Privacy policy

Important Note: This privacy statement in English is a service for the international visitors of our website.

Only the German version of this Agreement shall apply, and in no event shall the English language version of this Agreement be construed to alter the German version of this Agreement or otherwise regulate the relationship between the parties.


FraAlliance GmbH is a joint venture between Fraport and Lufthansa for the provision of services in connection with the operation, maintenance, and development of Frankfurt Airport, in particular for its shareholders Fraport AG Frankfurt Airport Services Worldwide and Lufthansa Commercial Holding GmbH as well as companies affiliated with the shareholders within the meaning of§ 15 AktG.

This includes, but is not limited to, related consulting services,

  • Services in the field of information technologies, software and software applications,
  • Data processing and data analysis
  • Airport services, as well as
  • Developing concepts and recommendations for the development of a long-term target image and passenger processes for the future for Frankfurt Airport, as well as the commissioning of services required for this and the conclusion of cooperation agreements with third parties.

The protection of your personal data is important to us. In the following, we inform you about how your data is processed.

I. Person responsible in the sense of Art. 4 No. 7 DSGVO

a. Responsible entity

FraAlliance GmbH
a Fraport & Lufthansa Joint Venture
Frankfurt Airport, The Squaire 15
60547 Frankfurt am Main, Germany

b. Managing Director

Dirk Schusdziara, Jörg Harnisch

II. Data Protection Officer

Michael Vogelbacher
colenio GmbH & Co. KG

III. Purpose and data economy

We collect, store and use your personal data exclusively within the framework of the provisions of the Regulation on Data Protection Law of the European Union (DSGVO) and the Federal Republic of Germany (BDSG). In the following, we inform you about the type, scope and purpose of the collection and use of personal data. Any further processing for purposes other than those specified below will not take place. You can retrieve this information from this website at any time.

IV. Data transmission security

We use a secure data transmission procedure by means of SSL/TLS encryption. This means that the data you enter in a lost property request or to contact us in a form on our website is protected.

Additional information: To do this, pay special attention to the "s" in the "http(s)" of the URL (the Internet address you enter). This is an indication that your input is secure on the Internet. The web browser you are using has detailed explanations about security procedures and encryption under the help notes.

V. Processing of your personal data

The processing of your personal data takes place in the following cases:

a. Data transmission and logging for internal system and statistical purposes (log files)

For technical reasons, your Internet browser automatically transmits data to our webserver when you access our website. This data includes the date and time of access, URL of the referring website, retrieved file, amount of data sent, browser type and version, operating system and your IP address. This data is stored separately from other data that you enter when using our offer. It is not possible for us to assign this data to a specific person. This data is evaluated for statistical purposes and subsequently deleted.

b. Cookies

This website uses only technically necessary cookies. Website cookies are small files that allow specific information related to the device to be stored on the user's access device (PC, smartphone or similar). They serve the user-friendliness of websites and thus the users (e.g. storage of login data). Most browsers have an option to restrict or completely prevent the storage of cookies. However, it should be noted that the use and especially the user comfort will be limited without cookies.

c. Contact form for lost property

If you have lost an item or piece of luggage at Frankfurt Airport or on a Lufthansa AG flight, you can submit a lost property request to us. The data (lost property number, surname, first name, title, street, house number, postal code, city, state, country, telephone and e-mail address, ID number, flight and travel data, and bank details if applicable) that you send us using the lost and found inquiry form will be processed in our  lost & found software and handled by the relevant administrator. The data transfer is carried out using secure SSL encryption.

d. Contact form FraAlliance GmbH

You have the possibility to send an inquiry to the company FraAlliance GmbH via the contact form. In doing so, the data from the contact form will be processed by FraAlliance GmbH and, if necessary, forwarded to the responsible contact person. SSL encryption protects the data you enter in the contact form. If you do not want to enter the data in the contact form, you can also send us an e-mail to

e. Customer surveys

We may process personal data from you (IP address) as part of customer surveys conducted online. We conduct these customer surveys in order to improve our services or to find out about the needs of you as a passenger. The data you give us during the survey is processed in a database for evaluation and, if necessary, forwarded to the responsible contact persons. 

f. LAB-Gate - Gamification offer
Via the online platform 'Gamification Infokiosk' you have the opportunity to participate in online games and sweepstakes. In the course of the registration required for this, it is necessary to register on the online platform as a user and participant with at least your first and last name, your e-mail address and your place of residence. Your data will be used by us or our service provider for the online platform (MPASS LTD, Pallini, 72 Spaton Av., GR15234, Athens, Greece; Privacy Policy: Privacy and Terms - MPASS, Other personal data, on the other hand, is optional. On the one hand, your information is intended to uniquely identify you and to activate you for the online platform 'Gamification Infokiosk'. In addition, we use the data for direct advertising, the administration of the participation in the promotion and the provision of the prizes.

Through the 'Gamification Infokiosk', we want to improve and further develop the customer experience in the interaction with Fraport and primarily Lufthansa passengers. With this in mind, we may share your personal data with third parties when promotional participation, contests, contracting or similar services are offered by us together with partners. Your data will only be passed on with your consent and on the basis of the conditions of participation in the competitions. Furthermore, your data will not be visible to other users of the online platform or to other users or third parties.

The conditions of participation in the online games and the competitions can be found at:  Gamification Web | Register (

VI. Data subjects and data categories

Data subjects are passengers arriving at or departing from Frankfurt Airport or transferring and visitors to Frankfurt Airport (Fraport AG), visitors to the website, suppliers and business partners as well as employees of Fraport AG and Lufthansa AG, and FraAlliance GmbH. Here, surname, first name, postal address (if applicable), e-mail address, IP address and other data are collected. However, only to the extent described under Purpose and data economy.

VII. Legal basis

The legal basis for the storage, processing and disclosure of your data is, on the one hand, the fulfillment of legal requirements pursuant to Art. 6 para. 1 lit. c DSGVO in conjunction with. §§ 978 ff. BGB (lost property requests), your consent pursuant to Art. 6 para. 1 lit. a DSGVO (e.g. for passenger and visitor surveys, or newsletters and comments).

VIII. Deletion of data / storage period

If the purpose ceases to exist and there is also no legal retention period, the corresponding personal data will be deleted. In principle, the data is only stored for the duration of the above-mentioned purposes.

IX. Recipients or categories of recipients to whom the data may be disclosed

The data will not be transferred to third parties or passed on to third parties without your express consent.

By order of the competent authorities, we may provide information on this data (inventory data) in individual cases, insofar as this is necessary for the purposes of criminal prosecution, averting danger, fulfilling the statutory tasks of the constitution protection authorities or the Military Counter-Intelligence Service, or enforcing intellectual property rights.

X. Data transfer to third countries

A data transfer to third countries is, unless otherwise stated in this privacy policy, not intended and does not take place.

XI. Data subject rights

You have the possibility and the right to contact the responsible entity (see above) at any time and request information about how your data is processed. In addition, you have the right to have your data corrected and deleted. You have the right to restrict processing, i.e. to allow only partial information to be processed. In addition, you have the right to object to the processing of your personal data at any time if the processing is based on a legitimate interest. FraAlliance GmbH will then check to what extent the non-processing conflicts with legal disclosure and processing obligations and inform you accordingly. You have a right to data portability, i.e. that we hand over your personal data to you in machine-readable form in a common format determined by us upon request.

In addition, you have the right to lodge a complaint with the supervisory authority for data protection if you are of the opinion that we are not handling your personal data properly and in accordance with this declaration.

If you have given us your consent to process your data, you can revoke this consent at any time.

XII. Google Services

In the following, we inform you which services of the Google Group (for users within the EU: Google Ireland Limited, Gordon House Barrow St, Dublin 4, Ireland; outside the EU: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). are used on our website.

For more information about Google's privacy practices, please visit:, Google's Statement of Information Collection and Use at, and

a. Google Maps

This site uses the Google Maps service from Google via an API (application programming interface). You can recognize this by the map on our directions page. To use the functions of Google Maps, information about your website use, including your IP address, is usually transmitted to a Google server in the USA and stored there. According to Google, the IP address is not associated with any other data held by Google. However, we would like to point out that Google is technically able to identify individual user data with the data received in any case.

If you are also logged into your Google account, this enables Google to assign your surfing behavior directly to your personal profile and to display personalized maps to you. You can prevent this possibility of assignment if you log out of your account beforehand.

More information on the handling of user data can be found in Google's privacy policy: and in Google's statement on the collection and use of data at The terms of use for Google Maps can be found at

b. Google reCAPTCHA

Our website uses the Google reCAPTCHA service, which belongs to Google. It serves us to ensure that only humans enter data on our site. In this way, we protect ourselves against input by automated programs and abuse (spyware, spam). For this purpose, the reCAPTCHA service analyzes the behavior of you as a website visitor as soon as you call up our website. For this purpose, among other things, your IP address and the duration of your visit are evaluated, but according to Google, they are not linked to other data unless you are logged into your Google account. Google receives this data, possibly on servers in the USA.

For more information about Google reCAPTCHA, visit

For more information about Google's privacy practices, please visit:, Google's Statement of Information Collection and Use at, and

XIII. Social media

In the following, we inform you about which data is processed when you access our online presences in the social networks.

As the operator of our company website, we receive anonymized visitor statistics (insights) in the respective social network, which are created on the basis of data collected by the respective social network. Page insights are summarized data that provide us with information about how users interact with our site. We do not receive personal data. We therefore do not gain insight into the individual personal data of visitors to our company site. As the operator of the company site, we are jointly responsible for the visitor statistics (Insights) with the provider of the respective social network (Art. 26 DSGVO), with the provider of the respective social network assuming primary responsibility. The legal basis for the use of Insights data is our legitimate interest within the meaning of Art. 6 (1) f) DSGVO to provide information and communication offers for interested parties and customers via social networks. We use this information for economic and communication purposes, including to remain competitive as a company.

When you access our online presences in the social networks, the respective social network places cookies on the device you use for this purpose (i.e. your computer or mobile device), which have the purpose of storing information in the web browsers and remain effective for a period of up to two years, unless they are deleted. The respective social network receives the information stored in the cookies, records it and processes it. This happens not only when you access services of the respective social network such as our Instagram/ Xing/ LinkedIn/ Twitter page, but also for services provided by other members of the corporate group of the respective social network, as well as services provided by other companies that use the services of the respective social network. Partners of the respective social network and third parties also use cookies on the respective social networks to provide services. The data is used by the respective social network and third party companies for product research and development and advertising and sponsored content.

Please note that cookies are placed when you access our company website regardless of whether or not you have an account on the respective social network.

If you have an account on the respective social network, the respective social network collects and processes data when you access the company page, provided you have provided this data in your account. This includes your age, gender, relationship status, professional situation as well as information about your lifestyle, interests and purchases or purchasing behavior (demographic data). The respective social network also collects and processes geographical data such as your location. This is used by the respective social networks to offer their information services and advertising in a targeted manner (personalization). The respective social network can assign this data to your person.

If you do not have an account on the respective social network, the cookie placement will in any case collect your IP address, information about your device, the region or, if applicable, the more precise location where you use it, call time and dwell time, as well as estimate the above demographic data based on your browsing behavior.

You can prevent the collection of the data generated by the cookie and related to your use of our company website (including your IP address) to the respective social network as well as the processing of this data by the respective social network by adjusting your cookie settings before calling up our company website in the social networks. Most browsers have an option to restrict or completely prevent the storage of cookies. However, it is pointed out that the use and especially the user comfort will be limited without cookies. In addition, you can activate the "do not track" function in your browser, disable script code executions in your browser or use a so-called script blocker.

The U.S. providers of the respective social network also have servers in the U.S. as well as other EU third countries and use a network of computers, cloud-based servers and other infrastructure and information technologies as well as other service providers that may be located outside the European Economic Area and Switzerland, i.e., in countries whose data protection does not meet the level of the EU GDPR and the Federal Republic of Germany. In this case, further guarantees such as standard contractual clauses of the EU Commission are concluded.

We maintain online presence on:

Twitter, provider: Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, US

For more information, please see Twitter's data policy: 

Instagram, provider: Facebook Inc., Headquarters: 1 Hacker Way, 94025 Menlo Park, CA, USA; for users within the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

For more information, please contact

XING, Provider: NewWork SE, Dammtorstraße 30, 20354 Hamburg, Germany

For more information, please see Xing's privacy policy at:

LinkedIn, Provider: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA ("LinkedIn"), and LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, respectively.

For more information, please see LinkedIn's privacy policy at

XIV. External links

For your optimal information, you will find links on our pages that refer to third-party pages. Insofar as this is not obviously recognizable, we point out that it is an external link. FraAlliance GmbH has no influence on the content and design of these pages of other providers. The guarantees of this data protection declaration therefore naturally do not apply there.