Timeslots for passengers

Schiphol Nederland B.V. (“Schiphol”) is committed to protecting your personal data. In this privacy statement, Schiphol explains how Schiphol collects, uses and protects your personal data within the context of ‘Timeslots for passengers’.

What personal data do we process?

To offer the ‘Timeslots for passengers’ service to you, we process the following personal data:

  • Email address
  • Number of passengers and flight information for a booking
  • Time and location of the QR scan at the airport
  • Data collected automatically for technical reasons when you visit the booking website, such as the type and version of your browser, your operating system, the website from which you arrive at the booking website, the date and time of your access, your IP address, your internet service provider, and other, similar data (“Usage Data”).

Why do we process your personal data?

We process your personal data so that you can use the ‘Timeslots for passengers’ service. This service allows you to book a time slot for an separate queue for the security check, therefore avoiding longer waiting time in the regular queue.

We also process your personal data to send you a survey about our service. This allows us to improve our service based on your feedback.

How long do we retain your personal data?

We will retain your personal data no longer than seven days.

With whom do we share your personal data?

Whyline, Inc.
Whyline, Inc. provides the ‘Timeslots for passengers’ reservation platform on which you can book a time slot for the security check. On behalf of Schiphol, Whyline, Inc. hereby processes your personal data. Schiphol has entered into a data processing agreement with Whyline, Inc.

Service providers
For certain technical data processing tasks, Whyline, Inc. is assisted by service providers who will receive access to your personal data to provide such services. Those service providers have been carefully selected and meet high data privacy and data security standards. They are subject to strict duties of confidentiality and process data only on behalf and in accordance with the instructions of Whyline, Inc. Whyline, Inc. contractually prohibited these service providers from using or disclosing your personal information, other than to perform services or comply with legal requirements. These service providers are required to appropriately safeguard the privacy and security of your personal data they collect, use, disclose or otherwise process. Whyline, Inc. concluded a data processing agreement with these service providers.

Disclosure for other purposes

We may disclose information we obtain about you:

  • If law or legal process requires us to do so (such as a court order or subpoena)
  • In response to requests by government agencies (such as law enforcement authorities)
  • To establish, exercise or defend our legal rights
  • When we believe disclosure is necessary or appropriate to prevent physical or other harm or financial loss
  • In connection with an investigation of suspected or actual illegal activity
  • Otherwise with your consent or at your direction.

Do we process your personal data outside the European Economic Area?

Whyline, Inc. and Schiphol process your personal data in principle only within the European Economic Area. As needed, Whyline Inc. has access to your personal data from Argentina. The European Commission has determined that Argentina provides an adequate level of data protection. The effect of this decision is that personal data can flow from the European Economic Area to Argentina without any further safeguard being necessary.

Which rights do you have?

Access to, amendment and deletion of your personal data
You have the right to know what personal data of you are processed by Schiphol. If we have not obtained the data directly from you, you also have the right to know from what source they derive and to receive a copy thereof.

If your personal data prove to be incorrect, you can ask us to amend your data. You can also request us to delete personal data and to discontinue their use. Because we process your personal data on the basis of your consent, you have the right to withdraw your consent and we will comply with your request to delete them.

Restriction of processing and right to transfer your data
If in your opinion we are not processing your data in a correct manner, you can request a restriction of the processing.

You can also ask us to transfer your digital personal data to you or to another party in a readable and usable form.

Lodging an objection
Besides requesting deletion or restriction of the processing, you can also object to the processing of personal data by Schiphol. First, you can do so if you do not agree to Schiphol using your personal data for sending you the survey.

Second, you can object to the use of your personal data owing to your specific situation. If you lodge an objection, we will in principle temporarily discontinue or restrict the processing. If your objection is accepted, we will definitively discontinue or restrict the processing.

Your request and our response
If you have a question or a request, email our Data Protection Officer (DPO) via dpo@schiphol.nl. We will do our utmost to respond to your request in a timely manner.

We may ask you to send us a copy of a valid ID if this is necessary in order to confirm your identity.

If any part of your request is unclear to us, we may ask you to specify your request and/or to supplement it, to enable us to provide you with the best possible service.

Whose privacy statement is this and how can you contact us?

Who is the controller? This privacy statement is issued by Schiphol Nederland B.V.
Our contact details:

Schiphol Nederland B.V.
P.O. Box 7501
1118 ZG Schiphol

How to contact our Data Protection Officer (DPO)
Schiphol has a Data Protection Officer (DPO) for all your questions concerning privacy. The DPO also provides advice to us and monitors compliance with the privacy laws and regulations by Schiphol.

Do you have any questions or requests concerning your data? If so, you can send an email to the DPO via dpo@schiphol.nl or send a letter to our postal address, for the attention of the Data Protection Officer. Together with your request, please provide your name, address, email address and telephone number.

How to lodge a complaint with the Dutch Data Protection Authority?

If you are dissatisfied with the way in which we treat your privacy or handle your request, you can file a complaint with the Dutch Data Protection Authority.

Where can you find the latest version of this privacy statement?

If necessary, we will update this privacy statement. This may be due to changes in policies, changes in the processes in which we incorporate your personal data or changes in the systems we use to process data.

This version was issued on October 2024.