We collect and use personal data to the extent necessary for providing a functional website, our content and products/services as well as for pursuing other legitimate interests as described below.

What data do we collect about you?

We collect your personal data directly when you engage with us including when you: (i) visit our website; and/or (ii) communicate with us, e.g. via email or telephone including via the email address on our website or via user-generated content on our websites.

We may also receive your personal data indirectly, for example when (i) we are conducting due diligence and your personal data is uploaded to the data room / shared with us through other transaction processes; (ii) we receive personal data from our portfolio companies; and/or (iii) we collect Business Data from local company registries, professional sites (such as LinkedIn and Bloomberg) or international search databases.

We collect different categories of information which we have grouped together as follows:

We generally do not collect or process special category personal data, but will inform you of this at the time if this changes.

Under data protection laws, we must have a lawful basis to process your personal data – this is set out below. This will either be, necessity for performance of a contract (Article 6(1)(b) GDPR), legitimate interests (Article 6(1)(a) GDPR), legal obligation (Article 6(1)(c) GDPR), consent (Article 6(1)(a) GDPR) and/or to protect the vital interests of the data subject or of another natural person (Article 6(1)(d) GDPR).

If you provide us with your consent to processing, you can withdraw it at any time and we will stop the processing activities based only on consent as a lawful basis. We may still process the data if we have another lawful basis for processing (this will be for more limited purposes e.g. back-up storage). Where we need to collect personal data due to a legal obligation, or for performance of a contract this will be indicated to you (i.e. with an *), and if you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter with you. We will notify you of this at the time. 

Why we collect your personal data

We will generally process your personal data for the purposes outlined below, or for other purposes specified to you at the point of collecting your personal data. We will only process your personal data as necessary so that we can pursue these purposes. Where we process your personal data for our legitimate interests as a business, we do so only where we have concluded that our processing does not prejudice you or your privacy in a way that would override our legitimate interest in pursuing those purposes.

Marketing communications

If you solicit certain information (e.g. you contact us to raise an enquiry via email), we will share that information which might including marketing communications. 
Some privacy laws or marketing laws, as applicable, require us to have your consent to send direct electronic marketing that isn’t solicited (e.g. via emails or SMS or direct social media messages).

You may also receive indirect marketing from us by way of online advertisements (e.g. adverts on third party websites that aren’t targeted to particular individuals) or general marketing communications from us- (e.g. postal mail) on the basis of our legitimate interest to undertake advertising activities linked to investment opportunities and to develop, deliver and maintain relevant services and marketing communications.

You can withdraw your consent or ask us to stop sending you direct marketing messages at any time by contacting us at [email protected] then we will no longer conduct any direct electronic marketing unless you opt-in again at a later point. 

Each time our webpages are accessed, our systems automatically collect data and information from the computer system of the accessing computer.

In this case, the following types of data are collected: Browser type, version used, operating system of the user, internet service provider, IP address of the user, date and time accessed, websites from which the user’s system are directed to our website or which the user is directed to from our website. 

The legal basis for the temporary storage of the data collected via webpages and the related log files is Art.6(1) f of the GDPR with the aforementioned legitimate interests.

The temporary storage of the IP address by the system is necessary to make it possible for the website to be delivered to the user’s computer. For this purpose, the IP address of the user must remain saved for the duration of the session.

Storage in log files takes place to ensure the functionality of the website. Furthermore, we use the data to optimise the website and to ensure the safety of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes also justify our legitimate interests to perform data processing pursuant to Art. 6(1) f of the GDPR. Personal data will be deleted as soon as they are no longer necessary to fulfil the purpose of their collection. In particular, the case of the collection of the data for the provision of the website, this is the case when the respective session is terminated. The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Furthermore, we reserve the right to review the files when concrete indications exist which point to a justified suspicion of unlawful use or a specific attack on the pages. In this case, it is within our legitimate interests to perform processing for the purposes of clarifying the issue and the criminal prosecution of such attacks and unlawful use.

Web beacons are invisible images with the size of one pixel. These are used by partner companies, in particular for the purposes of tracking a user across various web pages for building a profile which allows users to be shown customised advertising (targeting). A pixel integrated into the webpage is loaded from the partner’s server when the webpage is accessed. In doing so, the partner receives your IP address as well as information about your browser and its version as well as the browser plugins used (browser fingerprint), about your operating system, as well as about your network operator.

On our website, we use active JavaScript content and fonts which may also come from external providers such as Google. When our website is accessed, these providers may receive information about your visit on our website, such as via the transmission of your IP address. You can prevent the transmission of such information by using a JavaScript blocker, e.g. by installing the browser plugin ‘NoScript’ or deactivating JavaScript in your browser. However, this may limit functionality.

Some of our websites integrate third-party content into their offerings, such as videos from YouTube, map content from Google Maps, images, texts, and multimedia files, RSS feeds, or additional services from other websites. This always requires your IP address to be transmitted to the providers of the content. We are unable to provide information on how your data is used by these providers and also have no influence over subsequent processing. In particular, we have no information on whether the data will also be used for additional purposes, such as building a profile. To find out more, please consult the respective data privacy notices of the corresponding third-party providers.

Among other things, you can protect yourself from further tracking via tracking pixels from these providers by turning off the acceptance of third-party cookies in your browser settings.

Our webpage contains a contact form which can be used for getting in touch electronically. If a user makes use of this option, the data entered into the input form will be transmitted to us and saved. This data comprises: Name, address, e-mail address, telephone number etc. At the time the message is sent, the following data will also be saved: The IP address, date, and time. For processing the data, your consent will be obtained as part of the sending procedure, and reference will be made to this privacy statement.

Alternatively, you can also get in touch via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be saved.

The legal basis for the processing is:

• For the processing of the data after the user registers for the newsletter, provided that the user has given consent, Art. 6(1) a GDPR.
• For the processing of data which is transmitted as part of the sending of an e-mail or name and contact details collected by us or disclosed to us, Art. 6(1) f GDPR with the aforementioned legitimate interests.
• If the e-mail contact serves the purpose of entering into a contract, Art. 6(1) b of the GDPR serves as the additional legal basis for the processing.

In the case of the establishment of contact via e-mail, this also includes the required legitimate interest in the processing of the data. The other personal data processed during the sending procedure serve to prevent the abuse of the contact form and to ensure the security of our information technology systems.

The data will be deleted as soon as they are no longer necessary to fulfil the purpose of their collection or upon expiration of our legitimate interest. For the personal data from the input fields of the contact form and data that have been transmitted via e-mail, this is the case when the respective conversation with the user has terminated. The conversation is terminated when circumstances allow one to surmise that the respective issue has been conclusively resolved. The additional personal data collected during the sending procedure will be deleted no later than after a deadline of seven days. You can use the contact form to inquire about how we process your personal data collected.

The user has the option of revoking his consent for the processing of the personal data at any time. If the user establishes contact with us via e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

Some of our websites require or offer registration. The data collected during this procedure are utilised for the purposes of the use of the respective websites and services, unless otherwise described during the registration and explicitly consented to. The data collected is given by the input form used as part of the registration. All other data which you can add at a later point in time in order to complete your profile is optional and voluntary. After registration, we are permitted to inform you about relevant circumstances related to our offering which you have registered for via the e-mail address specified.

If you write comments or articles or upload files to our servers or publish images or use other services, your IP address and — if you are signed in — your user data will be stored for our security. Due to the large amount of unlawful content which is placed on the internet daily, we reserve the right to utilise this information for defence in legal disputes or criminal prosecution; i.e. also to hand it over to the opposing party in a claim, law enforcement authorities, as well as courts.

The transmission of data via the internet generally involves certain risks. Deliberate encryption of the data does not take place; in particular, messages from the contact form of our website and messages in the service chat are transmitted unencrypted.

Please bear this in mind when transmitting data. If you would like to communicate with us via encrypted e-mail, this can be done via S/MIME encryption. Please specifically request this encryption from us, as we generally send messages unencrypted due to the currently low market penetration of e-mail encryption procedures.

When provided with your personal data, we only disclose it to third parties to the extent necessary for the performance of the contractual relationship or based on other legal grounds legitimising such disclosure. Swissport may transfer personal data to third countries (including the United States of America and Switzerland) or to international organisations. Where personal data is transferred to a third country that has received an adequacy decision from the European Commission (e.g., Switzerland) Swissport may rely on that adequacy decision. Where no adequacy decision is in place, Swissport implements Standard Contractual Clauses.

Moreover, we provide certain services with the assistance of service providers. We have carefully selected these service providers and taken corresponding measures to protect your personal data. You may obtain a copy of such safeguards by using the contact details below.

The personal data of the data subjects are deleted or rendered unavailable as soon as the purpose of storage no longer applies. The assessment of continued storage is based on the purpose of processing, the frequency and intensity of processing as well as the necessity and commensurability of processing in its current state. Furthermore, storage may also take place when this is provided for via European or national legislation in Union regulations, laws, or other provisions which the controller is subject to. The data is also rendered unavailable or deleted when a prescribed storage duration mandated by the specified standards expires, unless there exists a necessity for the continued storage of the data for the conclusion of a contract or the fulfilment of a contract.

More specific retention periods are outlined above. 
 

Under data protection laws, you have various rights which are set out below. The rights available to you depend on our reason for processing your personal data and where you are based (see CCPA Privacy Notice for California Residents if you are a California resident).

You are not required to pay any charge for exercising your rights, although we may charge a reasonable fee if your request is unfounded, repetitive or excessive. We have one month to respond to you (unless you have made a number of requests or your request is complex, in which case we may take up to an extra two months to respond but we will inform you where this is the case). Please note that, where we ask you for proof of identification, the one-month time limit does not begin until we have received this. If we require any clarification and/or further information on the scope of the request, the one-month deadline is paused until we receive that information.

• Right of access. You can ask us for copies of your personal data. There are some exemptions, which means you may not always receive all the information we process. These exemptions include situations where the information requested also includes personal data about somebody else. 
• Right to rectification. You can ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. 
• Right to erasure. You can ask us to erase your personal data in certain circumstances.  
• Right to object to processing. You have the right to object to processing of your personal data where we are relying on a legitimate interest or conducting direct marketing. 
• Right to restriction of processing. You can ask us to restrict the processing of your information in certain circumstances. 
• Right to withdraw consent. Where we are relying on consent to process your personal data, you can withdraw it at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent. 
• Right to data portability. This only applies to information you have given us. You can ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on performance of a contract and/or your consent. 
• Right to complain directly to the controller. If you a resident in the UK, you have the right to raise a complaint directly to the controller of your data using the contact details above.

You also have the right to make a complaint at any time to a supervisory authority, including your local authority.

If you reside in the UK, the data protection supervisory authority will be the Information Commissioner's Office, who can be contacted here: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Helpline number: 0303 123 1113 https://www.ico.org.uk

If you reside  in the EU, you may also contact the relevant Data Protection Authorities in the EU to lodge a complaint: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

We would appreciate the chance to deal with your concerns before you approach a supervisory authority so, please contact us in the first instance using the details at the start of this privacy policy.

Like most websites, we ("[Swissport]") use cookies and other technologies to distinguish you from other users of our website. This enables us to provide you with an enjoyable experience whilst helping us improve our site.

A cookie is a small text file that a web server can store on your browser or the hard drive of your internet-abled device, for example, a computer, smartphone or tablet. Cookies allow websites to store information on the user's device and to retrieve such information at a later date.

Our website also uses similar technologies such as web beacons, pixel tags, flash objects and other automated data collection tracking technologies. The common factor between these technologies is that they may store or access information on your device e.g. tiny graphic images and small blocks of code placed on website pages, or in emails that allow us to determine whether you have performed a specific action such as opening the email. Except where context requires, references in this cookie policy to "cookies" includes references to similar technologies that may imitate the functions of cookies.

The information set out in this policy is provided in addition to our Privacy Notice, which provides comprehensive information about how we use your personal information on this website, including your IP address, and offline. You can read our Privacy Notice here.

Types of Cookies

Cookies set by us are called first-party cookies. We also use third-party cookies, which are cookies from a domain different than the domain of the website you are visiting (for example Google Analytics).

Depending on how long a cookie remains on your device, we can describe cookies as either "persistent" cookies (which will not automatically deleted when the browser is closed but is stored by the browser and will remain valid until its set expiry date or deleted by a user) or "session" cookies.  This website uses both persistent and session cookies (stored temporarily during a browsing session will expire at the end of the user session, when the web browser is closed).

A complete list of the cookies we use is set out at the end of this policy.  This list (together with the rest of this policy) is subject to change from time to time.

Your Cookie Choices

You can enable or disable different categories of cookies by clicking on Cookie Settings in the cookie pop up message when you first enter the website or by accessing the settings at a later date by clicking here. This allows you to reject the placement of all cookies (except strictly necessary cookies).  You can also delete cookies which have already been placed on your device or stop any from being placed by adjusting your browser settings. Visit the “Help” section of your browser (for example, Microsoft Edge, Mozilla Firefox, Google Chrome or Apple Safari) for how to manage cookie settings.

Please remember that disabling or deleting some or all cookies may prevent some web services (including on this website) from functioning correctly and may lead to a less smooth or less personalised browsing experience. 

You can disable the use of Google Analytics by using the link disable Google Analytics.
 

More information on Cookies

You can find more information about how cookies work and your options by visiting https://allaboutcookies.org/.

You can also contact us at [email protected].

We will make changes to this privacy notice from time to time, e.g. to keep it up to date or to comply with legal requirements or changes in the way we operate our business. Any changes or updates we may make will be posted on this page in advance so that you are aware of the impact to our data processing activities before you continue to engage. If we have your contact details on file, we will notify you in advance of any significant changes that are material. Please check back frequently to see the latest version on our website.