Our Data Protection Policy applies to the personal data that SLG collects and uses.
References made in this Data Protection Policy to either “SLG”, “we”, “us” or “our” mean SLG S.A. ( a company registered in Luxembourg with registration no. B0078631 and registered office at 4, rue Laangwiss Hautcharage).
We determine the ways your personal data are collected and the purposes for which your personal data are used by SLG as we are the group “data controller” for the purposes arising from Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter « the Regulation »). Note that each legal entity within the SLG is to be considered the local “data controller” for personal data processing activities that are directly related to their function.
When using the term “personal data” in our Data Protection Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include for example your name, your contact details, information relating to your travel itinerary (e.g. your booking reference number) or information on how you use our website and apps or how you interact with us.
We collect some personal data from you, for example, when you book a voyage with us, use our website or our app, use our services or contact us. We may also receive your personal data from our suppliers who provide services to you on our behalf (for example when you provide feedback on our services), our partners when you purchase their travel related products or third parties who act on your behalf, for example travel agents or other parties who book a voyage for you. If you book a voyage on behalf of someone else, you must have their consent to use their personal information.
We process your personal data only when you have given your consent, when it is necessary for the performance of a contract you have concluded with us, or for the fulfilment of a legal obligation to which we are subject. We may process personal data on the basis of our legitimate interest only if this interest is not overridden by your rights.
For more information on the parties who may share your personal data with us, please see section 8 below.
Categories of data we collect
Sensitive personal data
In the course of providing services to you, we may collect information that could reveal your racial or ethnic origin, physical or mental health, religious beliefs or alleged commission or conviction of criminal offences. Such information is considered “sensitive personal data” under the Regulation and relevant data protection laws. We only collect this information when you have given your explicit consent and it is necessary, or when you have manifestly made it public.
For example, we may collect this information in the following circumstances:
For your safety, when you have a specific medical condition, you will need to inform us of that and –where required – provide us with a medical certificate.
If you request special assistance during a voyage, this could reveal information about your health (for example if you ask for a wheelchair). If you inform us about specific dietary requirements you may have, this could potentially indicate that you have specific religious beliefs. Also, when you provide us with your travel document details, your nationality may imply your racial or ethnic origin.
By providing any sensitive personal data you explicitly agree that we may collect and use it in order to provide our services in accordance with this Data Protection Policy.
If you do not allow us to process any sensitive personal data, this means we may be unable to provide all or parts of the services you have requested from us.
We use your personal data for the following purposes:
You have a right to request access to the personal data that we hold about you. This could include booking information relating to voyages you have taken with us.
If you would like to request a copy of your personal data, or have any questions in relation to your personal data kindly send a mail to the relevant business entity found under section 11 ‘Contact Information’.
We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to personal data.
This means that we adhere to high security standards in order to protect your payment card details when you share such details with us.
As described in this Data Protection Policy, we may in some instances disclose your personal data to third parties. Where SLG discloses your personal data to a third party, we require that third party to have appropriate technical and organisational measures in place to protect your personal data; however, in some instances, we may be compelled by law to disclose your personal data to a third party, and have limited control over how it is protected by that party.
The information that you provide to us will be held in our systems, which are located on our premises or those of an appointed third party. We may also allow access to your information by other third parties who act for us for the purposes described in this Data Protection Policy or for other purposes approved by you. Your personal data may be accessed by and processed outside the European Economic Area (the European Economic Area being the European Union and Iceland, Liechtenstein and Norway, also referred to as the “EEA”). Where your personal data are transferred outside of the EEA, we require that appropriate safeguards under the Regulation are in place.
We will retain your personal data for as long as we need it in order to fulfil our purposes set out in this Data Protection Policy or in order to comply with the law. Further information about the specific retention periods are available upon request.
In the unlikely event there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data (such as sending personal data to an incorrect recipient, or loss of availability of personal data), we are committed to taking an informed decision on whether to notify the relevant supervisory authority within 72 hours and yourself in the event the personal data breach is likely to result in a high risk or risk to your rights and freedoms, without undue delay.
In order to improve our services, to provide you with more relevant content and to analyse how visitors use our website and app, we may use technologies, such as cookies, pixels or tracking software. Please be aware that in most cases we will not be able to identify you from the information we collect using these technologies.
For example, we use software to monitor customer traffic patterns and website usage to help us develop the design and layout of the website in order to enhance the experience of the visitors to our website.
We also use cookies in our website, mobile app or in our emails. Cookies are small pieces of information stored by your browser on your computer’s hard drive. They enable you to navigate on our website or app and allow us to provide features such as remembering aspects of your last search to make subsequent searches faster. You can refuse and delete cookies if you wish; while certain cookies are necessary for viewing and navigating on our website or app, most of the features will still be accessible without cookies.
• Category 1: Strictly Necessary Cookies
These Cookies enable services you have specifically asked for.
These Cookies are essential in order to enable you to move around SLG Websites and use its features, such as accessing secure areas of the website. Without these Cookies, services you have asked for, such as e-billing, may not be provided.
• Category 2: Performance Cookies
These Cookies collect anonymous information on the pages visited.
These Cookies collect information about how visitors use SLG Websites, for instance which pages visitors go to most often, and if they get error messages from web pages. These Cookies do not collect information that identifies a visitor. All information these Cookies collect is aggregated and therefore anonymous. It is only used to improve how SLG Websites work.
• Category 3: Functionality Cookies
These Cookies remember choices you make to improve your experience.
These Cookies allow SLG Websites to remember choices you make (such as your user name, language, or travel preferences) and provide enhanced, more personal features. For instance, providing you with local airport pricing or reminding you to check-in online. These Cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise.
Strictly Necessary, Performance and Functionality Cookies
We need to use these three categories of Cookie to maintain SLG Websites ‘s effectiveness, ease of use, and to provide you with a seamless experience. As such we have not provided an opportunity for these to be disabled independently, and by using our site and online services you are agreeing that we can place these types of Cookies on your PC.
• Category 4: Targeting/Advertising Cookies
These Cookies use information about your browsing in order to make advertising more relevant to you and your travel needs.
These Cookies are used to deliver adverts more relevant to you and your travel needs. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of our digital advertising campaigns. They are placed by third-party advertising networks on our behalf and with SLG’s permission. They remember that you have visited SLG Websites and this is shared with other organisations such as media owners.
You can refuse the use of these cookies should you wish.
Your personal data may be shared with other companies within our Group. We may also share some of your personal data with, or obtain your personal data from, the following categories of third parties:
Airports, government authorities, law enforcement bodies and regulators when this is necessary to get you to your destination or is required by law. For example, for specific travel routes we are required by law to provide border control agencies with information that relates to your travel documents and to your travel itinerary. This information is known as “Advance Passenger Information”.
Credit and debit card companies. SLG shares some of your personal data, which includes information about your method of payment and voyage booking, to the credit or debit card company that issued the card you used to make your booking. In order to ensure the security of your transactions and prevent or detect fraudulent transactions, we may also share your information with our fraud screening partner.
Our partners who offer travel related products and services on our website, promote offers or co-organise competitions on our website.
From time to time, we make certain third party offers available through our website or we publish competitions co-organised by third parties. If you choose to purchase products or services offered on our websites by third parties, accept offers or participate in a competition, some of your personal data, such as your contact details and your billing information, may be directly collected by or disclosed to that third party. As such, if you purchase their products or services, your information may be collected by or transferred to such parties. Note: Our partners have their own privacy policies and terms of use over which SLG does not have control. Whilst SLG carefully selects these partners, it has no responsibility or liability for their privacy policies, terms of use or the way they process your personal data. Please ensure that you review the relevant privacy policies and terms of use of these partners prior to purchasing their goods or services, using their websites, apps or services or providing any personal data to them.
Authorities. We may disclose your personal data when this is required by the law of any jurisdiction to which SLG may be subject. Through our website we provide links to third party websites which are subject to separate privacy polices. Please be aware that this Data Protection Policy does not apply to such websites and SLG is not responsible for your information that third parties may collect through these websites.
Business Continuity.
To summarise, you are entitled to the following rights granted to you by the Regulation, namely:
We shall endeavour to respond to your request promptly and within one month of receipt of the request. Depending on the complexity of the request and the number of requests to handle, we have the ability to extend this response time by two months. You shall be notified of such an extension and of the reasons for the delay within one month of receipt of the request. We reserve the right to reject the request if, on the basis of said request, we are unable to identify you or if the request is deemed excessive or unfounded. You shall be notified of the reasons for refusal within one month of receipt of the request. We may also require the payment of reasonable fees in the case of unfounded or excessive requests, especially if they are repetitive.
You can exercise your rights (e.g. request the deletion of all your personal data from our database) by sending an e-mail to the relevant business entity's e-mail address, which can be found in section 11 "Contact information".
If you are not satisfied with the handling of your request, you may file a complaint with the Commission Nationale pour la Protection des Données (information available on the website www.cnpd.public.lu). If you are not satisfied with the processing of your personal data, you may submit a complaint by sending a message, email or letter to the relevant business entity found under section 11 ‘Contact Information’.
This Data Protection Policy has last been updated on: 10/05/2022.
Adress: 27 Division St, New York, NY 10002, USA
Website: ahg-booking.com
Email: info@ahg-booking.com
Phone: +0 (321) 984 754
Fax: +0 (321) 984 754