Iberia is committed to reseeding your privacy and protecting your personal information.
You can access our full Privacy Policy below to help you to understand better how we use your personal information. In it, we explain in more detail the types of personal information we collect, how we collect it, what we may use it for and who we may share it with.
Within our full Privacy Policy you can find some specific examples of why and how we use your personal information. If you have further questions please get in touch with us at our Data Protection Office by email at OficinaDPO@iberia.es
Without prejudice of your rights under the relevant applicable laws, this Privacy Policy and the information above have no contractual nature and are not a part of your contract with us.
Any personal information processed by Iberia in connection with this Privacy Policy is controlled by Iberia Líneas Aéreas de España S.A. Operadora, Sociedad Unipersonal, holder of Spanish VAT no. ES-A85850394 (hereinafter "IBERIA"), which Is considered the "data controller" under European Union data protection law. Our contact address for this purpose is "Data Protection Office of Iberia Líneas Aéreas de España S.A. Operadora, Sociedad Unipersonal" at Calle Martinez Villergas numero 49, 28027 - Madrid (SPAIN) or by email at OficinaDPO@iberia.es
If you made a booking with us but one or more flights are operated by other air carriers, then each of these carriers will also be, independently, a data controller under European Union data protection law.
IBERIA is a legal entity pertaining to IAG Group, the parent company of which is the Spanish legal entity International Consolidated Airlines Group, S.A.. You may learn more about what companies are part of IAG Group below.
In addition, if you are a member of our loyalty scheme IBERIA PLUS then the company Avios Group Limited (AGL) -which is an IAG Group company, as well- will also be a "data controller" together with IBERIA of your personal information being processed within Iberia Plus Loyalty Program. Avios Group Limited's address is Astral Towers, Betts Way, Crawley RH10 9XY - United Kingdom. Its webpage is at www.aviosgroup.com and its Data Protection Office may be reached by ordinary mail to the aforementioned address or by email at data.protection@avios.com .
Personal information means details which identify you or could be used to identify you, such as your name and contact details, your travel arrangements and purchase history. It may also include information about how you use our websites and mobile applications.
This Privacy Policy applies to personal information about you that we collect, use and otherwise process in connection with your relationship with us as a customer or as a potential customer or as a member of our loyalty schemes IBERIA PLUS or ON BUSINESS, including when you travel with us or use our other services -such as our auction website or our gift cards service- , use our websites or mobile apps, contact our service agents or call centres and book to use our service through third parties such as travel agents and other airlines.
when we refer to other entities being data controllers within Sections "Data controller" or "Who do we share your personal information with?", you should consult their own privacy policies for further information.
If you decide to hire additional services with us, such as making an on board purchase or using our in-flight entertainment devices or taking part in one of our contests organised by Iberia together with third party collaborators, please take into account that further terms and conditions may apply.
We make serious efforts to care for and protect your personal information when you share it with us. Below you can find some recommendations on how to keep your personal data safe.
Do not share your booking code or locator
When you make a booking you will be furnished with a reservation code -also known as PNR or Passenger Record. This reference will be included in you booking confirmation email or within the ticket of each passenger within that reservation.
Please always keep your reservation code confidential. If you share it with a third person he/she may access your booking data in our systems.
If you travel with others and you do not want them to have access to your booking data it might be advisable that you carry out your reservation separately.
Do not share your Iberia Plus, Iberia Joven or On Business personal area log-in data
To make sure that access to your personal area in our webpage and mobile application is safe please do not share your Iberia Plus, Iberia Joven or On Business -the specialised companies for companies we sponsor together with British Airways Plc. log-in data with anyone. When you finish using our website, online services or mobile applications please make sure to end your session if someone else may access your computer or device. This is particularly relevant in the case that you are using a public access computer or device.
Be cautious and protect yourself from internet fraud and "Phishing"
There is a broadly spread type of internet fraud practice known as "Phishing" aimed to illegally obtaining your personal information by deception. Unsolicited emails are sent to individuals from a list that has been illegally obtained, and recipients are requested to insert or confirm their passwords or bank details in a false or cloned website.
We collect personal information about you whenever you use our services -whether these services are provided by us or by other companies or agents acting on our behalf- including when you travel with us, when you use our website, or interact with us via email or mobile applications or use our contact centres.
Here are some examples of when and how information Is collected:
To learn more please refer to Section "What types of personal information do we collect and retain?" below.
In addition, we may receive personal information about you from third parties, such as:
When you use our services you will need to provide us with your personal details or the details of those individual(s) who will be travelling.
We collect the following categories of personal information:
Certain categories of personal information, such as that about race, ethnicity, religion, health, sexual orientation or biometric data are considered "sensitive personal data" requiring an additional level of protection under European Union data protection law. In Iberia we generally try to limit the circumstances where we collect and process sensitive personal data. These are examples on circumstances where we might need to collect and process sensitive personal data:
It may also happen that you have requested a particular type of special meal -such as a certain menu- which may imply or suggest you hold particular religious beliefs or have a particular health or medical condition.