Privacy Policy

Data protection statement: Lufthansa Technik Shenzhen for

1. Controller

We, Lufthansa Technik Shenzhen , Hangzhan 4th road, 2031, Bao'an district, Shenzhen, China, (hereinafter also referred to as "we" or "us"), hereby provide you with information on the processing of your personal data collected as part of your use of our website ("website").
If you have any further queries regarding data protection in connection with our website or the services offered, please contact our data protection coordinator:
Data Protection Coordinator for the Lufthansa Technik Shenzhen

2. Scope and purpose of and legal basis for the processing of personal data

We collect and use personal data directly from our users or from other sources (see below) in the following situations:

2.1. Provision of the website and log file creation

By visiting our website the system automatically records data and information about the user's computer system each time the website is accessed. The following data ("technical information") are collected:
•    Information on the browser type and version used
•    The user's operating system
•    The user's Internet service provider
•    The user's IP address
•    The date and time of access
•    Websites from which the user's system accesses our website 
•    Websites accessed by the user's system via our website

The log files contain IP addresses and other data which can be attributed to a user. This might be the case if, for example, the link to the website from which the user accesses the website or the link to the website to which the user switches contains personal data.

The Data are also saved in our system's log files. This data is not stored together with other personal data of the user.
We collect and use this technical information for the purposes of (network) security (to for example ward off cyberattacks), marketing, and to be able to better understand our users' needs, as well as to continuously improve our website and enable users to access the website from their computers. 

The data is stored in log files in order to ensure that the website functions properly. This data also helps us optimize the website and ensure the security of our IT systems. It is not analyzed for marketing purposes in this context. 
The legal basis for the temporary storage of data and log files is Article 6(1)(f) of the EU General Data Protection Regulation (GDPR).

2.1.1. Use of cookies

Our website uses cookies. Cookies are text files stored in the web browser or by the web browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a distinctive character string which allows for unique identification of the browser when the website is accessed again.

Cookies are stored on the user's computer, which transmits these to our website. Therefore, users have full control over the use of cookies. You may disable or restrict the transmission of cookies by changing your web browser settings. Previously stored cookies can be deleted at any time. This may also be done automatically. If cookies are disabled for our website, you may no longer be able to use all of its functionality.

2.2. Use of the services offered on our website

We offer a number of services on our website. To provide those services, we must collect and process personal data from the user or our customers.

2.2.1 Statistical analyses

There is a possibility that your data may be analyzed in a data warehouse to evaluate the preferences of our registered customers ("statistical analysis") for the purposes of interest-led marketing, individual approaches and continuous optimization of our business processes. We undertake this processing in order to acquire a better understanding of what our customers expect from us and to allow us to offer you communication that is tailored to you personally. This analysis also helps us with fraud detection, auditing and safeguarding security, which is why we perform this processing to protect our legitimate interests, Art. 6(1)(f) GDPR.

2.3. Processing personal data to fulfill the contract
In order to fulfill our obligation of the contract, we collect and process the contacts information of the vendor or customer. This data contain mainly the name, email address, telephone, fax, mobile, address, company name. These data is stored in our ERP or CRM system for contact purpose as long as contract is valid. It might be stored longer to fulfill the warranty obligation or other obligation required by the airworthiness authority.

2.4. Processing personal data to manage our public relationship with authorization or other organization
In order to keep contact with airworthiness authority or government, we collect and process the contacts information of their representatives. This data contain mainly the name, email address, telephone, fax, mobile, address, name of organization. These data is stored in files of responsible persons for contact purpose. And it will be deleted once it is not applicable for the relationship kept.

2.5. Processing personal data for security and US export control obligation
In order to ensure the safety environment and our obligation of AEO and US export control, we collect and process the visitor's information. This data contain mainly the Salutation, name, data of birth, company or organization name of visitor country of the company or organization, date of visit. These data is stored in our visitor management system and screened against sanction lists. And it will be deleted 1 years after the visit.

2.6. Processing personal data for issue invitation letter
In order to support the business visit or other non-business activities, LTS collect the personal data of potential visitors to issue the invitation letter to them. This data contains name, Passport ID, data of birth, nationality, visit duration, company or organization name, department name, position. The data is only store in invitation letter or email and it will be deleted once the invitation letter is issued.

2.7. Our legitimate interests in processing personal data

If Art. 6(1)(f) GDPR forms the legal basis for the processing, our legitimate interests are, in addition to the purposes listed above:

•    To protect the company against material and immaterial damage
•    Professionalism (of our products and services)
•    Cost optimization (control and minimization)

2.8. Other processing commitments

If obliged to do so by law, we process personal data in order to meet duties of retention under commercial or tax law or to meet legal security requirements (such as Section 7 of the Aviation Security Act [LuftSiG]). For further information on retention periods, please refer to "Duration of the data processing".

3. Duration of data processing

Your personal data are deleted as soon as they are no longer needed for the specified purposes. In certain circumstances, personal data are kept for the period of time during which claims against Lufthansa Technik Shenzhen may be. Personal data are also saved to the extent that and for so long as Lufthansa Technik Shenzhen is legally obliged to do so. Corresponding burdens of proof and duties of retention arise from, among others, the Commercial Code, Tax Code and Money Laundering Act. These prescribe retention periods up to ten years.

4. Right to object in accordance with Article 21 of the GDPR

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) of the GDPR, including profiling based on those provisions. 

The controller shall no longer process your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or processing is necessary for the establishment, exercise or defense of legal claims.

Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data, which includes profiling to the extent that it is related to such direct marketing.

Where you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

5. Disclosure of personal data to third parties

We may be required to forward your personal data to third parties within or outside the Lufthansa Group in order to be able to offer you our products and services on the basis of our contractual obligations or our legitimate interests. These recipients can be categorized as follows:

•    Service providers
•    Transportation and logistics
•    Marketing
•    IT
•    Government bodies and authorities
•    Members of the Lufthansa or Lufthansa Technik Group

Personal data may be transmitted to third countries or international organizations as part of this. For your protection and the protection of your personal data, appropriate safeguards are provided for such data transmissions as per and in accordance with legal requirements (particularly, the use of EU standard contractual clauses) or an adequacy decision has been issued by the EU Commission (Art. 45 GDPR).

For information on EU standard contractual clauses, please visit []. The EU Commission provides the relevant information relating to its adequacy decisions at [].

We are also legally obliged to provide personal data to German and international authorities, Art. 6(1)(c) GDPR together with local and international regulations and agreements.

6. Rights of data subjects

Lufthansa Technik Shenzhen is committed to the fair and transparent processing of data. We therefore believe it to be important that data subjects not only have the right to object, but can also exercise the following rights if the relevant legal requirements are fulfilled:

•    Right to access (Article 15 of the GDPR)
•    Right to rectification (Article 16 of the GDPR)
•    Right to erasure ("right to be forgotten") (Article 17 of the GDPR)
•    Right to restriction of processing (Article 18 of the GDPR)
•    Right to data portability (Article 20 of the GDPR)

To exercise your right, please email In order to process your request and for identification purposes, please note that we will process your personal data in accordance with Art. 6(1)(c) GDPR. 

You also have the right to lodge a complaint with a supervisory authority. The relevant supervisory authority for Lufthansa Technik Shenzhen is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit

7. Consent

If you give your consent to us for processing your personal data, please note that you may withdraw this consent at any time.

In all cases, you can contact via email

Please note that your consent can only be withdrawn with future effect and such a withdrawal does not have any influence on the lawfulness of past processing. In some cases, we may be entitled in spite of your withdrawal to continue to process your personal data on a different legal basis – e.g. to perform a contract.

8. Disclaimer and limitations of these data protection notices

These data protection notices only apply to processing for the website Other websites are not covered by these data protection notices and provide their own specific data protection notices.