Policy concerning e-commerce

Airport services e-commerce privacy information

 

The following information is provided in accordance with the current legislation concerning privacy (European Regulation 2016/679 “GDPR” - and Italian Leg. Decree 196/03 and subsequent amendments and additions).

  1. DATA CONTROLLER

Aeroporti di Roma S.p.A., with registered office at via Pier Paolo Racchetti, 1 - 00054 Fiumicino (Rome).

  1. TYPES OF DATA PROCESSED

The data processed by ADR S.p.A. include personal information such as name, surname, and email address.

  1. PURPOSE AND LEGAL BASIS FOR PROCESSING

ADR S.p.A. will process your personal data, following your request, exclusively for the purposes of purchasing e-commerce airport services such as Passenger Services, Membership, Airport Licences, Airport Supplies, Instruction and Training. Providing the data is necessary to achieve the aforementioned purpose, and your refusal for the processing will disallow provision of the requested online services.

Anyone entering data also on behalf of others (employees, suppliers, colleagues, etc.) declares: (i) having the consent from the interested party for including their data and for the related service request (ii) informing them about the content of this page.

Also a specific and separate consent may be requested for using the data for direct marketing purposes, notably to send you newsletters about airport services and air transport, commercial promotions and institutional advertising. Providing the abovementioned data is optional and, in case of lack of consent for the processing, the newsletter service will not take effect, without this causing any prejudice to the possibility of using other services related the e-commerce service.

  1. DATA PROCESSING METHODS

The data are processed in compliance with current regulations using manual, computerised and telematic tools, in a logic strictly related to the purposes indicated, so as to ensure the security and confidentiality of the data.

  1. DATA RETENTION TIMES

Your Personal data will be kept only for the time necessary for the purposes for which they are collected in accordance with the principle of minimisation under Art. 5.1.(c) GDPR for a period of 5 years. With reference to marketing and promotional purposes, for a period of 3 years consistent with the purposes and in compliance with the regulations.

  1. RECIPIENTS OF THE DATA

Within ADR S.p.A., only the persons assigned to data processing and authorised by the Controller to carry out the processing operations for the above activities may become aware of the personal data you provided. Additionally, your data may be processed by third parties to which ADR may assign specific tasks and services related to managing the service offered (e.g,. ADR Security, and the website.

The data will also be used by those who manage the payment services (bank, post office, etc.). The data will also be processed by ENAC as the party issuing permits within the airport.

These data may also be communicated to the competent Public Authorities for fulfilment of legal obligations. The aforementioned data shall not be disclosed.

 

  1. RIGHTS OF THE INTERESTED PARTIES

We also inform you, that Articles 15-22 GDPR provide interested parties the opportunity to exercise specific rights; the interested party may obtain from the data Controller: access, correction, deletion, limitation of processing, withdrawal of consent and the portability of the data that concerning them.

The interested party also has the right to object to the processing. In the event of exercising the right to object, the Controller reserves the option not to proceed with the request, and thus to continue the processing if there are compelling legitimate reasons for proceeding with the processing that prevail in the interests, rights and freedoms of the interested party.

The rights above may be exercised either by logging on to your reservation (email link received at the time of purchase), or with a request addressed to the Data Protection Officer (DPO) to the following address: dpo@adr.it. Contact information of the Data Protection Officer is available at www.adr.it