PRIVACY POLICY

GENERAL INFORMATION

FLYINGGROUP is committed to respecting your privacy and protecting your personal data. This Privacy Policy (this “Policy”), explains our approach to any personal data that we collect from you directly or which we have obtained about you from a third party and the purposes for which we process your personal information. It also sets out your rights in respect of our processing of your data.

This privacy policy is subject to the “Privacy legislation”

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”);
the Belgian Data Protection Act of 30^th July 2018 on the protection of privacy in relation to the processing of personal data (as amended) (the “Privacy Act”); and/or
All other applicable legislation regarding the protection of privacy and the processing of personal data;

In this Privacy Policy “FLYINGGROUP, “we”, “us” or “our” means FLYINGGROUP HOLDING NV (a company incorporated in BELGIUM, with registration number 0875.470.035, and with principal offices at Dennenlaan 27- 2610 Wilrijk, Belgium) and its subsidiary and affiliated companies (including without limitation, FLYING SERVICE NV with registered office at Luchthavenlei 1/18 – 2100 Deurne , Belgium; FLYING PARTNERS CVBA with registered office at, Luchthavenlei B1/56-2100 Deurne, Belgium; FLYING HOLDING FRANCE SARL with principal office at Aéroport du Bourget – Zone d’Aviation d’Affaires – 93350 Le Bourget, France; FLYINGGROUP SARL with principal office at Aéroport du Bourget – Zone d’Aviation d’Affaires – 93350 Le Bourget, France; JET MANAGEMENT HOLDING NV with principal office at Thermiekstraat 18, Luchtaven Schipol – 1117 Harlemmermeer , The Netherlands; JET MANAGEMENT EUROPE BV with principal office Stationsplein NO 280 Building 144, 3rd Floor P.O. Box 7600 Schiphol Amsterdam, 1117 CJ The Netherlands; FLYINGGROUP LUX SA, with registered office at 77-79, Parc d’Activités, 8308 Capellen, Luxembourg, AVIATION ASSOCIATES LTD, with registered office at Skyparks Business Center Luqa LQA4000 Malta; HYPERION AVIATION LTD, with registered office at Skyparks Business Center Luqa LQA4000 Malta )collectively; “you” or “your” means you, the person who provides us with personal data; “personal data” shall have the meaning assigned to it by the GDPR and the entities mentioned here-above may also be deemed “Data controllers” according to the meaning assigned by the GDPR

The Main Establishment of FLYINGGROUP for purposes of the GDPR shall be Belgium.

This Policy applies to personal data about you that we collect, use and otherwise process in connection with your relationship with us as a client or potential client, including when you travel with us or use our other services, use our websites or mobile apps, service agents and book to use our services through third parties (such as agents, brokers and other carriers), on an ad hoc basis, or when or have entered into a contract with us in relation to the supply by us to you of services and/or products.

Any products and/or services acquired by you from us will be subject to their own terms and conditions which you must also read and accept. In the event of any conflict between this Policy and the terms and conditions of any such products or services (such as, without limitation, those terms and conditions in, any FLYINGGROUP Charter Agreement, or any FLYINGGROUP Aircraft Management or, any FLYINGGROUP Program Partnership Agreement, or, in the FLYINGGROUP General Terms and Conditions of Carriage,) then the terms and conditions of those products or services shall prevail.

This Policy is effective as of the “Effective Date” which appears at the bottom of this Policy. Use the “Last Revised Date” appearing at the bottom of this Policy to determine when this Policy was last updated. This Policy is current as of the “Last Revised Date”. We reserve the right, at our sole and absolute discretion, to change or modify this Policy at any time. Any such changes or modifications will become effective when posted on this page. Your continued access to or use of any of our services or products or your purchase of any of our products or services or your continued provision of personal data to us following any change or modification to this Policy shall be deemed your acceptance to be bound by any such changes or modifications.

HOW DO WE COLLECT PERSONAL DATA ?

We may collect personal information from you in the course of our business, including through your use of our site, when you contact or request information from us, when you engage our services (whether these services are provided by us or by other companies or agents acting on our behalf),

We collect personal information about you whenever you use our services (including when you travel with us, when you use our website or mobile applications, or interact with us via email or

In addition, we may receive personal information about you from third parties, such as:

Companies contracted by us to provide services to you.
Companies involved in your travel plans, including airlines involved in your prior or onward journey, relevant airport operators and customs and immigration authorities, travel agents

We collect personal data about you when you use our services or products (whether directly provided by us or by another company or agent), when you travel with us, and when you use our website,.

The following are examples of when we collect personal data about you:

when you book or search for a flight or other products or services through our other sales channels, such as through an agent or broker
when you contact our sales representatives
when you travel with us and use airports where we operate
if you use lounge facilities provided by us or our agents
if you use our in-flight entertainment and communication services
if you complete a client survey or provide us with feedback
if you choose to interact with us via social media

In addition, we may receive personal data about you from third parties, such as:

companies contracted by us to provide services to you
companies involved in your travel plans, including relevant airport operators and customs and immigration authorities
companies (e.g. car hire providers and hotels) that participate in our programmes.

FOR WHICH PURPOSE AND ON WHICH LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA

We generally process your personal data where we have a legal basis to do so according to the Privacy legislation

We will need to use the personal data to fulfill your request to use our services to it is necessary for us to process your information to perform our obligations in accordance with any contract we may have with you ;

It is our legitimate interest to use your personal information in such way to ensure that we provide you the requested services and in particular for the following reasons:

This will include passing your personal data to relevant authorities such as passport control and border agencies and where appropriate competent police, customs authorities and governemenal authorities (such as in the scope of the passn-enger name record legislation) . We may also need to contact you if we have questions regarding your request. Additionally, there may be travel arrangements that are not provided by us but which nevertheless form part of your overall journey which need to be fulfilled, such as details of your arrangements at airports and customs and immigration formalities.
To handle the general enquiries you raise from time to time on our services;
To ensure that you or any passenger is not the subject or target of any economic or trade sanction law or regulation or travel ban; To carry out due diligence or other background checks on you (thru’ sanction and enforcement list data) so as to protect our rights, interests, property and safety and the interests, rights, property and safety of our clients, or others;
For the purposes of accounting and billing, immigration and customs control, health and safety, security and legal compliance;
To carry out obligations and/or enforce rights arising from any contracts entered between you and us;
For internal record keeping and the general administration of your records by us which may include for example, accounting and billing, auditing, credit or other payment card verification, anti-fraud screening (including the use of credit reference agency searches and payment card validation checks), immigration and customs control, safety, security, health, administrative and legal purposes and systems testing, maintenance and development.
For security purposes to protect your personal data held and/or processed by us;
For training our employees in respect of providing our service and products to you;
For statistical analysis;
To improve improve, develop and market new services
For our general marketing purposes where you have notified us that you consent to receive information about us and our services, products and offers;
From time to time, we may also use your personal data to contact you for feedback on our services and third-party supplier services so as to assist us in their improvement and development, and to provide services tailored to your requirements and treat you more personally, for example:
to deliver messages and information that we think is relevant and may be of interest to you, prior to, during, and after your travel with us
to personalize and tailor your travel experience
When you are travelling with us and using airports at which we operate, we may have the ability to monitor where you are within the airport, for example, based on your having passed through security checks. This information may be used to assist with flight connections and with the prompt and effective boarding of aircraft, as well as to provide a personalized service.

Please also be aware that in some airports where we operate, facial recognition and related biometric technology is used in order to facilitate passenger boarding.

For purpose use as otherwise required or permitted by law.

WHAT TYPES OF PERSONAL DATA DO WE COLLECT ?

To undertake these goals we may process the following personal information:

Name / Surname and job title.
Contact information including address of residence, email address, telephone number, and fax number the company you work for professional, email address, where provided.
Payment information.
Information that you provide to us as part of us providing the services to yo
Relevant information as required by Know Your Client and/or Anti-Money Laundering regulations and as part of our client intake procedures. This may possibly include evidence of source of funds, at the outset of and possibly from time to time throughout our relationship with clients, which we may request and/or obtain from third party sources. The sources for such verification may comprise documentation which we request from you or through the use of online sources or both.
Information you provide to us for the purposes of attending meetings and events, including dietary requirements which may reveal information about your health or religious beliefs.
Other information relevant to provision of services, such as but not limited to :
Your date of birth, nationality, and passport information when you travel with us;
Personal description and photograph (including passport, drivers’ license and other identification documents) when you travel with us;
Personal tastes (e.g food and beverages and inflight services) and dietary requirements;
Medical condition (e.g. allergies for catering purposes, and disabilities);
Information about your travel arrangements, such as details of your bookings, travel itinerary, details of any additional assistance you require and other information related to your travel with us.
Information about the services we have provided to you in the past, including your previous travel arrangements, such as flights and other bookings, and related matters, such as upgrades, etc.
Your geographical position;
Information about your use of our websites, including information about which pages you view;
Information about interactions you have with us and our staff;
Your financial and credit card information (including such information as received from third party banks and other credit institutions and credit rating institutions) which are necessary for us to provide you with the requested product or service; and,
Other information that may be required by us, to carry out obligations arising from any contracts entered between you and us, and/or to carry out client surveys and/or offers.

Sensitive Data

Certain categories of personal information, such as that about race, ethnicity, religion, health, sexuality or biometric information are special categories of data referred to here as “sensitive personal data”. Generally, we try to limit the circumstances where we collect and process sensitive personal data. Sensitive personal data will only be processed where:

We have a legal obligation to collect and process them
You have given your explicit consent
You have requested specific medical assistance from us and/or an airport operator, such as the provision of wheelchair assistance or oxygen, or,
You have sought clearance from us to fly with a medical condition or,
Biometric information (for example facial recognition) may be collected during the security clearance process prior to, and after, flying with us
you have otherwise chosen to provide such information to us (or a third party such as the agent or broker through which you made your booking)
In addition, you may have requested services (such as a meal) which is not ’sensitive data’ but may imply or suggest your religion, health or other information.

By providing any personal data (including “sensitive personal data”) you explicitly agree that we may collect, use, share with third parties and transfer such data, within and outside of the European Economic Area, in accordance with this Policy.

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR

We shall keep your personal data for the above purposes in accordance with those retention periods set by applicable law and our internal policies. We will not retain your data for longer . To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means.

We must also consider periods for which we might need to retain personal data in order to meet our legal obligations or to deal with complaints, queries and to protect our legal rights in the event of a claim being made.

When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimize over time the personal data that we use, and if we can anonymize your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

We guarantees that it does not transfer your personal data to third parties, unless:

There is a legal obligation to transfer the personal data);
It is necessary for the achievement of one of the Purposes here-above described (e.g. subcontractors, partners or contracting parties);
We have a legitimate interest to do so.

We cannot be held responsible regarding the transfer of personal data and cannot be liable for the further processing of the personal data by third parties

We may disclose your personal data (and any third party personal data provided by you to us) to:

air operators, the actual carrier (if FLYINGGROUP has the carriage to which you are entitled handled by another carrier, such other carrier is the actual carrier as defined in legislation governing carriage by air), and other third parties in order to give effect to our obligations under any contact entered into between you and us for the provision of flight services;
companies which are part of the group of companies which we may be part of from time to time, and to our branch offices;
our authorized representatives;
third parties:
In the event that we sell our entire business or assets (in which event disclosure shall be to a prospective purchaser and their professional advisers only) or in the event of a due diligence exercise carried out on FLYINGGROUP by a potential investor or partner (in which event disclosure shall be to the potential investor or partner and his professional advisers, shall be limited to the extent required, and shall be subject to confidentiality protections to the extent practicable);
if we are under a duty to disclose such personal data in order to comply with any legal or regulatory obligation or request ;
in order to give effect to and/or enforce the terms and conditions of any contract entered into between you and us;
so as to protect our rights, property and safety and the rights, property and safety of our clients, or others (including by way of exchange of information with third parties for the purposes of fraud protection and credit risk reduction);
to carry out due diligence or other background checks on you (thru’ sanction and enforcement list data) so as to protect our rights, interests property and safety and the interests, rights, property and safety of our clients, or others;
to facilitate your travel arrangements, including other carriers and airport operators, customs and immigration authorities, agents or brokers involved in making your travel arrangements, and global distribution systems service providers; and,
who deliver services either to you or to us, such as companies that provide airport assistance, ground handling, catering, fuel, transportation, and air crew (pilots and cabin crew).

FLYINGGROUP and other carriers are required by laws in several countries to give border control agencies and other public authorities’ access to booking and travel information and other personal data (including data obtained from official photo identification documents). Therefore, any information we hold about you and your travel arrangements may be disclosed to the customs, immigration and public authorities of any country in your itinerary.

In addition, laws in several countries require FLYINGGROUP and other carriers to collect passport and associated information for all passengers prior to travel to or from those countries. When required, FLYINGGROUP will provide this information to the relevant customs and immigration authorities.

INTERNATIONAL TRANSFER

The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”).

The nature of our business means it is often necessary for us to send your personal information outside the EEA to fulfil your travel arrangements. This occurs because our business and the third parties identified in ’Who do we share your personal information with?’ have operations in countries across the world. For example, where you are flying outside of the European Economic Area, your personal information will be transferred to border control and immigration outside of this area.

In addition, we may transfer your data to parties in countries outside the country in which you are located to provide services to us. This may involve sending your data to countries where under their local laws you may have fewer legal rights.

Where your personal information is transferred outside the EEA because we are using a service provider in a third country, we will implement safeguards so that your personal information continues to be protected to the standards set out in this privacy policy.

It may also be processed by employees operating outside the EEA who work for us or for one of our suppliers. Such employees may be engaged in, amongst other things, the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Policy and the level of Data Protection required by the Privacy Legislation

WHEN WILL WE SEND YOU MARKETING COMMUNICATIONS?

You may receive marketing communications from us, or from third parties used by us to send marketing communication on our behalf, if you have opted in to receive such material. Our marketing communications will always include the option for you to unsubscribe from receiving any further marketing communications.

If you have previously agreed to us using your information for direct marketing purposes, you may change your mind at any time by writing to us at privacy@flyinggroup.aero

Please note that if you tell us that you do not wish to be sent further marketing communications, you will still receive service communications.

SECURITY AND STORAGE

We are committed to ensuring that your personal data is secure at all times. We have have established reasonable technical and organisational security procedures aimed to avoid any loss, abuse or alteration to this personal data.

Your personal data will be stored on and processed by our systems and may also be stored on and processed by systems of a third-party data processor(s) appointed by us.

TRANSMISSION OF INFORMATION OVER THE INTERNET

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Services; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorized access. since no method of transmission or forwarding over the internet, or any method of electronic storage is 100% secure, we are is, in this context, not in a position to guarantee absolute security. Your consent to this Privacy Policy acknowledge and accept processing of data is never without risk and damages you may suffer from third parties in case they use your Personal Data unlawfully, is not our liability

Links to third party websites

Our websites, online services may, from time to time, contain links to and from websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services. You are advised to please check these policies before submitting any personal data to these websites or using these services.

PROVIDING INFORMATION ABOUT THIRD PARTY

If you are providing personal data to us about someone else you confirm that they have appointed you to act for them, to consent to the processing of their personal data, and that you have informed them of our identity, of this Policy, and of the purposes (as set out in this Policy) for which their personal data will be processed.

HOW TO ACCESS YOUR INFORMATION AND YOUR OTHER RIGHTS

You have the following rights in relation to the personal information we hold about you:

Your right of access

If you ask us, we’ll confirm whether we’re processing your personal information and, if necessary, provide you with a copy of that personal information (along with certain of the details). If you require additional copies, we may need to charge a reasonable fee.

Your right to rectification

If the personal information we hold about you is inaccurate or incomplete, you are entitled to request to have it rectified. If you are entitled to rectification and if we’ve shared your personal information with others, we’ll let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.

Your right to erasure

You can ask us to delete or remove your personal information in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If you are entitled to erasure and if we’ve shared your personal information with others, we’ll let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.

Your right to restrict processing

You can ask us to ‘block’ or suppress the processing of your personal information in certain circumstances, such as where you contest the accuracy of that personal information or you object to us. If you are entitled to restriction and if we’ve shared your personal information with others, we’ll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.

Your right to data portability

You have the right, in certain circumstances, to obtain personal information you’ve provided us with (in a structured, commonly used and machine readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.

Your right to object

You can ask us to stop processing your personal information, and we will do so, if we are:

relying on our own or someone else’s legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing; or

processing your personal information for direct marketing purposes.

Your right to withdraw consent

If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time

If you withdraw your consent to the processing of your personal data at any time, it may mean we will not be able to provide all or parts of the products or services you have requested from us (example: if you book a flight with us and prior to the flight you withdraw your consent to the processing of certain of your personal data which is necessary for the performance of that flight, then we will not be able to provide you with the flight). Please be aware that in these circumstances you will not be able to obtain a refund of any fees or monies you would have paid.

On the other hand, if for example you withdraw your consent to us sending you marketing communications, then such withdrawal should not have any effects.

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations.

If you wish to receive a copy of your personal informationor exercise one of your Rights as detailed here-above,you can fill a Data Subject Request form that you can find here.

Once completed, this form should be submitted:

either via electronic mail to privacy@flyinggroup.aero
either via postal mail to:

Flying Service NV Att : Privacy team Luchthavenlei 1/8 -2100 Deurne (Antwerp)Belgium

Please note that in order to process your Data Subject request, we are obliged to levy a fee of 100,00 € to cover our administrative costs.

COMPLAINT, APPLICABLE LAW, JURISDICTION AND SEVERABILITY

If you have a concern about any aspect of our privacy practices, including the way we’ve handled your personal information, you can report it to the Belgian Data Protection Authority:

https://www.gegevensbeschermingsautoriteit.be

https://www.autoriteprotectiondonnees.be

Any dispute arising from or related to the acceptance, interpretation or observance of this Policy shall be submitted to the exclusive jurisdiction of the competent Court of Belgium which shall apply the laws of Kingdom of Belgium.

If any portion of this Policy is held to be invalid or unenforceable for any reason by a court or governmental authority of competent jurisdiction or by a supervisory authority, then such portion will be deemed to be stricken and the remainder of this Policy shall continue in full force and effect.

CHANGES TO THIS PRIVACY POLICY

We may make changes to this Privacy Policy from time to time. To ensure that you are always aware of how we use your personal information we will update this Privacy Policy from time to time to reflect any changes to our use of your personal information. We may also make changes as required to comply with changes in applicable law or regulatory requirements. Where it is practicable, we will notify you by email of any significant changes. However, we encourage you to review this Privacy Policy periodically to be informed of how we use your personal information.

Version control

Date	Version	Description
24th May 2018	1	Effective Date
25th June 2018	1.1	Last revised Date
11th December 2020	1.2	Last revised Date