Register of procedures
of the data protection officer
Public register of procedures with regard to the processing of personal data
Conforming to §4g II pg. 2 of the BDSG (German Data Protection Act) the data protection officer has to provide the information given in enumeration 1 - 8 of this document in accordance with §4e sent. 1 BDSG upon request in an adequate way.
1. Name of the legal entity
Lufthansa Technik AG
2. Executive Board
Dr. Johannes Bussmann (Chairman)
Dr. Thomas Stueger
Constanze Hufenbecher
Antonio Schulthess
3. Address of the legal entity
Lufthansa Technik AG
Weg beim Jaeger 193
22335 Hamburg
Germany
Authorized Director of Data Processing :
Carsten Fleer, HAM TI (interim CIO)
Company Data Protection Officer: Dr. Barbara Kirchberg-Lennartz, FRA RD
4. Purpose of data collection, processing, or use
The business purpose of the company is to provide maintenance, repair and overhaul of aircraft, engines and components worldwide. Lufthansa Technik AG also provides the management of aircraft fleets as independent provider. To suffice this purpose Lufthansa Technik AG maintains settlements and technical facilities worldwide.
For reasons demanded by business purposes, the company is authorized to establish branch offices and facilities both domestically and abroad, to participate in other companies both domestically and abroad, to acquire and to establish such companies, as well as to enter into all transactions including joint venture contracts. It may cede its operations wholly or partially to such companies.
Data is collected, processed, and used for the above-mentioned purpose. Highlights of the processing of personal data are the following areas:
• Human Resources (Administration and Development)
• Suppliers (Administration according to GoB criteria (German GAAP))
• Customers (Customer Relationship Management)
• Head Office and Management functions pursuant to the EDP General Employee/Works Council Agreement between Lufthansa AG and labor-management relations agencies.
5. Description of groups of persons affected and their related data or data categories
Customer data, employee data, as well as data from suppliers, to the extent that this is necessary to fulfil the purposes specified in 4.
6. Recipients or categories of recipients to whom data may be disclosed
Public service authorities where high-priority legal regulations demand, external contractors according to §11 BDSG, as well as external offices and internal Lufthansa departments, in order to fulfil the purposes specified in 4.
7. Statutory periods for deleting data
After expiration of storage obligations and periods as decreed by regulatory authorities, the relevant data is deleted routinely. Any data to which this does not apply is deleted if it is not needed for the purposes specified in 4.
8. Planned transmission of data to other countries
Data is transmitted to authorities, customers, and suppliers in various countries within the context of conducting transactions that fulfil the business purpose in accordance with the above-named international regulations.
9. Security measures
Lufthansa Technik AG takes safeguarding measures pursuant to §9 BDSG by practicing caution when awarding contracts, by maintaining appropriate quality regulations, and by training its staff.
Lufthansa Technik AG
Group data protection officer
Last modification 26 July 2017