Privacy Policy

Who we are

Registered Office: 5-6 George Street, St Albans, Herts AL3 4ER. Registered in England No. 3782019 VAT Registration No. 720 0630 91

For any questions please contact us at GDPR@1stflight.co.uk

Why we have made changes

As a result of the new General Data Protection Regulation (known as GDPR) coming in to effect on 25 May 2018 and the subsequent changes following Britain's exit from the EU (BREXIT), we now have to advise you how we will process your personal information.

What we will need from you

In order to review and process your claim we will need to take personal details from you, these will include those relating to you i.e. your name, address, email address, telephone number and nationality.

We will also need to take details relating to the travel in which you are claiming. These details will include but are not limited to, your booking reference, flight number, route travelled, sector in which incident occurred, incident type, claim type, reported date, property irregularity report (PIR), luggage details and insurance details if applicable.

We will also ask for details relating to the exact claim type and these can consist of specific item details, brand, size, colour, date purchased, price paid and proof of purchase.

If a settlement is agreed in order to process a payment, we will ask that you complete a 'Settlement and Release' form and upload this to your claim. We will require you to share your account details at this stage in order to process a payment.

If we have agreed to offer you a settlement in the form of a replacement item, or we have agreed to return an item to you, we will need to share your address details with a third-party carrier to arrange this shipment.

How your data will be held

Your data will be stored for the purpose of processing your claim only. We do not share data with any third parties (apart from those detailed above/below) or advertisers. However, the airline you travelled with may request we share your information with other departments, legal bodies or mediation companies, to again either assist in the resolution of your claim or in the prevention of fraud. For more information on this please visit your airlines website and view their individual privacy policy.

Your data will be held live in our systems for the length of time it takes to process your claim. For the avoidance of doubt, data will be held in its entirety for a period of 9 months after what we believe to be completion of your claim. The reason for this is to ensure that there are no unresolved issues in the shipping of your item or the settlement of your claim. From that point on data will only be held for the prevention of fraudulent claims and for accounting/legal obligations. This means that there will be a log of your claim, recorded by your claim number and claim type.

Computer information

When you use our Website, we automatically collect certain computer information by the interaction of your mobile phone or web browser with our Website. Such information is typically considered Non-Personal Information. We also collect the following:

Cookies

Our Website uses "Cookies" to identify the areas of our Website that you have visited. A Cookie is a small piece of data stored on your computer or mobile device by your web browser. We use Cookies to personalize the Content that you see on our Website. Most web browsers can be set to disable the use of Cookies. However, if you disable Cookies, you may not be able to access functionality on our Website correctly or at all. We never place Personally Identifiable Information in Cookies.

Secure transmission of data

Our Website uses Secure Socket Layer (SSL) to ensure your information sent across the internet is encrypted and secure. It also ensures you are sending information to our server and not an imposter site.

How we keep your information secure

Our databases are held on Azure SQL Databases. With enabled Advanced data security allowing us to protect data by classification such as personally identifiable information, performing ongoing vulnerability assessments and alerts to any threats that are detected. The databases are encrypted along with backups and logs.

The database resides in the UK (south).