We noticed you are using Internet Explorer 11, this web browser is no longer supported, your experience might be degraded.

Information about cookies and similar technologies

This section explains how we use cookies and similar technologies at miles-and-more.com. This supplements our “Miles & More Website, App & Communications Media” data protection policy.

We use cookies, local and session storage as well as web beacons to ensure that our service is as user-friendly as possible.

1. Cookies

 

A “cookie” is a small text file that a web server (for example the www.miles-and-more.com web server) sends to your browser when you visit a website. The cookie file is stored or rejected depending on your browser settings. If the file is stored, our web server can recognise your device. The cookie can save you having to re-enter information the next time you visit the site or when you switch between functions that require you to enter a password. Cookies therefore make it easier for you to use websites that require user information.

 

We use:

 

  • Session cookies
    These expire at the end of the browser session and are used to record your browsing activities. They are deleted when you close your browser.
  • Permanent cookies
    These are stored on your device between different browser sessions and can record your settings or activities on multiple websites. They are deleted after a predefined period that can vary depending on the cookie. You can also delete the cookies at any time, however, in your browser settings.
  • Session storage
    Comparable to the use of cookies. Session storage means data is stored in your browser and deleted when you close your browser.
  • Local storage
    This is also comparable to the use of cookies. It permits the more secure, longer-term storage of the information contained. See “Local storage” for further information.
 
We also distinguish between the following categories of cookies:
 
  • Operationally essential
    These cookies are absolutely essential for the operation of the website and facilitate logging in, redeeming miles and security features, for example. These types of cookies also allow us to recognise whether you wish to remain logged in to your profile so that you can access our services more quickly the next time you visit our website.
  • Personalisation
    These cookies are used to display personalised content to you that matches your interests. This makes it possible to present offers that are especially relevant to you.
  • Analytics & Statistics
    We use tools to improve the user-friendliness and performance of our website. These help us to find out how users move around on the site, where problems in use occur and which processes cause difficulties for users.
  • Advertising
    We use marketing and third-party cookies for the purposes of optimising, analysing and personalising advertising campaigns: (1) cookies to show you personalised advertising on other websites (Google Ads); (2) cookies to assign you to a target group list. If you are logged in as a member, your email address is used to generate a cryptographic attribute which is sent to our advertising partners. This enables us to show you advertising online and on social media that corresponds to your interests (Google Customer Match).

 

You can set up your browser to accept or block cookies. You can also set it up to delete all cookies at the end of a session or delete individual cookies manually. Please note that the functionalities of our website may be limited or no longer available if you block or delete certain cookies. You will not then be able to access your personal profile or receive any content that is personalised for you.

It is possible that your browser is already set up to display an alert every time it receives a cookie request. This alert can be very annoying, because the identification cookie must be sent again when you access each individual page on our website. We therefore recommend that you set up your browser to always allow cookies from www.miles-and-more.com. You can specify this setting for single websites on an individual basis.

You can find out more about the use of cookies and how to disable them at meine-cookies.org or youronlinechoices.com.

Cookies

         
mamcom_cl MMG This cookie remembers the language/country setting based on the location or the requested URL. Session Essential
mamcom_cl_last MMG This cookie remembers the user’s last language/country setting. 1 year Essential

mamcom_resolvedcountryconflicts

MMG

Cookie that stores the requested decision when the country is changed.

1 year

Essential

mamcom_resolvedlanguageconflicts

MMG

Cookie that stores the requested decision when the language is changed.

1 year

Essential

mamcom_promo

MMG

This cookie recognises whether a member has already registered for a promotion and thus enables information to be displayed showing that the registration has already been completed.

1 year

Essential

mamcom_cookieusage

MMG

This cookie enables the “Cookie Usage Indicator” (cookie information bar) not to be displayed again once the user has closed it.

1 year

Essential

STAT MMG This (short-term) cookie defines the end of “authenticated” status after login and contains an encrypted access token. New authentication is then requested after this time for security reasons if the user wishes to change their personal data. 30 minutes Essential

STATInfo

MMG

This (short term) cookie defines the end of “authenticated” status after login. New authentication is then requested after this time for security reasons if the user wishes to change their personal data.

30 minutes

Essential

MFAT MMG This (multi-factor) cookie defines the end of “two-factor authenticated” status after a successful two-factor login and contains an encrypted access token. New authentication is then requested after this time for security reasons if the user wishes to change their personal data. 10 minutes Essential
MFATInfo MMG This (multi-factor) cookie defines the end of “two-factor authenticated” status after a successful two-factor login. New authentication is then requested after this time for security reasons if the user wishes to change their personal data. 10 minutes Essential
LTAT MMG This (long-term) cookie defines the end of “identified” status after login and contains an encrypted access token. New authentication is then requested after this time for security reasons if the user wishes to change their personal data. 30 days Essential

LTATInfo

MMG

This (long-term) cookie defines the end of “identified” status after login. New authentication is then requested after this time for security reasons if the user wishes to change their personal data.

30 days

Essential

DWM_XSITECODE

Amadeus

This cookie defines which settings (e.g. texts, rules) should be used for the flight award booking.

Session

Essential

um_jst

Amadeus

This cookie is used for the technical security of the current session during the flight award booking.

Session

Essential

ak_wfSession Akamai Cookie for differentiating between unwanted, automated access and legitimate, human users. 2 hours Essential
ak_bmsc Akamai Cookie for differentiating between unwanted, automated access and legitimate, human users. 2 hours Essential
bm_sv Akamai Cookie for differentiating between unwanted, automated access and legitimate, human users. 2 hours Essential
bm_mi Akamai Cookie for differentiating between unwanted, automated access and legitimate, human users. 2 hours Essential
bm_sz Akamai Cookie for differentiating between unwanted, automated access and legitimate, human users. 4 hours Essential
_abck Akamai Cookie for differentiating between unwanted, automated access and legitimate, human users. 1 year Essential

visitor

Q.Two

This cookie is used to track whether you have been redirected through miles-and-more.com to the online shopping partners.

30 days

Essential

mamcom_consent_date

MMG

This cookie stores the date on which a user consented to the cookie.

1 year

Essential

mamcom_consent_choice

MMG

This cookie stores the cookie selection made by the user.

1 year

Essential

s_ecid

Adobe Experience Cloud

This cookie serves as a reference ID for identifying unique visitors if the AMCV cookie has expired.

 

2 years

Essential

AMCV_###@AdobeOrg

Example: see (1)

Adobe Experience Cloud

This cookie is used to identify a unique visitor.

2 years

Essential

demdex Adobe Experience Cloud This cookie is used to identify a unique visitor on Miles & More websites. 6 months Essential

s_cc

Adobe Analytics

This cookie is set to determine whether the browser permits cookies.

Session

Essential

s_sq

Adobe Analytics


This cookie contains information about the previous link the user clicked.

Session

Essential

s_vi

Adobe Analytics


This cookie is used to identify a unique visitor, including a time stamp.

2 years

Essential

s_vi_s

Adobe Analytics

This cookie is used to identify a unique visitor.

1 hour

Essential

s_vi_*

Adobe Analytics

This cookie is used to identify a unique visitor.

2 years

Essential

s_fid

Adobe Analytics

This cookie is used to identify a unique visitor if the standard s_vi cookie is unavailable due to third-party cookie restrictions.

2 years

Essential

s_getNewRepeat

Adobe Analytics

This cookie is used to determine a new or returning visitor.

 

1 month

Essential

s_invisit

Adobe Analytics

This cookie is used to determine a new or returning visitor and the number of their visits.

Session

Essential

s_ppv

Adobe Analytics

This cookie is used to store the previous page that the user visited to track the scrolling behaviour.

Session

Essential

s_ppvl

Adobe Analytics

This cookie is used to store the previous page that the user visited to track the scrolling behaviour.

Session

Essential

s_ppn

Adobe Analytics

This cookie is used to store the previous page that the user visited to track the scrolling behaviour.

30 minutes

Essential

s_tp

Adobe Analytics

This cookie is used to store information about the percentage of the displayed page that the user has loaded.

1 month

Essential

s_vnum

Adobe Analytics

This cookie is used to record the user’s number of visits.

1 month

Essential

mamcom_refresh_localstorage MMG This cookie launches an update of the available data in local storage following an update of the profile data.

5 minutes Essential
mamcom_{nonce}

MMG This cookie converts the value of the URL parameter “state” required during the authentication of the user and for back navigation on https://account.miles-and-more.com into a random alphanumerical figure. This allows for the pseudonymised processing of this value to authenticate the user through back-end systems.

1 day Essential
TUAT MMG This allows users to register for Travel ID during the booking process. The TUAT enables the data collected during the registration process to also be used for the booking process without requiring users to complete the registration process beforehand via the activation link. Users are not logged in only because of the TUAT cookie. The TUAT is valid for 10 minutes. After that, the TUAT cookie will no longer be able to retrieve data.

10 minutes

Essential
mamcom_alert MMG This cookie remembers whether the warning notification was actively closed by a user to no longer display the notification for as long as the cookie applies.

7 days Essential
mamcom_appdownload_visitor MMG This cookie is only placed on mobile devices and remembers whether the website has already been opened in the same browser in the past. 1 year Essential
mamcom_appdownload_banner MMG This cookie is only placed on mobile devices and remembers how often the app banner has been closed in the same browser to prevent unwanted display of the banner. 1 year Essential
Devicefingerprint MMG This cookie remembers the user’s trusted browsers for the purpose of two-factor authentication via the app, making it possible to log in on these browsers without an additional code from the authentication app. 1 year Essential

mbox

Adobe Target

This cookie is used for A/B tests and for personalisation purposes.

1 year

Personalisation
{}{_}gcl_au

Google
(Google Campaign Manager, Display & Video 360, Google Ads, Search Ads 360)
These third-party cookies are used to process your data to create target group lists to show you advertising online and on social media that corresponds to your interests.
90 days

Advertising
_gcl_aw
Google
(Google Ads)
These third-party cookies are used to process your data to create target group lists to show you advertising online and on social media that corresponds to your interests.
90 days

Advertising
{}gcl_dc{_}
Google
(Google Campaign Manager, Display & Video 360, Search Ads 360)
These third-party cookies are used to process your data to create target group lists to show you advertising online and on social media that corresponds to your interests.
90 days
Advertising
_hjSessionUser_{site_id}  Hotjar This cookie ensures that data from later visitors to the website is allocated to the same user. 1 year Analytics & Statistics
_hjFirstSeen Hotjar This cookie identifies a new user’s first visit. 30 minutes, extended depending on the user’s activity.   Analytics & Statistics
_hjHasCache dUserAttributes  Hotjar This cookie checks whether the data in the local storage of the browser is still current or needs to be updated. Session Analytics & Statistics
_hjUserAttributesHash Hotjar This cookie checks whether the user properties are still current or need to be updated.

2 minutes, extended every 30 seconds.

Analytics & Statistics
_hjUserAttributes  Hotjar This cookie stores user attributes in hash form.

Local storage.

No explicit expiry date.

Analytics & Statistics
_hjViewportId Hotjar This cookie stores details of the user’s viewport, such as the size and dimensions. Session Analytics & Statistics
_hjActiveViewportIds Hotjar This cookie stores which particular user viewports are active.

Local storage.

No explicit expiry date.

Analytics & Statistics
_hjSession_{site_id} Hotjar This cookie ensures that data from subsequent sessions is linked with one another. 30 minutes, extended depending on user activity. Analytics & Statistics
_hjSessionTooLarge Hotjar This cookie ensures that Hotjar terminates data recording if a session becomes too long/large. 1 hour Analytics & Statistics
_hjSessionResumed Hotjar This cookie ensures that sessions can be continued if the connection is interrupted. Session Analytics & Statistics
_hjCookieTest Hotjar This cookie checks whether Hotjar can use cookies or not.

Is deleted immediately after it is created.

Below a duration of 100 ms the cookie expiry time is adjusted to the duration of the session

Analytics & Statistics
_hjLocalStorageTest  Hotjar This cookie checks whether Hotjar can use the local storage or not. Below 100 ms duration Analytics & Statistics
_hjSessionStorageTest  Hotjar This cookie checks whether Hotjar can use the session storage.

The data stored in _hjSessionStorageTest does not have a duration of validity, but is deleted immediately after it is created.

Below 100 ms duration.

Analytics & Statistics
_hjIncludedIn PageviewSample Hotjar This cookie checks the users’ limit recorded in the measurement using the page accesses. 2 minutes, extended every 30 seconds. Analytics & Statistics
_hjIncludedIn SessionSample_{site_id}  Hotjar This cookie checks the users’ limit recorded in the measurement using the maximum number of daily sessions. 2 minutes, extended every 30 seconds. Analytics & Statistics
_hjAbsoluteSessionInProgress  Hotjar This cookie recognises the user’s first access of the site. 30 minutes, extended depending on user activity. Analytics & Statistics
_hjTLDTest Hotjar This cookie is used as a test cookie to ensure that Hotjar is functioning correctly. Session Analytics & Statistics
_hjRecordingEnabled Hotjar This cookie informs Hotjar that a session recording has been initialised. Session Analytics & Statistics
_hjRecordingLastActivity Hotjar This cookie shows Hotjar that data has been sent to the Hotjar server. Session Analytics & Statistics
_hjClosedSurveyInvites Hotjar This cookie lets Hotjar know that a user has reacted to a survey invitation so that the user is not invited again. 1 year Analytics & Statistics
_hjDonePolls Hotjar This cookie ensures that a survey is not displayed again if the user has already taken part. 1 year Analytics & Statistics
_hjMinimized Polls Hotjar This cookie ensures that a survey remains minimised for as long as the user is navigating through the website. 1 year Analytics & Statistics
_hjShownFeedbackMessage  Hotjar This cookie ensures that a feedback report remains minimised for as long as the user is navigating through the website. 1 day Analytics & Statistics
visitor Q.Two This cookie is used to track whether you have been redirected through miles-and-more.com to the online shopping partners.  30 days Essential
cl_last Q.Two This cookie remembers the user’s last language/country setting. 1 year Essential
consent_choice Q.Two This cookie stores the cookie selection made by the user.  1 year Essential
1

name: AMCV_2F4160D5561546F97F000101%40AdobeOr

2. Web beacons

Web beacons are small graphic files (also known as “tracking pixels”, “pixel tags” or “clear GIFs”) that can be embedded in our websites, apps, applications and newsletters, and are normally used in conjunction with cookies. All the information about cookies given above also applies to web beacons. Most notably, web beacons will not be used if you have rejected the use of the respective cookie.

3. Local storage

We use the function known as local storage. This means that your data (master data, status data and programme data) is stored locally in your browser’s cache once you have logged in. Your data is deleted after you have closed the browser window, except for your last chosen login method. This information is retained and can be retrieved the next time you access the website unless you delete your browser’s cache. By using local storage, we facilitate the correct display of your data when you are surfing our website without slowing the process unnecessarily or overloading the interfaces.

If you do not want local storage to be used, you can change your settings accordingly in your browser at any time. Please note that if you do so the functionalities of our website may be limited or no longer available. In particular, you will then not be able to access your personal profile.

Local storage

Name Description Validity Category

ID

Object ID

Login session

Essential

Date of birth

Date of birth

Login session

Essential

Preferred language

Preferred language in the user data

Login session

Essential

Academic title

Visitor’s academic title

Login session

Essential

First name

Visitor’s first name

Login session

Essential

Middle name

All the visitor’s middle names

Login session

Essential

Surname

Visitor’s surname

Login session

Essential

Gender

Visitor’s gender

Login session

Essential

Activity status

Activity status

Login session

Essential

Cardholder’s name

Name stated on the service card

Login session

Essential

Ticketholder’s name

Name stated on the flight ticket

Login session

Essential

Processing of personal data (PPD)

Consent to the collection, storage and processing of personal data

- Master data

- Transaction data

- Web tracking information

- Status information

Login session

Essential

Behaviour-based consent (BP)

Consent to the collection and processing of personal data by the Lufthansa Group for commercial purposes

Login session

Essential

Customer number

Visitor’s customer number

Login session

Essential

LHCOM alias (user ID and password authentication)

The alias set up by the visitor at registration using the user ID and password

Login session

Essential

LH-ID alias (email address and password authentication)

The alias set up at registration via Lufthansa with the LH-ID

Login session

Essential

Service card number FTL

Card number for FTL status

Login session

Essential

Service card number INST

Card number for INST status

Login session

Essential

Service card number SEN

Card number for SEN status

Login session

Essential

Service card number HON

Card number for HON status

Login session

Essential

Branding

Branding in accordance with the brand logic

Login session

Essential

Registration date

Visitor’s registration date

Login session

Essential

Member’s status level

Visitor’s status level

Login session

Essential

Status basis

Basis for the visitor’s status

Login session

Essential

Source code of registration

Source code of registration used by the member for registration

Login session

Essential

Primary card number (service card number and PIN authentication)

Value of the primaryCardNumber key in the membership data

Login session

Essential

Membership status

Visitor’s membership status

Login session

Essential

poolOption

Option for Mileage Pooling for the user

Login session

Essential

Award miles

Account balance of award miles

 

Login session

Essential

eVouchers

Remaining value of the eVouchers

Login session

Essential

Status miles

Account balance of status miles

Login session

Essential

HON Circle miles

Account balance of HON Circle miles

Login session

Essential

Flight segments

Account balance of flight segments

Login session

Essential

Select miles

Account balance of select miles

Login session

Essential

The number of status miles still required to maintain status

The number of status miles still required to maintain status

Login session

Essential

The number of flight segments still required to maintain status

The number of flight segments still required to maintain status

Login session

Essential

The number of status miles still required to achieve a higher status

The number of status miles still required to achieve a higher status

Login session

Essential

The number of flight segments still required to achieve a higher status

The number of flight segments still required to achieve a higher status

Login session

Essential

Fraud risk

The fraud risk checked at the time of flight award booking

Login session

Essential

Recruiting partner

The partner recruiting the visitor

Login session

Essential

Registration partner

Visitor’s registration partner

Login session

Essential

Partner for further access

Visitor’s partner for further access

Login session

Essential

Expiry date of current status

Date on which the current status expires

Login session

Essential

Expected date for new Status Star

The data on which the next Status Star is expected based on the Status Star Points rate (extrapolation)

Login session

Essential

Object ID for contact point

Contact point object ID

Login session

Essential

Contact point usage

Usage of a contact point (only PRIVATE in future)

Login session

Essential

Channel of the contact point

Information about the channel of the contact point

- Primary mobile phone number

- Landline number

- Fax number

- Postal address

- Email address

Login session

Essential

Confirmation date

Date on which the contact point was last confirmed

Login session

Essential

Region/Federal state

Region/Federal state of an address with the channel POST

Login session

Essential

Country

Country of an address with the channel POST

Country of residence of a visitor at “standard”: true

Login session

Essential

City

City of an address with the channel POST

Login session

Essential

Street

Street of an address with the channel POST

Login session

Essential

addAddressLine

Additional information of an address with the channel POST

Login session

Essential

PO box

PO box number of an address with the channel POST

Login session

Essential

Building

Building information of an address with the channel POST

Login session

Essential

Company name

Company name of an address with the channel POST

Login session

Essential

Postcode

Postcode of an address with the channel POST

Login session

Essential

PO box address

PO box indicator if the street or PO box of an address with the channel POST was specified

Login session

Essential

Invalid address

Indicator of a contact point that indicates whether the contact point is still valid

Login session

Essential

Standard

Indicator that indicates whether the contact point is the primary contact point

- Primary email address

- Primary mobile phone number

- Primary postal address

Login session

Essential

Email address

Email address of a contact point with the channel EMAIL

Login session

Essential

International dialling code

The international dialling code of a contact point with the channel

- MOBILE

- TELEPHONE

- FAX

Login session

Essential

Area code

The area code of a contact point with the channel

- MOBILE

- TELEPHONE

- FAX

Login session

Essential

Number

The number of a contact point with the channel

- MOBILE

- TELEPHONE

- FAX

Login session

Essential

Preferred departure airport

Preferred departure airport

Login session

Essential

Preferences for mobile boarding pass

The preferred option for a mobile boarding pass

Login session

Essential

Subprogrammes

All active and inactive subprogrammes of a visitor

Login session

Essential

Subscriptions

All the visitor’s subscriptions

Login session

Essential

Consents

All consents given by the visitor

Login session

Essential

One-off consents

All one-off consents given by the visitor

Login session

Essential

Expiry of award miles

Information about the expiry of award miles

Login session

Essential

Expiry of eVouchers

Information about the expiry of eVouchers

Login session

Essential

Re-qualification marking

Re-qualification marking

Login session

Essential

Remaining miles

The number of remaining miles required for AC enquiries

Login session

Essential

Tool pages

The data stored to make the country and language-based functions of the last used tools available

Login session

Essential

Benefit code

The code that identifies the benefit

Login session

Essential

Form of utilisation of a benefit

Type of benefit:

- OUTBOUND FLIGHT

- INCENTIVE IN PROGRAMME CURRENCY

- CURRENCY EXCHANGE

- PARTNER CARD

- PERSONAL

Login session

Essential

Benefit status

Status of the benefit:

- OPTIONAL

- SELECTED

- EXPECTED

 

Login session

Essential

Benefit threshold

Threshold above which the benefit changes from the status EXPECTED to the status OPTIONAL if not yet SELECTED

 

Login session

Essential

Expiry date of the benefit

Expiry date of the benefit with the status OPTIONAL

 

Login session

Essential

Maximum conversion value of the benefit

Maximum conversion value of a benefit of the type CURRENCY EXCHANGE

 

Login session

Essential

Date of benefit selection

The date on which the visitor selected the benefit

 

Login session

Essential

Ratio of the benefit for mileage exchange

The possible conversion ratio of a benefit of the type CURRENCY EXCHANGE

Login session

Essential

Updating intervals

Time stamp of the last update of locally stored data

Login session

Essential

Inbox information

Information about documents stored in the inbox: date, quantity, number, ID, subject, content, expiry date, read/unread, origin

Login session

Essential

Authentication: CSRF_TOKEN

Every action that changes a status requires this secure random token to prevent CSRF attacks.

Login session

Essential

Authentication: KEY_CUSTOMER_ID

Is sent back by the authentication call and stored for further API calls.

Login session

Essential

Authentication: KEY_LOGIN_TYPE

Stores the last used form of login.

Continuing

Essential

mamcomreferrer

Required to store the original past context before a change to the country and/or language.

Login session

Essential

mamcombacklinkisfallbackpage

Required to store if the current country and/or language selection reverts to the fallback page.

Login session Essential

Time stamp of the authorisation layer

Stores the date on which the layer of an authorisation migration or authorisation maximisation was displayed to a visitor.

Login session

Essential

Session storage

Name

Description

Validity

Category

Response data for retroactive credit request

Covers the status and amount of the retroactive credit request and is required to display the response on the thank-you page for the retroactive credit request.

Session

Essential

Process number

The thank-you page for the retroactive credit request requires that the parameter for the session storage “requid” displays the process number.

Session

Essential

4. Legal bases

The legal basis for the use of operationally necessary cookies is Art. 6(1)(1)(b) GDPR (performance of the contract and steps prior to entering into a contract); the legal basis for the use of cookies for analysis or marketing purposes and for the use of web beacons and local storage is Art. 6(1)(1)(f) GDPR (legitimate interest). For web beacons, with cookies for statistical and personalisation purposes, the company’s interest lies in the ongoing development and relevance of the website and programme. For the use of local storage, the company’s interest lies in speeding up processes and preventing system overload.