Privacy policy

This privacy notice describes our collection, use, disclosure, retention and protection of your personal information. Where you provide us with your personal information, you agree that we may collect, store and use it (a) in order to perform our contractual obligations to you, (b) based on our legitimate interest for processing (i.e. for keeping you informed about us and our services, internal administrative purposes or for the detection or prevention of crime) or (c) based on your consent, which you may withdraw at any time, as described in this notice.

1. Who are we and how you can contact us

This notice applies to all websites, applications and services offered by Chapman Freeborn International Ltd (a company incorporated in England with registration no. 01111032 and registered office at 3 City Place, Beehive Ring Road, Gatwick, West Sussex, RH6 0PA) and its subsidiaries (a list of our trading entities is set out in the Annex to this notice); accordingly, the terms of this notice will govern the use of personal data by these companies, unless any such company uses a separate form of privacy notice (which may be dictated by local laws to the company in question) which does not incorporate this notice.

As we are a group of companies, any of the members of our group listed in the Annex to this notice may individually be a data controller for the purposes of applicable European data protection legislation. In certain circumstances more than one company in our group may be a controller jointly with another member or members of our group of companies. As controller, a company listed in the Annex hereto is responsible for ensuring that personal data obtained is used fairly and lawfully.

If you need to contact us regarding this notice, please contact us by email at Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you.

2. Our collection of your personal data

“Personal data” means information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include your name and contact details that you provide to us when making an enquiry, information relating to your travel requirements when making a booking with us (or when you are engaged to perform a shipment for us), payment details for a booking, information on how you use our websites or information from your other interactions with us (including via telephone, fax, SMS, email or post). It does not however include data where the identity has been removed (anonymous data).

We collect some personal data from you, for example when you are applying for an employment position with us or wish to register with us to supply services to us, make an enquiry about our services, book and use our services, visit our websites, register your details in order to receive communications from us, or interact with us by telephone, post, email, social media or industry events.

We may also receive your personal data from third parties who act on your behalf, for example travel agents, your employer or other parties who, for example, book a flight for you. We may also receive data about you from:

  • other members of our group of companies from whom you have purchased services or to whom you have provided data;
  • air transportation and related suppliers that we engage on your behalf to provide the services that we offer;
  • payment processing and credit referencing agencies;
  • analytics providers;
  • recruitment agencies or internet based recruitment platforms.

We may enhance personal information we collect from you with information we obtain from third parties that are entitled to share that information; for example, information from credit agencies, search information providers or public sources (e.g. for client due diligence purposes), but in each case as permitted by applicable laws.

If you intend giving us personal data about someone else (for example, you are booking a flight for or otherwise representing someone else), you are responsible for ensuring that you have sufficient lawful grounds to do so under applicable data protections laws. If required by applicable data protection laws, you must ensure that before you share someone else’s personal data you have their explicit consent to do so. This could include situations where you are sharing ‘special category’ data (for example data which reveals health or ethnic or racial origin). In such circumstances, you are responsible for explaining to them how we collect, use, disclose and retain their personal information or direct them to read this notice.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services).

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

We may collect and process the following categories of information about you (or about other individuals where you provide this on their behalf):

Categories Main circumstances of collection
Identity and contact details (name, email address, telephone number and postal address, job title, including potentially your business/company name). We may also ask you to provide information about your business and your preferences with regards to our services. When you make an enquiry/express an interest in our services; when you make a booking; or if you are a supplier engaged or interested in being engaged to provide services to us, or if you are applying for an employment position with us.
Booking and travel itinerary information, including changes to booked arrangements, specific dietary requirements, special assistance that you may require; this will include information about other passengers travelling on your booking (including children where relevant). When you make a booking or we are managing your booking
Health information where you have a medical condition that may affect your flight. Where this information is provided to us in the context of a booking for our services.
Financial information such as payment card details or bank account details. When making payment for our services.
Passenger information required in relation to air transportation (including full name, nationality, date of birth, gender (where required), the number and type of travel document (e.g. passport or ID), its expiry date and country of issue), both in respect of you and any other passenger you represent/in your group; this may include photographic identity information where you provide it; potentially, it may be necessary to obtain visa/work permit information where this is required by the authorities in any destination. When we are managing your booking
CV or employment application data. When you are applying for an employment position with us or potentially interested in being a supplier of handcarry cargo or equine groom services to us.
Marketing and communications data, including any stated preferences in receiving marketing from us and any other communications preferences you have stated. When you contact us or we contact you
Communications you exchange with us (for example, emails, letters or calls), including any feedback you provide to us regarding our services (Contact history). When you contact us or we contact you
Transaction history data including details of services which you have engaged us to perform for you or on your behalf, information you provide us in connection with such services and associated contacts with us. When we are managing your booking and administering your interaction history with us; when you contact us
Information about your use of our websites, such as what pages you have visited, how you arrived on our website, navigated around it and browsed away from it (including dates and times), page response times, download errors, length of visits to certain pages. Cookies may be used to help us do this – see our Cookie Notice.

Information about the device you are using to access our websites, such as the type of device, its operating system, browser, IP address).

When navigating our websites

Special category personal data

In the course of providing services to you (or for any air passengers that you represent), we may collect information that could reveal your racial or ethnic origin, physical or mental health or religious beliefs; for example, you may inform us:

Such information is considered ‘special category’ personal data under applicable European data protection legislation. By providing any special category personal data you explicitly consent that we may collect and use it in order to provide our services and in accordance with this notice; if you are representing another person whose special category persona data is being provided to us, you are responsible for obtaining that person’s explicit consent to such processing. If you do not allow us to process any special category personal data, this may mean we are unable to provide all or parts of the services you have requested from us, and we may not be able to guarantee your safety on board.

3. How we use personal data

Our use of your personal data will always have a lawful basis. Most commonly, we use your personal information:

“Legitimate interest” means our interest in conducting and managing our businesses to enhance our services and experiences for our clients, users and contacts. We consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). The legitimate interests that we pursue include:

We may also use your personal information in the following situations, which are likely to be rare:

Where you have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law. You also have the right to object to our using your personal data for particular purposes. In each case, please contact us (see section 1 above).

Situations in which we will use your personal information

We need many of the categories of information listed in section 2 above to allow us to perform a contract with you. We may use your personal information to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests. Specifically, we may process your data for the following purposes, in each case in reliance on the stated lawful basis (some of the below stated grounds for processing will overlap and there may be several grounds which justify our use of your personal information):

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
Performance and management of engagements for our services (including the related performance of our suppliers for our clients) and responding to requests for our services, This will include:

  • Carrying out our obligations under contracts for or related to our services
  • Informing you about services that you have previously enquired about or contracted with us for (including any changes to the them) or to provide you with any information that we are required to send you to comply with legal obligations to which we are subject
  • Invoicing and payment for our services (including payment card verification)
  • Collection of any outstanding monies owed to us
  • Replying to emails or other communications from you with respect to enquiries or interest in our services or working with us as a supplier business partner
  • Managing and administering our relationship with you and the services you have engaged us to provide or have enquired about
  • Obtaining/receiving feedback on our provision of services



Travel, visa and work permit information

Transaction history

Performance of a contract with you.

Necessary for our legitimate interests (to ensure timely and professional performance of our services, engagement of appropriate qualified suppliers, maintaining knowledge of supplier network, and to recover debts due to us).

Necessary to comply with a legal obligation.

Validation of client and enquiry information Identity


Contact history

Performance of a contract with you.

Necessary for our legitimate interests (to ensure we retain accurate records relating to you and to performance of engagements for our services (including enquiries made for our services).

Direct marketing communication (only in compliance with applicable privacy laws) with you (either electronic or postal or by telephone) to inform you about or recommend: similar services which we offer that we consider may be of interest based on your prior enquiries or purchase history or based on our knowledge of your business activities and potential requirement for services similar to ours, service availability announcements, changes to our services or organisation, and administrative messages and other communications relating to our services.

Enhancing, personalising, improving and tailoring our services or communications.

Market research, surveys or user analysis to understand your needs and improve our service offering.

Maintain our general market awareness in the sectors that our businesses operate in.

Identity Contact

Transaction history

Contact history

Where we have your consent.

Necessary for our legitimate interests (to administer, develop and communicate our services, enhance knowledge about them, grow and manage our business, to keep in contact with our clients and prospective clients (relationship management), to maintain our understanding of developments and activities in the business sectors we operate in, and in the context of a business or group reorganisation).

Administration of files and records; business management and planning, including accounting and auditing. Identity


Transaction history

Necessary for our legitimate interests (for running our business, complying with audit processes, provision of administration and IT services).

Necessary to comply with a legal obligation.

Detect, prevent, investigate or remediate, crime (such as fraud), illegal or prohibited activities or to otherwise protect our legal rights. Identity



Transaction history

Booking and travel itinerary information

Passenger information


Necessary for our legitimate interests (to prevent fraud).

Necessary to comply with a legal obligation.

Compliance with applicable laws, regulations, court orders, government and law enforcement agencies’ requests, to operate our systems properly and to protect ourselves, our users and clients and to solve any client disputes.

Performance of sanctions and other embargo screening/due diligence checks.




Transaction history

Where we need to comply with a legal obligation.

Necessary for our legitimate interests (ensuring that our activities do not involve or relate to any potential breach of existing sanctions and embargoes).

Processing applications for employment positions or to work for us as a supplier and/or subcontractor. Identity


Application data

Necessary for our legitimate interests (engaging personnel/suppliers/subcontractors).
Maintaining and enhancing the operation, functionality and security of our websites and client relationship management systems (including internal testing to improve security and performance).

Monitoring, measuring, improving and protecting our websites to provide enhanced and relevant user experiences.

Analysing your use of our websites to enable Us to continually improve our websites and your user experience.

Providing and managing your access to our websites.

Personalising and tailoring your experience on our websites.



Necessary for our legitimate interests (ensuring we operate suitable and appropriate systems, and have relevant and appropriate website content).

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.


We may use your personal data for marketing purposes which may include contacting you by email, telephone, text message or post with information and news about us or our services which we feel may be of interest to you. However, we will only do this where we have a lawful basis and in compliance with our obligations under applicable laws governing personal data and privacy (in particular, laws requiring your prior opt-in consent for specific methods of direct marketing). Accordingly, this notice will operate subject to the operation of any more restrictive laws regarding marketing which take effect in any country where a member of our group is incorporated and trades.

We may use your identity and contact data, as well as information provided by you when communicating with us and information obtained from public sources, to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which services and news items may be relevant for you when considering communicating for marketing purposes.

You may receive marketing communications from us if you have requested information or a quotation from us or have purchased services from us previously (either in your own name or in the name of your employer) or if we are aware from public sources that, for example, your corporate employer has purchased similar services to those we offer.

We will not share your personal data with any company outside the Chapman Freeborn group of companies for purposes of allowing them to market their products or services to you unless we have obtained your prior express opt-in consent.

Third party platform advertising: We may share your anonymised information with third party platform providers (such as Facebook, Google and Twitter) to serve targeted advertising/content to you via the relevant third party platform based on your profile/interests. Your anonymised information is used by the third-party platform provider to identify your account and serve advertisements to you. You can control what advertisements you receive via the privacy settings on the relevant provider’s platform and you should consult the third party’s help/support centre for more information.

Opting Out: You can ask us to stop sending you marketing messages at any time by following the opt-out/unsubscribe links on any marketing message sent to you or by contacting us at any time at; please use the header “Unsubscribe” for your email in such circumstances).

Where you opt out of receiving these marketing messages we will file your contact details on a ‘marketing suppression list’ to make sure that we respect your marketing choices in the future.

4. Sharing your information

We may share some of your information with the following categories of third parties:

We may compile statistics about the use of our websites including data on traffic, usage patterns, user numbers, and other information. All such data will be anonymised and will not include any data which can be used to identify you either by itself or when combined with other data. We may share non-personally identifiable information about the use of our website, applications, products or services publicly or with third parties but this will not include information that can be used to identify you.

We do not sell personal data to third parties for marketing purposes.

5. Security and storage of information

We will keep your information secure by taking appropriate technical and organisational measures against its unauthorised or unlawful processing and against its accidental loss, destruction or damage. We will do our best to protect your personal information but we cannot guarantee the security of your information which is transmitted to our websites, applications or services or to other websites, applications and services via an internet or similar connection.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

6. Where your data is stored and sent

The information that you provide to us will be held in our systems, which are located on our premises or those of an appointed third party. Our head office is based in the United Kingdom and your information will be accessed and used here and elsewhere in the European Economic Area (EEA) where we also have operating companies.

While countries within the EEA all ensure a high standard of data protection law, some parts of the world may not provide the same level of legal protection of your personal data. In each case referenced in section 4, your data may, for purposes described in this notice or otherwise approved by you, be transferred to, processed by and stored by persons operating outside of the EEA and the third party may require access to all or some of your data. For example:

  1. other Chapman Freeborn group companies based outside the EEA may need to use data in accordance with this notice;
  2. our staff, suppliers or agents located outside of the EEA may need to access and process personal data , for example to fulfil your booking, operate ground handling services, or provide other support services
  3. we may use cloud-based technology hosted outside of the EEA to host some of our applications;
  4. we may use service providers based outside of the EEA to help us support some of our information technology infrastructure and these service providers may need to access your personal data in order to provide and support that infrastructure.

When we send personal data outside of the EEA we take steps to put in place appropriate safeguards to protect the information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed in accordance with applicable data protection laws. We protect your personal data, for example, by:

We may also from time to time rely on one or more of the ‘derogations’ available in applicable data protection laws, for example:

We may also be compelled by law to disclose your personal data to a third party and will have limited control over how it is protected by that party in such circumstances.

If you are giving us personal data about someone else so that it can be transferred outside of the EEA (for example you are booking transport for a passenger on a flight departing the EEA), you are responsible for obtaining that person’s explicit consent to us transferring the personal data to the country in question.

7. How long is personal data kept for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law, in the United Kingdom, we have to keep basic information about our clients (including contact, identity, financial and transaction data) for at least six years after they cease being clients for tax purposes. Different laws in the countries in which our companies operate may have shorter or longer retention periods.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. We will retain and securely destroy your personal information in accordance with applicable laws and regulations.

8. Automated Profiling

We do not perform automated decision-making and profiling activities using your personal data. (When we refer to profiling, we mean using personal data to make predictions about you, or to categorise you into particular groups).

9. Your information and your rights

If you are based within the EEA or within another jurisdiction with similar data protection laws, you have a number of rights under applicable data protection laws. Those rights relevant to our activities are briefly described below. To enquire about exercising these rights, please use the contact details set out in section 1.

Erasure: In certain circumstances you can ask us to delete your personal data from our systems. However, this usually won’t apply to all of your data because we might have good reason for needing to keep some of it.

With effect from 25 May 2018 you also have the following rights:

You have the right to lodge a complaint with your relevant supervisory authority responsible for data protection matters (for example, in the UK, the Information Commissioner’s Office; in Germany, the Bundesbeauftragete für den Datenschultz und die Informationsfreiheit). You can do this online through the authority’s website or by any other means they specify.

Your right to restrict the processing of your data for certain purposes, including marketing purposes, may be exercised at any time; for example at the point of submitting an enquiry on our websites, or by unsubscribing using the links provided in our emails, or by contacting us at any time (see section 1).

If you wish to exercise your right to ask for a copy of any of your personal data held by us (where such data is held), no fee is chargeable by us. We will provide any and all information in response to your request free of charge, unless your request for access is clearly unfounded or excessive. We will aim to respond within one month. Occasionally it may take us longer than a month if your request is particularly complex, or you have made a number of requests. In this case, we will notify you and keep you updated. Please contact us using the contact details in section 1.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

10. What Happens If Our Business Changes Hands?

We may, from time to time, expand or reduce our business operations and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this notice, be permitted to use that data only for the same purposes for which it was originally collected by us.

11. Links to other websites

Our websites may contain links to other websites which are not operated by a member of the Chapman Freeborn group. We have no control over how your data is collected, stored, or used by such other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

12. Changes to Our Privacy Policy

We may change this notice from time to time (for example, if the law changes). Any changes will be immediately posted on our websites. We recommend that you check this page regularly to keep up-to-date.

Version – July 2020

Appendix 1 List of Chapman Freeborn Group Controllers/Joint Controllers

EU Entities

Arcus-Air-Logistic GmbH

Arcus-Air-Logistic Iberica S.L.U

Arcus-Air-Logistic s.r.o

Arcus OBC GmbH

Chapman Freeborn Airmarketing GmbH (Germany)*

Chapman Freeborn OBC GmbH (Germany)*

Chapman Freeborn Airchartering SL (Spain)

Chapman Freeborn Airchartering BVBA (Belgium)

Chapman Freeborn Airchartering Sp Z.o.o (Poland)

Rest of the World

Alltrans Management Pty Ltd (Australia)

Chapman Freeborn Airchartering Ltd (Canada)

Chapman Freeborn Airchartering Ltd (HK)

Chapman Freeborn Airchartering (China) Ltd (UK)

Chapman Freeborn Airchartering Ltd (UK)

Chapman Freeborn Airchartering, Inc (USA)

Chapman Freeborn Airchartering Pte Ltd (Singapore)

Chapman Freeborn Airchartering (South Africa) Pty Ltd (South Africa)

Chapman Freeborn Airchartering Consulting (Shanghai) Co Ltd (China)

Chapman Freeborn Airchartering (Uganda) Ltd (Uganda)

Chapman Freeborn Airchartering Pvt Ltd (India)

Chapman Freeborn Handcarry Ltd (Hong Kong)

Chapman Freeborn Aviation Services FZE (UAE)

Chapman Freeborn Aviation Services FZCO (UAE)

Chapman Freeborn OBC, Inc. (USA)

Intradco Cargo Services Ltd (UK)

Magma Aviation Ltd (UK)

Wings 24 Ltd (UK)

* In accordance with local legal requirements, each of Chapman Freeborn OBC GmbH and Chapman Freeborn Airmarketing GmbH have appointed a Data Protection Officer as follows: