This website is the property of and is operated by European Air Ambulance (EAA) a brand of LUXEMBOURG AIR AMBULANCE SA, Luxembourg Airport, L-1110 Findel GRAND-DUCHY OF LUXEMBOURG (LAA).
Contact and other details.
- EAA can be contacted at this address: firstname.lastname@example.org
- VAT number: LU17596310
- Business license and issuing authority: European Air Ambulance (EAA) a brand of Luxembourg Air Ambulance S.A., a Luxembourg limited company, having its registered office at Aéroport de Luxembourg, L-1110 Findel GRAND-DUCHY OF LUXEMBOURG registered with the Luxembourg Commerce and Companies register under the number B65837
EAA collects and processes personal data on this website’s
users, and is the controller in respect of the processing of such data.
EAA is committed to respecting your privacy and protecting your personal
data in accordance with the law, in particular the EU General Data
Protection Regulation 2016/679.
DATA PROTECTION OFFICER
EAA has appointed a data protection officer, who can be contacted at email@example.com.
The processing of your data is based on the following grounds:
is necessary for us to take steps at your request prior to entering
into a contract (where your apply for or subscribe to services),
is necessary for the performance of a contract with you (where you are a
customer and we deliver the services you have requested),
is necessary for compliance with legal obligation to which we are
subject (for instance, if you are a customer and use our services, for
the processing related to invoicing, accounting and other mandatory
is necessary for the purposes of our legitimate interests (such as,
manage our operations and service delivery conditions, manage donators’
relations and donations, promote our services and company, manage
subscriptions to our newsletter and other publications or events,
improve our website and services, collect metrics and statistics on your
use of our website).
EAA may share your data with other entities of our group,
third-party partners/providers as necessary to perform our operations
and deliver services to you and, where required by law, competent local
TRANSFERS OUTSIDE THE EU/EEA
We do not transfer your personal data
outside the EU/EEA for our own internal purposes. However, if you use
our services for medical transportation or flight operations from, to or
flying over locations that are outside of the EU/EEA, we may have to
transfer your data to concerned countries as required under applicable
local law and as necessary to perform our service contract with you or a
contract concluded in your interest with a third party, or as necessary
to protect your vital interest or otherwise for the establishment,
exercise or defence of legal claims. If appropriate, we may also use
alternate safeguards, such as entering into EC approved standard
We will retain your personal data for as long as required to
deliver the services you have requested, and then for the mandatory
retention duration set forth by applicable law.
You have certain rights concerning your personal data
under the law as mentioned below, and can exercise them by contacting
our Data Protection Officer at firstname.lastname@example.org.
- Access right You have the right to access your personal dat We process a large
quantity of information, and can thus request, in accordance with the
law, that before the information is delivered, you specify the
information or processing activities to which your request relates.
- Right to rectification. You can ask us to rectify, correct or update inaccurate and/or incorrect data.
- Other rights. In
certain limited cases (in which case we will analyse whether the
conditions for the exercise of such rights are fulfilled, in line with
the law), you may object to, or request the limitation of, the
processing of your personal data, or request the erasure or portability
of your personal data. You should note that the law authorizes us to
retain and continue processing certain personal data, even where you
have exercised your rights to object or erasure, for legitimate and
compelling reasons such as compliance with applicable law. Finally, you
can contact the Luxembourg data protection authority (Commission nationale pour la protection des données) to introduce a claim.
website is using cookies. Cookies are small text files that are placed
on your computer by websites that you visit. They are widely used in
order to make websites work, or work more efficiently, as well as to
provide information to the owners of the site.
are typically stored on your computer's hard drive. Information
collected from cookies is used by us to evaluate the effectiveness of
our website. The information collected from cookies allows us to
determine such things as which parts of our website are most visited and
difficulties our users may experience in accessing our website. With
this knowledge, we can improve the quality of your experience on the
website and deliver more of the most desired features and information,
as well as by resolving access difficulties. We use third party service
providers, to assist us in better understanding the use of our website,
who will place cookies on the hard drive of your computer.
you want to avoid using cookies altogether, you can disable cookies in
your browser or equipment. However, disabling cookies might make it
impossible for you to use certain features or our website or services.
Your use of our website with a browser that is configure to accept
cookies constitutes an acceptance of our and third-party cookies.
4. Data Processing on your Behalf
Where you are a corporate or institutional customer ordering flight operations or other EAA services (SERVICES) on behalf of third-party transported persons (BENEFICIARIES), you may in certain instances be regarded as a controller in respect of certain personal data processing operations (the PROCESSING)
that we will carry out whilst organising and performing such SERVICES.
In such case, EAA may act as a processor to you with respect to the
PROCESSING. This section applies to this particular situation.
We are committed to complying with the obligations set out
in this section vis-à-vis any customer for which we act as a processor.
If you are such customer and wish to obtain a written executed agreement
aligned on the requirements or art. 28 of the EU General Data
Protection Regulation 2016/679, please contact our Data Protection
Officer at email@example.com.
This section does not apply to PROCESSING we carry out
in capacity as independent controller (e.g., as required to manage and
deliver the SERVICES, for billing and accounting purposes, to document
and evidence the SERVICES provided, for medical or transportation
organization, formalities and liability documentation, or otherwise as
required for compliance with legal hold and similar obligations
applicable to EAA, together the EAA PURPOSES). Nothing in this
section 4 shall be interpreted so as to allow or enable you to restrict
EAA’s ability to perform acts of processing (including retention) on
personal data (including on BENEFICIARIES) for the EAA PURPOSES.
The terms ‘personal data’, ‘processing’, ‘controller’ and ‘processor’
have the same meaning in this section as in the EU General Data
Protection Regulation 679/2016 (and its implementing and successor
You have requested EAA, who has accepted, to provide the SERVICES. In
this context, you expressly requests EAA to carry out the acts of
PROCESSING that are necessary to provide the SERVICES or otherwise
comply with our obligations under the relevant SERVICES agreement. The
applied to personal data which are/will be/have been provided by you to
EAA in the context of the SERVICES, and any other data you may instruct
us to generate, collect and/or process from time to time through
written documented instructions (the INSTRUCTIONS), and
the acts of processing detailed in the relevant SERVICES agreement, or
otherwise necessary for the performance of the SERVICES, related
documentation and EAA’s procedures, and any other acts of PROCESSING you
may instruct us to carry out from time to time through INSTRUCTIONS.
TRANSFERS OUTSIDE THE EU
You hereby instructs and authorizes EAA to
transfer BENEFICIARIES’ and your data outside the EU territory as
strictly necessary to organise and deliver the SERVICES (in particular
without limitation, to transfer and communicate such data to regional,
national, federal or local aviation, customs, law enforcement,
immigration, health or other administrations or authorities as may be
required under the local law or regulations of the countries of
departure, destination or transit or airspace used when delivering the
EAA DUTIES. EAA undertakes:
to perform any act of PROCESSING for purposes other than delivering the
SERVICES, performing its obligations under the relevant SERVICES
agreement or complying with INSTRUCTIONS or applicable law; this is
without prejudice to EAA’s right to process the BENEFICIARIES’ and your
data for EAA PURPOSES,
- to assist you to the best of its ability in responding to:
- personal data protection statutory or regulatory requirements applicable to you (such as, data protection impact assessments),
- BENEFICIARIES’ requests or exercise of their statutory rights on their data,
- your requests for information on the PROCESSING or its conditions,
- your auditors requests, audits or inspections, and
- your local authorities’ (including data protection authority’s) queries or audits;
in such case, EAA may charge additional fees and expenses,
use exclusively personnel subject to a contractual and (where
applicable) statutory confidentiality duty; it is reminded that medical
secrecy is guaranteed by Luxembourg law and breaches are subject to
criminal sanctions under art. 458 of the Luxembourg Criminal Code,
implement and maintain at all times, throughout the duration of the
PROCESSING, technical and organisational security measures that are
appropriate with respect to the nature of the PROCESSING and associated
risks, and notably, depending on technical feasibility and the nature of
- to encrypt personal data, in particular where transferred to subprocessors,
- to ensure the ongoing confidentiality, integrity, availability and resilience of PROCESSING systems and related services,
ensure the ability to restore the availability and access to personal
data in a timely manner in the event of a physical or technical
regularly test, assess and evaluate the effectiveness of technical and
organisational measures for ensuring the security of the PROCESSING.
inform you without undue delay after having become aware of a personal
data breach affecting the DATA, unless such breach is unlikely to result
in a risk to the rights and freedoms of data subjects.
EAA may use providers and subprocessors whilst delivering SERVICES at
any time in its discretion in case of vital emergencies, in which case
EAA will take the necessary decisions, if applicable in capacity as
controller of the relevant processing. Subject to this, you hereby
authorise and instruct EAA to commission the PROCESSING (in whole or in
part) to subprocessors.
This section 4 enters into force on the date of your
ordering of SERVICES and continues to produce effects until its
automatic termination at the date of effective termination of the
relevant SERVICE agreement. At the termination of the SERVICE agreement
and subject to your instructions, EAA will, at your INSTRUCTION, delete
or return personal data to you, and delete existing copies unless if EAA
needs or decides to further use and retain such personal data for the
This section 4 shall be governed by Luxembourg law.
Any disputes, claims or litigation in connection with the PROCESSING,
the SERVICES or the relevant SERVICES agreement shall be brought
exclusively before the courts of the judicial district of