Royal Schiphol Group Privacy Statement: Privacy
Welcome to Amsterdam Airport Schiphol, where each day thousands of travellers arrive and depart, where retailers welcome shoppers and which is the location of a wide range of enterprises. At Schiphol Nederland B.V. (‘Schiphol’), we take pride in making everyone feel welcome and safe. And protecting your privacy is an important part of this. This privacy statement offers you a transparent and accessible overview of how Schiphol treats your personal data. This privacy statement sets out which personal data we collect, how long we retain this data and which rights you can exercise.
Many people believe that we at Schiphol collect more information about you than is actually the case. There are also other enterprises located at Schiphol that process your personal data, such as the Royal Netherlands Marechaussee, Dutch Customs, airlines and the operators of retail units and catering establishments. As a rule, Amsterdam Airport Schiphol does not have access to the personal data they process. If you want to know how they treat your personal data, please consult the websites of these organisations.
In this privacy statement, we describe for each service that Schiphol offers the personal data that we process, why we do this and how long we retain those data. Click on the topic to find out more.
Travelling via Schiphol
Working for and at Schiphol
Which rights do you have?
Access to, amendment and deletion of your personal data
You have the right to know what personal data on you are processed by Schiphol. If we have not obtained the data directly from you, you also have the right to know from what source they derive and to receive a copy thereof.
If your personal data prove to be incorrect, you can ask us to amend your data. You can also request us to delete personal data and to discontinue their use. If we process your personal data on the basis of your consent, and there is no other legal basis for the processing, you have the right to withdraw that consent and we will comply with your request to delete them. In some cases, we may refuse your request if, for example, we need your personal data for security reasons at Schiphol or for tax administration.
Restriction of processing and right to transfer your data
If in your opinion we are not processing your data in a correct manner, you can request a restriction of the processing.
You can also ask us to transfer your digital personal data to you or to another party in a readable and usable form.
Lodging an objection
Besides requesting deletion or restriction of the processing, you can also object to the processing of personal data by Schiphol. First, you can do so if you do not agree to Schiphol using your personal data for direct marketing (for instance by profiling).
Second, you can object to the use of your personal data owing to your specific situation. If you lodge an objection, we will in principle temporarily discontinue or restrict the processing. If your objection is accepted, we will definitively discontinue or restrict the processing.
Your request and our response
If you have a question, a request or if you wish to lodge an objection, email our Data Protection Officer (DPO) via email@example.com. We will do our utmost to respond to your request in a timely manner.
We may ask you to send us a copy of a valid ID if this is necessary in order to confirm your identity.
If any part of your request is unclear to us, we may ask you to specify your request and/or to supplement it, to enable us to provide you with the best possible service.
Processing personal data outside the European Union
Schiphol processes personal data as much as possible within the European Union. Schiphol may engage a processor who delivers services whereby data are processed in countries outside the European Union, including the United States of America or India. We do this only in a manner that complies with the requirements of the General Data Protection Regulation.
Whose privacy statement is this and how can you contact us?
Who is the controller?
This privacy statement has been issued by Royal Schiphol Group and relates to all processing carried out by Royal Schiphol Group on or in the vicinity of Amsterdam Airport Schiphol. If you would like to learn more about the processing of personal data at or in the vicinity of other airports that are part of Royal Schiphol Group, please visit the relevant websites.
Royal Schiphol Group includes Schiphol Nederland B.V., Schiphol Real Estate B.V., and Schiphol Telematics B.V. Schiphol Nederland B.V. is the controller for the majority of data processing tasks described in this privacy statement. Where another company is the controller for a particular processing task, this is specifically mentioned in the description of the processing task concerned.
The contact details of Royal Schiphol Group, Schiphol Nederland B.V., Schiphol Real Estate B.V. and Schiphol Telematics B.V are:
Evert van de Beekstraat 202
1118 CP Schiphol
How to contact our Data Protection Officer
Schiphol has a Data Protection Officer (DPO) for all your questions concerning privacy. The DPO also provides advice to us and monitors compliance with the privacy laws and regulations by Schiphol.
Do you have any questions or requests concerning your data? If so, you can send an email to the DPO via firstname.lastname@example.org or send a letter to our postal address, for the attention of the Data Protection Officer. Together with your request, please provide your name, address, email address and telephone number.
How to lodge a complaint with the Dutch Data Protection Authority
If you are dissatisfied with the way in which we treat your privacy or handle your request or objection, you can file a complaint with the Dutch Data Protection Authority.
Where can you find the latest version of this privacy statement?
If necessary, we will update this privacy statement. This may be due to changes in policies, changes in the data processing operations or changes in the systems we use to process data.
This version was issued in 4 september 2020.