Trust Center

Lwenta is committed to protecting the privacy and personal data of end users interacting with its technological solutions provided to airlines and subcontractors. This Privacy Policy outlines how we collect, use, store, and protect data in the context of the utilization of our products: DBAG, RHOT, and VOUCHER.

1. Who Are We?

Lwenta is a company specializing in the development of innovative digital solutions for the aviation industry. Our services are provided to airlines in the form of system leasing (SaaS). Our solutions are designed to enhance operational efficiency, improve customer satisfaction, and streamline processes for our airline clients.

2. Solutions Covered by This Policy

• DBAG: Automated and secure baggage claim management system.
• RHOT: Digital management of hotel reservations during operational disruptions (IROP).
• VOUCHER: Distribution of food vouchers linked to passenger PNR (Passenger Name Record).

3. Data We Collect

Lwenta only processes data that is necessary for the execution of services requested by airlines or their subcontractors. The data we collect may include:

• Passenger Identifiers (e.g., PNR, first and last name, flight reference)
• Baggage Data (e.g., images, date, baggage condition, customer signature)
• Reservation Data (e.g., name, flight, hotel reservation, dates of stay)
• Contact Information for communication purposes (e.g., email, phone number, WhatsApp for sending vouchers or confirmations)

No financial or sensitive data, as defined under GDPR, is directly processed by Lwenta.

4. Legal Basis for Data Processing

The processing activities conducted by Lwenta are based on:

• The performance of a contract between Lwenta and the airline or subcontractor;
• The legitimate interest of the airline to provide high-quality service and effectively manage irregular operational situations (IROP);
• Compliance with applicable legal and regulatory obligations in the aviation sector.

5. Data Storage and Security

All data is hosted within OVH Cloud's secure data centers, located in Europe, and complies with the highest security standards.

Access to data is strictly limited to authorized users with elevated privileges. We implement encryption, logging, and strong authentication measures to protect data integrity and confidentiality.

6. Data Retention Period

Data is retained for a maximum of 1 year, unless a legal obligation or contractual request dictates otherwise. After this period, data is either automatically deleted or anonymized.

7. Data Subprocessing and Transfers

Lwenta does not transfer data outside of the European Economic Area (EEA). Our solutions may be integrated with third-party services (e.g., airline systems, partner hotels, messaging providers) but solely under the exclusive control of our clients.

8. Rights of Data Subjects

Lwenta acts as a data processor on behalf of its clients (the airlines), who remain the data controllers. Passengers may exercise their rights (access, rectification, deletion, restriction, objection, portability) directly with the relevant airline.

9. Contact Information

For any inquiries regarding this Privacy Policy or to report an incident related to data, please contact us at:

10. Changes to This Policy

This Privacy Policy may be updated at any time to reflect legal, technical, or business developments. The most current version is always available on our website or upon request.