Hotline: 0800 0 629466
Email: support@maximo-it.de
This WIFI Hotspot is provided by maximo IT-Services GmbH.
Terms of Use
Privacy Policy
This English translation of the German document is provided for informational purposes only. Whilst it is accurate to the best of our knowledge and ability, in the event of legal dispute the original German version shall have precedence.
Terms of use for the use of the Wireless LAN, as of March 2018
maximo IT-Services GmbH
Buxtehuder Strasse 112b
D-21073 Hamburg
maximo IT-Services GmbH (hereinafter: "maximo" or "we") enables you to use WLAN services (wireless Internet access according to WLAN standard, "hotspot") on the premises of Flughafen Hamburg Gesellschaft mit beschränkter Haftung ("FHG") in accordance with the following conditions.
In order to be able to offer you secure, user-friendly and autonomous WLAN access, we have set up the following conditions for the use of the hotspot, which are the basic prerequisite for legally compliant use of our hotspot:
We comply with the legal requirements of data protection law and endeavour to process as little of your personal data as possible without separate consent. Please read our privacy policy for further information.
This English translation of the German document is provided for informational purposes only. Whilst it is accurate to the best of our knowledge and ability, in the event of legal dispute the original German version shall have precedence.
Data Protection Statement for the WLAN at Hamburg Airport operated by maximo IT. Date of issue: April 2018
This Data Protection Statement, we (maximo IT Services GmbH, of Buxtehuder Strasse 112b, D-21073 Hamburg, Germany, hereinafter “maximo” or “we”) informs you of how we collect, process and use (jointly also referred to as “utilisation”) your personal data when you make use of our publicly accessible WLAN on the premises of Flughafen Hamburg GmbH (hereinafter “WLAN” or “the Service”), and of your options and rights to be informed of this utilisation at all times and to influence this utilisation.
In the provision of WLAN services on the premises of Hamburg Airport for Flughafen Hamburg Group (FHG), maximo is a service provider in the sense of the German Telemedia Act (“Telemediengesetz” or “TMG”) Article 2, No. 1 and the German Telecommunication Act (“Telekommunikationsgesetz” or “TKG”) Article 3, No. 6; maximo thereby ensures the fulfilment of the legal requirements imposed on operators of public telecommunication networks and providers of public telecommunication services by TKG and on a commercial telemedia provider by TMG.
At the same time, maximo is the controller for the utilisation of personal data in the sense of the General Data Protection Regulation (GDPR), thereby ensuring compliance with applicable data protection law.
This Data Protection Statement provides information on the fulfilment of specifically applicable data protection law pursuant to TKG, TMG and GDPR.
If you wish to view or update your personal data, collected in the course of WLAN usage, or if you have questions relating to data protection relating to the Service or wish to exercise your rights as an affected person as listed under Point 2 e), you may contact our Data Protection Of-ficer at any time by sending an email to datenschutz@ham-wifi.maximo-it.de or by post at the address above.
All information relating to an identified or identifiable natural person is considered personal data. A natural person is considered identifiable when this person can be directly or indirectly identified by means of the assignment of name, number, location data, online identity or one or more specific features that express the person’s physical, physiological, genetic, psychological, commercial, cultural or social identity.
When you first register for WLAN usage, we save the following data as part of a user account:
Email address (mandatory)
Family and given names (optional)
Acceptance of Terms of Use and Data Protection Statement (mandatory)
Title (optional)
Reason for visiting the airport (optional)
We use this data for the following purposes without extra consent:
(1) to send an email to the email address provided at registration, containing a link which, when selected, confirms the email address and successfully completes the registration;
(2) to identify the successful registration at later logins;
(3) to prove that you have already accepted the Terms of Use and Data Protec-tion Statement when successfully registering for WLAN usage;
(4) to enforce our legal claims and track misuse in the event that you violate your duties and obligations as specifed in Point 4 of the Terms of Use;
(5) to provide you with information via email relating to the Service and your reg-istration, for example changes in the service or technical issues.
The legal basis for such data processing is provided by GDPR Art. 6 No. 1b, TMG Art. 14 Para. 1, and TKG Art. 95 Para 1.
When you register, we also record whether or not you have consented to the passing on of your data to FHG for commercial use — as described at Point 2 a) bb) — and, where appropriate for verification purposes, the point in time at which consent was granted. We use this information after registration and at later logins, where appropriate, to redirect you to a page requesting consent or to display the consent screen and give you the opportunity to grant your consent. The legal basis for this is GDPR Art. 6 No. 1f. We have a legitimate interest in finding out whether you have already consented to your data being passed on to FHG and to receiving commercial offers from companies within FHG; if this is not the case, we have a legitimate interest in offering you this possibility again. FHG has a legitimate interest in making your time at the airport fit your needs by sending you relevant information. You may refuse repeated notification of the option to consent to the commercial use of data by FHG companies at any time by sending an email to the address given under Point 1 to this effect, for example (but not exclusively) with the wording: “I do not wish to receive any further reminder of the option to consent to the commercial use of my data by companies in the Hamburg Airport Group.” The personal data provided in the course of sending this message shall then be processed exclusively for the purpose of fulfilling the request, after which you will no longer receive notification of the option to grant consent.
After confirming your email address by activating the link contained in the email re-questing you to do so, you will be directed to a landing page confirming successful registration with your email address. The landing page will display information on products and services at Hamburg Airport, as detailed in the table under Point 2 a) bb). Insofar as you have provided us with optional information, we will use this to customise the landing page. In addition to addressing you personally, we will then specify the commercial content on the landing page based on the reason you gave us for your visit to the airport, thereby providing you with offers aligned to your inter-ests. The legal basis for this is GDPR Art. 6 No. 1f. You may refuse this type of us-age of your data at any time by sending an email to the address given under Point 1; after this, we will refrain from using your personal data for personalised advertising on the landing page to the extent requested (GDPR Art. 21). We also record the commercial content on the landing page that you select. This information is added to your user profile and used for the purpose of making future content on the landing page as specific to your interests as possible. FHG and we as service provider to FHG have a legitimate interest in satisfying, where possible, all needs of customers at Hamburg Airport during their stay. The legal basis for this is GDPR Art. 6 No. 1f. You may refuse to allow this usage of your data at any time by sending an email to the address listed under Point 1; after this, we will no longer analyse your behaviour on the landing page. You may also request the deletion of data saved to date.
You are free to decide whether you provide your data to us for these purposes. If, however, you are not willing to provide the mandatory information, we are unfortu-nately unable to grant you access to our WLAN, as we cannot effectively enforce our Terms of Use, thereby protecting ourselves from the legal consequences of misuse.
If you do not activate the link to confirm your email address, we will delete your data provided for this purpose after 15 months, as experience shows that a confirmation of the email address is no longer likely. If you wish for the data to be deleted earlier than this, you may inform us by sending an email to the address listed under Point 1.
When you login to the WLAN with your email address after successful registration, the system will recognise that you have already completed registration on the basis of your email address. You then also have the option of telling us why you are visit-ing the airport. This information will be added to your user profile. After logging in, you will be directed to a landing page which informs you that you have successfully logged into the WLAN. The landing page will display information on products and services at Hamburg Airport, as described above and detailed in the table under Point 2 a) bb), unless you have refused this personalisation.
If, at registration or login, you have granted your consent to the transmission of data to FHG for commercial use as detailed under Point 2 a) bb), landing pages will be designed by FHG in line with the processes outlined under Point 2 a) bb); this shall fall within the responsibility of FHG.
If, in the process of registration or subsequent WLAN login, you have granted specific consent to the transmission of your data by maximo to FHG companies for commercial purposes, as shown below, we will pass your email address and the optional data provided for the purpose at registration or subsequent login to the following FHG companies:
The companies listed will use this data, based on your consent (GDPR Art. 1 No. 1a) to provide you with commercial information on the product and service categories listed below and provided by FHG and companies offering products and services at Hamburg Airport and with current flight data; this information will be provided by email and/or displayed on FHG websites and the WLAN landing page.
| Advertising company | Advertised products and services |
|---|---|
|
Flughafen Hamburg GmbH Flughafenstraße 1-3 D-22335 Hamburg |
Flughafen Hamburg GmbH: lounge bookings, events, merchandise, food & beverage Companies offering products and services at Hamburg Airport: restaurants and cafés, flowers and souvenirs, books and press, baggage and travel accessories, groceries, travel, mobility, hotels and accommodation, exhibitions, concerts, events and cultural services, fashion and accessories, cosmetics, health products and perfumes, technology, duty free, retail, transport products and services, services, banking and insurance, logistics |
|
Flughafen Hamburg Konsortial & Service GmbH OHG Flughafenstraße 1-3 D-22335 Hamburg |
parking products |
|
AHS Aviation Handling Services GmbH Flughafenstraße 1-3 D-22335 Hamburg |
information on flights booked, information on airlines, aircraft and routes, information on check-in and security checkpoint processing times, information on baggage checking and import restrictions, destination weather, other travel information |
FHG will use the data to create a user profile in its customer relationship management system (CRM) or, where appropriate, to update an existing profile. FHG will customise the form of address and commercial content of the landing pages once consent has been granted. Your data will be used to make the advertising on FHG’s web pages specific to your interests. Once you have granted consent, FHG will also email you commercial content and current flight data at regular intervals.
The optional information you have provided will be used to personalise the content and design of airport offers. Based on the analysis of this data and, to the extent permissible under data protection legislation, other data in your FHG CRM profile, the airport offers will contain content tailored to your actual interests and travel needs. This data processing prior to issuing airport offers serves purposes of internal administration, providing a service appropriate to interests, and effective data management; it is therefore within the legitimate interest of FHG companies (GDPR Art. 6 No. 1f). You may revoke consent for this data management and analysis within the CRM at any time by sending an email to the address listed under Point 1 or to info@ham.airport.de , or in writing by post to any FHG company. It may then, however, no longer be possible to provide you with the airport offers you would like.
FHG also records the linked commercial content provided by FHG which you follow from the landing page and FHG web pages. FHG also records whether you open commercial emails and which linked content from the commercial emails you follow. This information is added to your user profile in FHG’s CRM system and used for the purpose of making future content on the landing pages, FHG web pages and commercial emails as specific to your interests as possible. FHG has a legitimate interest in satisfying, where possible, all needs of customers at Hamburg Airport during their stay, and in keeping customers up-to-date about particularly interesting developments and offerings. The legal basis for this is GDPR Art. 6 No. 1f. You may revoke consent for this analysis at any time by sending an email to the address listed under Point 1 or to info@ham.airport.de, or in writing addressed to any FHG company, after which FHG will no longer analyse your behaviour on the landing page. You may also request the deletion of your personal data saved to date.
In order to obtain your consent to data transmission to FHG for the purpose of receiving airport offers, we use the so-called double-opt-in process. When you mark the checkbox next to the consent text to receive airport offers, we send a confirmation email to the address you have provided, requesting that you confirm having consented to data transmission and requested airport offers (“Registration for airport offers”). We will only transmit the aforementioned data to FHG after you have confirmed registration for airport offers by activating the link (“Confirmation of registration”). If, however, you do not confirm your registration for airport offers, we will block your data from transmission for the purposes of receiving airport offers and, insofar as you have not confirmed the email address either, delete your data after 15 months, as experience shows that the completion of the double-opt-in process is not likely after this time. If you wish for the data to be deleted earlier than this, you may inform us by sending an email to the address listed under Point 1 or by activating the link for this purpose in the confirmation email.
When you next login to the WLAN, if you have only confirmed your email address in the context of initial registration for the WLAN, but not registered for airport offers or confirmed the registration, we will redirect you to a website or display a screen providing you with the option of consenting to the receipt of airport offers by marking a checkbox (“simple consent”). As we have, in this case, already verified your email address with the registration and confirmation of Terms of Use and Data Protection Statement, you do not have to undertake any further steps to receive airport offers in the future. In this case, you will receive an email informing you that consent has been granted to the receipt of airport offers using your email address.
You may revoke consent to the repeated notification of the option of consenting to receiving airport offers at any time by sending an email to the address listed under Point 1. We will then no longer display this notification when you login to the WLAN.
In order to document your consent, when you register for airport offers, confirm the registration or issue simple consent, we save the consent text together with your registration data and the date and time. The consent text is as follows:
I consent to the transmission of my email address and any optional data I have provided by maximo IT GmbH to Hamburg Airport Group (FHG) so that FHG may provide me with in-formation on current flight data along with products and services available at Hamburg Airport (described in more detail here) by email and on the WLAN and FHG web pages. I have read and understood the Data Protection Statement. This consent may be revoked at any time.
FHG will also record the time at which emails with airport offers are sent to you. The legal basis for the collection of such data is the interest of maximo and/or FHG in having proof of your consent and documentation of the sending of emails with airport offers (GDPR Art. 6 No. 1f).
Should you no longer wish to receive airport offers, you may revoke your consent to the receipt of airport offers at any time, thereby cancelling your subscription. To cancel your registration for airport offer emails, click on the link to be found in every airport offer email you receive. You will then be guided through the cancellation process. Alternatively, or if you only wish to revoke the use of your data for personalised advertising on the landing pages and/or web pages of FHG, you may inform us or any FHG company of the revocation of your consent to receiving airport offers in the medium in question along with the personalisation of content and/or processing of related data in your CRM profile by sending an email to the address listed under Point 1, to info@ham.airport.de, or in writing sent by post to any FHG company. In this case, we will no longer issue airport offers to you, or no longer in personalised and/or interest-based form; further, if so requested, the relevant data will also be deleted from your FHG CRM profile.
Insofar as we plan to change the Terms of Use, we may use your email address within the context of the contractual relationship to inform you of the planned changes and your right to object (GDPR Art. 6 No. 1b).
We will obtain your express permission (GDPR Art. 6 No. 1a) for the use of your personal data for other purposes except where we are entitled or required to use your data by statutory exemption. In this case, we will inform you of the relevant change in purpose, the circumstances of the processing and your rights as affected person.
We guarantee the confidential treatment of your data in the provision of our service. In particular, we guarantee the confidentiality of telecommunications pursuant to TKG Art. 88.
To the extent that you make use of third party services on a contractual basis within the context of your WLAN usage, we are entitled to transmit your personal data to the respective third party where this is necessary for the fulfilment of the contract (GDPR Art. 6 No. 1b). This is the case if the contract cannot be fulfilled in accordance with the agreement between the parties without the transmission of the data.
We are entitled for technical reasons to collect, process, store and use personal data relating to your use of the service to the extent that this is necessary in order to provide the service and maintain its operability (legal basis: TKG Art. 95 & 96, TMG Art. 14 & 15, GDPR Art. 6 No. 1b & 1f).
This takes place as follows:
In order to provide WLAN services as technically intended, personal data must be obtained from your end-user device. The MAC address of the end-user device is temporarily stored together with the dynamically assigned IP address. As a rule, in order to uncover violations of your conduct obligations as specified under Point 4 of the Terms of Use, in particular to uncover and pursue misuse (spam, viruses, trojans) and to identify and resolve faults, we save the IP address for a few days. We delete the data without delay when the suspicion of misuse has been clarified or resolved and/or we no longer require the data to resolve a fault. In the event of a violation of the Terms of Use, we retain the data in conjunction with registration data as specified under Point 2 a) aa) until such time as the suspicion has been resolved (TKG Art. 100, TMG Art. 15 No. 1 & Art. 13 No. 7, GDPR Art. 6 No. 1b & 1c).
Furthermore, we store log files of the nature and scope of the use of services. The following technical data are recorded in log files and assigned to the user profile:
Given name
Family name
Location name
User name (email address)
Policy
Public IP address
NAS port type (802.11)
Timezone
Start time
Stop time
Session seconds time
Bytes OUT
Bytes IN
Gateway name
Device Mac address
Terminate cause
Lokale IP address
Browser name
OS
We store and use the above data exclusively to the extent and for the period necessary to provide our service and ensure its stability and security (GDPR Art. 6 No. 1f).
We use cookies in the provision of our service. Cookies are small text files stored locally in the cache of the website visitor’s web browser. They make our service more user-friendly (e.g. saving login data). The cookies do not contain any personal data. We do not combine the data with other data sources. Most of the cookies we use are so-called “session cookies”, which are deleted when you terminate your browser session. You have the option of configuring your browser so that these cookies are not saved or are deleted at the end of your visit. We must, however, point out the use and specifically the ease of use and functionality of the WLAN service may be impeded without cookies.
We save a so-called MAC cookie when you login. This is not saved on your end-user device but on a server that we use. At a subsequent login, the system checks to see if there is a MAC cookie recorded for this MAC address; if so, the login is automatically completed using the saved user data.
We use the web analytics service, Google Analytics, on our WLAN registration and login pages. The service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics makes use of cookies. The information on your usage of our website, gathered by means of cookies, is normally transferred to a Google server in the USA, where it is saved. As IP anonymising has been activated (“IP masking”) for our websites, your IP address, is first truncated by Google within a state of the European Union or another state signatory to the European Economic Area Agreement. In exceptional cases, the full IP address may be sent to a Google server in the USA and truncated there. Google uses the information obtained from cookies exclusively on our behalf and in line with our instructions to analyse your usage of the website, to generate reports on website activity, and to provide us with further services associated with the usage of the website and the internet; this represents our legitimate interest. The processed data can only be used to produced pseudonymised data about you. The IP address transferred as part of the Google Analytics service is not combined with other data stored by Google. You may prevent the storage of cookies by means of a setting in your browser. We wish to advise you, however, that this may mean that you are unable to make full use of some functions of our web pages. Furthermore, you may prohibit the collection and processing by Google of the data described above by downloading and installing a browser plug-inhere. Further information on the protection of your data when Google services are used is also available at the following links:
www.google.com/analytics/terms/gb.html
www.google.de/intl/en/policies/
The legal basis for the use of Google Analytics as described is provided by GDPR Art. 6 No. 1f and TMG Art. 15 No. 3.
In individual cases, subject to the constraints of applicable data protection law, your personal data must be revealed to third parties as follows:
When service providers come into contact with your personal data, this takes place within the framework of so-called order processing. This is expressly catered for in the legislation (GDPR Art. 6 No. 1f in conjunction with GDPR Art. 28) and is in line with our legitimate interest in offering our services in a way that is user-friendly, secure and commercially reasonable. In such cases, maximo remains responsible for the protection of your data. The service provider works exclusively in accordance with our instructions; this is ensured by strict contractual provisions, technical and administrative measures and supplementary inspections and monitoring.
In specific cases, we may be legally obliged to transmit your data to a statutory authority requesting information from us. This applies in particular to the provision of inventory data and traffic and location data to emergency response and law enforcement authorities pursuant to TMG Art. 14 Nos. 2-4 and TKG Art. 113c in conjunction with the Telecommunication Monitoring Ordnance (“Telekommunikatonsüberwachungsverordnung” or “TKUeV”) and official requests for information from the Federal Intelligence Service (BND) in accordance with TKG Art. 114. Furthermore, when a court order is presented, we are required by Article 101 of the Copyright Act to provide the owners of copyright and ancillary copyright with information about users who have offered works subject to copyright on online exchange and file-sharing platforms. In such cases, the information we provide will include the user name and, where appropriate, the IP address and port assigned at the time along with the email address and customer name.
The personal data you have made available to us will never be stored for a longer period than is needed for the fulfilment of the purpose for which we have collected the individual data, for the enforcement of legal claims related to the provision of the service, and for compliance with statutory requirements. In the case of the two last-mentioned reasons, rather than immediately deleting data when the purpose for collection no longer applies, the data is blocked for the expired purpose.
Subject to the provisions of the respective norms as listed, you may, at any time and without charge, forbid the future use of your personal data (GDPR Art. 21), demand the partial or complete deletion of your data (GDPR Art. 17), limit the processing of or block your data (GDPR Art. 18), obtain information on your personal data held by us (GDPR Art. 15) and demand the correction of your personal data held by us (GDPR Art. 16). You may revoke consent that you have granted at any time and without restriction (GDPR Art. 7 No. 2). You are also entitled to receive a copy of all personal data related to you in a common structured machine-readable format (GDPR Art. 20). You do not need to adhere to a specific form in doing so. You may, for example, simply send an email to us at datenschutz@ham-wifi.maximo-it.de.
With regard to personal data processed both by maximo and by FHG companies as a consequence of data transmission to FHG companies in accordance with consent granted as described under Point 2 a) bb), maximo and FHG are “joint controllers” pursuant to GDPR Art. 26. The rights listed above at the start of Point e) also apply with regard to the relevant data processing by FHG companies and may, at your discretion, be enforced in respect of the data in question either in relation to each company or in relation to maximo. Should you make use of your rights by notifying one of the controllers (maximo, Flughafen Hamburg GmbH, Flughafen Hamburg Konsortial & Service Gmbh & Co. OHG, AHS Aviation Handling Services GmbH), Data Protection Management shall ensure that your request, to the extent required by you, is also investigated and, where appropriate, implemented by the other companies.