Register of proceedings of the data protection officer

  • Human Resources (Administration and Development)
  • Suppliers (Administration according to GoB criteria (German GAAP)
  • Shareholders (Administration and Support)
  • Customers (Reservations, Customer Relationship Management)
  • Head Office and Management functions pursuant to the EDP General Employee/Works Council Agreement between Lufthansa AG and labor-management relations agencies

5. Description of groups of persons affected and their related data or data categories
Customer data, employee data, shareholder data, as well as data from suppliers, to the extent that this is necessary to fulfil the purposes specified in 4.

6. Recipients or categories of recipients to whom data may be disclosed
Public service authorities where high-priority legal regulations demand, external contractors according to §11 BDSG, as well as external offices and internal Lufthansa departments, for fulfilling the purposes specified in 4.

7. Statutory periods for deleting data
After expiration of storage obligations and periods as decreed by regulatory authorities, the relevant data is routinely deleted. Any data to which this does not apply is deleted if it is not needed fur the purposes specified in 4.

8. Planned transmission of data to other countries
Data is transmitted to authorities, customers, and suppliers in various countries within the context of conducting transactions that fulfill the business purpose in accordance with the above-named international regulations.

9. Security measures
Deutsche Lufthansa AG takes safeguarding measures pursuant to §9 BDSG by practicing caution when awarding contracts, by maintaining appropriate quality regulations, and by training its staff.

Deutsche Lufthansa AG
Group data protection officer

Star Alliance