Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
This privacy notice tells you how we will collect and use your personal data for:
Completing travel arrangements and other requested services
Managing the flight boarding process and connections
Keeping you safe when you fly with us and meeting certain legal and regulatory requirements.
Carrying out analysis and market research
Improving our websites, products and services
For direct marketing to you if you elected to receive marketing communications
We may pass your personal data on to third-party service providers described here:
Customs and immigration authorities of any country in your itinerary or to which your flight may fly over
Airlines and other service providers needed to deliver the services you have arranged. Those airlines and other service providers will be identified when you make a booking.
If you enrolled in a loyalty scheme or a have a travel profile with us so that we can administer the benefits of these programmes.
Credit card companies and anti-fraud screening service providers to process payments.
In response to a valid, legal request from Government and law enforcement agencies such as customs and immigration authorities.
Third parties, such as the police and regulatory authorities, to protect our rights, property, or the safety of our customers, staff and assets.
Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the purposes of fulfilling your travel arrangements. When they no longer need your data to fulfil this service, they will dispose of the details in line with our procedures or according to statutory procedures. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
We will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary. We are required to retain information in accordance with the law, such as information needed for customs and security purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices.
At your request, we can confirm what information we hold about you and how it is processed. You can request the following information:
Identity and the contact details of the person or organisation that has determined how and why to process your data.
The purpose of the processing as well as the legal basis for processing.
If the processing is based on the legitimate interests of us or a third party, information about those interests.
The categories of personal data collected, stored and processed.
Recipient(s) or categories of recipients that the data is/will be disclosed to.
If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
How long the data will be stored.
Details of your rights to correct, erase, restrict or object to such processing.
Information about your right to withdraw consent at any time.
How to lodge a complaint with the supervisory authority.
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
The source of personal data if it wasn’t collected directly from you.
Any details and information about automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
You will be required to provide sufficient information for us to adequately identify you.
|Contact Name:||Data Protection Officer|
9 Marchburn Drive
Paisley PA3 2SJ
To ensure the highest standards of security, the booking system used by flybmi encrypts information using the industry standard Secure Sockets Layer protocol (SSL). Consequently, bookings can only be made where customers use Mozilla Firefox 1 and above, Internet Explorer 5.5 and above, or any Web browser which supports SSL. The use of SSL allows all personal information, such as your credit card number, to be encrypted as it travels from your computer to the booking system used by flybmi. Once received, the information is unencrypted and processed in the same way as a credit card transaction placed via the telephone. At no time is your credit card number stored on our website, or in our online database – it is passed straight back to our secure servers, where it only exists as part of the record of your transaction.
All booking profile information on our website is held on a secure server. Once your PIN number has been entered, all data is encrypted and it is not possible for an unauthorised user to access. Most browsers will notify you when you have established a secure connection. If you are not sure about this, consult the help section of your browser. If your browser does not support SSL, flybmi recommends that you update to the latest version.
On various pages of our site, we offer you the opportunity to receive information about products, promotions and special offers which we think may interest you. Information provided is securely stored on our network and is primarily used to email special offers, news and promotions directly to you. We also allow you to enter specific personal information, including your name, mailing address, etc. This specific information is used to improve the level of service and functionality available online. This information may be shared with companies within the British Midland Regional Ltd or with designated market research companies carrying out research on behalf of British Midland Regional Ltd.
If you have signed up for marketing communications online, we will communicate with you as a registered customer.
You can change your personal details or withdraw from our mailing list by contacting website administration at flybmi, Aberdeen Airport, Wellshead Drive, Dyce, Aberdeen AB21 7EU.
For your convenience and information, the flybmi website provides links to other websites. flybmi would like to make you aware that these sites may have different security and privacy policies, which we have no control over. We take no responsibility for any information submitted to these sites.
A cookie is a small executable file or txt file that is stored on your PC or mobile device. It is generated by a web server and placed on your machine for future access.
flybmi and other airlines are obliged by new laws introduced in the US and other countries, to give border control agencies access to passenger data. Accordingly, any information we hold about you and your travel arrangements may be disclosed to the customs, immigration and law enforcement authorities of any country in your itinerary.
In addition, new laws in the US and other countries, require flybmi and other airlines, to collect ‘Advance Passenger Information’ (passport and associated information) for all passengers, prior to travel to or from those countries. flybmi is required to provide this information to the relevant customs and immigration authorities.
Copyright material appears on the site which is our or our Licensor’s property. Do not copy anything on the site without our prior emailed or written consent. Except as expressly stated on this website we do not give permission for you to republish, alter, transmit or otherwise copy any material on the site, but you may download information on the site for your own personal use. Except as otherwise expressly permitted under copyright law, no copying, redistribution, retransmission, publication or commercial exploitation of the downloaded material will be permitted without our express permission and that of the copyright owner. All flybmi branded logos on this site are our trademarks. You may not use them without our permission.
We may pass on your details to nominated market research companies, solely for the purpose of carrying out research on behalf of flybmi. This research is intended to assist us in improving the service we offer our customers. No personal information will be used for marketing purposes.
Following the preparation by the European Commission of a list of air carriers subject to an operating ban within the European Union, all air carriers operating in the European Union are required to bring passengers’ attention to the list on their websites. In compliance with this formality, the current list and further related information can be found on the European Commission website. We would like to reassure our passengers that the publication of this list is simply a formality and that any contract of carriage you enter into with us will not involve a flight with a carrier on the banned list.