1. General information on Lufthansa Systems Poland privacy statement

Lufthansa Systems Poland processes all information (including personal data) strictly according to ISO27001:2013 requirements and applicable law or additional regulations (e.g. PCI-DSS, GDPR). Processing is organized and managed within Information Security Management System certified to above-mentioned International Standard.

LSYP uses technical and organizational security measures to protect the data we hold against accidental or deliberate manipulation, loss, deletion or illegitimate access. LSYP security measures are being improved continuously as new technology develops.

The protection of personal data is crucial for LSYP, so we monitor this very closely in any business operations.

2. Enforcement of and compliance with this privacy statement

Any personal information collected is processed in accordance with the provision on Polish law. LSYP Privacy Policy also complies with the internal data protection guidelines of the Lufthansa Group.

In order to assure accurate level of protection, we follow the rules of:

  1. data minimization - we collect the data which is required to achieve purposes, for which they are collected
  2. clearly defined purposes of data processing and retention time - we process the data only for precisely defined purposes, according to legal regulations, contracts or consents
  3. obeying the Data Subject rights - as described in point 4.2.
  4. identifying actions and controls that contribute to data security - by technical and organizational measures, as well as awareness.

Please note, that our websites may contain links to the other providers` websites that are not covered by this privacy statement.

Should you have any questions regarding the handling of your personal information or want to exercise your rights according to point 4.2 please contact our Data Protection Coordinator via:

gdn_af_r_s@lhsystems.com

This person will be also the point of contact for requests for information, suggestions and complaints.

3. Data security

Personal data in LSYP is classified as confidential and as such receives highest level of technical and organizational protection for confidentiality, integrity and availability aspects. This includes logical and physical access management to systems, infrastructure and premises, data encryption and partitioning, systems and change management, backups organization and maintenance and infrastructure monitoring and other controls, required by ISO27001:2013 to maintain highest level of information security.

Details of controls are not public, due to security reasons.

4. Information clause

4.1. Collection and processing of personal data

Lufthansa Systems Poland stores your personal information if you provide it to us yourself, for example during recruitment, as part of a survey or competition.

We will not share your personal data with third parties.

To ensure that our service is as user-friendly as possible we use so-called cookies and contact form.

A “cookie” is a small text file which a webserver sends to your browser when you visit a website. So-called “session cookies” expire at the end of the browser session and can capture your activities during the browser session. In contrast to these, there are “permanent cookies” which are saved on your terminal and these are able to capture your settings or activities on multiple websites.

Cookies pose no risk to your computer, as they are simply text files and not executable programs.  

The cookies on the Lufthansa Systems Poland website (www.lhsystems.pl) are used both to ensure convenient browsing and for market research and to collect statistics on use.

Besides so-called “session cookies” which are deleted when you end your browser session, we put in place permanent cookies.   

Cookies are stored until deleted by the user. It depends on your browser’s settings as to whether the cookie file is stored or deleted. If the file is stored, our webserver can recognize your terminal.

You can set your browser either to receive our cookies or use our website without cookie functionality.

Your browser may already be set to display a warning whenever it receives a cookie. As the identification cookie must be resent every time an individual page on our website is opened, this warning can be very disruptive. We therefore recommend that you set your browser to always accept cookies from www.lhsystems.pl. You can change this setting for individual websites.

Contact form is a plugin used on our website in order to provide you with a tool, which allows you to contact the company directly and ask any question regarding our services or actions. Messages sent via contact form are redirected to e-mail, which is managed by persons formally empowered to personal data handling.

4.2. Limitations on use of personal data

If government agencies or authorities ask us to collect or share personal data, we will do so only within the appropriate legal frameworks. We require our employees, suppliers and partners to maintain confidentiality and data secrecy in accordance with regulation arising from GDPR.

As Data Subject you are entitled to exercise the right to:

  1. opt in/opt out - we would like to use your data to tell you about our products and services and those of our partners. You decide whether or not you would like to be contacted by us. You can contact LSYP in order to cancel subscriptions to our services at any time.
  2. accessing personal data - if requested, LSYP will confirm whether we store personal data about you and what this data is,
  3. rectification of personal data - despite our best efforts to ensure that this stored data is accurate and up-to-date, it may be incorrect. If it is, we will correct it on request.
  4. erasure, restriction, objection to processing and portability of personal data - if asked, LSYP will confirm whether it is possible to erase, restrict, limit or port personal data we store. After verification of your request, you will be informed about the result of analysis and decision without undue delay and in any event within one month of receipt of the request
  5. lodge a complaint - to Inspector General for the Protection of Personal Data.

Should you have any questions regarding exercising your rights please contact Lufthansa Systems Poland Data Protection Coordinator via:

gdn_af_r_s@lhsystems.com