LGS Handling Ltd. (Data Controller) values the relationships with all customers, website visitors and stakeholders (Data Subjects) and this notice explains how the company collects, processes and manages your personal data. LGS will process all personal data in compliance with the General Data Protection Regulation (GDPR) and any applicable local privacy law for providing you with a service you have requested and to meet our statutory obligations.
In this privacy statement “we”, “our”, “us” and “company” refers to LGS Handling Ltd..
2. What personal data we collect
This Privacy Notice aims to give you information on how we collect and process your personal data.
LGS Handling Ltd is a Controller of the personal data you (data subject) provide us. We collect the following types of personal data from you:
- Your name, e-mail address, phone number, physical address (billing and shipping), temporary address, company affiliation, title
- Demographic information and location
- In case of minors traveling we will collect the parents’ or Guardian’s details (full name, government issued identifiers, phone number)
- Government Issued Identifiers
- Any flight preferences (i.e. seating preferences)
- Contact details concerning the employees of corporate accounts and vendors and other individuals with whom we do business
- Other types of information that you voluntarily choose to provide to us.
- Any disabilities, medical conditions or allergies that could affect you, limit your mobility or affect your boarding and flight.
For over the counter bookings using a credit card, the following personal data might be retained and processed:
- Name and surname of cardholder
- Payments information
LGS Handling needs to process data to enter into an agreement with the Service Users and may also process certain data to ensure that it is complying with its legal obligations. LGS Handling has a legitimate interest in processing personal data and in keeping records of the process in order to fulfil its contractual requirements.
Personal Data may be also used for communication purposes and audit.
LGS handling may keep personal data on file for a period of 7 years.
LGS Handling collects personal data from candidates for recruitment purposes.
The information that LGS Handling may collect and hold about candidates includes:
- Name, address, telephone number(s) and email address
- Details of qualifications, skills, experience and employment history
- Details of current immigration status
- Details of criminal or pending criminal convictions in Cyprus or any other jurisdiction
- Any additional information contained in a candidate’s CV or application form such as referee information, disclosed at interview or otherwise provided to LGS Handling during the recruitment process.
LGS Handling needs to process data to decide whether to enter into a contract of employment with a particular candidate and may also process certain data to ensure that it is complying with its legal obligations. LGS Handling has a legitimate interest in processing personal data during the recruitment process and in keeping records of the process in order to manage the recruitment process, to assess and confirm a candidate's suitability for employment and decide to whom to offer a particular role. LGS Handling may also need to process candidate`s data to respond to and defend against legal claims.
LGS Handling will not share a candidate’s data with third parties, unless his or her application for employment is successful and an offer of employment is made to him or her. Once an offer of employment has been made to (and been accepted by) a candidate, LGS Handling may also contact previous employers named by that candidate as referees for the purpose of obtaining employment references. Additionally, a criminal record might be requested. The candidate may also be required to provide medical information to LGS Handling’s occupational health provider for the purposes of assessing his or her capacity to work.
If a candidate’s application is unsuccessful, LGS Handling may keep his or her personal data on file for a period of 3 years.
Each time an individual uses the LGS handling website, information can be collected as follow:
- If an individual chooses to fill out the “Application Form” on the job section and email it to us, their contact details are passed on to the relevant Line Manager depending on the area of interest chosen by the potential candidate.
- If an individual chooses to fill out our “Contact Us Form”, we will receive the query via email. Your query will be forwarded to the responsible party for a follow up.
We may process data about your use of our website/s and services ("usage data"). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
3. Why we collect your personal data
We need your personal data in order to provide you with our services. In order to see the whole list of our services please refer to the services section on this website.
4. Lawful basis for processing
Performance of a contract with you: the processing is necessary to enter into a contract with you.
Legitimate interest: The processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.
Vital Interest: In certain conditions when your consent it is not possible to be obtained, it may be necessary for us to process your Personal Data, including Sensitive Personal Data you provided through our Services, where it is in your vital interest or in the interest of others. Vital interest or in the interest of others could be an event of a medical emergency.
Consent: in case where you have given a clear consent for us to process your personal data for a specific purpose.
Your Personal Data may be disclosed as follows:
Internal use: We may use your data provided on our website for management purposes, administrative purposes, recruitment selection and to manage our relationship with you.
To Airlines: The personal Data you have provided during the check-in of your flight is shared with the respective airline. Your data will be retained for 5 days after check-in and they will then be deleted automatically.
Commercial Service Providers and Suppliers: We may outsource the processing of certain functions and/or information to third parties that provide services. Some processors (but not limited to) are outlined below:
|Check in||Departure Control Services by SITA Or Airline’s own check in system|
|Ticketing||Amadeus/ or Airline’s own booking engine or reservation in system|
|Website hosting||Delphi Art Ltd|
|Human Capital Management||Exelsys/Noesis/Flight Tracker|
|Risk Analysis Engine||reCAPTCHA|
External Partners: We may share your Personal Data with other third partners including consultants and advisors who provide services to us, including also credit card issuers, financial institutions, external auditors and lawyers.
We may share accumulated data with third parties collectively in an anonymous way, which does not reveal Personal Data.
6. How long we keep your information
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for seven years after they cease being customers for tax and other legal purposes.
In some circumstances you can ask us to delete your data. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you
7. Cross-Border Data Transfers
The Personal Data and other information that we collect from you will be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It also may be processed by staff operating outside the EEA who work for us or other entities acting as data processors processing data on our behalf. This includes staff and providers engaged in, among other things, the fulfilment of your request or order and the provision of support services. More information on to whom your data is disclosed can be found in the “Disclosure” Section.
To comply with applicable data protection law, we have implemented international data transfer agreements on the basis of EU Standard Contractual Clauses in order to provide appropriate and suitable safeguards for Personal Data transferred to countries outside the EEA where an adequate level of protection is not already guaranteed.
8. What are your rights?
In this Section, we have reiterated the rights that you have under data protection law (Your rights are not fully explained in this section). You should read the related laws and directions from the regulatory authorities for complete clarification of these rights.
Your rights under data protection law are:
- the right to access; You have the right to receive a copy of the personal data the organisation holds about you as well as information about how it is used.
- the right to rectification; You have the right to ask the organisation to correct personal data we hold about you where it is incorrect or incomplete.
- the right to erasure; This right entitles you to require the erasure of your personal data from the organisation’s systems and records. However, this right applies only in certain circumstances (e.g. where the organisation no longer needs the personal data for the purpose for which we collected it or where you withdraw consent to our use of your personal data and where there is no other legal basis for continuing to use it).
- the right to restrict processing; This right entitles you to restrict the processing of your personal data by the organisation. Where this right is exercised, the organisation is still permitted to store your personal data but other use of the data is prohibited, save in certain limited circumstances.
- the right to object to processing; You have the right to object to the organisation’s use of your personal data in certain circumstances. However, the organisation may continue to use your personal data, despite your objection, where there are compelling legitimate grounds to do so or we need to use your personal data in connection with any legal claims.
- the right to data portability; This right allows you to obtain your personal data in a format that enables you to transfer that personal data to another organisation where the organisation is processing your personal data on the basis of consent or on the fulfilment of a contract and if processing is carried out by automated means. You may have the right to have your personal data transferred by us directly to the other organisation, if this is technically feasible.
- the right to complain to a supervisory authority; You have the right to lodge a complaint with the Data Protection Commissioner if you think that the organisation has not processed your personal data in accordance with data protection legislation and,
- the right to withdraw consent; You have the right to withdraw your consent to the processing of your personal data by the organisation at any time. This will not affect the lawfulness of our processing before the withdrawal.
All requests to exercise your rights will be duly considered by our representatives. Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted. Please contact us through our DPO Office via email at firstname.lastname@example.org so we provide you with the necessary information.
If you believe that our processing of your personal information trespasses data protection laws, you have a legal right to report a complaint with a supervisory authority accountable for data protection.
You may do so in the EU member state of your habitual residence, your place of work or the place of the assumed breach.
9. Failure to provide personal information
If you fail to provide certain information when requested, we will not be able to fulfil our legal obligations or deliver the service you have requested.
10. Modifications of this policy
We may revise this policy occasionally by publishing a new version on our website.
You may choose to check this page on a regular basis to note any changes to this notice.
We might inform you of significant changes to this policy by email or through a private messaging system on our website.
11. Data Protection Officer
If you have any questions or concerns regarding this Privacy Notice, please contact our Data Protection Officer.
Tel. + 357 24008870