Mileage Services Privacy & Cookies Policy
This is the Privacy and Cookies Notice of Loylogic Rewards FZE (“Loylogic”, “we”, “us”, “our”), in relation to the provision of the Miles & More Programme including all services related thereto and the program website (the “Mileage Service”). This includes any services that you subscribe to and your contact with us from time to time in this in relation with the Mileage Service. This Privacy and Cookies Notice (“Notice”) sets out how we use any personal information that you give to us or that we may collect or otherwise process in the course of the Mileage Service. By using the Mileage Service you acknowledge that you have read and understood this Notice.
1. Information About Us
1.1. The Mileage Service as explained below is operated by Loylogic Rewards FZE whose registered address is Dubai Airport Freezone Authority, PO Box 293805, Dubai United Arab Emirates. You can contact us by email at: firstname.lastname@example.org.
1.2. Our EU representative for data related queries is Loylogic AG Latvia branch, registration number: 40103284489, legal address: Brivibas street 40-35, Riga, LV-1050. If you have any questions about how we handle data, you can contact us by email at: email@example.com
1.3. In providing the Mileage Service, we work with Miles & More GmbH (“MMG”) as our program partner. To view their privacy notice, click the following link: https://www.miles-and-more.com/de/de/general-information/privacy-statement.html
2. What Data do we collect?
- date of birth;
- contact information such as email addresses and telephone numbers;
- program account information, membership information;
- financial information such as credit / debit card details;
- the balance of the miles account;
- information about transactions initiated or received by you, including contact details of the sender and receiver;
- information exchanged between you and us in communication;
- IP address;
- web browser type and version;
- operating system;
- a list of URLs starting with a referring site, your activity on our website, and the site you exit to.
2.2. Additionally, we may receive data from MMG as required for the Mileage Service, including the following data after giving us your consent:
- personal data including your name, addresses, birthday and e-mail address
- your Miles & More service card number and mileage balance for operational purposes; and
- status information and Miles & More credit card type for promotional purposes.
3. How We Use Your Data
3.1. All personal data is processed and stored securely, for no longer than is necessary to provide the Mileage Service. We will comply with our obligations with regard to your personal data and safeguard your rights under applicable data protection legislation, including the GDPR (where applicable).
3.2. Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, in particular your Mileage Service membership contract (article 6(1)(b)GDPR), because you have consented to our use of your personal data (e.g. by subscribing to emails; article 6(1)(a)GDPR)), or because it is in our legitimate interests (article 6(1)(f)GDPR). Specifically, we may use your data in order to:
- operate the Mileage Service;
- register you to participate in the Mileage Service and authenticate your identity;
- co-ordinate with MMG;
- process transactions you request or receive;
- allow us to improve the Mileage Service;
- personalising and tailoring your experience of the Mileage Service;
- communicating with you;
- analysing your use of the Mileage Service and gathering feedback to enable us to continually improve the Mileage Service m and your user experience;
- provide you with marketing materials by email, telephone, SMS and/or by post, but only where you have given us your permission to do so.
3.3. We may record or monitor calls made by you to our customer service desks for quality assurance and training purposes. However, we will always inform you if such recording or monitoring is taking place.
3.4. You have the right to withdraw consent given to us using your personal data at any time, and to request that we delete it, by contacting us by email at: firstname.lastname@example.org.
3.5. We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected, unless it is required by law.
4. How we share your data
4.1. We may share your data with other companies in our group (the “Group Companies”) for provision of some of the services, for example, payment processing. This includes our holding company, Loylogic Holding AG, and its subsidiaries.
4.2. We may also contract with third parties to supply services to you on our behalf. These may include payment processing, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
4.3. We co-operate with MMG in the provision of the Mileage Service) and may share the recipient’s service card number and award miles with MMG. We also co-operate with the card processor Wirecard Bank AG and may share the data required for Wirecard Bank AG to process data as a separate controller in accordance with their privacy notice, which can be found wirecard notice.
4.4. Third party processors and Group Companies may be located in countries outside of the European Economic Area (“the EEA”; the EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein) where data privacy may not be on an equal level, such as the United Arab Emirates or India. Where we transfer any personal data to any such country, we will ensure data protection with standard contractual clauses for data transfer to third countries. If you wish to receive a copy of the transfer clauses as they apply to your data please let us know.
4.5. We may compile statistics about the use of our websites and Apps including data on traffic, usage patterns, user numbers, sales, and other information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, analytics service providers and advertisers for marketing purposes.
4.6. In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority.
5.3. We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our Services. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. Our website uses analytics services provided by Google Analytics. You do not have to allow us to use these Cookies, as detailed below, however whilst our use of them does not pose any risk to your privacy or your safe use of our site, it does enable us to continually improve our website, making it a better and more useful experience for you. For more information on the use of Google Analytics, including how to opt out, visit Privacy Overview.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
5.4. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access all or parts of our site.
5.5. Cookies are destroyed once they are no longer necessary for their purpose.
6. Google Analytics
6.2. We use Google’s services for our legitimate interest in analysing and improving the use of our website (article 6(1)(f)GDPR). Through the obtained statistics we can improve our offer and make it more interesting for you as a user. The information collected by Google through the cookie is usually transferred to a Google server in the USA and stored there. However, as IP anonymisation is activated on this website, Google will shorten your IP address within the EEA beforehand. In exceptional cases the full IP address will be transmitted to a Google server in the USA and shortened there. For these cases Google has submitted to the EU-US Privacy Shield, https://www.privacy-shield.gov/EU-US-Framework.
7.1. Securing your personal data is very important to us. All customer databases are held in a secure environment and (except for law enforcement authorities in limited circumstances), only our employees or other persons who need access to your information in order to perform their duties are allowed such access.
7.2. Where you are using our Services, we attempt to provide for the secure transmission of your information from your computer to our servers by utilising encryption software. However, due to the inherent open nature of the internet, we cannot guarantee that communications between you and us will be free from unauthorised access by third parties, such as hackers.
7.3. Our Services utilise SSL certificate-based encryption on pages where secure information Is transmitted over the internet. All critical information is encrypted using AES 256 algorithm and stored.
8. Business Transfers
8.1. We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Notice, be permitted to use that data only for the same purposes for which it was originally collected by is.
8.2. In the event that any of your data is to be transferred in such a manner, you will not be contacted in advance and informed of the changes.
9. Your rights
9.1. You may update your information held by us by writing to email@example.com.
9.2. You may object to our processing of personal data, in particular for marketing purposes. However, servicing emails sent to you may be triggered automatically when you use the Mileage Service, for example, when you make a purchase or if you add items to a wish list. If you do not wish to receive service emails, you must request stop using the Mileage Service and request deletion of your membership. Alternatively, whenever we contact you, (for example to send you an email newsletter which you have requested) you will normally find an email or other address at the bottom of the email, which you can use to tell us if you no longer wish to receive the newsletter or other communication in question.
9.3. You have the right to ask for a copy of any of your personal data held by us (where such data is held). We will generally provide all information in response to your request free of charge. Please contact us for more details at firstname.lastname@example.org. In addition, in relation with your personal data and within the constraints of the applicable law, you have the right to access, rectification and erasure of your personal data, the right to restriction of processing or to object to our data processing, and the right to receive certain personal data for transfer to another controller (data portability). Moreover, you have the right to fine a complaint with the competent data protection authority. You may also withdraw consent where our processing of your personal data is based on consent, without affecting the lawfulness of our processing before withdrawal.
We may change this Notice from time to time as we add new products and apps, as we improve our current Services, and as technologies and laws change. Any changes will become effective upon our posting of the revised Notice on our affected websites or Apps.
11. Website Owner
The entire contents of the Mileage Service are owned by or licensed to Loylogic and protected by copyright (all rights reserved). The downloading or printing of individual pages or passages from the website is only permitted if neither a copyright notice nor any other legally protected titles are removed. If you download data from a Loylogic website or reproduce it in any other way, all proprietary rights remain with Loylogic or its licensor, as applicable. The (complete or partial) reproduction, transmission (electronically or by other means), modification, linking or usage of the Loylogic website for public or commercial purposes is forbidden without the prior written agreement of Loylogic.