Privacy Policy
This privacy policy describes how Billund Airport A/S ("Billund Airport" or "we") processes your personal data. We always process your personal data with care and respect and only transfer it if you have given us your consent, if we are committed to doing so, or if we have another legitimate reason for doing so.
When we collect and process personal data, we must, among other things, adhere to the data protection regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR)), the Data Protection Act (Act No. 502/2018) and the legislation that applies to us in particular, including notably the Aviation Act (Act No. 1149/2017) and the Act on collection, use and storage of air passenger information (Act No. 1706/2018).
OUR DUTY TO NOTIFY YOU
When we collect personal data about you, we must notify you at the same time as we collect your data. To provide you with the best possible information, we encourage you to read this privacy policy.
ONLY NECESSARY PERSONAL DATA WITH A PURPOSE
When we collect, process and store personal data about you, we do so to provide you with the best possible service. We focus on processing your personal data confidentially. We only use the necessary personal data that has a purpose.
In addition to the necessity and purpose, the legal basis of our collection and use of your personal data will depend on the context in which we collect them.
SECURITY OF PROCESSING
We have implemented appropriate technical and organisational security measures to safeguard the personal data against accidental or illegal destruction, loss, modification, unauthorised disclosure or unauthorised access.
WHAT PERSONAL DATA WE COLLECT AND WHY
Whenever we collect your personal data, we must provide you with relevant information about our processing.
Below you get a complete overview of when Billund Airport collects and processes personal data about you. You can also read about the legal basis for our processing.
Website: When you visit our website, with your consent, we collect information about you and your use of the site; for example, about which sub-pages you visit, which keywords you use and when you visit the website. You can read more about cookies here:
- The purpose is to optimise the user experience and the website's function, as well as targeted marketing based on, among other things, your interests, including marketing via the Google search engine.
- The legal basis for the processing is point (a) of Article 6(1) of the General Data Protection Regulation (consent).
Purchase of a product or service: When you purchase a product or use a service on the website, we collect the data we need to deliver the product or service, including, for example, name, address, email address, telephone number, date of birth, sex, flight departure, airline, and information about which products you purchase.
- The purpose is that we can deliver the products you have ordered and otherwise perform our agreement with you, including managing your rights to return and give notice of any breach/defects. We also store data about your purchases to comply with legal requirements regarding our accounting.
- The legal basis for the processing is points (b) and (c) of Article 6(3) of the General Data Protection Regulation (contract and compliance with a legal obligation).
Newsletter: When you sign up to receive our newsletter, we collect information about your name, email address, and whether you sign up as a private individual or as a professional. You can withdraw your consent at any time by clicking on an unsubscribe button at the bottom of the newsletter. Then we will not send you any more newsletters.
- The purpose is to deliver a newsletter to you aimed at your interests and wishes, so that you find the content relevant.
- The legal basis for the processing is point (a) of Article 6(1) of the General Data Protection Regulation (consent).
When using Billund Airport for travel: When you travel from Billund Airport, Billund Airport collects personal data in connection with the performance of the work of handling the arriving and departing aircraft on behalf of the airlines. When doing so, we collect general personal data, such as name, address, email address, telephone number, date of birth, sex, passport information, passport number, and payment information.
Billund Airport may also collect sensitive personal data about special service needs, such as information on special meals, disabilities or other special needs.
- The purpose of the processing of general and sensitive personal data is to perform the required tasks related to handling on behalf of the airlines and to provide the service that certain passengers are entitled to receive.
- The legal basis for the processing of general personal data is points (b) and (c) of Article 6(3) of the General Data Protection Regulation (contract and compliance with a legal obligation).
- The legal basis for the processing of sensitive personal data is point (b) of Article 9(2) of the General Data Protection Regulation (compliance with obligations in the field of employment and social security and social protection law), as Billund Airport is required to assist passengers with special needs under Regulation No. 1107/2006 of the European Parliament and the Council.
When contacting Billund Airport: When you contact Billund Airport by email, phone or regular letter, your inquiry establishes the basis for the processing of your personal data. By contacting us by email or by sending us a letter you consent to our processing of your personal data to process your inquiry. If you call us, we will not record the conversation unless we have received your consent to doing so.
- The purpose of the processing is for Billund Airport to help you and process your inquiry.
- The legal basis for the processing of general personal data is points (a) and (b) of Article 6(3) of the General Data Protection Regulation (consent and contract)
Social media: When you choose to follow or like Billund Airport on social media (Facebook, LinkedIn, Twitter, Instagram), you will see/receive news from Billund Airport via the social media.
- The purpose of using social media is to keep interested followers updated, e.g. on travel news, new destinations, information about Billund Airport, relevant information for guests, competitions etc.
- The legal basis for the processing is point (a) of Article 6(1) of the General Data Protection Regulation (consent).
Our magazine "Check-in Billund": When you register as a subscriber of Billund Airport's magazine "Check-in Billund", we ask you to provide your name, address, and email.
- The purpose is to be able to send you the magazine "Check-in Billund", which is published six times a year. In addition to reading news from and about Billund Airport, the magazine has news from airlines and travel agencies, stories about travel, etc.
- The legal basis for the processing is point (a) of Article 6(1) of the General Data Protection Regulation (consent).
Video surveillance: In several areas of Billund Airport, video surveillance is used.
- The purpose of the video surveillance is to fulfil security requirements and legal obligations, including the rules of the Aviation Act, which Billund Airport is subject to.
- The legal basis for the processing is point (c) of Article 6(1) of the General Data Protection Regulation (compliance with a legal obligation).
Purchases in our stores and using the King Amlet lounge: When you use our stores and our King Amlet lounge, you will be asked to show your boarding pass, which is scanned into our systems.
- The purpose of scanning of your boarding pass when making purchases in our stores is to fulfil the requirements and obligations that Billund Airport is subject to from SKAT regarding the settlement of VAT and taxes.
- The purpose of scanning your boarding pass when you visit the King Amlet lounge is to fulfil the requirement for documentation for subsequent billing, for which Billund Airport has entered into an agreement with the airlines.
- The legal basis for the processing is point (c) of Article 6(1) of the General Data Protection Regulation (compliance with a legal obligation).
Access to Billund Airport for employees and external stakeholders (non-travellers): Employees and external stakeholders (non-travellers) who must have access to Billund Airport's areas, must apply for an ID card. Billund Airport is obliged to register several data when applications are received and processed for possibly issuing an ID card. This includes the collection of names, address, email address, telephone number, CPR number (Danish Personal Identification number), sex, the employer of the applicant, copy of a certificate of criminal record, nationality, completed relevant courses and permits, as well as a copy of either passport or driving license.
- The purpose is to meet the statutory requirements and obligations, including the Aviation Act's rules on access and security, which Billund Airport is subject to.
- The legal basis for the processing is point (c) of Article 6(1) of the General Data Protection Regulation (compliance with a legal obligation).
SMS service: When you sign up for our SMS service to follow air travel arrivals to and departures from Billund Airport, we register the number of your mobile phone. The service is a continuous subscription service where an amount per received SMS is charged. The service ends at the arrival of the aircraft.
- The purpose is to provide you with information about flight times.
- The legal basis for the processing is point (a) of Article 6(1) of the General Data Protection Regulation (consent).
RECIPIENTS OF PERSONAL DATA
Billund Airport does not disclose personal data unless we are obliged to do so by law.
Data received in connection with the process of handling on behalf of the airlines is, on request, forwarded to public authorities, including the Danish Transport, Building and Housing Authority and the Police.
When issuing ID cards, Billund Airport transfers the application form, including the declaration of consent to the Police. The Police thus has the authority to make decisions on the approval of persons who must have access rights to Billund Airport's restricted area (Executive Order No. 979/2004).
STORAGE OF PERSONAL DATA
Billund Airport strives to store your personal data for as short a time as possible. When personal data is no longer relevant, or you withdraw your consent, we delete or anonymise the personal data. Our deletion and anonymisation processes are performed on an ongoing basis.
Website: Data collected about your use of the website is deleted in accordance with our cookie policy and deadlines set forth herein.
Newsletter: Data collected when you registered for our newsletter will be deleted when your consent to receiving the newsletter is withdrawn.
Purchases on the website: Data collected when you make purchases the website will, as a rule, be deleted when we have provided the goods/service you have purchased, unless there is a specific reason to store the data for a longer time, including if you give notice of any breach/defects.
However, we must store accounting material for 5 years from the end of the financial year to which the material relates. Some parts of your personal data in connection with a purchase on the website are thus stored after we have delivered the service.
When you purchase goods or services via the website, you submit your card details. Billund Airport does not store the card data but uses partners to process the payment. The payment data is therefore stored and processed at the payment processor.
Inquiries to Billund Airport: Data collected in connection with inquiries by email, phone or regular mail is deleted or anonymised when the purpose of storing the personal data no longer applies. This is assessed individually based on the specific inquiry and the nature of the inquiry. Billund Airport only processes the data you have submitted, and Billund Airport does not collect any additional data.
Subscription to "check-in": Data collected in connection with your subscription to the magazine "check-in" is deleted when you withdraw your consent. You can cancel the subscription by sending an email to tele@bll.dk.
Video surveillance: We comply with the Danish Video Surveillance Act's requirement to delete after a maximum of 30 days unless there is a specific reason to store the recordings for a shorter or longer period.
When you use Billund Airport for travels: Data collected about you related to departure from or arrival at Billund Airport will be deleted after 3 months in accordance with the provisions of the Aviation Act.
However, we must store accounting material for 5 years from the end of the financial year to which the material relates. Some of your personal data on departure from or to Billund Airport are thus stored for more than 3 months.
Collected PNR data (information on air passengers) will be deleted 5 years after they have been passed on to the PNR unit at the Danish National Police.
Purchase in stores: Information collected about you when purchasing goods/services in the stores (scanning of boarding cards) will be deleted after 30 days.
King Amlet lounge: Personal data collected using the King Amlet lounge (scanning of boarding cards) will be deleted after 3 months.
Application for an ID access card: Data collected about you in connection with an application for and issuance of ID cards will be stored as long as you have a valid ID card for Billund Airport.
SMS service: Data collected about you when registering you for the SMS service will be deleted 5 years from the end of the financial year in which you registered for the service. 1 year after registration for the SMS service, the storage of your data will be done using pseudonymisation according to point (e) of Article 5(2) of the General Data Protection Regulation.
YOUR RIGHTS
As a data subject, you have certain rights that Billund Airport as the data controller is obliged to fulfil.
You can withdraw one or more of your consents at any time. To withdraw consent to our processing of your personal data, please contact us.
If you no longer wish to receive emails with information about Billund Airport and marketing material from Billund Airport, you can unsubscribe by clicking on "unsubscribe newsletter" in the relevant email you received from us. The withdrawal of your consent does not affect the legality of our processing of your personal data prior to the withdrawal.
You may contact Billund Airport and obtain access to the personal data we process about you, and you may also rectify any incorrect or incomplete personal data.
If you want your personal data to be erased, Billund Airport to limit the processing, or if you wish to object to Billund Airport's processing of your personal data, you can contact Billund Airport.
You can also contact Billund Airport if you wish to exercise your right to data portability.
Billund Airport must also notify any recipient to whom the personal data have been disclosed of any rectification or erasure of the personal data or limitation of processing, unless this proves impossible or involves disproportionate effort. Billund Airport informs the data subject about these recipients if the data subject requests it.
In connection with video surveillance within Billund Airport's areas, your rights under the General Data Protection Regulation have, as a starting point, been waived, as we generally consider that the consideration of the data subject's rights is overridden by consideration of public security as well as considerations for the prevention, investigation, detection or prosecution of criminal offences or the enforcement of criminal penalties, including the safeguarding against and the prevention of threats to public security, cf. section 2 of the Data Protection Act (Act No. 502/2018). As a starting point, you will therefore not be able to gain insight into video recordings of yourself within Billund Airport's area.
COOKIES
We use cookies on our website. The use of cookies on the website is covered by our cookie policy:
Cookies on bll.dk
CHANGES TO THIS PRIVACY POLICY
We acknowledge that transparency is an ongoing responsibility. We will, therefore, continuously review and update this privacy policy.
This Privacy Policy was updated on 8 May 2019.
OTHER ENTITIES AT BILLUND AIRPORT
Billund Airport is not responsible for managing the parking area at the airport. APCOA manages it, and you can read more about their processing of your personal data here.
CONTACT
The data controller is Billund Airport A/S, CVR no .: 23 34 31 18, located at Passagerterminalen 10, 7190 Billund. Email: info@bll.dk
If you wish to exercise your rights as described above, or if you have any questions regarding our processing of your personal data or this privacy policy, please contact us:
Billund Lufthavn A/S
7190 Billund
CVR no.: 23 34 31 18
Phone. +45 7650 5050
Email: info@bll.dk
COMPLAINTS
If you wish to lodge a complaint about our processing of personal data, please send an email with the details of your complaint to info@bll.dk. We will process the complaint and respond.
You also have the right to lodge a complaint regarding your rights and Billund Airport's processing of your personal data with the Data Protection Agency. For more information on how to lodge a complaint with the Data Protection Agency, visit the Data Protection Agency's website www.datatilsynet.dk.