1. WHO IS RESPONSIBLE FOR YOUR DATA?
Our Data Protection Policy applies to the personal data that SLG collects and uses.
References made in this Data Protection Policy to either “SLG”, “we”, “us” or “our” mean SLG S.A. (a company registered in Luxembourg with registration no. B0078631 and registered office at 4, rue Laangwiss Hautcharage).
We determine the ways your personal data are collected and the purposes for which your personal data are used by SLG as we are the group “data controller” for the purposes arising from Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter « the Regulation »). Note that each legal entity within the SLG is to be considered the local “data controller” for personal data processing activities that are directly related to their function.
2. PERSONAL DATA WE COLLECT ABOUT YOU
When using the term “personal data” in our Data Protection Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include for example your name, your contact details, information relating to your travel itinerary (e.g. your booking reference number) or information on how you use our website and apps or how you interact with us.
We collect some personal data from you, for example, when you book a voyage with us, use our website or our app, use our services or contact us. We may also receive your personal data from our suppliers who provide services to you on our behalf (for example when you provide feedback on our services), our partners when you purchase their travel related products or third parties who act on your behalf, for example travel agents or other parties who book a voyage for you. If you book a voyage on behalf of someone else, you must have their consent to use their personal information.
We process your personal data only when you have given your consent, when it is necessary for the performance of a contract you have concluded with us, or for the fulfilment of a legal obligation to which we are subject. We may process personal data on the basis of our legitimate interest only if this interest is not overridden by your rights.
For more information on the parties who may share your personal data with us, please see section 8 below.
Categories of data we collect
We may collect and process the following categories of information about you:
|Your name and surname and your contact details
(email address, telephone number and postal address)
|When you create an account on
When you book a voyage
When you take part in our
When you choose an offer we
make available on our website
|Information about your bookings and your travel
itinerary, if you require special assistance or if
you have specific dietary requirements. This
information may include any changes to your
bookings and travel products that relate to your
booking (for example if you purchase travel
insurance, rent a car or book a hotel along with
your travel booking)
|When you book or manage your
|Information about your health, if you have a
medical condition that may affect your voyage
(please see section “Sensitive personal data”
below for more information)
|When you provide us with this
information before you fly or
embark on trips
|Information about other passengers in your
booking, and the age range of any children
traveling with you
|When you make a booking on
behalf of other passengers
|Information about your transaction, including your
payment card details
|When you purchase products or services
|Advance Passenger Information. This
information includes your full name, your
nationality, your date of birth, your gender (where
required),the number and type of your travel
document (e.g. passport or ID), its expiry date and
country of issue
|When you check in for specific
|Information related to your voyages and our
services in connection with your voyages (e.g.
auto-bag drop service, declaring lost luggage)
|When you book a voyage through
|Information about your purchases of our partners’
travel related products and services
|When you purchase such
products or services
|The communications you exchange with us (for
example, your emails, letters, calls, or your
messages on our online chat service)
|When you contact SLG or you are contacted by SLG
|Your posts and messages on social media
directed to us
|When you interact with us on
|When you reply to our requests
for feedback or participate in our
|Information about how you use our website or
our mobile app, such as your searches for
|When you navigate on our
website or when you use our
Sensitive personal data
In the course of providing services to you, we may collect information that could reveal your racial or ethnic origin, physical or mental health, religious beliefs or alleged commission or conviction of criminal offences. Such information is considered “sensitive personal data” under the Regulation and relevant data protection laws. We only collect this information when you have given your explicit consent and it is necessary, or when you have manifestly made it public.
For example, we may collect this information in the following circumstances:
For your safety, when you have a specific medical condition, you will need to inform us of that and –where required – provide us with a medical certificate.
If you request special assistance during a voyage, this could reveal information about your health (for example if you ask for a wheelchair). If you inform us about specific dietary requirements you may have, this could potentially indicate that you have specific religious beliefs. Also, when you provide us with your travel document details, your nationality may imply your racial or ethnic origin.
By providing any sensitive personal data you explicitly agree that we may collect and use it in order to provide our services in accordance with this Data Protection Policy.
If you do not allow us to process any sensitive personal data, this means we may be unable to provide all or parts of the services you have requested from us.
3. HOW AND WHY WE USE YOUR PERSONAL DATA
We use your personal data for the following purposes:
- To manage your travel bookings and provide our services to you
When you are embarking on a voyage with us, we use your information to perform our services in relation to your voyage, for example to issue your tickets, check you in, issue your boarding pass, or take you safely to your destination. We also use it to change your travel bookings if you request such changes.
- To communicate with you and manage our relationship with you
Occasionally, we may need to contact you by email and/or SMS for administrative or operational reasons, for example in order to send you confirmation of your bookings and your payments, to inform you about your travel itinerary, to advise you of disruption and changes to your travels. If you are using our mobile apps, we may also send you app notifications for these purposes.
Please be aware that these communications are not made for marketing purposes and as such, you will continue to receive them even if you opt-out from receiving marketing communications.
We will also use your personal data if we contact you after you have sent us a request by filling in the web-form on our website.
Your opinion is very important to us, so we may send you an email or SMS to seek your feedback.
We will use the communications you exchange with us and the feedback you may provide in order to manage our relationship with you as our customer and to improve our services and experiences for customers.
- To personalise and improve your customer experience
We may use your personal data in order to tailor our services to your needs and preferences and to provide you with a personalised customer experience, for example, if you inform us about your preferred travel destinations.
We may also collect information on how you use our website, which pages of our website you visit most, which travel destinations you search for and what products you buy, in order to understand what you like. We may use this information to tailor the content and offers that you see on our website and, if you have agreed to receiving marketing communications, to send you relevant messages that we think you may like.
If you are in the process of making a booking under your account and you leave our website before your order has been placed, we may contact you in order to help you easily complete your booking.
- To inform you about news and offers that you may like
We may send you marketing communications for our voyages and travel products, if you have indicated that you wish to receive these, for example when you create an account on our website or make a booking with us and you do not express a wish to not receive such communications. If you wish to receive marketing communications, we will provide you with news from us such as new products that you may be interested in or offers that you may like.
In addition, we will also send you communications promoting our partner’s products and services that may relate to your travel arrangements, if you have indicated that you wish to receive these.
Please note that we will not share your contact details and other personal data with these partners or other companies for marketing purposes.
If you do not want to hear from us about our or our partners’ products and services, you can simply tell us so by choosing the relevant option before confirming your booking. You can also choose to opt out from receiving marketing communications at any time, by clicking on the relevant unsubscribe link at the bottom of any marketing related email you may receive from us. If you prefer, you can also call our Customer Service team for the relevant entity of the Group and express your preference to not receive marketing communications.
- To improve our services, fulfil our administrative purposes and protect our business interests
The business purposes for which we will use your information include accounting, billing and audit, credit or other payment card verification, fraud screening, safety, security and legal purposes, statistical and marketing analysis, systems testing, maintenance and development.
- To comply with our legal obligations For example, to comply with our obligation to provide your information to national authorities where necessary.
4. REQUESTING ACCESS TO YOUR PERSONAL DATA
You have a right to request access to the personal data that we hold about you. This could include booking information relating to voyages you have taken with us.
If you would like to request a copy of your personal data, or have any questions in relation to your personal data kindly send a mail to the relevant business entity found under section 11 ‘Contact Information’.
5. SECURITY OF YOUR PERSONAL DATA
We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to personal data.
This means that we adhere to high security standards in order to protect your payment card details when you share such details with us.
As described in this Data Protection Policy, we may in some instances disclose your personal data to third parties. Where SLG discloses your personal data to a third party, we require that third party to have appropriate technical and organisational measures in place to protect your personal data; however, in some instances, we may be compelled by law to disclose your personal data to a third party, and have limited control over how it is protected by that party.
The information that you provide to us will be held in our systems, which are located on our premises or those of an appointed third party. We may also allow access to your information by other third parties who act for us for the purposes described in this Data Protection Policy or for other purposes approved by you. Your personal data may be accessed by and processed outside the European Economic Area (the European Economic Area being the European Union and Iceland, Liechtenstein and Norway, also referred to as the “EEA”). Where your personal data are transferred outside of the EEA, we require that appropriate safeguards under the Regulation are in place.
We will retain your personal data for as long as we need it in order to fulfil our purposes set out in this Data Protection Policy or in order to comply with the law. Further information about the specific retention periods are available upon request.
6. NOTIFICATION IN THE EVENT OF A BREACH OF YOUR PERSONAL DATA
In the unlikely event there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data (such as sending personal data to an incorrect recipient, or loss of availability of personal data), we are committed to taking an informed decision on whether to notify the relevant supervisory authority within 72 hours and yourself in the event the personal data breach is likely to result in a high risk or risk to your rights and freedoms, without undue delay.
7. COOKIES OR OTHER TRACKING TECHNOLOGIES
In order to improve our services, to provide you with more relevant content and to analyse how visitors use our website and app, we may use technologies, such as cookies, pixels or tracking software. Please be aware that in most cases we will not be able to identify you from the information we collect using these technologies.
For example, we use software to monitor customer traffic patterns and website usage to help us develop the design and layout of the website in order to enhance the experience of the visitors to our website.
• Category 1: Strictly Necessary Cookies
These Cookies enable services you have specifically asked for.
These Cookies are essential in order to enable you to move around SLG Websites and use its features, such as accessing secure areas of the website. Without these Cookies, services you have asked for, such as e-billing, may not be provided.
• Category 2: Performance Cookies
These Cookies collect anonymous information on the pages visited.
These Cookies collect information about how visitors use SLG Websites, for instance which pages visitors go to most often, and if they get error messages from web pages. These Cookies do not collect information that identifies a visitor. All information these Cookies collect is aggregated and therefore anonymous. It is only used to improve how SLG Websites work.
• Category 3: Functionality Cookies
These Cookies remember choices you make to improve your experience.
These Cookies allow SLG Websites to remember choices you make (such as your user name, language, or travel preferences) and provide enhanced, more personal features. For instance, providing you with local airport pricing or reminding you to check-in online. These Cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise.
Strictly Necessary, Performance and Functionality Cookies
We need to use these three categories of Cookie to maintain SLG Websites ‘s effectiveness, ease of use, and to provide you with a seamless experience. As such we have not provided an opportunity for these to be disabled independently, and by using our site and online services you are agreeing that we can place these types of Cookies on your PC.
• Category 4: Targeting/Advertising Cookies
These Cookies use information about your browsing in order to make advertising more relevant to you and your travel needs.
These Cookies are used to deliver adverts more relevant to you and your travel needs. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of our digital advertising campaigns. They are placed by third-party advertising networks on our behalf and with SLG’s permission. They remember that you have visited SLG Websites and this is shared with other organisations such as media owners.
You can refuse the use of these cookies should you wish.