When you use HOP! services, notably those available on the website, mobile site, and mobile apps, HOP!, who is responsible for handling data, may collect and process your personal data.
HOP! is a member company of the group AIR FRANCE-KLM.
HOP! is committed to adhering to the regulations concerning the privacy and data security of its passengers, prospects and users of its websites, mobile sites and mobile apps. All data collected through the HOP! website is processed in accordance with all local legislation and the terms laid out in the revised version of the French Data Protection Act of 6 January 1978, and the General Data Protection Act (EU regulation 2016/679) or "GDPR".
To ensure the proper application of these regulations, HOP! has put in place appropriate internal procedures to raise awareness amongst its employees and ensure the regulations are correctly implemented within the organization.
HOW IS HOP! COMMITED TO PROTECTING MY DATA?
HOP! is committed to ensuring a high level of data protection for its customers, prospects, users of its website, mobile site and mobile apps and all other persons whose data it processes.
HOP! is committed to respecting the regulations that apply to all the data it processes. More specifically, HOP! commits in particular to the following principles:
- Your personal data is processed lawfully, fairly and in a transparent manner (lawfulness, fairness and transparency).
- Your personal data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (purpose limitation).
- Your personal details kept in a form which permits the identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (storage limitation).
- Your personal data is accurate, kept up to date, and every reasonable step is taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy).
HOP! has put in place appropriate technical and organizational measures in order to ensure a sufficiently high level of security in relation to the inherent risk involved in data processing, to meet regulatory demands and to protect the rights and the data of the people concerned from the moment the data is collected.
Moreover, HOP! contractually requires that its subcontractors (service providers, suppliers, etc.) implement the same level of data protection.
Finally, HOP! is committed to adhering to all other principles related to data protection, and more specifically, pertaining to users' rights, the duration of time that data is stored, as well as obligations regarding the transfer of personal data.
HOW DOES HOP! USE THE DATA IT COLLECTS?
1. How we collect your data
When you use HOP! online services, we receive your data through different channels and more specifically on our websites, our mobile sites and mobile apps, whilst you are browsing, buying or booking online, when you complete an online form, when you sign up to the newsletter, when you create a HOP! account, when you apply for a job position, when you post comments on our social media, when you make contact with HOP! or when you send your data to us in any other way.
2. Purpose for data processing and legal grounds
Your personal data is primarily used to enable you book and purchase tickets and for us to provide specific services: transportation, market research, creating customer loyalty, activities, sales information, satisfaction surveys, new products and services designed to improve customer experience in the airport or during a flight, statistical surveys, recruitment, customer service, handling customer requests and/or complaints, but also to ensure flight safety and security and to combat fraud.
In addition to instances where we received consent from you (notably to communicate personalized offers with you), it is necessary for us to collect your data for the aforementioned purposes:
- To enable the fulfillment of the transport contract
- To comply with a legal obligation (notably to ensure flight safety, carry out the mandatory immigration processes in conjunction with French or foreign public authorities…)
- For legimitate purposes in the interest of HOP! (to develop new services and products, improve the loyalty programs, improve customer services...).
More specifically, your data will be used:
- to allow you to benefit from services available on the HOP! website, mobile site and mobile apps: creation of user accounts, e-newsletters, managing reservations, assistance and claims, etc.
- to provide a seamless browsing experience on our websites,
- to ensure that the information, notifications, promotions, and other services we provide are suited to your interests,
- to be enriched by sharing some information with certain business partners to improve our understanding of your interests so that we can inform you of our latest deals and other forms of personalized services (subject to your prior authorization when requested and with respect to your right to unsubscribe at any time, in accordance with the regulations regarding marketing activities),
- to complete administrative formalities required for immigration and customs, prevent unpaid bills, combat fraud, and ensure flight safety and security.
Any incident that occurs during the fulfillment of the transport contract and liable to compromise the safety or security of a flight may be recorded and kept on file, be subject to a filed complaint, and result in a travel ban on flights provided by HOP! for a duration of 3 years.
FOR HOW LONG IS MY DATA STORED?
HOP! is committed to storing your personal data no longer than necessary for the purpose for which it was processed. Furthermore, HOP! stores your personal data in accordance with the retention period imposed by current regulations.
This retention period depends on the purpose for which the data is being processed by HOP! and takes into account regulations which impose a specific retention period for certain categories of data, possible time limits as well as CNIL recommendations regarding certain types of data processing (for example, Deliberation n° 2016-264 of 21 July 2016 introduces modifications to this simplified declaration concerning automated data processing related to clients and prospects (NS-048), article L.232-7 about national security with regard to transmitting passenger details to the French authorities, storing cookies for 13 months according to CNIL recommendations...).
WHO USES THE PERSONAL DATA COLLECTED BY HOP!?
1. Who may use your data
Personal data collected on the HOP! website, mobile site and mobile apps may be communicated to authorized HOP! personnel, its parent company Air France, its partners (KLM, SkyTeam, accredited travel agents, transportation companies, car rental companies, hotels, credit card providers, etc.) or to providers of other related services, in order to carry out the services as outlined above.
Please note that in these specific cases, HOP! requires its subcontractors (service providers, suppliers, etc.) to implement strict confidentiality and data protection policies.
As outlined by French and international laws and regulations, HOP!, as well as any other airline, may be required to communicate personal data to authorized local authorities (customs, immigration, police, etc.) both in France and overseas. For example, this may be necessary in order to complete required immigration formalities and to prevent and combat terrorism and other serious crimes.
In accordance with Article L.237-7 of French Internal Security Code, please be informed that airlines may be required to communicate personal data to authorized booking, check-in and boarding data collected from their passengers (API/PNR) to the French authorities for the purposes and under conditions as defined in the Decret N° 2014-1095 dated 26/09/2014.
2. Data transfer outside the European Union
Some of the parties mentioned above may be located outside the European Union and have access to all or some of the personal data collected by HOP! (name, passport number, trip details, etc.) in order to fulfill the transport contract or comply with specific legal requirements.
In this case, HOP! guarantees a high level of data protection according to the most stringent rules, with respect in particular to signing contractual clauses, on a case-by-case basis, based on the European Commission template, or other mechanisms in compliance with the GDPR, whenever your personal data is processed by a service provider outside the European Economic Area and whose country is not considered by the European Commission to implement a sufficient level of protection.
HOW CAN I EXERCISE MY PRIVACY RIGHTS?
As outlined in the French “IT security and freedoms” law, you have the right to view, change, delete, or contest any data pertaining to you, as well as to limit, withdraw and refuse the transmission of your personal data.
Furthermore, you have the legal right to decide what happens to your personal data in the case of death.
Moreover, any person under the age of 16 at the time the personal data was collected may request that the data be deleted at the earliest opportunity.
Requests to exercise this right must be addressed to:
Data Protection Officer / Directrice juridique HOP! Air France. 30 avenue Léon Gaumont, CS 12041, 75990 Paris Cedex 20, France or by email at firstname.lastname@example.org. This e-mail address should only be used in the legal context set forth above. Any request unrelated to exercising the right to gain access to personal data shall not be dealt with.
Please provide details including your full name and e-mail address in order for us to be able to identify you, as well as any other relevant information to confirm your identity.
For some services, these rights may be exercised directly on the website (managing your personal account, bookings, etc.).
You also have the right to receive help from the CNIL (Commission Nationale de l'Informatique et des Libertés) in the event of a violation of the regulations regarding Personal Data and, more specifically, the GDPR.
When you contact our customer service department, your call may be recorded in order for us to improve our service, and to avoid any legal disputes or malicious calls. If you do not wish to be recorded, please inform the agent at the start of the conversation.
You also have the right to refuse for your data to be collected for marketing purposes. When required by law, personal data will only be used for online marketing once your express consent has been obtained.
If you no longer wish to receive the HOP! newsletter by e-mail, you can use the unsubscribe link located at the bottom of each message.
The provision of certain services is dependent upon the collection of personal data (special meals, medical assistance, etc.). You can, of course, exercise the right to oppose the use of this personal data, but you may not be able to benefit from these services as a result.
As stipulated by French and international laws and regulations, failure to provide data or providing incorrect data may result in you being stopped from boarding or refused entry into a foreign country (upon decision by customs authorities, for example), in which case HOP! cannot be held responsible.
HOP! ONLINE SERVICES
HOP! seeks to continuously improve its electronic services to facilitate access to its customers, potential customers and visitors. The HOP! website (and mobile site) notably provides 24-hour access to online booking and ticketing services. You can also obtain information about hotel and rental car options, as well as travel insurance provided by our partners.
In a continued effort to improve the services offered on the website and meet customer expectations, HOP! may use “cookies.” These are text files used to identify customers’ devices when accessing HOP! services.
The storage of cookies or tracers on your device (desktop computer, tablet, smartphone, etc.) allows HOP! to gather information and personal data. Depending on the settings on your device, cookies permit the following:
- Cookies enable you to use the major features on the HOP! website.
- They help us improve our website and detect any bugs you may encounter.
- They enable us to remember your choices and preferences and personalize your user interface.
- They allow us to gather statistics in order to manage traffic to the website and the use of different sections of the HOP! website (visited pages, navigation habits of the user) which allow us to improve the user experience on the website and the services we offer you.
- They enable us to track the effectiveness of our marketing campaigns by counting and analyzing the number of sales and clicks associated with our marketing investments.
- They show us the content of pages you view, your flight searches, information you chose to share when registering with other website, pages and websites you visited recently.
- They allow us to share information with other websites in order to display advertizing content that is interesting and useful to you.
- They enable us to share information on social media.
IT SECURITY / SECURE TRANSACTIONS
HOP! is committed to ensuring the security and privacy of the personal data that you provide us. We implement all necessary technical and organizational measures, with regards to the nature, impact and context of the personal data that you share with us and the risks involved in processing it, in order to protect your personal data and, more specifically, to prevent any corruption, damage, or unauthorized use by third parties, either through accident or criminal activity. You can therefore purchase your ticket on our website with the guarantee that your data is kept confidential and secure.
We provide a secure online payment system using the latest technologies.
HOP! is committed to combating online identity theft. For this reason, HOP! uses a fraud detection system for payments made by credit or debit card. The system is designed to protect you in case of loss or theft of credit or debit cards.
We strongly advise against communicating any document issued by HOP! that contains your personal details (boarding pass, ticket number, etc.) to third parties or posting such documents on social media.
To learn about security best practices, please visit the French-language IT security portal. The general conditions for certain services available on the HOP! website, mobile site and mobile apps may contain additional terms relating to the collection and use of personal data.
Finally, HOP! has implemented a procedure specifically designed to manage security breaches which allow us to intercept any data breaches, notify the relevant authorities and alert you to the fact that your personal data may have been affected.
PERSONAL DATA CONCERNING MINORS
HOP! does not gather or process personal data of minors under the age of 15 without prior consent from his or her parents or legal guardian.
If personal data concerning children are gathered via the HOP! website, mobile site or mobile apps, their parents or legal guardian have the right to refuse by writing to the address stated at the bottom of this page.
Furthermore, as stated above, any child under the age of 16 at the time the data was collected, may request his or her data to be erased at the earliest opportunity.
LINKS TO OTHER WEBSITES
Several pages on the HOP! website contain links to access the websites of other companies. We recommend that you read the data privacy policies of these non-HOP! websites, as these terms may vary from those on the HOP! website. HOP! is not responsible for the use of your personal data on these external websites.
For more information on the entry regulations that apply for your destination country, please go to the Formalities section of the website.
For any further questions related to this policy or the way in which HOP! processes your personal data, please contact us at the following address: HOP!, 30 avenue Léon Gaumont, CS 12041, 75990 Paris Cedex 20.
The current version is dated 1 May 2018.