many other websites, we also use “cookies”. Cookies are (small) data records that are transferred from a website server to your hard drive. This automatically provides us with certain data such as IP address, browser used, operating system, and your internet connection.

Using the information contained in cookies, we can present our website in a user-friendly, effective, and secure manner. Cookies cannot be used to start programs or transmit viruses to a computer.

Of course, you have full control over the cookies stored on your computer. You can set your internet browser (e.g. Firefox, Chrome, Safari, etc.) to determine how you wish to handle cookies and the information transmitted with them. For example, you can activate the automatic deletion of cookies after each session or set a notification when a site attempts to set cookies so you can actively manage this.

Through the display of our cookie banner when you visit our site, you also inform us which cookies you consent to. Please note that certain functions of our website may not work if you refuse the use of cookies.

You can review information about our cookies via the following link: Borlab Cookie Preferences

6. SSL encryption
To protect the security of your data during transmission, we use encryption methods compliant with the current state of the art (e.g., SSL) via HTTPS.

7. Contact via contact form or email
We are pleased if you contact us by email or via the contact form. The fields marked with an asterisk in the form are mandatory. These serve to assign the inquiry and to respond to it. Your data will be deleted after processing is complete.

8. Use of Google Maps
Legal basis: The legal basis for integrating Google Maps and the associated data transfer to Google is your consent (Art. 6(1)(a) GDPR).

Recipient: Accessing Google Maps automatically establishes a connection to Google.

Google Ads program cookies:
If you have disabled the storage of cookies for the Google Ads program, you generally will not have to expect such cookies when viewing YouTube videos either. However, YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in your browser.

Further information on data protection at “Google Maps” can be found in the provider’s privacy policy.

Third-country transfer: Google Inc. processes your data in the United States.

Providing your personal data is voluntary and based solely on your consent. If you block access, this may result in functional restrictions on the website.

Maps from Google Maps are embedded on this website to display geographic information visually. When using Google Maps, Google also collects, processes, and uses data about visitors’ use of the map functions. Because Google Inc. is headquartered in the USA, data may also be transferred there. For more information about data processing by Google, please refer to Google’s privacy notices. You can also change your personal privacy settings in the Privacy Center there.
Detailed instructions on managing your own data in connection with Google products can be found there as well.

Operator of Google Maps:
Google Inc. (“Google”)
1600 Amphitheatre Parkway, Mountain View
CA 94043, USA

9. Use of Google Analytics
Legal basis: The legal basis for integrating Google Analytics and the associated data transfer to Google is your consent (Art. 6(1)(a) GDPR).

Recipient: Accessing Google Analytics automatically establishes a connection to Google.

Further information on data protection at “Google Analytics” can be found in the provider’s privacy policy.

Third-country transfer: Google Inc. processes your data in the United States.

Providing your personal data is voluntary and based solely on your consent. If you block access, this may result in functional restrictions on the website.

We use the web analytics service Google Analytics on our website, provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
Data processing serves the purpose of analyzing this website and its visitors. On behalf of the operator of this website, Google will use the information obtained to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage to the website operator.
Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookies about your use of this website is generally transmitted to a Google server in the USA and stored there. IP anonymization is activated on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

Google has certified its compliance with the U.S.-EU “Data Privacy Framework” and thereby committed to adhering to European data protection principles.

Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html and https://www.google.de/intl/de/policies/.

10. Embedded YouTube videos
Legal basis: The legal basis for integrating YouTube and the associated data transfer to Google is your consent (Art. 6(1)(a) GDPR).

Recipient: Accessing YouTube automatically establishes a connection to Google.

Google Ads program cookies:
If you have disabled the storage of cookies for the Google Ads program, you generally will not have to expect such cookies when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in your browser.

Further information on data protection at “YouTube” can be found in the provider’s privacy policy.

Third-country transfer: Google Inc. processes your data in the United States.

Providing your personal data is voluntary and based solely on your consent. If you block access, this may result in functional restrictions on the website.

10.1 Type and purpose of processing
We embed YouTube videos on some of our web pages. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”). When you visit a page with the YouTube plugin, a connection to YouTube servers is established. YouTube is informed which pages you visit. If you are logged into your YouTube account, YouTube can assign your browsing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand.

When a YouTube video is started, the provider uses cookies that collect information about user behavior.

Further information on the purpose and scope of data collection and processing by YouTube can be found in the provider’s privacy policies. There you will also find further information on your rights in this regard and setting options to protect your privacy. Google Inc. processes your data in the United States.

11. Use of Meta (e.g., Facebook, Instagram, Messenger)
Legal basis: The legal basis for integrating Meta services (Facebook, Instagram, Messenger) and the associated data transfer to Meta is your consent (Art. 6(1)(a) GDPR). Where you voluntarily disclose special categories of personal data (e.g., in comments or profile information), processing is based on Art. 9(2)(e) GDPR.

Recipient: Accessing Meta services automatically establishes a connection to the servers of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (“Meta”). Meta may link personal data such as your IP address, device information, and usage data to your Meta account if you are logged in there.

Cookies: Meta uses cookies and similar technologies to analyze and personalize the use of our website and the embedded content. If you have disabled cookies for personalized advertising, certain Meta tracking functions will be limited or not executed. If you wish to prevent cookies being stored in general, you can block this in your browser settings.

Further information on data protection at Meta can be found in the provider’s privacy policy:
https://www.facebook.com/privacy/policy

Third-country transfer: Meta may transfer data to the USA and other third countries. Transfers are based on the EU-U.S. Data Privacy Framework or the EU Commission’s Standard Contractual Clauses.

Providing your personal data is voluntary and based solely on your consent. If you block access, this may result in functional restrictions on the website.

We use various Meta services on our website to provide content, enable interaction with our social media presences, and deliver targeted advertising. Data processing serves the purpose of displaying and distributing our content, measuring reach, responding to inquiries, and delivering audience-targeted advertising. For this purpose, Meta may process information about your interactions with our content, technical data (e.g., browser type, operating system), as well as time and access data.

Meta and we are joint controllers within the meaning of Art. 26 GDPR for the processing of certain data (e.g., within the scope of “Page Insights”). The corresponding agreement is available here: https://www.facebook.com/legal/terms/page_controller_addendum

12. Use of X (formerly Twitter)
Legal basis: The legal basis for integrating X services (e.g., embedded tweets, buttons, interaction features) and the associated data transfer to X Corp. is your consent (Art. 6(1)(a) GDPR).

Recipient: Accessing X services automatically establishes a connection to the servers of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Personal data such as your IP address, device information, browser data, and information about your interactions with embedded X content may be processed. If you are logged in to X, X can directly assign this data to your account.

Cookies: X uses cookies and similar technologies to analyze and personalize the use of embedded content and for marketing purposes. If you have disabled cookies for personalized advertising, certain X tracking functions will be limited or not executed. You can block the storage of cookies at any time in your browser settings.

Further information on data protection at X can be found in the provider’s privacy policy:
https://twitter.com/de/privacy

Third-country transfer: X processes data in the USA and, where applicable, in other third countries. Transfers are based on appropriate safeguards, such as the EU Commission’s Standard Contractual Clauses.

Providing your personal data is voluntary and based solely on your consent. If you block access, this may result in functional restrictions on the website.

We use X services on our website to provide content, enable interaction with our X profile, and market our offerings in a targeted manner. Data processing serves the purpose of displaying and distributing our content, measuring reach, responding to user inquiries, and delivering audience-targeted advertising.

13. Use of LinkedIn
Legal basis: The legal basis for integrating LinkedIn services (e.g., LinkedIn button, embedded posts, company page) and the associated data transfer to LinkedIn is your consent (Art. 6(1)(a) GDPR).

Recipient: Accessing LinkedIn services automatically establishes a connection to the servers of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Personal data such as your IP address, device information, browser data, and information about your interactions with the embedded LinkedIn content may be processed. If you are logged in to LinkedIn, LinkedIn can directly assign this data to your account.

Cookies: LinkedIn uses cookies and similar technologies to analyze and personalize the use of embedded content and for marketing purposes. If you have disabled cookies for personalized advertising, certain LinkedIn tracking functions will be limited or not executed. You can block the storage of cookies at any time in your browser settings.

Further information on data protection at LinkedIn can be found in the provider’s privacy policy:
https://de.linkedin.com/legal/privacy-policy

Third-country transfer: LinkedIn may transfer data to the USA and other third countries. Transfers are based on the EU-U.S. Data Privacy Framework or the EU Commission’s Standard Contractual Clauses.

Providing your personal data is voluntary and based solely on your consent. If you block access, this may result in functional restrictions on the website.

We use LinkedIn services on our website to provide content, enable interaction with our LinkedIn profile, and market our offerings in a targeted manner. Data processing serves the purpose of displaying and distributing our content, measuring reach, responding to user inquiries, and delivering audience-targeted advertising.

14. Social plugins
Type and purpose of processing:
We offer you the option of using “social media buttons” (X Corp., LinkedIn, Meta Platforms, Inc.) on our website. To protect your data, we use the “Shariff” solution for implementation. The buttons are embedded on the website merely as graphics that contain a link to the corresponding provider’s website. By clicking the graphic, you are redirected to the services of the respective providers. Only then are your data transmitted to the respective providers. If you do not click the graphic, there is no exchange between you and the providers of the social media buttons. Information about the collection and use of your data in social networks can be found in the respective terms of use of the corresponding providers.
You can find more information about the Shariff solution here.

We have integrated social media buttons from the following companies on our website:

X Corp.
865 FM 1209, Building 2
Bastrop, TX 78602
United States of America

LinkedIn
LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Ireland

Meta Platforms, Inc.
1 Meta Way, Menlo Park,
CA 94025
United States of America

15. Links to other websites
Our website contains links to other websites that we believe may be of interest to our website visitors. These other websites are neither operated by us, DFS Aviation Services, nor are we responsible for their content or data protection compliance.

16. Changes to our privacy policy
We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g., when introducing new services. The new privacy policy will then apply to your subsequent visit.

17. Right of access, rectification, erasure, or restriction of processing
You have the right at any time to obtain information about the personal data we have stored about you and, where applicable, the right to rectification or restriction of processing.

You also have the right to the erasure of your personal data, provided this does not conflict with statutory requirements or the fulfillment of contracts. In addition, you have the right to lodge a complaint with a supervisory authority (the supervisory authority responsible for DAS is the Federal Commissioner for Data Protection and Freedom of Information, BfDI).

You can withdraw consent with effect for the future by notifying us accordingly.

18. Questions about data protection
If you have any questions about data protection, please contact our Data Protection Officer named above.