Cookie Policy

Who is responsible for your personal data?

Scandinavian Airlines System Denmark-Norway-Sweden is the data controller responsible for the processing described below. In this Cookie Policy, “SAS” refers to Scandinavian Airlines System Denmark-Norway-Sweden. “SAS Group” means all companies in which SAS AB (publ) directly or indirectly, from time to time, owns or controls more than 50 per cent of the shares.

SAS has appointed a Data Protection Officer to help SAS ensure that your personal data is processed in the correct manner. You are welcome to contact our Data Protection Officer with questions about cookies by sending an e-mail to dataprotectionofficer@sas.se.

What is a cookie?

A ‘cookie’ is a small text file containing information which is stored on your computer or mobile device. Cookies are used for technical reasons and to facilitate your use of SAS’ websites and applications, and may be stored for varying lengths of time on your browser or device. “Persistent cookies” will remain stored on your computer or device until deleted or until they reach their expiry date. It can thereafter be used to customize this website based on the user’s choices and interests. “Session cookies” are not saved once you close your browser. When you visit a website or application, session cookies are sent between your computer and the server to collect information. For more information about how cookies work and how to manage them, please refer to your browser’s ‘help’ section. 

We are continuously working to improve our SAS’ websites and our applications. In order to do this, we use tools like Google Analytics and Hotjar to analyze our users’ behavior.

To access all of this site's functionality, your browser settings should be set to allow JavaScript. If you have JavaScript turned off, you will not be able to view the SAS website. The browser settings are often found under ‘settings’ in your browser.

Which cookies do we use?

Necessary cookies

Necessary cookies collect data that are necessary for the technical performance of the website, to give visitors access to basic platform functions, to ensure security and prevent fraud. These features are always on. They enable a smooth operation, e.g. while booking your flight, logging in to your profile or EuroBonus account delivering the correct answers to your requests, ensuring security features, such as avoiding any malicious use of the website These cookies cannot be switched off, since this would lead to you not being able to use the website. The legal basis for the processing of these cookies is our legitimate interests pursuant to Art. 6(1), Subparagraph 1(f) GDPR. The base of our legitimate interest is to ensure the security and functionalities of this website.

Functional cookies

Functional cookies are used to enhance the functionality and personalization of the website. Some of these cookies can be set by SAS, and other functional cookies are set by third party providers, who provide the website with a service – for example the chat function. If you do not consent to functional cookies being used, some or all of our services on the website might not function properly.
The legal basis for the processing of these cookies is based on your consent pursuant to Art. 6(1), Subparagraph. 1(a) GDPR, which you have given us. Any consent given can be withdrawn at any time as set out in Section 5.

Statistical cookies

Statistical cookies are used to understand performance on the website and are used to measure and improve the performance of our online services. These cookies show how users move across the website and applications, which helps SAS to focus on improving certain features and making your experience on the website better. Most of the information which the statistical cookies collect is aggregated data. If you do not consent to these cookies being used, we will not be able to monitor the website and app performance.
The legal basis for the processing of these cookies is based on your consent pursuant to Art. 6(1), Subparagraph. 1(a) GDPR, which you have given us. Any consent given can be withdrawn at any time as set out in Section 5.

Marketing cookies

Marketing cookies have the purpose of showing you relevant advertising and adds on other sites you visit. These cookies are set by our advertising partners on our websites and/or applications. The information collected through these cookies is used by our partners and us to build a profile consisting of your interests in order to showcase relevant ads to you. The collected information is based on uniquely identifying your browser and device. If you do not consent to these cookies, you will see less targeted advertising.

The legal basis for the processing of these cookies is based on your consent pursuant to Art. 6(1), Subparagraph. 1(a) GDPR, which you have given us. Any consent given can be withdrawn at any time as set out in Section 5.

Processing of personal data

If you consent to the usage of the above-described cookies, this will in some cases involve the processing of your personal data. This can include your IP address, your actions and behavior online, your interests and other personal information on how you use our platforms. For more information on how SAS processes your personal data, read our privacy policy.

How to manage your cookie preferences

If you want to withdraw your consent or customize your cookie settings, go to your browsers’ settings and set your preferences.
Please note that, if cookies are deleted or declined:

• certain areas and functions on this website require cookies and may not function; and

• we may no longer recognize your preferences in relation to our use of cookies and other technologies described herein, including in relation to personalized communication, and may ask for your preferences again.

You can at any time manage your data preferences in relation to our use of cookies and similar technologies. Note that a withdrawal of your consent does not affect the legality of the processing carried out up to the time you revoked your consent.

Manage Personal Data

Will your personal data be processed outside the EU/EEA?

When consenting to some of our cookies, some of your personal data may be transferred to countries outside EU/EEA.

When personal data is transferred to a non-EU/EEA country without satisfactory levels of protection for personal data, we will apply appropriate measures, as a minimum by including standard contractual clauses which have been adopted by the European Commission. These standard contractual clauses can be found at the following link: Standard Contractual Clauses (SCC) (europa.eu)

If there is a lack of both a decision on adequate levels of protection by the European Commission and established appropriate security measures in the form of standard contractual clauses in accordance with the above, we will only transfer your personal data when it is necessary in order to fulfill our contractual obligations to you, see GDPR art. 49 no 1 b, for example in order to carry out your travel or to perform our obligations under the EuroBonus and Profile Account terms and conditions.

How do we protect your personal data?

We have taken extensive technical and organizational measures to protect your data from loss, abuse and unauthorized access. Processing and transfer of data between your web browser and our server is properly protected by encryption and we are continuously updating our security measures.

Overview of cookies that SAS use

The table linked below sets out the specific cookies that are currently used on our websites and applications, respectively. The table also set out the purpose of each cookie, the retention time and the provider.

Cookie Table (PDF, 452KB)

Changes in the Cookie Policy

We update our Cookie Policy from time to time. Please do check it regularly in order to be aware of the newest version. The latest version will always be available on SAS home pages.