(effective from 30 December 2020)
The purpose of this short Privacy Notice (“Privacy Notice”) is to provide you basic information about how Wizz Air companies process your personal data, either about how you use our website at www.wizzair.com (“Website”) or mobile application (including using "cookies") or if you make bookings with us (e.g. your booking information and travel patterns). The Privacy Notice helps you to better understand how we use your personal data and explains how we collect and use it and with whom it is shared.
Data Controller and Wizz Air’s Data Protection Officer
Wizz Air Hungary Ltd. (seat: Laurus Offices, Kőér street 2/A, Building B, H-1103, Budapest, Hungary), Wizz Air UK Limited (seat: Main Terminal Building, London Luton Airport, Luton, United Kingdom, LU2 9LY) and Wizz Air Abu Dhabi LLC. (seat: 10th Floor, Andaz Capital Gate, Al Khaleej, Al Arabi Street, P.O. Box 164, Abu Dhabi, United Arab Emirates); “Wizz Air”, “we”, “our” or “us”. Each Wizz Air entity is considered as individual data controller, however, in certain cases Wizz Air entities are acting as joint data controllers as detailed in Joint Controllers section of this Privacy Notice. Wizz Air has appointed a group data protection officer and please refer to the relevant section in the Full Privacy Notice.
Purposes and Legal Basis for Processing Your Personal Data
If you visit our Website, register an account, contact us, make bookings or travel with us, then we will process your personal data to provide you with our services and for the additional purposes identified below.
We need the personal data relative to fulfilling service delivery, flight booking, payment and flight communication purposes as detailed in this Privacy Notice to perform the General Conditions of Carriage and provide you with our services or personalized offers. If you do not provide us with the requested personal data, we will not be able to provide you with all or parts of the services you have requested from us.
If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, we will provide you with an updated notice explaining all conditions relating to the new processing prior to the new processing takes place. If required, we will seek your consent before commencing the new data processing activity.
2. Wizz Air Account Management: to create and maintain your Wizz Account to identify you as a user and give you access to the services and features we offer to our registered users, and to manage your Wizz Credits the processing of your data is necessary for the fulfilment and execution of the Wizz Account Terms and Conditions
3. Service delivery, flight booking, payment and communication about your flight: the processing of your data is necessary for the performance of a contract, for the management of your booking and payment and the fulfilment and execution of the General Conditions of Carriage of Passengers and Baggage.
In certain cases, we also need to process special categories of personal data (sensitive personal data), e.g. health related data, for example when you request special assistance from us and/or an airport operator (such as the provision of oxygen), or when you provide us with information about your fitness to fly (for instance if you are pregnant, or allergy information) for safety reasons. To process your sensitive personal data, we may need to obtain your explicit consent, otherwise, we may not be able to provide you with the requested service(s).
4. Third parties’ service offerings: We may process your personal data based on your consent to convey third parties’ services and products to you. If you use a Wizz Credit Card, please refer to the applicable Joint Controllers Privacy Notice to understand how we share our responsibilities and roles relative to processing of your data. Otherwise, we have no control over the services and products you may purchase from third parties.
5. Marketing communications and newsletters: To carry out customer satisfaction surveys for analytical purposes, for quality improvements, for service developments, to improve the performance of the website, to measure the success of our advertising campaigns or to tailor services to your needs we rely on legitimate interests. In order to send you newsletters on the contact channel of your choice we rely on your consent.
6. Security and operational safety: to perform support administrative tasks, anti-fraud screening, for safety operational and other reports and security purposes we rely on our prevailing legitimate interests and it is in our duty to protect vital public interest and fulfil related legal obligations.
7. Secure legal compliance: to comply with the mandatory provisions of the applicable laws such as accounting, billing, audit purposes, consumer protection, immigration or public health related purposes.
8. Provide Customer Care services: the purpose of processing your personal data is to manage your questions and inquiries to us. Calls made with our Customer Care are recorded for the protection and reproducibility of verbal commitments if you give your consent to that and they may be connected with other reservation data. We manage and archive your complaints and inquiries based on our legitimate interest. Complaints submitted electronically, via post or via email, are also archived, and may be connected with other reservation data for possible future complaints handling.
How Long Do We Keep Your Personal Data?
We process your personal data for the time required consistent with the purposes set out in this Privacy Notice or for the period of limitation prescribed in the relevant laws. For example, we store internet search data collected concerning you for four days; Personal data processed in relation to service delivery, flight booking, payment and communication about your flight we keep for a period of 6 years from the fulfilment of the contract; and we keep your personal data in respect of flights (PNR) for 5 years, which data we pseudonymize after 6 months from your flight with us.
For further details please see the How Long Do We Keep Your Personal Data? Section of our Full Privacy Notice.
Who May Have Access to Your Personal Data?
Only those authorized persons and departments within Wizz Air have access to your personal data on a “need-to-know” basis. We may engage other persons, third parties as data processors to provide services to us and courts, government bodies or other authorities may require us to disclose your data them and also, we may transfer your personal data outside the EU/EEA or, for personal data originating in the UK, outside the UK, by applying the appropriate safeguards.
You have the right to access, rectify or delete your data, as well as, on certain occasions, to object to the use of your data, in addition to other rights, and you have the right to data portability as detailed in the Full Privacy Notice.
When the processing of your personal data is based on your consent, you can withdraw your consent at any time without giving any reason to us, free of charge. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
If you withdraw your consent or do not provide the consent for the use of your sensitive data, we may not be able to provide all or parts of the services you have requested from us. Please note that in these circumstances you will not be able to cancel or obtain a refund of any fees you have paid.
You have the right to object to the processing of your personal data for any reason relating to your situation, and in this case, we may not be able to process your personal data and provide our services.
If you would like to exercise your data protection related rights, you can submit your request HERE after logging in into your Wizz account under the data protection tab.
If you do not have a Wizz account, you can contact us by submitting your request HERE.
You always have the right to make a data protection related complaint at any time to the competent supervisory authority at your place of residence.
In relation to the marketing related activities Wizz Air Hungary Ltd. (seat: Laurus Offices, Kőér street 2/A, Building B, H-1103, Budapest, Hungary), Wizz Air UK Ltd. (seat: Main Terminal Building, London Luton Airport, Lu2 9ly, Luton, United Kingdom) and Wizz Air Abu Dhabi (seat: 10th Floor, Andaz Capital Gate, Al Khaleej, Al Arabi Street, P.O. Box 164, Abu Dhabi, United Arab Emirates, together as “Wizz Air Companies”) are considered as joint data controllers, also in relation to the loyalty scheme and the provision of services related to Wizz Credits.
Full Privacy Notice
For more information, please refer to our Full Privacy Notice for Customers and Travellers.