Privacy & Cookies Notice
This is the Privacy and Cookies Notice of Loylogic Rewards FZE ("Loylogic", "we", "us", "our"), in relation to the provision of the Miles & More Programme including all services related thereto and the program website (the "Mileage Service"). This includes any services that you subscribe to and your contact with us from time to time in this in relation with the Mileage Service. This Privacy and Cookies Notice ("Notice") sets out how we use any personal information that you give to us or that we may collect or otherwise process in the course of the Mileage Service. By using the Mileage Service you acknowledge that you have read and understood this Notice.
1. Information About Us
1.1. The Mileage Service as explained below is operated by Loylogic Rewards FZE whose registered address is Dubai Airport Freezone Authority, PO Box 293805, Dubai United Arab Emirates. You can contact us by email at: email@example.com.
1.2. Our EU representative for data related queries is Loylogic AG Latvia branch, registration number: 40103284489, legal address: Brivibas street 40-35, Riga, LV-1050. If you have any questions about how we handle data, you can contact us by email at: firstname.lastname@example.org.
1.3. In providing the Mileage Service, we work with Miles & More GmbH ("MMG") as our program partner. To view their privacy notice, click the following link: https://www.miles-and-more.com/de/de/general-information/privacy-statement.html.
2. What Data do we collect?
- date of birth;
- contact information such as email addresses and telephone numbers;
- program account information, membership information;
- financial information such as credit / debit card details;
- the balance of the miles account;
- information about transactions initiated or received by you, including contact details of the sender and receiver;
- information exchanged between you and us in communication;
- IP address;
- web browser type and version;
- operating system;
- a list of URLs starting with a referring site, your activity on our website, and the site you exit to.
2.2. Additionally, we may receive data from MMG as required for the Mileage Service, including the following data after giving us your consent:
- personal data including your name, addresses, birthday and e-mail address;
- your Miles & More service card number and mileage balance for operational purposes;
- status information and Miles & More credit card type for promotional purposes; and
- details of any underlying transaction which is relevant to the credit or debit of Miles to you via Mileage Services (for example, to determine if you are eligible for additional Miles following a purchase of a flight).
3. How We Use Your Data
3.1. All personal data is processed and stored securely, for no longer than is necessary to provide the Mileage Service. We will comply with our obligations with regard to your personal data and safeguard your rights under applicable data protection legislation, including the GDPR (where applicable).
3.2. Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, in particular your Mileage Service membership contract (article 6(1)(b)GDPR), because you have consented to our use of your personal data (e.g. by subscribing to emails; article 6(1)(a)GDPR)), or because it is in our legitimate interests (article 6(1)(f)GDPR). Specifically, we may use your data in order to:
- operate the Mileage Service;
- register you to participate in the Mileage Service and authenticate your identity;
- co-ordinate with MMG;
- process transactions you request or receive;
- allow us to improve the Mileage Service;
- personalising and tailoring your experience of the Mileage Service;
- communicating with you;
- analysing your use of the Mileage Service and gathering feedback to enable us to continually improve the Mileage Service m and your user experience.
3.3. We may record or monitor calls made by you to our customer service desks for quality assurance and training purposes. However, we will always inform you if such recording or monitoring is taking place.
3.4. We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected, unless it is required by law.
4. How we share your data
4.1. We may share your data with other companies in our group (the "Group Companies") for provision of some of the services, for example, payment processing. This includes our holding company, Loylogic Holding AG, and its subsidiaries.
4.2. We may also contract with third parties to supply services to you on our behalf. These may include payment processing, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
4.3. We co-operate with MMG in the provision of the Mileage Service and may share the recipient’s service card number and award miles with MMG. We also co-operate with the card processor Wirecard Bank AG to process the payment. This happens in accordance with their privacy notice, which can be found here wirecard notice.
4.4. Third party processors and Group Companies may be located in countries outside of the European Economic Area ("EEA") such as the United Arab Emirates or India. The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. Where we transfer any personal data to any such country, we will ensure data protection with standard contractual clauses for data transfer to third countries. If you wish to receive a copy of the transfer clauses as they apply to your data please let us know.
4.5. We may compile statistics about the use of our websites and Apps including data on traffic, usage patterns, user numbers, sales, and other information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, analytics service providers and advertisers for marketing purposes.
4.6. In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority.
5.2. Before cookies are placed on your computer or device, you will be shown a pop-up requesting your consent to set those cookies.
5.3. We use the following cookies:
- Strictly necessary cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
- Analytical/performance cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. Our website uses analytics services provided by Google Analytics. You do not have to allow us to use these Cookies, as detailed below, however whilst our use of them does not pose any risk to your privacy or your safe use of our site, it does enable us to continually improve our website, making it a better and more useful experience for you.
- Functionality cookies. These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly
- Targeting cookies. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
- Social Media Cookies. These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
5.4. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access all or parts of our site.
5.5. Cookies are destroyed once they are no longer necessary for their purpose.
6. Google Analytics
6.2. We use Google’s services for our legitimate interest in analysing and improving the use of our website (article 6(1)(f)GDPR). Through the obtained statistics we can improve our offer and make it more interesting for you as a user. The information collected by Google through the cookie is usually transferred to a Google server in the USA and stored there. However, as IP anonymisation is activated on this website, Google will shorten your IP address within the EEA beforehand. In exceptional cases the full IP address will be transmitted to a Google server in the USA and shortened there. For these cases Google relies on the European Commission’s model contract clauses.
7.1. Securing your personal data is very important to us. All customer databases are held in a secure environment and (except for law enforcement authorities in limited circumstances), only our employees or other persons who need access to your information in order to perform their duties are allowed such access.
7.2. Where you are using our Services, we attempt to provide for the secure transmission of your information from your computer to our servers by utilising encryption software. However, due to the inherent open nature of the internet, we cannot guarantee that communications between you and us will be free from unauthorised access by third parties.
7.3. Our Services utilise SSL certificate-based encryption on pages where secure information Is transmitted over the internet. All critical information is encrypted using AES 256 algorithm and stored.
8. Business Transfers
8.1. We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Notice, be permitted to use that data only for the same purposes for which it was originally collected by is.
8.2. In the event that any of your data is to be transferred in such a manner, you will not be contacted in advance and informed of the changes.
9. Your rights
You have the following rights in relation to your personal data, subject to the requirements of applicable law:
- Access: the right to request, at any time and free of charge, access to your personal data stored and processed by us;
- Rectification: the right to have incorrect or incomplete personal data corrected or updated;
- Deletion: the right to have your personal data erased if it is no longer necessary or if you have withdrawn consent or have objected to the processing (provided there are no other grounds for processing), or if your personal data is processed unlawfully;
- Restriction: the right to request that the processing of your personal data be restricted;
- Right to data portability: the right to receive or transfer to someone else the personal data that you have provided to us, free of charge, in a commonly used and machine-readable format;
- Right to lodge a complaint: the right to lodge a complaint with a competent supervisory authority about the way we process your personal data or your requests;
- Right to withdraw consent: the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You also have the right to object to data processing and revoke consent.
If you wish to use one of your rights you can e-mail us at email@example.com.
We may change this Notice from time to time as we add new products and apps, as we improve our current Services, and as technologies and laws change. Any changes will become effective upon our posting of the revised Notice on our affected websites or Apps.
11. Website Owner
The entire contents of the Mileage Service are owned by or licensed to Loylogic and protected by copyright (all rights reserved). The downloading or printing of individual pages or passages from the website is only permitted if neither a copyright notice nor any other legally protected titles are removed. If you download data from a Loylogic website or reproduce it in any other way, all proprietary rights remain with Loylogic or its licensor, as applicable. The (complete or partial) reproduction, transmission (electronically or by other means), modification, linking or usage of the Loylogic website for public or commercial purposes is forbidden without the prior written agreement of Loylogic.
Last updated: 15th January, 2021