OpenSky is committed to respecting your privacy and protecting your personal data.
All personal data is obtained, held, and processed by OpenSky, in compliance with, this Policy, any and all data protection related laws and regulations that are applicable to OpenSky (including without limitation, Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”)), and any and all data protection related terms in any agreement or contract in force between you and OpenSky in relation to the supply by us to you of services and/or products.
MIGroup OÜ (a company incorporated in Estonia, Viimsi vald, with registration number 16214528, and with principal offices at Business Aviation Terminal and FBO Capital Handling, Riga International Airport, RIX, Latvia), is deemed data controllers.
The main establishment of OpenSky for purposes of the GDPR shall be Estonia (Europe).
When we ask you to provide certain personal data, then you can be assured that it will only be used in accordance with this Policy. This Policy applies to personal data about you that we collect, use and otherwise process in connection with your relationship with us as a client or potential client, including when you travel with us or use our other services, use our websites or mobile apps, service agents or call centres and book to use our services through third parties (such as agents, brokers and other carriers).
This Policy applies to you whether you use our services or products on a casual basis, or have registered to use any of our services or products, or have entered into a contract with us in relation to the supply by us to you of services and/or products. Any products and/or services acquired by you from us will be subject to their own terms and conditions which you must also read and accept. In the event of any conflict between this Policy and the terms and conditions of any such products or services (such as, without limitation, those terms and conditions in MIGroup OÜ), then the terms and conditions of those products or services shall prevail.
This Policy is effective as of the “Effective Date” which appears at the bottom of this Policy. Use the “Last Revised Date” appearing at the bottom of this Policy to determine when this Policy was last updated. This Policy is current as of the “Last Revised Date”. We reserve the right, at our sole and absolute discretion, to change or modify this Policy at any time. Any such changes or modifications will become effective when posted on this page. Please check this page periodically to ensure that you are happy with any such changes or modifications. It is in your own interest to access this page regularly to view the latest version of this Policy. If we make a change or modification to this Policy, we may, where appropriate and where possible in our sole discretion, alert you with a notice on our website or with any other means of notification we deem fit. Your continued access to or use of any of our services or products or your purchase of any of our products or services or your continued provision of personal data to us following any change or modification to this Policy shall be deemed your acceptance to be bound by any such changes or modifications.
Your access to or use of any our services or products and your purchase of any of our products or services is entirely voluntary. Please read this Policy carefully, as your access to or use of any our services or products and your purchase of any of our products or services constitutes your acceptance of all of the terms and practices described in this Policy, including without limitation, the collection, use, processing, and disclosure of your personal data as described in this Policy. Please do not access or use any of our services or products or purchase any of our services or products if you disagree with any part of this Policy.
If you have any questions or concerns about this Policy or its implementation, you are invited to contact us at firstname.lastname@example.org or alternatively at OpenSky, Ziemeļu iela 12, Lidosta "Rīga", Mārupes novads, LV-1053, Latvia.
We collect personal data about you, about your travel arrangements, about how you use our services and products, and about how you use our websites, call centres and mobile applications, and such personal data so collected includes without limitation:
This personal data may include information that you provide to us directly or through companies or agents we work with, as well as information which we collect when you use our products or services.
Certain categories of personal data, such as that about race, ethnicity, religion or health, are considered “sensitive personal data” in terms of applicable law. Sensitive personal data will only be processed where:
By providing any personal data that is, or could be considered to be “sensitive personal data”, you explicitly agree that we may collect, use, share with third parties and transfer such data, within and outside of the European Economic Area, in accordance with this Policy.
We store, handle, send and generally process personal data to provide you with the best service, and in particular for the following reasons:
When you are traveling with us and using airports at which we operate, we may have the ability to monitor where you are within the airport, for example, based on your having passed through security checks. This information may be used to assist with flight connections and with the prompt and effective boarding of aircraft, as well as to provide a personalized service.
Please also be aware that in some airports where we operate, facial recognition and related biometric technology is used in order to facilitate passenger boarding.
We shall keep your personal data for the above purposes in accordance with those retention periods set by applicable law and our internal policies.
We may disclose your personal data (and any third party personal data provided by you to us) to:
OpenSky and other carriers are required by laws in several countries to give border control agencies and other public authorities access to booking and travel information and other personal data (including data obtained from official photo identification documents). Therefore, any information we hold about you and your travel arrangements may be disclosed to the customs, immigration and public authorities of any country in your itinerary.
In addition, laws in several countries require OpenSky and other carriers to collect passport and associated information for all passengers prior to travel to or from those countries. When required, OpenSky will provide this information to the relevant customs and immigration authorities.
We collect personal data about you when you use our services or products (whether directly provided by us or by another company or agent), when you travel with us, and when you use our website, call center or mobile applications. The following are examples of when we collect personal data about you:
In addition, we may receive personal data about you from third parties, such as:
Cookies are small text files stored in a browser of a website visitor that include information on pages a website visitor opens. Some cookies can collect data from different websites and then display a specific content or adverts for the website visitor.
You may receive marketing communications from us, or from third parties used by us to send marketing communication on our behalf, if you have opted in to receive such material. Our marketing communications will always include the option for you to unsubscribe from receiving any further marketing communications.
If you have previously agreed to us using your information for direct marketing purposes, you may change your mind at any time by writing to us at email@example.com.
We are committed to ensuring that your personal data is secure at all times. We have in place suitable physical, electronic and managerial procedures to safeguard and secure the personal data we collect online.
All of our employees and suppliers with access to your personal data and/or who are associated with the processing of that data are contractually obliged to respect the confidentiality of your personal data. As an example, if you are a passenger on a flight operated by us you can be assured that none of our crews, will take a photo of you whilst you are on our aircraft and then upload the photo on social media, or disclose to any person the fact that you are flying on our aircraft, or disclose any of your confidential information that they may become privy to during your flight (in each case, unless disclosure is required for any reason set out in this Policy).
Your personal data will be stored on and processed by our systems and may also be stored on and processed by systems of a third-party data processor(s) appointed by us. The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by employees operating outside the EEA who work for us or for one of our suppliers. Such employees may be engaged in, amongst other things, the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Policy, the GDPR, and any data protection related laws that are applicable to OpenSky.
If you withdraw your consent to the processing of your personal data at any time, it may mean we will not be able to provide all or parts of the products or services you have requested from us (example: if you book a flight with us and prior to the flight you withdraw your consent to the processing of certain of your personal data which is necessary for the performance of that flight, then we will not be able to provide you with the flight). Please be aware that in these circumstances you will not be able to obtain a refund of any fees or monies you would have paid.
On the other hand, if for example you withdraw your consent to us sending you marketing communications, then such withdrawal should not have any affects.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Services; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Our websites, online services and mobile applications may, from time to time, contain links to and from websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services. You are advised to please check these policies before submitting any personal data to these websites or using these services.
We may monitor or record telephone conversations to enhance your security and ours, to enable us to handle complaints efficiently, improve our client service and for staff training purposes. If your telephone conversation with us will be recorded then you will be informed to this effect prior to the start of your conversation with us.
If you are providing personal data to us about someone else you confirm that they have appointed you to act for them, to consent to the processing of their personal data, and that you have informed them of our identity, of this Policy, and of the purposes (as set out in this Policy) for which their personal data will be processed.
We will make your personal data available to you for review pursuant to a simple request from you. If you tell us that the personal data which we hold about you is incorrect or is used inappropriately, we will correct, update or delete such personal data as appropriate. You also have other rights such as the right to request from us erasure of personal data or restriction of processing or to object to processing and the right to data portability. For information about how to get access to your personal data and for exercising your rights, please contact us at firstname.lastname@example.org.
Any dispute arising from or related to the acceptance, interpretation or observance of this Policy shall be submitted to the exclusive jurisdiction of the competent Court of Estonia (Europe) which shall apply the laws of Estonia; provided however, that:
You also have the right to lodge a complaint with a supervisory authority established within the EEA. List of contact details of supervisory authorities within the EEA is available here.
If any portion of this Policy is held to be invalid or unenforceable for any reason by a court or governmental authority of competent jurisdiction or by a supervisory authority, then such portion will be deemed to be stricken and the remainder of this Policy shall continue in full force and effect.
Further details about your rights under the GDPR can be accessed here.
This Policy may be supplemented or amended from time to time by “Privacy Notices”. Generally, Privacy Notices provide details about the personal data we collect in particular instances. Our Privacy Notices are part of this Policy and are deemed incorporated into this Policy..