Privacy Policy

1. General Terms and Conditions

The information provided on manage-m.com is intended for Lufthansa Technik's customers and for other interested persons and provides information of a general nature only. It is not intended to create any legal obligation of Lufthansa Technik. Lufthansa Technik has taken great care to compile the information and to ensure that it is correct and complete. The information is updated at irregular intervals. As such information may be subject to rapid and recurrent changes, we would like to point out that despite all efforts, the information may occasionally be out of date, incorrect or incomplete. As a result, Lufthansa Technik provides this information "as is" and makes no assurance or warranty with regard to such information.

2. Controller

We, Lufthansa Technik AG, Weg beim Jäger 193, 22335 Hamburg, Germany, (hereinafter also referred to as "we" or "us"), hereby provide you with information on the processing of your personal data collected as part of your use of our website https://www.manage-m.com/ ("website"). For information regarding the privacy policy of the applications linked in the portal, please consult the respective information given in these applications. If you have further questions on the subject of data protection in connection with our website or the services offered on it, please contact our data protection officer:

Deutsche Lufthansa AG
Data Protection Officer
Airportring
60546 Frankfurt
or by e-mail to: datenschutz@dlh.de
If contact is made by e-mail, communication is unencrypted.

3. Scope and purpose of and legal basis for the processing of personal data

We collect and use personal data directly from our users or from other sources (see below) in the following situations:

3.1. Provision of the website and creation of log files

Whenever users visit our website, our system automatically records data and information from the computer system used to call our website.
The following data ("technical information") is collected in the process:

  • Information on the type of browser used and its version
  • The user's operating system
  • The user's Internet service provider
  • The user's IP address
  • The date and time of access
  • Websites from which the user's system accesses our website
  • Websites that the user's system calls from our website

We collect and use this technical information for purposes of (network) security (such as to combat cyberattacks), and to be able to better understand our users' needs, as well as to continuously improve our website and to enable us to deliver the website to the user's computer system. The log files contain IP addresses or other data that may, in some cases, be able to be associated to a user. That may be the case, for example, if personal data is contained in the link to the website from which the user enters our website, or the link to the website to which the user switches. The data is likewise stored in our system's log files. This data is not stored together with other personal data of the user. The data is stored in log files in order to ensure that the website functions properly. This data also helps us optimize the website and ensure the security of our IT systems. The legal basis for the temporary storage of data and log files is Article 6(1)(f) of the EU General Data Protection Regulation (GDPR).

3.1.1. Use of cookies

Our website uses cookies. Cookies are text files stored in the web browser or by the web browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a distinctive character string which allows for unique identification of the browser when the website is accessed again. Cookies are stored on the user's computer, which transmits these to our website. Therefore, users have full control over the use of cookies. You may disable or restrict the transmission of cookies by changing your web browser settings. Previously stored cookies can be deleted at any time. This may also be done automatically. If cookies are disabled for our website, you may no longer be able to use all of its functionality. We use only strictly necessary cookies, based on Article 6(1)(f) GDPR. There are no cookies for statistics or personalization, thus we don’t need to ask you for your consent for such cookies.

3.2. Use of the services offered on our website

We offer a number of services on our website. To provide those services, we must collect and process personal data from our users.

3.2.1. Customer contact data

Contact data which a sales employee at a Lufthansa Technik Group company receives from the employees of our potential or actual customers for the purpose of business communication is recorded in our shared CRM system and is thus also available to other companies in the Lufthansa Technik Group for that purpose.

3.2.2. User administration

If you want to use our manage/m portal owing to existing contracts with our customers, you must first be registered as a user by our customer service. To do this, we will need the following information from you: First name, last name, telephone number, e-mail address and customer organization.

3.2.3. Integrated system calls

After you log in, several applications that are available via the portal can be called up directly (single sign-on). Lufthansa Technik uses these applications to provide its customers with valuable information and evaluations with respect to purchased services. If an application is called up, session cookies, the user ID and the customer organization of the user who has logged in are transferred to that application. This process supports the provision of the work focus in order to deliver the most direct access to relevant information possible.

3.2.2.3. Authorization statistics

We provide selected users (called key users) with reports in order to enable regular audits of existing user IDs and the associated system authorizations by our customers. These reports include:

  • User ID
  • Name
  • E-Mail
  • Telephone number
  • Fax Number
  • Customer organization
  • System authorizations

3.3. Our legitimate interests in processing personal data

Where Article 6(1)(f) of the GDPR is the legal basis for processing, our legitimate interests – apart from the purposes stated above – are:

  • Protecting the company against material or non-material damage
  • Making our products and services more professional
  • Optimizing (controlling and minimizing) costs

3.4. Other processing obligations

Where we are obligated by law, we process personal data to comply with retention obligations under commercial law or to meet statutory requirements relating to security (such as those pursuant to Section 7 of the German Aviation Security Act (LuftSiG)). You can find more information on retention periods in the section "Duration of data processing" below.

4. Duration of data processing

Your personal data is erased as soon as it is no longer required for the specified purposes. As soon as your organization is no more a customer of Lufthansa Technik, your personal account will be locked and deleted after 50 days. Inactive accounts are deleted regularly during the housekeeping process. It may be the case that personal data is retained for the period of time in which claims may be asserted against Lufthansa Technik AG. In addition, personal data is stored if and for as long as Lufthansa Technik AG is obligated by law to do so. Such documentation and retention obligations are stipulated by the German Commercial Code (HGB), the German Fiscal Code (AO) and the German Money Laundering Act (GwG), among others. Under this legislation, storage may be required for up to ten years.

5. Right to object in accordance with Article 21 of the GDPR

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) of the GDPR, including profiling based on those provisions. The controller shall no longer process the personal data concerning you unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

6. Disclosure of personal data to third party

We may be required to forward your personal data to third parties within or outside the Lufthansa Group in order to be able to offer you our products and services on the basis of our contractual obligations or our legitimate interests. These recipients can be categorized as follows:

  • IT
  • Government bodies and authorities
  • Members of the Lufthansa Technik Group

In the process, personal data may be transferred to third countries or international organizations. In order to protect you and your personal data, there are suitable safeguards in such cases as stipulated by and in compliance with statutory requirements (in particular the use of EU standard contractual clauses) or there is an adequacy decision adopted by the EU Commission (Article 45 of the GDPR). You can find information on EU standard contractual clauses at [https://ec.europa.eu/info/law/law-topic/data-protection/publications/standard-contractual-clauses-controllers-and-processors_en]. The EU Commission provides information on its adequacy decisions at [https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en#dataprotectionincountriesoutsidetheeu]. We are also obligated by law to provide personal data to German and international authorities (Article 6 (1) point (c) of the GDPR in conjunction with local and international regulations and agreements).

7. Rights of data subjects

Lufthansa Technik AG is committed to the fair and transparent processing of data. We therefore believe it to be important that data subjects not only have the right to object, but can also exercise the following rights if the relevant legal requirements are fulfilled:


  • Right to access personal data and obtain information (Article 15 of the GDPR)
  • Right to rectification (Article 16 of the GDPR)
  • Right to erasure ("right to be forgotten") (Article 17 of the GDPR)
  • Right to restriction of processing (Article 18 of the GDPR)
  • Right to data portability (Article 20 of the GDPR)

You can contact manage-m@lht.dlh.de by e-mail to exercise your rights. To handle your request and for the purpose of identification, we note that we will process your personal data in accordance with Article 6(1)(c) of the GDPR.
You also have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for Lufthansa Technik AG is:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
(Hamburg Commissioner for Data Protection and Freedom of Information)
Ludwig-Erhard-Str 22, 7. OG
20459 Hamburg
Germany
Phone: +49 40 42854-4040
Fax: +49 40 42854-4000
E-mail: mailbox@datenschutz.hamburg.de

8. Consent

If you have given us your consent to process your personal data, we note here that you can revoke this consent at any time.
You can contact manage-m@lht.dlh.de in all other cases or if you have problems revoking your consent on this website.
Please note that any revocation of your consent is valid only with future effect and does not have an impact on the lawfulness of past processing of your data. In some cases we have the right despite the revocation of your consent to continue processing your personal data on another legal basis, such as to fulfill a contract.

last modified: 24th August 2022