- Latest available (Revised)
- Original (As adopted by EU)
Regulation (EC) No 80/2009 of the European Parliament and of the CouncilShow full title
Regulation (EC) No 80/2009 of the European Parliament and of the Council of 14 January 2009 on a Code of Conduct for computerised reservation systems and repealing Council Regulation (EEC) No 2299/89 (Text with EEA relevance)
You are here:
What Version
Advanced Features
- Show Geographical Extent(e.g. England, Wales, Scotland and Northern Ireland)
- Show Timeline of Changes
More Resources
Legislation originating from the EU
When the UK left the EU, legislation.gov.uk published EU legislation that had been published by the EU up to IP completion day (31 December 2020 11.00 p.m.). On legislation.gov.uk, these items of legislation are kept up-to-date with any amendments made by the UK since then.
This item of legislation originated from the EU
Legislation.gov.uk publishes the UK version. EUR-Lex publishes the EU version. The EU Exit Web Archive holds a snapshot of EUR-Lex’s version from IP completion day (31 December 2020 11.00 p.m.).
Changes over time for: Article 11
Changes to legislation:
There are currently no known outstanding effects by UK legislation for Regulation (EC) No 80/2009 of the European Parliament and of the Council, Article 11.
Changes to Legislation
Revised legislation carried on this site may not be fully up to date. At the current time any known changes or effects made by subsequent legislation have been applied to the text of the legislation you are viewing by the editorial team. Please see ‘Frequently Asked Questions’ for details regarding the timescales for which new effects are identified and recorded on this site.
Article 11U.K.Processing, access and storage of personal data
1.Personal data collected in the course of the activities of a CRS for the purpose of making reservations or issuing tickets for transport products shall only be processed in a way compatible with these purposes. With regard to the processing of such data, a system vendor shall be considered as a [F1controller in accordance with Article 4(7) of Regulation (EU) 2016/679].
2.Personal data shall only be processed in so far as processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
3.Where special categories of data referred to under Article [F29] of [F3Regulation (EU) 2016/679] are involved, such data shall only be processed where the data subject has given his or her explicit consent to the processing of those data on an informed basis.
4.Information under the control of the system vendor concerning identifiable individual bookings shall be stored offline within seventy-two hours of the completion of the last element in the individual booking and destroyed within three years. Access to such data shall be allowed only for billing-dispute reasons.
5.Marketing, booking and sales data made available by a system vendor shall include no identification, either directly or indirectly, of natural persons or, where applicable, of the organisations or companies on whose behalf they are acting.
6.Upon request, a subscriber shall inform the consumer of the name and address of the system vendor, the purposes of the processing, the duration of the retention of personal data and the means available to the data subject of exercising his or her access rights.
7.A data subject shall be entitled to have access free of charge to data relating to him or her regardless of whether the data are stored by the system vendor or by the subscriber.
8.The rights recognised in this Article are complementary to and shall exist in addition to the data subject rights laid down by [F4Regulation (EU) 2016/679], by the national provisions adopted pursuant thereto and by the provisions of international agreements to which the [F5United Kingdom] is party.
9.The provisions of this Regulation particularise and complement [F6Regulation (EU) 2016/679] for the purposes mentioned in Article 1. Save as otherwise provided, the definitions in [F7that Regulation] shall apply. Where the specific provisions with regard to the processing of personal data in the context of the activities of a CRS laid down in this Article do not apply, this Regulation shall be without prejudice to the provisions of [F7that Regulation], the national provisions adopted pursuant thereto and the provisions of international agreements to which the [F8United Kingdom] is party.
10.Where a system vendor operates databases in different capacities such as, as a CRS, or as a host for airlines, technical and organisational measures shall be taken to prevent the circumvention of data protection rules through the interconnection between the databases, and to ensure that personal data are only accessible for the specific purpose for which they were collected.
Textual Amendments
F1Words in Art. 11(1) substituted (31.12.2020) by virtue of The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(a); 2020 c. 1, Sch. 5 para. 1(1)
F2Word in Art. 11(3) substituted (31.12.2020) by The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(aa) (as inserted by S.I. 2019/687, regs. 1(3), 4(3)); 2020 c. 1, Sch. 5 para. 1(1)
F3Words in Art. 11(3) substituted (31.12.2020) by The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(b); 2020 c. 1, Sch. 5 para. 1(1)
F4Words in Art. 11(8) substituted (31.12.2020) by The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(b); 2020 c. 1, Sch. 5 para. 1(1)
F5Words in Art. 11(8) substituted (31.12.2020) by The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(d); 2020 c. 1, Sch. 5 para. 1(1)
F6Words in Art. 11(9) substituted (31.12.2020) by The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(b); 2020 c. 1, Sch. 5 para. 1(1)
F7Words in Art. 11(9) substituted (31.12.2020) by The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(c); 2020 c. 1, Sch. 5 para. 1(1)
F8Words in Art. 11(9) substituted (31.12.2020) by The Computer Reservation Systems (Amendment) (EU Exit) Regulations 2018 (S.I. 2018/1080), regs. 1(2), 8(d); 2020 c. 1, Sch. 5 para. 1(1)
Options/Help
Print Options
PrintThe Whole Regulation
PrintThe Whole Section
PrintThis Article only
Legislation is available in different versions:
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As adopted by EU): The original version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.
See additional information alongside the content
Geographical Extent: Indicates the geographical area that this provision applies to. For further information see ‘Frequently Asked Questions’.
Show Timeline of Changes: See how this legislation has or could change over time. Turning this feature on will show extra navigation options to go to these specific points in time. Return to the latest available version by using the controls above in the What Version box.
Opening Options
Different options to open legislation in order to view more content on screen at once
More Resources
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the EU Official Journal
- lists of changes made by and/or affecting this legislation item
- all formats of all associated documents
- correction slips
- links to related legislation and further information resources
Timeline of Changes
This timeline shows the different versions taken from EUR-Lex before exit day and during the implementation period as well as any subsequent versions created after the implementation period as a result of changes made by UK legislation.
The dates for the EU versions are taken from the document dates on EUR-Lex and may not always coincide with when the changes came into force for the document.
For any versions created after the implementation period as a result of changes made by UK legislation the date will coincide with the earliest date on which the change (e.g an insertion, a repeal or a substitution) that was applied came into force. For further information see our guide to revised legislation on Understanding Legislation.
More Resources
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the print copy
- correction slips
Click 'View More' or select 'More Resources' tab for additional information including:
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- links to related legislation and further information resources
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.