Unfortunately this page does not exist in the desired language.

Data Protection

We, Flughafen Stuttgart GmbH, appreciate your visit to our website www.stuttgart-airport.com and your interest in our company.

We process your personal data exclusively in accordance with the statutory data protection regulations, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications Digital Services Data Protection Act (TDDDG).

In the following, we would therefore like to inform you about the processing (e.g. collection, storage, forwarding) of personal data in specific processing situations in our company(Section A.) and when using our website www.stuttgart-airport.com(Section B.).

A. Data protection declarations of Flughafen Stuttgart GmbH for specific processing situations

For the specific processing situations listed below, please find separate data protection declarations, which we would like to make available to you here as a linked PDF:

B. Privacy policy of Flughafen Stuttgart GmbH for website users

Our privacy policy for the use of our website www.stuttgart-airport.com has a modular structure. It consists of a general section and a special section.

The general section applies to any processing of personal data and to any processing situation on our website (see I. General information (general section)). The special part refers only to the processing situation specified there, which is related to our website www.stuttgart-airport.com (see II. Individual processing situations on our website (Special section)).

For reasons of better readability, the masculine form is used for personal names and personal nouns on this website. Corresponding terms apply to all genders in the interests of equal treatment. The abbreviated form is for editorial reasons only and does not imply any judgment.

TABLE OF CONTENTS

I. GENERAL INFORMATION (GENERAL PART)

1. name and address of the controller
2. contact details of the data protection officer
3. general information on the processing of personal data
3.1 Definitions
3.2 Legal basis for the processing of personal data
3.3 Scope of the processing of personal data
3.4 Recipients or categories of recipients
3.5 Transfer of data to third countries
3.6 Duration of storage, deletion
3.7 Data security
3.8 No automated decision-making (including profiling)
3.9 No obligation to provide personal data
3.10 Legal obligation to transfer certain data
4. Your rights (data subject rights)
4.1 Right of access pursuant to Art. 15 GDPR
4.2 Right to rectification pursuant to Art. 16 GDPR
4.3 Right to erasure ("to be forgotten") pursuant to Art. 17 GDPR
4.4 Right to restriction of processing pursuant to Art. 18 GDPR
4.5 Right to data portability pursuant to Art. 20 GDPR
4.6 Right to object pursuant to Art. 21 GDPR
4.7 Right to revoke the declaration of consent pursuant to Art. 7 para. 3 GDPR
4.8 Automated decision-making in individual cases including profiling in accordance with Art. 22 GDPR
4.9 Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR

II. INDIVIDUAL PROCESSING SITUATIONS ON OUR WEBSITE (SPECIAL SECTION)

1. Processing of personal data when visiting the website
1.1 Log files / server log files
1.2 Hosting of this website
1.3 Programming and maintenance of this website
2. Other functions and offers on our website
2.1 General information on cookies and similar technologies
2.2 Technical information on cookies and similar technologies
2.3 Privacy settings (Consent Manager)
2.3.1 Granting or rejecting consent
2.3.2 Change/revoke consent
2.4 Detailed information on the individual services on our website
3. E-mail delivery service Mailjet
4. Contact options
4.1 Contact form and e-mail contact
4.2 Upload function
5. Newsletters and information services
5.1 STRplus newsletter
5.2 Target group-oriented newsletter
6. Social media profiles
7. Flight status notification
7.1 Flight status notification by e-mail
7.2 Flight status notification via WhatsApp
8. Booking of airport tours
9. Application portal d.vinci
10. Subscription to the airport magazine Flugblatt

III. QUESTIONS

IV. STATUS OF THIS PRIVACY POLICY

I. GENERAL INFORMATION (GENERAL PART)

This part of our privacy policy applies to any processing of personal data and to any processing situation on our website www.stuttgart-airport.com.

1. Name and address of the person responsible

Flughafen Stuttgart GmbH
Flughafenstraße 32
70629 Stuttgart
Germany

P.O. Box 23 04 61
70624 Stuttgart
Germany

Phone: +49 711 948-0
Fax: +49 711 948-2241
E-mail: info@stuttgart-airport.com

Legal representatives:
Management
Ulrich Heppe (CEO)
Carsten Poralla (Managing Director)

2. Contact details of the data protection officer

You can contact the company data protection officer of Flughafen Stuttgart GmbH by post or e-mail.

By post:
Flughafen Stuttgart GmbH
Data Protection Officer
Flughafenstraße 32
70629 Stuttgart

By e-mail:
DSB@stuttgart-airport.com

3. General information on the processing of personal data

3.1 Definitions of terms

In our privacy policy, we use terms that are to be understood as follows in accordance with the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications Digital Services Data Protection Act (TDDDG)

  • "personal data" means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (cf. also Art. 4 No. 1 GDPR).
  • "Processing" or "processing" means any operation which is performed on personal data, whether or not by automated means (i.e. using technology). This includes, in particular, the collection (i.e. acquisition), recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data, or alteration of the purposes for which they were originally processed (see also Art. 4 No. 2 GDPR).
  • "Data subject" or "person concerned" means any natural person (i.e. any human being) who is identified or identifiable by the personal data being processed.
  • "Consent" of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her (see also Art. 4 no. 11 GDPR).


3.2 Legal basis for the processing of personal data

According to the law, any processing of personal data is initially prohibited and only permitted if the law provides for permission. This permission is also referred to as the legal basis. The following legal bases generally apply to data processing on this website:

  • Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
  • When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
  • Insofar as the processing of personal data is necessary to fulfill a legal obligation to which Flughafen Stuttgart GmbH is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
  • If the processing is necessary to safeguard a legitimate interest of Flughafen Stuttgart GmbH or a third party, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

We provide information on the processing operations we carry out in the special section of this privacy policy (see II. Individual processing situations on our website (special section)) the applicable legal basis in each case. Processing can also be based on several legal bases.

3.3 Scope of the processing of personal data

The processing of personal data ("data") of the users of our website only takes place

  • insofar as this is necessary to provide a functional website and to display the relevant content
  • and/or insofar as we, as the controller, have obtained consent from the user in accordance with Art. 6 para. 1 lit. a GDPR
  • and/or insofar as the processing of personal data is permitted on the basis of a legal permission (Art. 6 para. 1 lit. b to lit. f GDPR).

3.4 Recipients or categories of recipients

Your data will only be disclosed by us to third parties if you have consented to the disclosure, if the disclosure is required by law, if the disclosure is necessary for the processing of contractual relationships or the initiation of business, if there is a legal or official obligation to disclose the data or if the disclosure is based on another legal basis (e.g. external contractors or service providers within the scope of Art. 28 GDPR).

The following third party recipients are possible:

  • Courts, authorities or other state bodies, insofar as a legal obligation exists;
  • External bodies, insofar as this is necessary to fulfill the purposes mentioned in each case
  • External contractors within the scope of the provisions of Art. 28 GDPR;
  • Other cooperation partners whose participation is required to provide the service.

If we use external services for individual offers and functions ("services") on our website that process your data using cookies or comparable technologies, such as the embedding of plugins, for example, we will always select these service providers carefully and provide detailed information about the respective processes below in the special section of this privacy policy (see II. Individual processing situations on our website (special section)).

3.5 Transfer of data to third countries

If data is transferred to countries that do not belong to the European Union (EU) or the European Economic Area (EEA) ("third countries"), this is done exclusively in accordance with the GDPR. In this case, care is taken to ensure that an adequate level of data protection is in place.

An adequate level of data protection is ensured, for example, by the use of standard contractual clauses of the EU Commission within the meaning of Art. 46 para. 2 lit. c GDPR.

You can access the EU standard contractual clauses at the following link:
https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=EN

3.6 Duration of storage, deletion

We process and store data for as long as is necessary for the fulfillment of the respective, for example contractual or legal purposes and obligations. If this necessity no longer applies, the data will be deleted, unless the deletion conflicts with statutory retention obligations.

The individual processing operations carried out by us can be found in the special section of this privacy policy (see II. Individual processing situations on our website (special section)) for more detailed information on the respective retention and erasure periods.

3.7 Data security

We use encryption in the form of the SSL (Secure Socket Layer) method. You can recognize the encryption of our website and its individual areas by the lock or key symbol in the lower status bar of your browser.

In principle, we use suitable technical and organizational measures within the meaning of Art. 32 GDPR to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are constantly being developed and improved in line with technical progress and developments.

Despite all our efforts, however, we must point out that data transmission over the Internet may be subject to security vulnerabilities. In particular, it is not always possible to completely protect your data from access by third parties.

3.8 No automated decision-making (including profiling)

Automated decision-making in individual cases in accordance with Art. 22 GDPR does not take place.

3.9 No obligation to provide personal data

There is no obligation to provide your data. However, it may be necessary to provide your data in order to use or fully use our website. If you do not wish to provide your data, the consequence of not providing it is that you will not be able to use our website or certain functions of the website.

3.10 Legal obligation to transfer certain data

Under certain circumstances, Flughafen Stuttgart GmbH may be subject to a specific statutory or legal obligation to provide the lawfully processed personal data to third parties, in particular public authorities (see Art. 6 para. 1 lit. c GDPR).

4. Your rights (data subject rights)

If your personal data is processed by us, you are a data subject within the meaning of the GDPR. You therefore have rights vis-à-vis Flughafen Stuttgart GmbH as the controller. If you wish to assert such a right, please contact

Flughafen Stuttgart GmbH
Flughafenstraße 32
70629 Stuttgart

E-Mail: Betroffenenrechte@stuttgart-airport.com

You have the following rights:

4.1 Right to information in accordance with Art. 15 GDPR

In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details. You also have the right to request information about whether your personal data is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

4.2 Right to rectification pursuant to Art. 16 GDPR

In accordance with Art. 16 GDPR, you have a right to rectification and/or completion of your personal data vis-à-vis us as the controller if the processed personal data concerning you is incorrect or incomplete. We as the controller must carry out this rectification without undue delay.

4.3 Right to erasure ("to be forgotten") pursuant to Art. 17 GDPR

In accordance with Art. 17 para. 1 GDPR, you have the right to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (see Art. 17 para. 3 GDPR). If we, as the controller, have made the personal data concerning you public and we are obliged to erase this personal data pursuant to Art. 17 (1) GDPR, we will take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform other controllers processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, this personal data.

4.4 Right to restriction of processing pursuant to Art. 18 GDPR

In accordance with Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR.

4.5 Right to data portability pursuant to Art. 20 GDPR

In accordance with Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.

4.6 Right to object pursuant to Art. 21 GDPR

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR. As the controller, we will then no longer process the personal data concerning you unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If the personal data concerning you is processed for direct marketing purposes, you have the right to object to the processing at any time. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

4.7 Right to revoke the declaration of consent pursuant to Art. 7 para. 3 GDPR

Insofar as the respective data processing is based on consent within the meaning of Art. 6 para. 1 lit. a GDPR, you have the right to withdraw your consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Consents that you have given via the Consent Management Platform used by us or by clicking on integrated external content (so-called "two-click solution") can be revoked most easily via the Consent Management Platform (see II. 2.3 Privacy settings (Consent Manager)).

You can also withdraw your consent to the processing of your data specifically using cookies by deactivating or restricting the transmission of cookies by changing the settings in your internet browser and deleting cookies that have already been saved.

4.8 Automated decision-making in individual cases including profiling in accordance with Art. 22 GDPR

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

4.9 Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR

In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your place of residence, workplace or our company headquarters. The supervisory authority responsible for Flughafen Stuttgart GmbH is

The State Commissioner for Data Protection and Freedom of Information
P.O. Box 10 29 32
70025 Stuttgart

Telephone: 0711 615541-0
Fax: 0711 615541-15
E-mail: Poststelle@lfdi.bwl.de

II. INDIVIDUAL PROCESSING SITUATIONS ON OUR WEBSITE (SPECIAL PART)

In addition to the general part of our privacy policy (see I. General information (general part)), which applies to every processing situation on our website, this special part of our privacy policy only refers to the processing situation specifically stated below.

1. Processing of personal data when visiting the website

1.1 Log files / server log files

When you access and use our website for informational purposes (simply viewing and reading), we process personal data that you automatically transmit or that your browser transmits to our server, depending on the end device and configuration. This information is temporarily stored in a so-called log file.

The following data is processed:

  • IP address;
  • Date and time of access;
  • Name and URL of the page accessed;
  • Website from which the access was made or from which the user came to the requested page (so-called referrer URL);
  • Information about the browser type and version used;
  • Operating system and its interface;
  • Language and version of the browser software;
  • Internet service provider of the user.

The legal basis for the processing of this data is Art. 6 para. 1 lit. f GDPR.

The storage of data in log files is technically necessary. It is done to ensure the functionality of the website, to carry out an adequate analysis in the event of errors or problems in the network and to ensure the security of our information technology systems. This is also our legitimate interest.

The log files with the data stored in them are deleted after 14 days. The log files are not stored beyond this period.

1.2 Hosting of this website

We use the Microsoft Azure cloud service to host our website. Our website is located in the infrastructure of Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Personal data collected on our website is therefore stored on the web servers of this service provider.

We have concluded an agreement with Microsoft Ireland Operations Limited within the meaning of Art. 28 GDPR. The service provider will only process the data to the extent necessary to fulfill its performance obligations. It will follow our instructions with regard to this data.

In the event that data is transferred to a third country, such as the USA, the so-called standard contractual clauses of the EU Commission (EU standard contractual clauses) apply, the purpose of which is to maintain an adequate level of data protection in the respective third country.

1.3 Technical operation and support of the hosting

We have commissioned a service provider for the technical operation and support of our website. This is the company Metaways Infosystems GmbH, Schloßstraße 49, 22967 Tremsbüttel. In the course of supporting our website, the service provider can access the data collected on the website and stored on the web server.

We have concluded an agreement with the service provider within the meaning of Art. 28 GDPR. The service provider supports us, for example, in the operation and support of this website. It will only process the data insofar as this is necessary to fulfill its performance obligations and will follow our instructions with regard to this data.

1.4 Programming of this website

We have commissioned a service provider to program our website. This is the company elbkapitäne GmbH & Co KG, Rentzelstraße 10c, 20146 Hamburg. In the course of programming our website, the service provider can access the data collected on the website and stored on the web server.

We have concluded an agreement with the service provider within the meaning of Art. 28 GDPR. The service provider supports us, for example, in the maintenance and further development of this website. It will only process the data insofar as this is necessary to fulfill its performance obligations and will follow our instructions with regard to this data.

2. Further functions and offers on our website

In addition to informational use (see II. 1. Processing of personal data when visiting the website), our website offers various functions and offers ("services"). Depending on the service, different personal data is processed for this purpose. We use external services for some services and the associated data processing operations. You can find detailed information on this in our Consent Manager.

2.1 General information on cookies and similar technologies

The various services on our website use different technologies to collect and process data. These technologies are used to store information on your end device or to access information that is already stored on your end device.

The technologies used include, in particular, cookies and similar technical tools, such as scripts and data storage in the browser's local or session storage.

The following categories of technologies are used on our website:

  • Necessary technologies

    Necessary technologies are required to activate the core functionality of our website. The technical structure of our website requires us to use these technologies. Without these technologies, you will not be able to navigate our website or use basic functions.

    For example, some services on our website require technically necessary cookies so that the accessing browser can be identified even after a page change. Without the use of cookies, it is also not possible to provide you with the language settings of our website.

    In addition, some technically necessary technologies collect information about how you use our website in order to prevent errors from occurring when using the website or to ensure the security of the website.

    The use of the necessary technologies is absolutely necessary within the meaning of Section 25 (2) No. 2 TDDDG. The legal basis for the associated processing of personal data results from Art. 6 para. 1 lit. b to lit. f GDPR, depending on the service.

    The main purpose of the necessary technology and the associated processing of personal data is to simplify the use of our website for the user and to ensure the security of our website. This is also our legitimate interest.

  • Non-essential technologies (functional and marketing)

    Some optional services on our website use technologies that are not essential.

    Non-essential technologies include so-called functional technologies. These technologies make it possible to improve your user experience. In particular, they can be used to make it easier for you to use different browsers or devices or to recognize you when you visit our website. However, functional technologies also enable an analysis of your surfing behavior, such as determining the frequency of page views or the use of website functions. This enables us to continuously improve the functionality and content of our website. Sharing cookies are used to enable the interactivity of our website with other services (e.g. social networks).

    Non-essential technologies also include so-called marketing technologies. These are used to offer the user of the website needs-based advertising on the website or offers from third parties, to show interest-based advertising and to measure the effectiveness of these offers.

    For the use of non-essential technologies, we require your consent in accordance with Section 25 (1) sentence 1 TDDDG. You can declare this to us together with your consent to the associated data processing. The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. a GDPR.

    Services that use non-essential technologies will only be activated with your consent. You can give your consent via our Consent Manager by either activating the respective category of non-essential technologies (functional or marketing) on which the service is based or by specifically activating the respective service. Further details on how you can give, manage and/or revoke your consent can be found below under 2.3 Data protection settings (Consent Manager).

Detailed information on the individual services, the technologies used in each case and the associated data processing can be found in our Consent Manager.

2.2 Technical information on cookies and similar technologies

  • Cookies

    Cookies are text files that are stored in the internet browser or by the internet browser on your computer system/end device as soon as you visit our website. The stored cookies contain a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. However, cookies can not only enable recognition of the end device used, but can also contain information on certain settings.

    We also use cookies from providers of external services on our website. Therefore, the providers who set a cookie via our website may receive a wide variety of information and data.

    You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been stored can be deleted at any time.

    If you refuse the storage of (technically) necessary cookies, you may not be able to use all the functions of our website to their full extent. Some functions of our website cannot be offered without the use of cookies. These are, for example, functions for which it is necessary for the browser to be recognized even after a page change. An example of this is the adoption of the selected language setting.

  • Scripts

    Scripts in web development are small programs or code snippets that are used to automate recurring tasks. Scripts enable, for example, the validation of form entries or the display of dynamic content and ensure an improved user experience. They can be executed either in the user's browser or on the server.

  • Data storage in local or session storage

    Local storage and session storage are mechanisms for storing data in the user's browser. Local storage stores data permanently, session storage only for a current browser session. This is necessary, for example, to be able to save user settings or intermediate input statuses.

2.3 Privacy settings (Consent Manager)

We use the consent management platform Usercentrics ("Consent Manager") on our website. This Consent Manager helps you to make privacy settings for the various technologies used for the individual services on our website and the associated data processing.

2.3.1 Granting or refusing consent

Initially, only the use of necessary technologies (see II. 2.1 General information on cookies and comparable technologies) is intended and preset for our website.

When you access our website, your consent or refusal is obtained and saved via a pop-up window, the so-called cookie banner.

By clicking on the "Accept all" button, you can consent to the use of all technologies (see II. 2.1 General information on cookies and similar technologies), the associated processing of information on your end device and the processing of your personal data. All services on our website will then be activated.

By clicking on the "Reject" button, you can reject the use of all unnecessary technologies (functional and marketing). In this respect, the processing of information on your end device and the processing of your personal data will not take place. Services that use non-essential technologies remain deactivated.

By clicking on the "More" button, you will find detailed information on the categories of technologies used and the individual services on our website. Among other things, you can find out which technologies we currently use on our website, which services process which type of data for which specific purposes on which legal basis and which external services/data recipients we use. You also have the option of setting the scope of your consent in detail by making a selection and confirming it by clicking on the "Save settings" button. You can either select the respective category of unnecessary technologies (functional or marketing) or specifically activate or deactivate the respective service. This allows you to specifically prevent certain technologies from using information from your device and certain services from processing your personal data via our website.

If we embed content from a third-party provider (e.g. videos or Twitter posts) on our website and we do not yet have your consent to display the content to you, a notice will appear instead of the content stating that we require your consent. At the same time, you will be given the opportunity to give the necessary consent and/or to view more information about the respective service of the third-party provider.

2.3.2 Changing/revoking consent

You can view your privacy settings via the Consent Manager and change or withdraw your consent to the use of non-essential technologies and the associated processing of your data at any time.

You will also find a link to the Consent Manager in the footer of our website. The linked text reads "Privacy settings".

If you click on the linked text, the cookie banner described above will open. There you can give or refuse your consent. For details, see II. 2.3.1 Granting or rejecting consent.

2.4 Detailed information on the individual services of our website

In our Consent Manager, you will find detailed information on the individual services of our website, the technologies used in each case and the associated data processing. To do this, click on "Services".

Where relevant for the respective service, the following information is provided:

  • Description of the service;
  • Processing company (provider of the external service, if applicable);
  • Data protection officer of the processing company;
  • Purpose of the data collection/processing;
  • Technologies used;
  • Type of data collected/processed;
  • Legal basis for the processing of personal data (see "Legal basis");
  • Place of processing;
  • Duration of storage, deletion (see "Retention period");
  • Transfer of data to third countries (see "Transfer to third countries");
  • Recipients or categories of recipients (see "Data recipients");
  • Further information on data protection of the companies involved in data processing.

3. E-mail dispatch service Mailjet

In order to be able to send e-mails via our website (e.g. flight status notifications (see II. 7. Flight status notifications by e-mail), we use the e-mail dispatch service Mailjet. This is a service provided by Mailjet Inc, 112 E Pecan St. #1135, San Antonio, TX 78205, USA.

We have commissioned this service provider to process the respective data. We have therefore concluded an agreement with Mailjet Inc. within the meaning of Art. 28 GDPR. In addition, we have agreed the so-called standard contractual clauses with the service provider, the purpose of which is to maintain an adequate level of data protection in the event that your data is transferred to a third country, such as the USA.

Further information from Mailjet Inc. on security and data protection can be found at:
https://www.mailjet.de/sicherheit-datenschutz/

Information on the order processing of personal data by Mailjet Inc.:
https://www.mailjet.de/av-vertrag/

Information on the standard contractual clauses for the transfer of data to third countries:
https://www.mailjet.de/av-vertrag/

4. Contact options

4.1 Contact form and e-mail contact

You can contact us by e-mail at info@stuttgart-airport.com. In this case, the personal data transmitted with the e-mail will be stored.

There is also a contact form on our website which can be used to contact Flughafen Stuttgart GmbH electronically regarding various topics.

When you contact us by e-mail or via a contact form, the data you provide (e.g. your e-mail address, your name, your request and, if you contact the noise protection officer, your zip code and place of residence) will be stored by us in order to respond to your request appropriately. The data from the contact form is transmitted to our web server in encrypted form.

Depending on the topic on which you contact us by e-mail or via the contact form, your data and your request will be transmitted to third parties. Data will only be transmitted to third parties if this is necessary to clarify and answer your request.

Data is transferred to third parties in the following cases in particular:

  • For feedback/questions about boarding (e.g. Check-in, baggage tracing, boarding support)
    Depending on the airline and/or your request, your personal data and your request may be transmitted to

    Stuttgart Airport Ground Handling GmbH (SAG)
    Postfach 23 02 70
    70622 Stuttgart

    and/or to:

    Stuttgart Ground Services GmbH
    Postfach 23 04 11
    70624 Stuttgart

    and/or to:

    Global GSRM GmbH
    Frankfurt am Main Flughafeh
    Terminal 2
    P.O. Box 150/065
    60549 Frankfurt am Main

  • For feedback/questions on security issues (e.g. Security check, passport control)
    To clarify the matter, your personal data and your request may be sent to:

    Federal Police Headquarters Stuttgart
    Wolfgang-Brumme-Allee 52
    71034 Böblingen

    and/or to:

    Bundespolizeiinspektion am Flughafen Stuttgart
    70629 Stuttgart

    and/or to:

    Polizeipräsidium Reutlingen
    Kaiserstraße 99
    72764 Reutlingen

    and/or to:

    Polizeirevier Flughafen Stuttgart
    Flughafenstraße 36
    70629 Stuttgart

    and/or to:

    Zollamt Flughafen Stuttgart
    Flughafen Stuttgart
    70629 Stuttgart

  • For feedback/questions regarding gastronomy/shops
    In order to clarify the matter, your personal data and your inquiry may be forwarded to tenants or restaurateurs currently present on the Stuttgart Airport campus.

  • For questions about noise protection
    Your personal data and your inquiry will be forwarded directly to Stuttgart Airport's noise protection officer. If you contact the noise protection officer at Stuttgart Airport to report aircraft noise, it is also necessary to provide your zip code and place of residence so that the Stuttgart Airport noise protection officer can adequately investigate the reported aircraft noise and respond to your request appropriately.

    Noise protection officer for Stuttgart Airport
    Regierungspräsidium Stuttgart
    Ruppmannstraße 21
    70565 Stuttgart

  • For feedback/questions on the subject of parking/kiss & fly
    Your personal data and your query may be sent to:

    APCOA Deutschland GmbH
    Postfach 23 04 63
    70624 Stuttgart to clarify the matter

  • For feedback/questions on the subject of cabs
    To clarify the matter, your personal data and your request may be sent to:

    Taxi-Auto-Zentrale und
    Einkaufsgenossenschaft des Stuttgarter Taxigewerbes e.G.
    Karlsbader Straße 42
    70372 Stuttgart

  • For feedback/questions about the Stuttgart Airport Bus Terminal
    To clarify the matter, your personal data and your inquiry may be sent to:

    Altuntas
    Suat Altuntas
    Flughafenstr. 50
    70629 Stuttgart

    and/or

    Deutsche Touring GmbH
    Building 346 (SAB)
    70629 Stuttgart

  • For feedback/questions about customs
    To clarify the matter, your personal data and your inquiry may be sent to:

    Stuttgart Main Customs Office
    Airport Customs Office
    Air Cargo Building 605/6
    70629 Stuttgart

If you contact us, the legal basis for the associated processing of your data is Art. 6 para. 1 lit. f GDPR and Art. 6 para. 1 lit. a GDPR.

Regardless of whether you contact us by email or via the contact form, the processing of your data serves exclusively to process and answer your inquiry properly. This also applies in the event that your data is transferred to third parties. The data processing takes place exclusively in order to be able to answer your inquiry appropriately and conclusively. This is also our legitimate interest.

Personal data will only be stored for as long as is necessary to achieve the above-mentioned purpose (final clarification of your specific request) or in accordance with the statutory retention periods. Accordingly, personal data that you send us as part of an inquiry by email or via the contact form will generally be deleted by us when the respective conversation has ended, i.e. when the respective matter has been conclusively clarified.

4.2 Upload function

If you would like to send us files (e.g. documents, image files) relating to your request online, you can upload them to our website using the upload function.

The uploaded files (including any personal data they may contain) are transmitted to our web server in encrypted form and stored there. They will only be used to process and respond to your inquiry or request appropriately.

The legal basis for the processing of your data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest also lies in the appropriate and conclusive response to your request.

Data will only be transferred to third parties if this is necessary to clarify and answer your request. Transmission takes place, for example, in the cases described above in Section II. Section 4.1 of this privacy policy (see II. 4.1 Contact form and e-mail contact).

The files uploaded by you and any personal data contained therein will only be stored for as long as is necessary to achieve the above-mentioned purpose (final clarification of your specific request) or in accordance with statutory retention periods. Accordingly, personal data that you send us as part of an inquiry by email or via the contact form will generally be deleted by us when the respective conversation has ended, i.e. when the respective matter has been conclusively clarified.

Please note the following information: Files may contain hidden personal data. Remove this data before uploading if you do not want us to process this data. If the files contain personal data of other persons, we ask you to ensure that this data may be processed before uploading. If you upload files with such so-called third-party data, we, Flughafen Stuttgart GmbH, assume that we may process this data in accordance with Art. 6 para. 1 lit. f GDPR, as long as it is not apparent to us that there is no justification for the processing.

5. Newsletter and information services

5.1 STRplus newsletter

For our STRplus newsletter, please note our separate data protection declaration, which applies in the event that you wish to receive the personalized STRplus newsletter from Flughafen Stuttgart GmbH and therefore register for it.

The privacy policy for the STRplus newsletter mailing (with creation of personal profiles) is available here.

5.2 Information mailing political letter

For the sending of information to political stakeholders ("policy letter"), please note our separate privacy policy, which applies in the event that you wish to receive the personalized policy letter from Flughafen Stuttgart GmbH and therefore register for it.

The data protection declaration for the policy letter (with creation of personal profiles) is available for you here.

5.3 Target group-oriented newsletter

Flughafen Stuttgart GmbH also offers special user groups (e.g. travel agency partners, business partners/corporates and members of the press) the opportunity to register for a target group-oriented newsletter. With these newsletters, we regularly send target group-relevant information/invitations about Flughafen Stuttgart GmbH by e-mail.

The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR. The collection of your personal data serves to verify and correctly assign you to the target group-oriented newsletter and to ensure that the newsletter can be delivered. Your data will be used exclusively for sending the newsletter.

Your personal data will only be stored for as long as is necessary to achieve the above-mentioned purpose or in accordance with the statutory retention periods. We store your data for as long as the subscription to your newsletter is active. As a user, you can cancel your subscription to the respective newsletter at any time and without giving reasons by revoking your consent.

You can do this at any time by sending an email to Betroffenenrechte@stuttgart-airport.com or by clicking on the "Unsubscribe" button in the newsletter.

  • Newsletter for travel agency partners, business partners/corporates
    If you belong to the travel agency partners, business partners user group and are interested in subscribing to the "Travel agency partners, business partners/corporates" newsletter, please contact Marketing@stuttgart-airport.com. In order for your registration to be considered, we need information about you (e-mail address, name) and the organization/company to which you belong. When contacting us by e-mail, Section II. Section 4 of this privacy policy (see II. 4.1 Contact form and e-mail contact).

  • Information for media representatives ("press information")
    If you are a member of the press user group and are interested in registering to receive press information, please contact Presse@stuttgart-airport.com. We need information about you (e.g. e-mail address, name) and the organization/company to which you belong so that we can consider your registration. When contacting us by e-mail, Section II. Section 4 of this privacy policy (see II. 4.1 Contact form and e-mail contact).

6. Social media profiles

Flughafen Stuttgart GmbH maintains profiles in various social networks. You will find links to these profiles on our website. Specifically, Flughafen Stuttgart GmbH maintains the following profiles:

We look forward to your visit to one of our profiles on the above-mentioned networks. In this case, the terms and conditions and data protection provisions of the respective operators apply.

All links to our social media profiles on our website are integrated by means of a link. Personal data is therefore not transmitted to external third parties without your active involvement. Data will only be transmitted if you initiate this yourself by clicking on the link. In this case, the data protection provisions of the respective social network apply. Your rights as a user in this regard and setting options to protect your privacy can be found in the providers' data protection notices:


7. Flight status notification

7.1 Flight status notification by e-mail

On our website, you have the option of being notified by e-mail of status updates for flights that you can select yourself. We use the Mailjet e-mail service for this purpose (see II. 3. Mailjet e-mail service).

You can subscribe to the respective flight status (e.g. Status: En route; Status: Landed; Status: Boarding) and flight status changes of a specific flight by e-mail. For this purpose, we collect your e-mail address in the registration form for notification. This data is collected solely for the purpose of informing you of changes to the flight status of the desired flight(s).

Registration for the flight status notification takes place by means of the so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration for flight status notification by clicking on a link. You will only receive the desired flight status notifications and flight status changes by e-mail if this confirmation is received. The following data is stored as part of the double opt-in procedure:

  • E-mail address
  • IP address as part of the server log
  • Time of the confirmation

The legal basis for the processing of your data is your consent, which you give us in the course of your registration, and thus Art. 6 para. 1 lit. a GDPR.

Personal data will only be stored for as long as is necessary to achieve the above-mentioned purpose or in accordance with the statutory retention periods. As a rule, your e-mail address will be deleted after a period of 4 days, but at the latest after 7 days, after the end of the respective flight.

7.2 Flight status notification via WhatsApp

On our website, you have the option of scanning a QR code or clicking on a link to be notified of the status of a flight you have selected via the messenger service "WhatsApp" ("WhatsApp Messenger") and to receive further helpful tips relating to your journey and the flight.

You can register using the following procedure:

  • First, make sure that you have the latest version of WhatsApp Messenger installed on your end device at best.
  • On our website, select the flight for which you would like to receive flight status notifications.
  • Scan the QR code with your device or click the link to open WhatsApp Messenger on your device (e.g. smartphone).
  • You will be shown a pre-filled message containing the flight number and date of the flight for which you would like to receive flight status notifications.
  • Send the pre-filled message.

By following these steps and submitting the pre-filled message, you agree that we may process your data for the aforementioned purposes.

After your registration, we will process the following data relating to your person:

  • Telephone number;
  • Message with flight number and date;
  • Time at which this message was sent;
  • Any other messages you send us.

The legal basis for the processing of your data is your consent, which you give us in the course of your registration, and thus Art. 6 para. 1 lit. a GDPR.

To enable us to receive and send messages via WhatsApp Messenger, we have set up a WhatsApp Business profile that is connected to our "Superchat" communication platform via the so-called "WhatsApp Business API".

The WhatsApp Business API is used via an official WhatsApp Business Solution Partner. This is 360dialog GmbH, Torstraße 61, 10119 Berlin, Germany.

The Superchat communication platform is provided to us by SuperX GmbH, Oranienburger Straße 91, 10178 Berlin. For this purpose, SuperX GmbH processes the data on our behalf on Superchat servers in Germany.

The provider and operator of the WhatsApp messenger is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, a group company of Meta Platforms, Inc. (formerly Facebook) ("WhatsApp").

WhatsApp processes personal data in accordance with its own privacy policy: https: //www.whatsapp.com/legal/privacy-policy-eea?lang=de_DE

The communication content is end-to-end encrypted. However, WhatsApp may also collect other so-called "metadata", which may contain information about the identity of the sender and recipient, as well as the telephone number, device information and information about the use of the WhatsApp messenger (e.g. duration and frequency). WhatsApp also uses this data for its own purposes, such as improving WhatsApp Messenger. We have no knowledge of the details of this data processing and have no influence on it. We cannot rule out the possibility of data being passed on to other recipients within the Meta group of companies in countries outside the EU that do not offer an adequate level of data protection (particularly in the USA). Further information can be found in the WhatsApp privacy policy.

Personal data is only stored for as long as is necessary to achieve the above-mentioned purpose. As a rule, we therefore delete your data after a period of 4 days, but at the latest after a period of 7 days, after the end of the respective flight.

As the processing is based on your consent, your data will also be deleted as soon as you withdraw your consent. You can withdraw your consent at any time by clicking on the "Stop updates" button at the end of each message. Alternatively, you can send us a message with the content "Stop" via the WhatsApp messenger in the chat or an email to Betroffenenrechte@stuttgart-airport.com. Section II, point 4.1 of this privacy policy applies to contacting us by email (see 4.1 Contact form and email contact).

If statutory retention periods prevent deletion, the data will be stored until the expiry of the relevant retention period.

8. Booking airport tours

If you would like to book an airport tour, please visit our website https://tour.stuttgart-airport.com.

A separate privacy policy applies to visits to the website tour.stuttgart-airport.com: https://tour.stuttgart-airport.com/datenschutz

If you book and/or take part in an airport tour, please refer to our separate privacy policy for airport tours (booking and participation), which you can access here.

9. D.vinci application portal

You have the option of accessing and using the "d.vinci" application portal of d.vinci HR-Systems GmbH, Nagelsweg 37 - 39, 20097 Hamburg, which is integrated into our website.

A separate privacy policy applies to the visit and use of our application portal (website stuttgart-airport.dvinci-hr.com), which you can find here.

For applications via our application portal, the separate "Data protection declaration for the online application process at Flughafen Stuttgart GmbH (FSG)" also applies. This data protection declaration is made available in the online application process at the time the data is collected.

10. Subscription to the airport magazine Flugblatt

You have the opportunity to subscribe to our airport magazine "Flugblatt" free of charge. If you would like to receive the Airport Magazine, please send an e-mail with your name and full address to publikationen@stuttgart-airport.com.

If you register to receive the Airport Magazine, your personal data will be processed solely for the purpose of sending you the flyer. Your personal data is required in order to send you our Airport Magazine and thus to service the subscription you have requested.

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a GDPR. Your personal data will only be stored for as long as is necessary to fulfill your subscription. We therefore store your data for as long as your subscription to the flyer is active. Your personal data will be passed on to the mailing service provider for the purpose of sending the leaflet to you. Your personal data will not be passed on to other third parties.

You can cancel your subscription to the Airport Magazine at any time and without giving reasons by withdrawing your consent.

You can do this at any time by sending an e-mail to Betroffenenrechte@stuttgart-airport.com.

Section II. Section 4 of this privacy policy (see 4.1 Contact form and e-mail contact).

III. QUESTIONS

If you have any questions regarding the processing of your personal data by us and questions about your rights as a data subject, you can contact our company data protection officer at any time. You can also contact our company data protection officer at any time if you have suggestions or other information on the subject of data protection. The contact details can be found above under I. 2. Contact details of the data protection officer.

IV. STATUS OF THIS PRIVACY POLICY

This privacy policy is currently valid and is dated 01.07.2025.