We, SITA Airport IT GmbH (hereinafter referred to as “SAIT”), take the protection and privacy of your data very seriously. Your personal data is collected and used solely in accordance with the legal provisions of the applicable data protection law.
In the following, SAIT will inform you about the nature, scope and purposes of the collection and use of personal data.
1 Responsible party / contact
The responsible party in terms of the data protection laws is:
SITA Airport IT GmbH
If you have any questions or suggestions about data protection, feel free to contact us by e-mail at info(at)parkvogel.de.
2 Subject of data protection
Personal data is the subject of data protection. This is detailed information on the personal or factual circumstances of a specific or identifiable natural person. This includes, for example, information such as your name, postal address, e-mail address or telephone number, as well as personal usage data.
3 Collection and use of data
3.1 Website connection data
When accessing the SAIT website, your Internet browser will automatically transmit data for technical reasons. The following data is collected and stored separately from other data that you may transmit to us:
• Date and time of access
• IP address
• Browser type/version
• Operating system,
• URL of the previously visited website
• Quantity of data transmitted
These data are only processed for technical reasons and on the basis of our legitimate interest in securing our systems in accordance with Art 6 (1) f) of the GDPR and shall only be assigned to a specific person in the event of a security breach.
As a rule, we will delete this data after seven days at the latest, and only keep it longer if it relates to a security incident. We will then store the data until the incident has been resolved.
3.2 Using the reservation system
3.2.1 Parkvogel website
The SAIT websites offers a reservation system that lets you book one of our parking spaces. If you want to make use of this offer, and reserve a parking space, the reservation system will record the following data:
• Title: *
• First name: *
• Surname: *
• Address: *
• Email address: *
• ID: *
• Flight no. Outbound::
• Flight no. Return:
• Number of travellers: *
All data marked with an “*” is mandatory data that we require to complete your reservation and parking space rental contract. The other information is voluntary, and is used to improve our service (telephone number for contact in case of problems, e.g. light on; flight numbers for better shuttle service planning, e.g. in case of flight delays).
The legal basis for processing your personal data in our reservation system is, with respect to the mandatory entries, the preparation and execution of the reservation and parking space rental agreements we shall conclude with you, each in accordance with Art 6 (1) b) of the GDPR. We process voluntary entries with your consent in accordance with Art 6 (1) a) of the GDPR.
If you book a reservation or a parking space offer in our reservation system, and must pay in advance, you will be offered various payment methods for processing the payment. We do not process these payments ourselves, but use external payment service providers that have been approved by the respective banks or credit card companies. Our system shows which company processes your payment before you enter your payment data. Please note that you can enter your payment data directly into the system of the respective payment service provider – our systems have no payment function. Therefore, we do not collect and store your payment data for security reasons. Upon your request, we merely establish the connection and receive a confirmation from the payment service provider when your payment has been successfully booked.
3.2.2 Parkvogel customer account
We can offer you a Parkvogel customer account. The advantage of this feature is that you do not have to re-enter your data every time you book a space. You can also view and, if necessary, change your previous reservations. In a customer account, we process the same data for the same purposes and on the basis of the same legal basis as those described in Clause 3.2.1. You protect your customer account with a password that only you know, and that we do not keep or store. We also do not store any credit card data. Of course, you can delete your Parkvogel customer account at any time.
3.2.3 Retention period
If you make a booking without a Parkvogel customer account, we will then store the reservation system data for a period of 80 days after completion of your parking space rental contract to provide more effective help should any complaints arise. Should you have any complaints after these 80 days have expired, you must substantiate these with your own documentation.
If you have a Parkvogel customer account, and make a booking from your customer account, we will save the reservation system data to your customer account. The data can then be called up from your customer account until you delete your customer account. You can view and, if necessary, correct all data stored about you in your customer account at any time.
3.3 Use of the Parkvogel App
3.3.1 Access to the reservation system and customer account via the Parkvogel App
If you use the Parkvogel App (“App”), we also process your personal data as required for the provision of services and invoicing in accordance with Clause 3.2.1 and, when setting up a customer account, in accordance with Clause 3.2.2, however, not the data in accordance with Clause 3.1. We will only process additional data via the app insofar as you expressly request it or configure it in the settings. The legal basis are the same as those specified in Clause 3.2.1. You are entitled to change the settings of the app at any time, or stop using the app completely by deleting the app from your device.
Clause 3.2.3 fundamentally applies with respect to the retention period. Please note that deleting the app from your device does not automatically delete any Parkvogel customer account you may have created; if you also wish to delete your Parkvogel customer account, please contact us separately.
3.3.2 Navigation with Google Maps
3.3.3 Indoor-Navigation with Meridian
If you want to use Meridian's indoor navigation that is accessible via the Parkvogel app, you must first activate it in the settings, and agree to the transfer of your personal data described below to the Meridian provider, Aruba, a division of Hewlett Packard Enterprise LCC, 3333 Scott Blvd, Santa Clara, CA 95054, USA (“HPE”) in accordance with Art. 6 (1) a) of the GDPR:
The parking areas (parking garage, car park) have so-called Meridian Beacons, which function like bearing marks. The Beacons are marked accordingly in the parking areas. When the Meridian function is activated, the application connects via Bluetooth to the Meridian Beacons available in the parking areas, reads the position data of these beacons, and uses this data to calculate the respective position of your terminal device in order to guide you. Navigation is not computed on your device, but happens through a cloud interface from HPE. HPE collects your position data on a server located outside the European Community. HPE also calculates and stores the distance you have travelled. On the one hand, HPE uses this data to provide you with its indoor navigation service. But it also uses this data to evaluate your movement data as well. According to information from HPE, this data is evaluated anonymously. For details, please refer to HPE's data protection declaration, which can be downloaded from https://www.hpe.com/us/en/legal/privacy.html . HPE has submitted to the EU US Privacy Shield (certificate can be downloaded from: https://www.privacyshield.gov/participant?id=a2zt0000000TNKEAA4 ).
We have no influence on the processing of your data by HPE, and therefore let you decide if you want to use Meridian. You can give your consent by activating Meridian’s indoor navigation button in the Parkvogel app settings. You can revoke your consent at any time ta take effect in the future by deactivating Meridian’s navigation again. We will refer to this setting separately in the app later.
3.3.4 App permissions
The following app permissions must be allowed for the application to work:
• Read/write content from end device memory, since data is loaded from the Internet and stored in the end device memory when the app is initially started. When the app is started again, it checks the data in your end device’s memory for updates and, if necessary, downloads any updated data, and then stores it over the Internet in order to save bandwidth the next time it starts up. This relates to app content.
• Show network status so the status of the Internet connection can be determined
• Complete Internet access for communication with the app gateway
• Activate location services for Meridian’s indoor navigation function
• Activate Bluetooth for Meridian’s indoor navigation function
3.4 Usage data and cookies
We store so-called “cookies” in order to offer you a comprehensive range of functions, and to make the use of our websites more convenient and interesting. “Cookies” are small text files that are stored on your end device with the help of your Internet browser. In some cases, similar technologies like “tags” are used which are the same as cookies with respect to the processing of personal data and which we group together with under the term “cookies”. We divide cookies into the categories “necessary”, “technical” and “tracking” and describe these categories in more detail below.
When you visit our website for the first time or if you have deleted your cookies, we offer you a selection menu. Via this selection menu, you can see the descriptions of the individual cookies and choose which cookies you want to allow.
3.4.1 Necessary cookies
Cookies without which our website do not function properly are necessary. These cookies save settings like the selected language and allow for the reservation system to function. For this reason, the necessary cookies cannot be deselected in the cookie selection menu because for this setting alone, we would have to place a cookie in your browser. If you do not wish to use of necessary cookies, you can prevent cookies from being stored at all by changing the corresponding settings in your Internet browser. Please note that this will limit the functionality and scope of our services.
In general, our necessary cookies are deleted either at the end of your visit or when you close your browser (session cookies). If this is not the case (e.g. for settings), you can delete the cookies in your browser yourself.
We process necessary cookies either upon your request during the preparation of a contract (e.g. for settings) or to fulfil a contract with you (e.g. processing the reservation); the legal basis is Art 6 (1) b) of the GDPR.
3.4.2 Technical cookies
Technical cookies are not necessarily required to operate the website, but make it better. We have a legitimate interest in improving our website in accordance with Art 6 (1) f of the GDPR and we take special care to ensure that these technical cookies and the tools behind them work in a data-sparing manner and do not negatively impact your rights and interests.
In the cookie selection menu, you can see a list of the individual cookies in the technical category and switch them off as you like; we will then no longer use the corresponding function.
Our web analysis tool, Matomo, which is described below, fall into the technical category.
Website analysis tool Matomo
On our website and the Parkvogel app we use Matomo (http://www.matomo.org ), an open source (web) analysis tool which we operate and which does not pass on any information to third parties.
Matomo uses technical cookies, which are stored on your end device, to help our website analyse your use of our website. The last octet of all IP addresses is removed so that we cannot identify your terminal device, but can only see which network you used.
We use the information generated by Matomo exclusively to analyse the use of our websites and the Parkvogel app and better understand potential for improvement. The information about your use of our website (including your truncated IP address) or app remains within the sphere of our data sovereignty and we do not pass this information on to third parties. The retention period for Matomo cookies is between 30 minutes and 6 months (if you do not delete them from your browser before that); you can find the exact retention periods in the selection menu.
We use this data based on our legitimate interest in measuring our reach and improving our website (Art 6 (1) f) of the GDPR).
With respect to the website, you can object to the use of Matomo by clicking on the link below. If you don't see the corresponding text, you have already objected to using Matomo – possibly on another website. Later reactivation of Matomo is only possible by deleting your cookies. The Matomo feature will also be disabled if you have switched off the installation of cookies in your browser or if you switch off the technical category cookies via the cookie selection menu that appears on the website.
Here, you can decide whether a unique web analysis cookie may be stored in your browser to allow Parkvogel to collect and analyse statistical data. If you do wish to opt out, then click on the following link to store the Matomo deactivation cookie in your browser.
With respect to the Parkvogel app, you can object to the use of Matomo by changing the Matomo switch/slider, enabled by default, in the system settings of the Parkvogel app, thereby deactivating Matomo.
3.4.3 Tracking cookies
Tracking is a third category of cookies which we only activate if you consent via the cookie selection menu that appears on the website. You can also find a list of the individual tracking cookies there.
Tracking cookies are cookies from advertisers that become more familiar with your interests across various websites and with the help of which, we can provide you personalised advertisements. Our legal basis for processing this data is your consent pursuant to Art 6 (1) a) of the GDPR, whereby you can revoke your consent, effective in the future, at any time.
Below you can find a more detailed description of the tracking cookies we use:
Google Tag Manager
Our website uses Google Tag Manager if you have consented to tracking. Google Tag Manager is a solution from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). This service enables website tags to be managed via a single interface The Google Tool Manager merely implements tags. The Google Tool Manager triggers additional tags that may collect personal data. The Google Tag Manager does not access these data according to information provided by Google and does not process any personal data. Nonetheless, we consider the system a tracking system and therefore only use it with your consent. If disabled at the domain or cookie level, this applies to all tracking tags of they were implemented with Google Tag Manager.
You can access the cookie and tracking settings here: Edit cookie settings
Google Adwords Conversion Tracking
This website also uses Google AdWords Conversion Tracking if you have consented to tracking. This means that if you visit a third party website and click on a Google ad to reach our website, a cookie is stored on your computer by a Google Adwords server. We do not store these cookies; this is done by Google or the website on which you see the advert. These cookies become invalid after 30 days and cannot be used to personally identify you. If you visit the offer shown in the advert on our website and the Google cookie has not yet expired, we, along with Google, will be able to see that you have clicked on the ad and that you were forwarded to our offer. Every Adwords customer receives a different cookie. Cookies can therefore not be tracked through the websites of different Adwords customers. The information gathered using conversion cookies helps Google to generate conversion statistics for us as an Adwords customer. In this way, we learn the total number of users who have clicked on our advert and been forwarded to our offer. However, we do not receive any information that could be used to personally identify you.
3.5 Google Maps
4 Passing on data
We only pass on your data to our carefully selected service providers, who are subject to Art 28 of the GDPR, but not to third parties without first notifying you and obtaining your consent. Only in the exceptional cases described below can we transfer your data to third parties without informing you beforehand and separately:
Personal data will be passed on to law enforcement authorities, regulatory authorities, courts and, if applicable, to injured third parties if and to the extent it serves to clarify any illegal use of our website, or is necessary for legal proceedings. However, this only happens if there are any concrete indications of unlawful or abusive practices. We are also legally obliged to provide information to certain public authorities upon request. The legal basis is Art 6 (1) c) of the GDPR.
Data may be passed on if this is required to assert our claims against you; the legal basis for this is Art 6 (1) f of the GDPR.
5 Transfer to Third Countries
We process your data largely on systems within the European Economic Area and, where possible, rely on European partners when choosing our service providers. In exceptional cases, however, we process your data outside of the European Economic Area , e.g. if the service provider is an international company. In every case, we transfer your data to only one third country if we are permitted to do so in accordance with Art. 44 ff GDPR. This means that the processing of your data is secured by special guarantees which create a level of data protection for receivers that is comparable to that of the EU. For this we expressly use the "standard contractual clauses" recognised by the EU Commission. You can obtain individual evidence from our data protection officer.
6 Deletion of your data
Unless otherwise stated above, we will delete your data as soon as it is no longer required for the aforementioned purposes.
If data must be kept for legal reasons, it will be blocked. The data is then no longer available for further productive use.
7 Your rights, data protection officer
You are, of course, entitled to request information about your personal data stored by SAIT. You also have the right to have any incorrect data corrected, delete and the processing thereof limited. If we process your data for legitimate reasons, you can object to the processing. If you provide us with data on the basis of a contract or consent, you then have the right to data portability. You can revoke your consent at any time, without affecting the legality of the processing that has taken place on the basis of the consent until its revocation. We do not operate systems for automated decision-making.
The SAIT data protection officer and his team are available for any questions, suggestions, or complaints, also concerning the exercise of your rights, you may have. The contact details are:
Data protection officer, SAIT
40468 Düsseldorf, Germany
If you wish to file a complaint, you can also contact a designated data protection authority, e.g. at your permanent residence.