data protection

1. Definitions of terms:

The following terms used in our privacy policy are defined in Article 4 of the GDPR. This is only an excerpt from Article 4 of the GDPR. All definitions can be found in the GDPR (here).

  • Personal data (Art. 4 No. 1 GDPR)
    Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); A natural person is considered identifiable if they can be identified, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
  • Processing (Art. 4 No. 2 GDPR)
    Processing refers to any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
  • Pseudonymization (Art. 4 No. 5 GDPR)
    Pseudonymization involves processing personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
  • Controller (Art. 4 No. 7 GDPR)
    The controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
  • Processor (Art. 4 No. 8 GDPR)
    A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
  • Third party (Art. 4 No. 10 GDPR)
    A third party is a natural or legal person, public authority, agency, or other body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or processor, are authorized to process personal data.
  • Consent (Art. 4 No. 11 GDPR)
    Consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  • Company (Art. 4 No. 18 GDPR)
    A company is defined as a natural or legal person engaged in economic activity, regardless of its legal form, including associations or partnerships that regularly engage in economic activity (Art. 4 No. 18 GDPR).

2. Controller pursuant to Art. 4 No. 7 GDPR

Flug-Hafen-Saarland GmbH
Balthasar-Goldstein-Straße 20
66131 Saarbrücken
Tel.: +49 6893 83-0
Fax: +49 6893 83-313
E-mail: eventwing@scn-airport.de
You can view our complete legal notice here:
https://eventwing.flughafen-saarbruecken.de/impressum/

3. Contact person for questions regarding data protection

Ralf Turban
Mein-Datenschutzberater GmbH
Am Kreuzweg 1
86668 Karlshuld

Tel. 08454/96236-10
Fax. 08454/96236-19
www.mein-datenschutzberater.de

4. Legal basis for processing

For each type of processing described in our privacy policy, we will inform you of the legal basis on which the processing is carried out. A distinction is made between the following categories of cases in which processing is lawful
  • You have given us your consent to process your personal data for one or more specific purposes (Art. 6 (1) (a) GDPR).
  • There is a contract between you and us, for the fulfillment of which the processing is carried out, or the processing is necessary for the implementation of pre-contractual measures that are carried out at your request (Art. 6 para. 1 sentence 1 lit. b GDPR).
  • The fulfillment of a legal obligation to which we are subject requires processing (Art. 6 para. 1 sentence 1 lit. c GDPR).
  • The protection of vital interests on your part or on the part of another natural person requires processing (Art. 6 para. 1 sentence 1 lit. d GDPR).
  • The performance of a task carried out in the public interest or in the exercise of official authority requires processing (Art. 6(1)(e) GDPR).
  • The necessity of processing to safeguard our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data prevail (Art. 6 para. 1 sentence 1 lit. f GDPR).

5. Storage of data / deletion of data

Within the processing described in our privacy policy, we will inform you of the corresponding storage period or the time of deletion or blocking of data. If no explicit storage period is defined, the data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies.
Storage may exceed the defined periods if legal regulations to which we are subject (e.g., § 147 AO, § 257 HGB) provide for a different storage period. At the end of the storage period, the personal data will be deleted or blocked, unless further storage is required by us on a legal basis. In addition, storage beyond the specified period is possible in the event of a (possible) legal dispute with you or other legal proceedings.

6. Disclosure of personal data

If your personal data is transferred, you will be informed accordingly in the relevant section of our privacy policy. If your personal data is transferred outside the European Economic Area and thus to so-called third countries, you will be informed accordingly in the relevant section of our privacy policy. As a matter of principle, we only transfer personal data to third countries where an adequate level of protection has been confirmed by the EU Commission or where we can ensure the careful handling of personal data on the basis of contractual agreements or other suitable guarantees.

7. Collection of personal data

Below, we will inform you about the collection of personal data (such as your name, email address, postal address, or user behavior).
7.1 Exclusive informational use of our website
If you do not register on our website (for example, in the form of a newsletter) or otherwise transmit data to us (for example, by using a contact form), only the personal data that is transmitted from your browser to our server will be collected. This is data that is technically necessary for us to provide you with the website in a secure and stable manner. This is the following information, which is derived from a log file line:
  • Internet Protocol address (IP address)
  • Time and date of each access
  • Time zone difference from Greenwich Mean Time (GMT)
  • The specific page accessed
  • Access status / Hypertext Transfer Protocol (http)
  • Amount of data transferred in each case
  • Website from which our website is accessed (referrer URL)
  • Internet browser used (including language and version)
  • Operating system used
The legal basis for collecting the listed data is Art. 6 (1) (f) GDPR. We have a legitimate interest in ensuring error-free connection establishment and convenient use of our website, as well as in analyzing system stability and security and using the data for other administrative purposes.
7.2 Contacting us by email
When you contact us via the email address provided in section 2 or other email addresses of our company published on our website, we will store your email address and other contact details contained in your email (e.g., your name or telephone number) in order to process your request. This data will be deleted immediately as soon as further storage is no longer necessary. If there are legal retention periods for the data, the data will be restricted instead of deleted. The legal basis for processing the data is derived from Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR, depending on the reason for sending the email, i.e., either to initiate a contract with you or to process a contract concluded with you and/or to fulfill our (pre)contractual obligations, or is based on our legitimate interest in contacting interested parties about our services.
7.3 "Participation Request" form for airport tour
When you use the form on our website to request an airport tour, we store and process the data you provide in order to process your request. The personal details of the persons covered by the participation request will be checked by us and also forwarded to the Federal Police for security reasons. A positive response from the Federal Police is a prerequisite for us to be able to subsequently make an offer to the persons covered by the participation request to take part in a tour. The legal basis for processing and forwarding the data to the Federal Police is Art. 6 (1) (b) GDPR, i.e., it is done for the purpose of initiating or executing a contract and/or fulfilling our (pre)contractual obligations. The data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies, at the latest 30 days after the tour to which the participation request related has taken place, unless a legal provision to which we are subject (e.g., § 147 AO, § 257 HGB), does not provide for a different storage period or longer retention period and/or the processing of claims/legal consequences resulting from the legal relationship does not require longer processing. We cannot provide any information regarding the storage of your data by the Federal Police and refer you to the Federal Police in this regard (the imprint can be found here, the privacy policy here).
7.4 "Conference Room Request" form
When you use the form on our website to inquire about renting conference rooms, we store and process the data you provide in order to process your inquiry. The legal basis for processing the data is Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR, i.e., it is done either to initiate a contract with you or to execute a contract concluded with you and/or to fulfill our (pre)contractual obligations, or is based on our legitimate interest in contacting interested parties about our services. Your data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies; at the latest 30 days after the end of communication, if no contract is concluded, and in the event of a contract being concluded, after its execution and clarification of any resulting claims and legal consequences , unless a legal provision to which we are subject (e.g., § 147 AO, § 257 HGB) provides for a different storage period or a longer retention period.
7.5 "Event Request" form
When you use the form on our website to request information about events, we store and process the data you provide in order to process your request. The legal basis for processing the data is Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR, i.e., it is done either to initiate a contract with you or to process a contract concluded with you and/or to fulfill our (pre)contractual obligations, or is based on our legitimate interest in contacting interested parties about our services. Your data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies; at the latest 30 days after the end of communication, if no contract is concluded, and in the event of a contract being concluded, after its execution and clarification of any resulting claims and legal consequences, unless a legal provision to which we are subject (e.g., § 147 AO, § 257 HGB) provides for a different storage period or longer retention period.

8. Hosting 

Our website is hosted by HostPress GmbH, Bahnhofstraße 34, 66571 Eppelborn, legal notice: https://www.hostpress.de/impressum/ (hereinafter referred to as "HostPress"). When you visit our website, the personal data specified in this privacy policy is transmitted to HostPress for purely informational use of the website. We have concluded a corresponding contract for order processing with HostPress for this purpose. HostPress's server locations are exclusively in Germany: https://www.hostpress.de/rechenzentren/. You can find HostPress's privacy policy here: https://www.hostpress.de/datenschutz/.

9. Cookies

We use cookies on our website. Cookies are small, browser-specific text files that are stored on your hard drive. This provides the entity that sets the cookie with certain information, but does not allow programs to be executed or viruses to be transmitted. Cookies are divided into the following categories:
  • First, a distinction is made based on who set the cookie (website operators in the form of first-party cookies or third parties in the form of third-party cookies).
  • Then there is a distinction regarding the duration of storage.
    • There are transient cookies that are automatically deleted when you close your browser. These are primarily session cookies, which store a session ID. These session cookies recognize your computer when you return to our website during the same session using the same browser. When you close your browser or log out, these temporary cookies are deleted.
    • In addition, there are so-called persistent cookies, which are stored for a longer period of time (up to two years). However, the period until deletion varies from cookie to cookie. You can delete these cookies manually at any time via your browser settings.
    • Another group is made up of so-called flash cookies. These are cookies linked to Flash Player that store the technical data required to play video or audio content (e.g., image quality or network speed). These cookies do not normally have an automatic expiration date and store the required data independently of the browser used. Some browsers (e.g., Firefox) offer the option of deleting Flash cookies together with other cookies.
  • Cookies are also classified according to their function, which is most relevant from a data protection perspective.
    • Technical (essential) cookies are cookies that are necessary to perform basic functions of the website (e.g., saving a product that has been added to the shopping cart).
    • Performance cookies collect information about the use of the website and any errors that occur. This is anonymous information that is used to improve the website.
    • Advertising cookies or targeting cookies make it possible to display customized advertising (including from third-party providers) to website users and to determine the effectiveness of this advertising.
    • Sharing cookies connects the website to other services (e.g., social media accounts).
We only use automated technical cookies, i.e. cookies that are essential for the operation of our website, on the basis of our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in order to design our website effectively and continuously improve it.
Please note that you can prevent cookies from being stored at any time by adjusting your browser settings accordingly. We have compiled further information on this subject for the most common browsers below, but would like to point out that this may restrict the functionality of our website.

10. Use of Google Ads

We use the Google Ads service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, legal notice: https://www.google.de/intl/de/contact/impressum.html. The parent company of this Ireland-based company is: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as "Google"). Google's privacy policy can be found here: https://policies.google.com/privacy?hl=de, in order to draw attention to our offers by means of advertisements (ads). When you visit our website via a Google Ads advertisement, a cookie is set. Such "ad server cookies" can be used to measure parameters such as ad impressions or user clicks, which allows us to measure the success of our Google Ads campaign. In addition to these cookies, the following data is usually stored for analysis: number of ad impressions per placement (impressions are the metric for how often an ad was presented), unique cookie ID, last impression (crucial for post-view conversions), and opt-out settings. Google can recognize your internet browser based on the cookies set. If you, as a user, visit certain pages of our website and the cookie has not yet expired, both we and Google can recognize that you have clicked on the ad and been redirected to this page. If you have a Google account and are logged in when you click on an ad, Google can assign this to you. Even if you do not have a Google account and/or are not logged in, Google may still store your IP address. We do not collect personal data ourselves in the ad campaigns. However, Google has the ability to collect data because your browser automatically establishes a direct connection to the Google server. We can only access statistical evaluations from which we can see which ads were clicked on, how often, and at what prices. We do not receive any further data. In particular, we are unable to identify you as a user. We only use Google Ads if you have given us your express consent to do so via our consent tool (Art. 6 (1) (a) GDPR, § 25 (1) TDDDG). Data processing within the USA is possible in this respect. The USA is a so-called third country within the meaning of the GDPR. The transfer of data to this third country is justified in this case under Articles 44 and 45 GDPR, as Google is an active participant in the Data Privacy Framework. This is a data protection agreement between the EU and the USA, in which the level of data protection for certified companies in the USA is declared to be adequate ("adequacy decision"). You can revoke your consent at any time by clicking on the "Revoke/Change Privacy Settings" button located in the footer of our website. You can also deactivate personalized advertising from Google at this link: https://support.google.com/My-Ad-Center Help/answer/12155656?visit_id=638513959038722636-2512005981&rd=1#turn-on-or-off-personalized-ads. Furthermore, we would like to point out that you can prevent the storage of cookies at any time by adjusting your browser settings accordingly.

11. Google Conversion Tracking

In connection with the use of Google Ads, we also use the "Google Conversion Tracking" application. This enables us to track whether a user has accessed our website via a Google Ads advertisement and what actions they have taken on our website; in other words, whether a so-called "conversion" has taken place for this user (a conversion is recorded when an advertisement is interacted with and a predefined action is performed). This allows us to check the success of our Google Ads advertising campaign. For this purpose, the ads placed are combined with a technical measure, such as an ID. This provides us with relevant statistics, for example, on the total number of people who see our ads and which ads are clicked on particularly often. We only use Google Conversion Tracking if you have given us your express consent to do so via our consent tool (Art. 6 (1) (a) GDPR). Data processing within the USA is possible in this respect. The USA is a so-called third country within the meaning of the GDPR. Data transfer to this third country is justified in this case under Articles 44 and 45 GDPR, as Google is an active participant in the Data Privacy Framework . This is a data protection agreement between the EU and the USA, in which the level of data protection for certified companies in the USA is declared to be adequate ("adequacy decision"). You can revoke your consent at any time by clicking on the "Revoke/Change Privacy Settings" button located in the footer of our website. Furthermore, we would like to point out that you can prevent the storage of cookies at any time by adjusting your browser settings accordingly.

12. Google Remarketing

In connection with the use of Google Ads, we also use the "Google Remarketing" application. This makes it possible, based on existing information (see below for information gathering), to display another ad (on a different website) to users of our website when they continue browsing the internet. The information is collected using cookies that Google sets in your browser and which record your usage behavior when visiting various websites and evaluate it in pseudonymized form. According to Google, the data collected in the context of remarketing is not merged with personal data that may be stored by Google. We only use Google Remarketing if you have given us your express consent to do so via our consent tool (Art. 6 (1) (a) GDPR). Data processing within the USA is possible in this respect. The USA is a so-called third country within the meaning of the GDPR. The transfer of data to this third country is justified in this case under Articles 44 and 45 GDPR, as Google is an active participant in the Data Privacy Framework. This is a data protection agreement between the EU and the USA, in which the level of data protection for certified companies in the USA is declared to be adequate ("adequacy decision"). You can revoke your consent at any time by clicking on the "Revoke/Change privacy settings" button located in the footer of our website. Furthermore, we would like to point out that you can prevent the storage of cookies at any time by adjusting your browser settings accordingly.

13. Google Conversion Linker

In connection with the use of Google Ads, we also use the "Google Conversion Linker" application. This supports click data measurement in order to effectively track conversions (a conversion is recorded when an ad is interacted with and a predefined action is performed). In this respect, user activities are assigned to the corresponding Google Ads campaigns, which enables more precise performance measurement (measurement of conversions); for us, this means that we can identify the circumstances and extent of the "conversion" that has taken place for the user in more detail. This service uses a cookie for this purpose. Further information about the service is available here: https://support.google.com/tagmanager/answer/7549390?hl=de. We only use Google Conversion Linker if you have given us your express consent to do so via our consent tool (Art. 6 (1) (a) GDPR). Data processing within the USA is possible in this respect. The USA is a so-called third country within the meaning of the GDPR. The transfer of data to this third country is justified in this case under Articles 44 and 45 GDPR, as Google is an active participant in the Data Privacy Framework . This is a data protection agreement between the EU and the USA, which declares the level of data protection for certified companies in the USA to be adequate ("Adequacy Decision"). You can revoke your consent at any time by clicking on the "Revoke/Change Privacy Settings" button located in the footer of our website. Furthermore, we would like to point out that you can prevent the storage of cookies at any time by adjusting your browser settings accordingly.

14. Google Tag Manager

In addition to or in connection with the Google services mentioned separately in this privacy policy, we also use Google Tag Manager. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, legal notice: https://www.google.de/intl/de/contact/impressum.html. The parent company of this Ireland-based company is: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as "Google"). Privacy policy: https://policies.google.com/privacy. The Tag Manager is used to manage so-called website tags. These tags are used to integrate other services into our online offering in a technically clean manner, allowing us to manage them via a common interface. The Tag Manager itself implements these other services but is not further involved in their data processing. For information on what to consider regarding the data processing of these other services, please refer to our explanations in the course of this privacy policy regarding the specific services. According to Google, Tag Manager does not process IP addresses or other user-specific identifiers, see https://support.google.com/tagmanager/answer/9323295?hl=de. However, data processing within the USA is possible in this respect. The USA is a so-called third country within the meaning of the GDPR. Data transfer to this third country is justified in this case under Articles 44 and 45 GDPR, as Google is an is an active participant in the Data Privacy Framework . This is a data protection agreement between the EU and the USA, in which the level of data protection for certified companies in the USA is declared to be adequate ("adequacy decision"). We use Google Tag Manager on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f GDPR, in this case to be able to integrate and manage services in a technically clean manner.

10. Your rights

Below, we explain your rights under the GDPR. You can access the complete GDPR document here.
  • Right to information pursuant to Art. 15 (1)GDPR You have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to information about this personal data, the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom your personal data has been or will be disclosed (in particular to recipients in third countries or international organizations), the storage period or  criteria for determining the storage period, the existence of a right to rectify or erase personal data concerning you or the right to restrict processing on our part, as well as the existence of a right to object to such processing, the existence of a right to lodge a complaint with a supervisory authority, all available information about the origin of the data (in the event that it was not collected by us), the existence of automated decision-making, including profiling, and, where applicable, meaningful information about the logic involved, as well as the significance and intended effects of such processing.
  • Right to rectification under Article 16 GDPR You have the right to request that we immediately rectify inaccurate personal data and complete incomplete personal data concerning you.
  • Right to erasure ("right to be forgotten") pursuant to Art. 17 (1)GDPR You have the right to request that we erase personal data concerning you without undue delay. However, according to Art. 17 (3) GDPR, this right does not apply if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest in the area of public health, for archiving purposes in the public interest, or for the establishment, exercise, or defense of legal claims.
  • Right to restriction of processing pursuant to Art. 18 (1) GDPR You have the right to request that we restrict the processing of your personal data if you dispute the accuracy of your personal data (the restriction applies for the duration that enables us to verify the accuracy), the processing of your personal data is unlawful and you refuse to have it deleted, we no longer need your personal data for the purposes of processing, but you need it to assert, exercise, or defend legal claims, or you have objected to the processing pursuant to Art. 21 (1) GDPR (the restriction applies in this case until it has been determined whether our legitimate reasons outweigh yours).
  • Right to data portability pursuant to Art. 20 GDPR You have the right to receive the personal data concerning you from us in a structured, commonly used, and machine-readable format and to transmit it to another controller without hindrance on our part (or to request direct transmission from us to another controller, if technically possible) if the processing by us was based on consent or a contract or was carried out using automated procedures.
  • Right to withdraw consent granted pursuant to Art. 7 (3) GDPR You have the right to withdraw your consent at any time with future effect, so that data processing based on your consent can no longer be continued in the future, but this does not affect the lawfulness of the processing carried out prior to your withdrawal.
  • Right to lodge a complaint pursuant to Art. 77GDPR Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work, or the place of the alleged infringement. Further information on this can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information.

11. Right to object

In addition to the rights mentioned above, you also have the right to object at any time to the processing of your personal data, which is carried out on the basis of the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6 (1) (e) GDPR) or to safeguard our legitimate interests (Art. 6 (1) (f) GDPR), with effect for the future, provided that there are reasons for this arising from your particular situation. In the event of an objection, no further processing of the personal data will be carried out unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims. In the event of the processing of your personal data for the purpose of direct marketing or profiling, provided that there is a connection to direct marketing, you have a general right to object without having to provide reasons arising from your particular situation. In the event of an objection, we will immediately cease processing your personal data for these purposes. To exercise your right of withdrawal or objection, simply send an email to: eventwing@scn-airport.de

12. Data security

Our website uses the TLS 1.3 (Transport Layer Security) encryption and communication protocol. The TLS certificate we use, which is issued by a certification authority, enables encrypted data exchange between web browsers and web servers, preventing sensitive data from being read by third parties. We use the highest level of encryption supported by your browser, which is usually 256-bit encryption. The higher the bit number, the longer the key and the better the protection against third parties.
This privacy policy was created individually for this website by Frame for Business GmbH in cooperation with the law firm Dr. Schultheiß
.