Our Commitment to Privacy
Level is committed to respecting your privacy and protecting your personal data.
Never share your booking code or locator number. When you book, you get a booking code (also know as PNR, or Passenger Name Record). This reference will appear in the confirmation email or on the tickets of each one of the passengers in your booking. If you're travelling with other people and you don't want them to have access to the booking details, it is probably better for each person to book separately.
Be careful and take precautions against online fraud and phishing There is an online practice known as "phishing", which involves illegally obtaining personal data by means of fake messages. Unsolicited emails are sent to people included in lists obtained illegally by third parties, and the recipients are asked to enter or confirm bank details or passwords on a cloned or fake website.
We can also collect your personal data from third parties, such as:
Companies we have hired to provide a service.
Companies involved in your travel plans, including airlines involved in your past or future trips, airport operators and customs and immigration authorities.
Companies that take part in our loyalty programmes and other customer programmes (e.g. car hire companies and hotels).
Companies that give us data under privacy policies which provide for information to be shared with Level.
We collect the following personal data:
Data that you give Level to complete and manage a booking with us or a service you have requested.
Your name, address, email, date of birth, gender, passport number or national ID card, account details and payment information.
If you are booking tickets for a third party, we may collect your billing details but directly contact the passenger regarding the flight.
We will know if you book your flight via www.flylevel.com or if you use any other sales channels, such as travel agencies or our Customer Services Centre.
Data collected while travelling with us.
We may collect certain information, such as your interaction with staff and cabin crew, before and during the flight.
When you board the plane at the airport we may collect photos and other images (including biometric templates) to make boarding easier in the future, using new facial recognition technology.
Data regarding your travel plans.
Data about your booking, travel itinerary, details on any other additional assistance you require and other information on your trip, such as special dietary requirements.
Data on the services we have provided in the past.
Data on previous trips, like where you went and all the information on these trips, including upgrades, luggage requirements, problems at the airport, luggage loss and your comments as a customer.
Data on your online registration and other interactions.
We will store your data to ensure we interact properly with you if you already registered with us, either through a loyalty or customer programme.
We will store your data if you take part in a competition or promotion, or have interacted with us on social media like Facebook and Twitter.
Data on how you use our website, mobile apps and Customer Services Centres. For more information, please see:
We will use the data on the use of our website stored in the cookies to understand you as a customer. If you have entered this information in our website, it may include data on any booking or passenger name.
Based on your usage data we will be able to know that you visited flylevel.com and searched for a flight, but that you didn't complete the booking in the end. We may use this information to contact you and offer you more information on the booking and location.
Information on the location of your device if you have been browsing Level.com or using our mobile app. (This is your IP address. An IP address, that is, Internet Protocol address, is a numeric code that can act as a unique identifier of your computer or other device, which may be deactivated on your device.)
To identify the country in which the website or app is accessed, which will enable us to offer more relevant contents and use the right language.
If you have given your consent, we may use your device's functions (e.g. Bluetooth, WiFi and GPS) to determine your location in order to help you with your flight connections and to board our planes, and to offer you a personalised service (you can access or change this option by modifying your device's location settings).
When you ask Level and/or an airport operator for specific medical assistance, like a wheelchair or oxygen, for example.
When you request authorisation to fly with us and you have a certain medical condition or are over 28 weeks pregnant.
When you decide to provide certain information for any other reason or a third party has provided it, such as the travel agency through which you booked your flight. You may also need to request a special service (like a menu), which is not "sensitive personal data" per se, but which may imply or suggest information regarding your religion, health or other details.
To process all the issues relating to your trip and provide the requested services.
We will need your name, address, email, contact details, date of birth, gender, passport number, account details and payment information in order to process your bookings, process the services for your trip, get the payment, give information to the authorities (like tax authorities, customs and immigration) and for Level to know who has booked a flight.
To manage the boarding process and facilitate connecting flights at the airport.
If you do not come to the boarding gate to board your flight, we may have to check whether you have been through security at the airport, or if you were on a connecting flight, to know how to contact you to inform you about the flight that you need to board.
Facial recognition technology is used in some of the airports in which we operate. (Remember that the use of this technology is voluntary, unless required by law.)
To send you status updates and service or operational communications regarding the purchased service.
We may send you a message to tell you that check-in is open or that your flight has been delayed, cancelled, or any other circumstance that may affect your flight, like a strike or cases of force majeure.
To get in touch with you before your flight and at the airport.
Every time you travel with us and use the airports in which we operate, we will be able to monitor your situation at the airport to help you with flight connections and when boarding the plane, and to offer you a personalised service.
If you have shown your boarding pass to access one of our VIP lounges.
To ensure your safety and to comply with certain legal requirements that apply to Level as an airline.
As an airline, Level must keep a record with information on all the passengers who are on board their aircraft.
The laws of certain countries, like the EU and US, ask airlines to give certain information on their passengers to customs and immigration authorities.
To provide more personalised services that adapt to your needs.
If you are a member of Avios, we can personalise your experience when you travel with us. For example, a member of our cabin crew can welcome you again on board a Level flight.
We may update and share data that is not personal with our communications agency, to advertise partner and third party services that are tailor-made and of interest to you, on our websites, apps and electronic boarding passes.
To analyse data and conduct market studies.
We will analyse the way in which customers use our sales channels, products and services, in order to better know how to improve the service we offer and encourage customers to use our entire range of products and services.
To carry out marketing activities and keep you informed on Level's products and services.
We can send you information on our products and services by email or text.
We may adapt the content of our websites, apps, emails and other communications to ensure that they are of interest to you as much as possible, including previous destinations with offers and/or services connected with these destinations or other similar ones.
To understand your flying preferences and offer you information on offers, like upgrades.
If you search for a flight but don't book it, we may remind you of our services via Facebook or Twitter, depending on the flight you have been looking for.
We may combine anonymous data from client-provider relationships with third parties (e.g. Google or Facebook) so that both companies can get to know more about user behaviour like other visited websites.
To send you up-to-date information and communications.
Even if you opt out of receiving marketing information, we may continue to send you communications on the services you book, like your flight itinerary. These communications will help you to get details on the purchased services and may include options and other additional services that you may use (e.g. advance seat booking, additional luggage and advanced menu booking).
We may also send you communications on services that you have used, like if you have had a problem and we want to contact you proactively in order to solve it.
To improve our website, products and services.
We may monitor how you and other customers use our website, so that we can identify ways of improving your browsing experience.
To process and manage the service.
We may use and store your personal data, including your purchase history, for administrative purposes, which will include, for example, accountancy and billing tasks, auditing, verifying credit cards and other payment cards, fraud control (including the use of credit reporting companies and checking the validation of payment cards), and system testing, maintenance and development.
If you are a member of Avios you can change your privacy preferences at any time by changing your online profile settings, accessing your private area at www.flylevel.com or writing to the Data Protection Officer (Delegado de Protección de Datos), Camino de la Muñoza s/n, 28042, Madrid, Spain.
Furthermore, all the marketing communications you receive by email will include an "unsubscribe" option so you can opt out at any time. We try to process subscription cancellation requests within 10 working days, so you may continue to receive messages before we actually finish processing your request.
Bear in mind that even if you inform us that you no longer wish to receive marketing communications, you will still continue to receive communications (like the ones described above) regarding products and services that you have booked, e.g. to confirm your booking or send you an update on its status. If you are a member of Avios, we will carry on sending you information about issues that affect your membership and the club's services. If you ask us to stop sending you marketing communications, please bear in mind that we will keep your personal data in order to state that you do not want to receive marketing communications.
Because we have to use your data to process your booking, fulfil your travel plan and the contract with you.
Because your personal information to conduct and improve our business as an airline and travel provider is one of Level's legitimate interests as an airline.
Because Level needs to use your personal data to fulfil a legal obligation.
To protect your vital interests and those of other people.
Because you have given your consent to Level using your personal data for a specific purpose.
Below you will find additional information on each aspect of the legal basis.
If the processing of your data is protected by any other law, the legal basis for this processing could be different to the list above, and in those circumstances the basis would be your consent in all cases.
We will actively check the data that we hold and delete it securely after the applicable prescription period in each case. In some cases we will anonymise the data when there is no legal need to keep it, or any other need relating to the business or the customer.
We will analyse data and use databases to personalise your experience.
When necessary to take legal action.
In the event of a delayed flight or lost luggage.
We are bound by law to provide certain information on our passengers to customs and immigration authorities in certain countries.
If we collect and process medical information in case of medical emergency and you are not able to give your consent.
We may ask you to inform us of additional aspects regarding your profile when you use our in-flight entertainment app, data that we may connect with your profile or analyse in order to personalise the way we interact with you.
If the basis for processing your personal data is your consent, you may revoke it at any time by changing the preferences on your Avios online profile, or by writing to our Data Protection Officer (Delegado de Protección de Datos), Camino de la Muñoza s/n, 28042, Madrid, Spain.
You will only receive marketing emails from other companies in our group when you have given your consent to these companies.
We may also give your personal data to the following third parties, for the purposes described below:
Customs and immigration authorities of any country in your itinerary or over which you are flying. Level and other airlines are bound by the laws of the EU, US and other countries to give customs and border authorities access to travel and booking information when the flight's origin or destination is in one of these countries, including stopovers, and when the plane flies over them to reach its destination.
If your flight goes over a specific country that legally asks for booking information, this information will be provided to the relevant authorities of said country.
Airlines and other service providers that are necessary for the provision of services booked by you, for example, when part of your itinerary includes a flight operated by a different airline or includes car hire or a hotel reservation. These airlines and service providers will be identified as soon as you make a booking.
If to reach your destination you need to change flights from Level to another airline, whether it is or not part of IAG Group.
If you book a ticket through our internet portal to travel with a transport service which you booked in advance, we will give your name and email address to the transport company so that they can issue your ticket and make your booking.
Our partner airlines and franchisees, for instance, to help you catch connecting flights or manage benefits arising from collaboration between loyalty programmes. Also travel agencies and other third parties through which you book trips.
If you are a member of Avios or of another partner loyalty programme, we will share information with our partners so that we can manage the loyalty programme benefits to which you are entitled.
Credit and debit card companies, credit reporting agencies and fraud control service providers, to process payments and (when necessary) carry out fraud controls.
In response to legal requirements by the government and police, such as customs and immigration authorities.
External service suppliers that we hire to provide services, like carrying out marketing initiatives or conducting surveys with customers on our behalf.
Third parties like lawyer firms and courts, to demand compliance or the application of a contract with you.
Third parties, like the police and regulatory authorities, to protect our rights, property, or the safety of our customers, employees and assets.
When necessary in order to fulfil a legal obligation in any jurisdiction, including when said obligation is caused by an action or omission by Level (e.g. if we decide to operate in a certain country or a decision relating to that).
We do not sell your personal data to third parties and we only allow third parties to send you marketing communications if you have given your consent.
Due to the nature of our business, we often have to send your personal data outside the European Economic Area in order to manage your travel-related services. This happens because our business and the third parties identified in the section “Who do we share your personal data with?” operate in countries around the world. For example, when you travel outside the European Economic Area, your personal data will be transferred to border control and immigration authorities situated outside this area.
We may also transfer your personal data to third parties situated outside the country you live in, in order to provide services connected with the products and services that you requested.
You can request a copy of all your personal data that Level has stored. There is no charge for this request.
If you are a member of Avios, you'll be able to access your personal data through your personal account.
You can rectify your personal data if it is not accurate.
If you are a member of Avios, you'll be able to rectify or edit your personal data through your personal account.
You can ask for your personal data to be erased.
You can object to the processing of your data.
You can ask to restrict processing in the following cases:
Whilst checking the accuracy of your data after being challenged.
When the processing is illicit and you object to your data being erased.
When Level no longer needs to process your data, but you need it to carry out or defend claims.
When you object to the processing of your data for the performance of a task carried out in the public interest or to fulfil a legitimate interest, whilst it is being determined whether the legitimate reasons for the processing prevail over yours.
Your name and postal address.
Data subject to your request.
Any data that can help us to locate the data you are asking for, e.g.:
Locator or flight numbers and dates.
Phone record details (identifying number, number from which you called, the number and option you pressed, date and time of your call or calls).
A photocopy of your passport or national ID card, so that we can check your identity and make sure that a third party is not fraudulently exercising your rights.
Your signature and date of the request.
Data Protection Officer (DPO - Delegado de Protección de Datos)
Camino de la Muñoza s/n, 28042, Madrid, Spain
Remember that if you consider that you have not been able to exercise your rights properly, you may contact the Data Protection Officer at firstname.lastname@example.org or file a claim with the corresponding Data Protection Authority.