We at N3 Engine Overhaul Services GmbH & Co. KG (in what follows also referred to as “N3”, “we” or “us”) know how important the protection of your personal data is to you. It is of great importance to us that you are confident that we will handle your personal data carefully.
In this information on data protection we explain to you what information is processed during your visit to and use of our website https://www.share-mro.com . Should you have any questions on data protection in connection with our website or the services it offers, contact our data protection officer:
Group Data Protection Officer
of the Lufthansa Group
Deutsche Lufthansa AG
Airportring – Lufthansa Aviation Center (LAC)
1. Scope, Purpose and Legal Basis of the Processing of Personal Data
You can only use our platform as a registered participant, i.e. after input of the identification data requested there (user name and password). The data transferred to us by our customers is deleted as soon as the initial reasons for its storage no longer exist, or if the customer requests that we delete his or her data. The customer also has the right to have the data stored by us assigned to another body, or to have it corrected.
We process the data on the basis of article 6, paragraph 1, letter b of DSGVO [GDPR = General Data Protection Regulation]. We are thereby interested in making our Internet site secure and reliable, to record the way in which it is used, and to correspondingly arrange it so that it is more user-friendly.
In the following situations we collect and make use of personal data obtained directly from our users, or from other sources (as indicated below).
1.1 Preparation of the Website and Creation of Log Files
When users visit our website, on each call-up our system records automated data and information from the computer system of the accessing computer. The following data (technical information) is thereby collected:
· information about the type of browser and the version used
· the user's operating system
· the user's IP address
· the date and time of access
· websites from which the user's system accesses our website
· websites accessed by the user's system via our website
The data is also stored in the log files of our system. Storage of this data together with other personal data of the user does not take place.
We collect and make use of this technical information for purposes of the (network) security (e.g. to be able ward off cyber attacks), for marketing, in order to better understand the requirements of our users, to continuously improve our website and to enable the respective user to receive the website on his or her computer.
The storage in log files is intended to ensure the functional capacity of the website. Furthermore, the data helps us to optimize the website and to safeguard the security of our information-technology systems. Evaluation of the data for marketing purposes does not take place in this connection.
The legal basis for the temporary storage of the data and of the log files is article 6, paragraph 1, letter f of DSGVO [GDPR].
Our website makes use of so-called cookies. Cookies are text files that are stored in the Internet browser, or by the Internet browser on the user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a distinguishing series of characters that permit an explicit identification of the browser on a renewed visit to the website.
We have a legitimate interest, in keeping with article 6, paragraph 1, letter f of DSGVO [GDPR], to set and to store cookies in order to present our website to you as technically and visually flawless.
List of Cookies – N3 Engine Overhaul Services (as on 21th August 2019)
For tracking, Share!MRO uses standard first-party cookies that are set on the domain of the website.
· .AspNetCore.Antiforgery.*** /XSRF-TOKEN:
§ Token to prove to be the original Caller
§ session information for user
§ set the regional culture against the web-application
· ARRAffinity :
§ Ensure the use of a certain instance of the web-application
1.3 Our Legitimate Interests in the Processing of Personal Data
In the event that article 6, paragraph 1, letter f of DSGVO [GDPR] constitutes the legal basis for the processing, our legitimate interests, in addition to the above-listed purposes, are:
· protection of the business against material or immaterial damage
· professionalizing (our products and services)
· cost optimization (control and minimization)
1.4 Further Processing Obligations
If we are legally obliged to do so, we process personal data in order to fulfil commercial-law or tax-law filing obligations, or to satisfy security requirements (e.g. section § 7 of LuftSiG [Aviation Security Act]). You can find further information on retention periods under "Duration of Data Processing".
1.5 Obligation to Disclosure of Personal Data
In the input masks on our website we have marked the respective input fields that, for legally prescribed or contractual requirements, must be completed by you so that we can provide the contract or service desired by you.
2. Duration of Data Processing
Your personal data is deleted as soon as it is no longer needed for the named purposes. In some cases it may be necessary to store personal data for the period in which claims could be made against N3 Engine Overhaul Services GmbH & Co. KG (statutory period of limitation of three to thirty years). Furthermore, personal data is stored if and for as long as we are legally obliged to store it. Corresponding obligations to provide proof and filing obligations arise from, amongst other things, the German Commercial Code, the Fiscal Code and the Money Laundering Act. The storage periods, in this connection, are up to ten years.
3. Right of Objection in Keeping with Article 21 of DSGVO [GDPR]
You have the right, for reasons arising from your particular situation, to object at any time to the processing personal data relating to you, undertaken on the basis of article 6, paragraph 1, letter e or f of DSGVO [GDPR]; this also applies toprofiling based on these regulations.
The controller will no longer process the personal data relating to you, unless he or she can provide compelling legitimate grounds for the processing that are predominant to your interests, rights and freedoms, or the processing serves the assertion, exercising or defence of legal entitlements.
If the personal data relating to you is processed in order to conduct direct advertising, you have the right to object at any time to the processing of the personal data relating to you for purposes of such advertising; this also appliestoprofiling, to the extent that it is connected to such direct advertising.
If you object to the processing for purposes of direct advertising, the personal data relating to you will no longer be processed for these purposes.
You have the possibility, in connection with the use of services of the information society –notwithstanding Directive 2002/58/EC – to exercise your right of objection by means of automated procedures for which technical specifications are utilized.
4. Passing-On of Personal Data to a Third Party
To be able to offer you our services, on the basis of our contractual obligations or in keeping with our legitimate interests, it can prove necessary for us to pass on your personal data to third parties. These recipients can be categorized as follows:
· service companies
· official bodies and public authorities
In this connection it can prove necessary that personal data be transferred to third countries or to international organizations. In the case of such transfers of data in accordance with and in line with the statutory prerequisites, for your protection and the protection of your personal data appropriate guarantees are foreseen (particularly the application of EU standard contract clauses) or an adequacy decision issued by the EU Commission exists (article 45 of DSGVO [GDPR]).
You can find information on EU standard contract clauses under [ https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32010D0087&from=EN ] .Under [https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en#dataprotectionincountriesoutsidetheeu] the EU Commission provides the corresponding information on its adequacy decisions.
Furthermore, in keeping with article 6, paragraph 1, letter c of DSGVO [GDPR] in conjunction with local and international regulations and agreements, we are legally obliged to make personal data available to German and international authorities.
5. Rights of the Data Subject
For N3 it is important to organize our processing procedures in a fair and transparent way. This is why it is also important to us that, in addition to the right of objection, given the respective legal prerequisites data subjects can also exercise the following rights:
· a right to information; article 15 of DSGVO [GDPR]
· a right to correction; article 16 of DSGVO [GDPR]
· a right to deletion ("right to be forgotten"); article 17 of DSGVO [GDPR]
· a right to limitation of the processing; article 18 of DSGVO [GDPR]
· a right to data portability; article 20 of DSGVO [GDPR].
You can exercise your rights by contacting us by e-mail or by letter post.
N3 Engine Overhaul Services
GmbH & Co.
99310 Arnstadt, Germany
In order for us to be able to process your request and for identification purposes, we draw your attention to the fact that we will process your personal data in accordance with article 6, paragraph 1, letter c of DSGVO [GDPR].
Furthermore, you have a right of complaint to a supervisory authority. The relevant supervisory authority for N3 Engine Overhaul Services GmbH & Co. KGis:
Thüringer Landesbeauftragter für den Datenschutz und die
99107 Erfurt, Germany
99096 Erfurt, Germany
Tel.: +49 361-57 3112900
Fax: +49 361-57 3112904
If you have given us your consent for the processing of your personal data, we hereby draw your attention to the fact that you can revoke this consent at any time.
To revoke your consent, you can contact firstname.lastname@example.org by e-mail. In order for us to be able to process your request and for identification purposes, we draw your attention to the fact that we will process your personal data in accordance with article 6, paragraph 1, letter c of DSGVO [GDPR].
Please note that the consent revoked by you only has effect for the future and has no influence on the legitimacy of the processing undertaken in the past. In some cases, despite your revocation, we are entitled to continue to process your personal data on another legal basis – e.g. for fulfilment of a contract.
7. Disclaimer and Limits of this Information on Data Protection
This information on data protection relates solely to the processing work of the website https://www.share-mro.com . Other websites are not covered by this information on data protection and make their own specific information on data protection available.