Processing of personal data

Updated: 11/01/2023

Protection of your personal data

To provide the best airport services, to ensure that appropriate facilities are available to passengers, the public, and airlines, and to offer a range of services adapted to everyone’s needs, we need data about you.

We are committed to protecting your personal data, just as we are committed to ensuring your security and safety when you visit our Paris-Charles de Gaulle, Paris-Orly, and Paris-Le Bourget Airports.

This policy provides information about the various processing operations that we may perform on your personal data and about all the rights that you may assert at any time with regard to such operations.

1. Who is concerned?


Whether you are passengers, accompanying persons, clients, candidates, or simple users of our websites or of the Paris Aéroport mobile application, you entrust us with your data so that we can provide the services and information you expect: this policy concerns you.

2. Why do we need your data?


We need your data to ensure that you travel in the best conditions. Your data also allow us to provide you with online services to help you navigate your way to and inside our airports, to get to know you better, and to interact with you by offering you personalised services.

2.1 To allow you to travel

In collaboration with the airlines and our partners at the airports, we use your data to:
• Allow you to reach your flight.
• Conduct the regulatory safety and security controls and perform video surveillance of the areas you pass through.
• Improve the punctuality of departing flights and inform you of conditions that may affect how you make your way through our facilities.
• Provide you with assistance adapted to your disability or give you emergency medical care, if necessary.

For this, we primarily use data relating to your trip, indicated on your boarding pass, which we scan at various points along your way through the airport. When we collect other data, we make sure to ask you only for data that are strictly necessary to carry out our duties.

These data processing operations are justified by regulatory obligations, the fulfilment of duties in the public interest, or our legitimate interest as operator of the Paris airports.

2.2 To offer you personalised services


To make passing through our airports easier for you, we collect your data to provide you with services adapted to your needs, such as:

• Alerting you about flights of your choice or any disruptions.
• Offering you free services such as the use of "business areas" or paid services such as the booking of parking spaces as well as managing your purchases from partners through our e-shop.
• Detecting fraudulent behaviour by customers.
• Offering you a loyalty programme and managing your subscriptions to airport news and tips.
• Providing you with free Wi-Fi access.
• Responding to your questions and complaints.
• Informing you of personalised offers and other services matching your needs and wishes.

Depending on the case, your consent given when you sign up for or use a service or contract justifies these processing operations.

We routinely use data pertaining to the identifying information that you have provided to us (full name, preferred name, email address, postal address, etc.), your age, the history of your actions, your preferences, or your purchases through the use of your personal account, which you access from our website or the Paris Aéroport app. We collect your IP address for the purposes of monitoring and detecting computer security incidents. We inform you of how we use your personal data, particularly if, with your consent, automated decisions were taken on the basis of your profile. We will respect the limits that you set for the use of your data according to your personal account settings.

2.3 To allow you to apply for our employment opportunities


As part of Groupe ADP’s recruitment policy and on the website, we collect your identity data, contact information, and items necessary to evaluate your application (covering letter, CV, etc.).

2.4 Secure our information systems


For the purposes of monitoring and detecting incidents relating to IT security, your traces and logs of connections to our information systems are collected. This processing is justified by our legitimate interest.

3. What data do we need?

When we process your personal data, we make sure to use only those strictly necessary to carry out our activities as described in point 2 of this policy.

4. How long do we keep your data?

We keep your data in accordance with the various applicable regulations and legal retention periods and for a duration proportionate to the goal of the processing operations set out in point 2 of this policy.

For the purpose of monitoring and detecting IT security incidents, we retain your IP address for six months.

5. Who can access your data?

Access to your personal data is authorised only for individuals identified and authorised beforehand. Your data may also be sent to our subcontractors or partners when necessary: you are then informed on our notices or in the confidentiality policies specific to each service offered to you from our website or the Paris Aéroport app.

In our business development efforts, we promise not to share your personal data with any third parties without your permission. You have the right to withdraw your consent at any time by changing your personal account settings, accessible from our website or the Paris Aéroport app, or by contacting customer service.

6. How do we secure your data?

We treat your data as confidential. The security of your data is a priority. We ensure that your data are protected by taking various measures to fight against unauthorised or unlawful processing and against accidental loss, destruction, or damage of your data. We work to continuously improve the security of our information systems. We contractually require our subcontractors and partners to secure any data that we send to them.

7. Are your data sent outside the European Union?

Certain processing of personal data requires the transfer of data to our subcontractors or partners outside the territory of the European Union. They receive your data within a defined and secure framework, making a commitment to Aéroports de Paris SA to respect your privacy. Their compliance with the regulations in force is guaranteed, depending on the case, by various control mechanisms (contractual guarantees, European Commission adequacy decision, etc.). By following the procedure in point 7 of this policy, you can ask our data protection officer to provide you with more information when you these transfers concern you.

8. What are your rights regarding your data and how can you exercise them?

In accordance with the regulations in force, you have rights of access, correction, deletion, and portability with regard to your data. You can also object to or limit the processing of your data. Where appropriate, you can also refuse to be the subject of a decision based exclusively on automated processing, such as profiling.

If you have consented to the processing of personal data, you may withdraw your consent at any time. You also have the right to give instructions about the retention or deletion of your data after your death.

To exercise these rights, please complete the form below: 

You may also exercise your rights by submitting a request in writing to the Data Protection Officer, accompanied by proof of your identity, to the following address: Aéroports de Paris Data Protection Officer
1 rue de France
93290 Tremblay-en-France

You also have the right to appeal to the French Data Protection Authority, CNIL.

9. What cookies do we use?

Cookies are information files that may be transferred to your browser by a website and stored in your computer system. Cookies are read by the server of the websites used each time you connect to recognise your device. 

Cookies can be used to identify you only in very limited cases and are stored on your internet browser for a certain period of time depending on their nature (length of connection to a website, 1 month, 1 year, etc.). The cookies placed on your device have a maximum life of 13 months. 

The following cookies are used on the website 

Audience measurement cookies : these cookies aim to improve the performance of the site They are used for statistical purposes and make it possible to analyse and measure the audience from the information obtained relating to users' browsing.

Cookies related to A/B testing and the customisation of services and the information displayed:  these cookies are intended to make the website site more user friendly. They enable us to conduct marketing and statistical tests (called A/B testing) during your visits. These cookies can also be used to customise your experience.

Targeted advertising cookies these cookies allow us to display advertising content that corresponds to your interests on the websites you visit.

10. For more information about your data


Further information about the processing of your data is available in the privacy policies of our Web applications or on notices in our terminals: 

10. Updates


This policy may be modified, particularly to take into account changes in our processing of personal data, our data protection practices, and any changes in the regulations in force. We recommend that you consult the "Legal information" section of our website regularly.