Privacy PolicyPrivacy Policy

Privacy Policy

In accordance with Art 13 of European Regulation 2016/679

EU Regulation 2016/679 (General Regulations on Data Protection, "Regulation") and the Italian legislation in force, including Legislative Decree no. 196 of 30 June 2003 as amended (Personal Data Protection Code), (together "Applicable Regulations") establish the right of anyone to protection of personal data concerning him/her. The applicable regulations therefore require that personal data is processed in compliance with fundamental rights and freedoms and the dignity of the user, with specific reference to right to the confidentiality and protection of personal data.

Società per azioni Esercizi Aeroportuali S.E.A., having its registered office in Segrate (Milan) - 20090 - at the Milan-Linate Airport, ("Company") in the provision of services (including, for example, flight tracking, search for information on services available at individual airports, travel planning service to and from airports, etc.) which can be used through browsing and registration on the portals www.milanomalpensacargo.eu, www.milanolinate-airport.com, www.milanomalpensa-airport.com, www.milanairports.com (“Service(s)”), processes the personal data provided freely by users in accordance with the Applicable Regulations.

Pursuant to art. 4, paragraph 1, no, 2) of the Regulation, processing of personal data means any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, even if not recorded in a database, such as collection, registration, organization, structuring, storage, processing, selection, blocking, adaptation or modification, retrieval, consultation, use, communication by transmission, circulation or making available in any other form, comparison or interconnection, restriction, erasure or destruction.

The Company will perform the processing, therefore, in accordance with the Applicable Regulations, for the purposes listed below, with automated systems suitable for storing and managing the data in compliance with the abovementioned purposes and in such a way as to guarantee their security and confidentiality.

1. Purpose and legal basis of the processing


The data are acquired and processed in compliance with the rules set out in the Applicable Regulations for the following purposes, with indication of the relevant legal basis:

  • Allow registration to the Service (see point 3.1. below): performance of a contract;
  • Comply with legal obligations (see point 3.1. below): legal obligation;
  • Ottemperare ad eventuali obblighi di legge (v. successivo punto 3.1.): obbligo di legge;
  • Comunicazione dei dati a terzi per ottemperare ad eventuali obblighi di legge (v. successivo punto 3.1.): obbligo di legge;
  • Utilizzare il servizio pianificazione viaggio da e per gli aeroporti (v. successivo punto 3.2.): consenso;
  • Permettere l’accesso e l’utilizzo della rete WiFi (v. successivo punto 3.3.): esecuzione di un contratto;
  • Profilazione (v. successivo punto 3.4.): consenso;
  • Inviare comunicazioni promozionali, commerciali e di marketing relative ai servizi della Società o di società partner (v. successivo punto 3.5.): consenso.

2. Disclosure and circulation of personal data to pursue the purpose of processing.


The data may be disclosed to third parties when the disclosure is required by law, including the scope of prevention/repression of any illegal activity. The data may be communicated to employees/collaborators/consultants, as well as to third party companies to which the Company outsources the processing activities described in this privacy policy, duly designated as data processors pursuant to art. 28 of the Regulation or authorised to perform the processing pursuant to art. 29 of the Regulation. The updated list of processors is available at the Company's registered office.

The data will not be circulated, that is personal data will not be disclosed to the public or, in any case, to an indeterminate number of parties.

3. Mandatory or optional provision of data for pursuit of the purposes of processing


3.1. Use of the Site

The Company will process your personal data in order to allow you to access the Site and use all the features, including the possibility to create an account and register on the Site.

In addition, the Company will process your personal data to fulfil the legal obligations required of it.

Provision of personal data for these purposes is mandatory and a refusal to provide the data may make it impossible for the Company to carry out the purpose for which the personal data is collected. Failure, partial or incorrect provision of the data marked with an asterisk (*) in the registration form will make it impossible to register and to use the Services. The failure, partial or incorrect provision of data not marked with an asterisk will not prevent the registration or its use.

3.2. Travel Planning Service

The Company will process the user's personal data related to geolocation only and exclusively if the user makes use of the "GPS coordinates retrieval" function integrated in the travel planning service to and from Milano Linate/Malpensa airports (https://www.milanairports.com/en/our-airports/how-to-reach-theairports) and only with the user’s consent, which is collected through the browser according to the methods described below.

Personal data are collected and processed by the Company for purposes related and/or connected to the provision of the travel planning service through the user’s geolocation function. Personal data are processed on the basis of the user's free, specific, informed and unequivocal consent released through the browser. In particular, the consent is collected by means of a "pop up" message with which the browser asks the user for the relative and possible authorization to geolocalize the device used by the user, for the purposes of the service.

This message appears the first time the user consults the web page dedicated to the service and, in case of authorization to the respective geolocation, this message will no longer be visible in case of subsequent consultations of the page performed by the user with the same device used for the first access. In any case, it should be noted that the user is free to revoke the consent given at any time by accessing the browser settings and deactivating the function that allows geolocation.

We also specify that the provision of personal data for these purposes is optional. Therefore, should the user not give his/her consent to the processing of such data for the purposes in question, there would be no prejudicial effect on obtaining the travel planning service provided by the Company. In fact, the user can also use the travel planning service by manually filling in the fields to enter the address of the chosen place. In this case, there will be no processing of any user’s personal data.

The Company will process the users’ Personal Data for a few seconds from the collection of the consent required from them for the purpose of their geolocation. After viewing the information requested and related to the Travel Planning Service, Personal Data will be permanently deleted by the Company.

3.3. Using the WiFi network

The Company provides the user with a free WiFi network, which can be accessed without registration.

The computer systems and software procedures used to operate the WiFi service acquire, during their normal operation and at the time of connection by the user, the mac address of the device used. By connecting to WiFi the user will be redirected to the Welcome Page of the WiFi service where he/she must accept the terms and conditions of the service in order to use it.

The Company will detect the mac address of the device that will be used to enable web browsing. In addition to the mac address, the Company will also save the information about the browsing start time and its duration, measured at the end of browsing. This data is never used for user profiling, but may be communicated to the competent authorities if an offence is committed, in order to identify the user.

The WiFi service uses only the technical and analytics cookies indicated in points 4.1 and 4.2 below.

Provision of such personal data for these purposes is mandatory and a refusal to provide the data may make it impossible for the Company to carry out the purpose for which the personal data is collected.

3.4. Profiling purposes

The Company, with the user's consent, will process his/her personal data for the performance of profiling activities, based on the information provided at the time of registration, which is understood in accordance with Article 4, paragraph 1, no. (4) of the Regulations: "any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements".

Where the user does not intend to give consent for profiling purposes, the consequence will be the impossibility for the Company to proceed with the relevant processing. Failure to give consent will not cause any interference and/or consequence on any other negotiation, contractual or other type of relationship with the user.

3.5. Marketing Purposes

LThe Company, with the user's consent, will process his/her personal data for the periodic sending of e-mail messages containing advertising, communications relating to airport information, new initiatives and promotional material, as well as Company services, carried out through automated contact systems (SMS and/or e-mail).

Where the user does not intend to give consent for marketing purposes, the consequence will be the impossibility for the Company to proceed with the relevant processing. Failure to give consent will not cause any interference and/or consequence on any other negotiation, contractual or other type of relationship with the user.

4. Transfer of personal data to countries outside the European Union.


The data collected and processed are not transferred to companies or other parties outside the EU territory.

5. Data retention times


With reference to personal data processed for the pursuit of the purposes referred to in point 3.1. and 3.3. they will be retained in compliance with the principle of proportionality and until the purposes of the processing have been achieved, in any case in the case of data referred to in point 3.1. for a period not exceeding 2 years.

With reference to the profiling and marketing purposes referred to in points 3.4 and 3.5. respectively, the data will be retained for a period of 12 months and 24 months respectively.

6. Data controller

 

The identification details of the data controller company are as follows:

Società per azioni Esercizi Aeroportuali S.E.A., with registered office in Segrate (Milan) - 20090 - at Milan-Linate Airport.

7. Data Protection Officer (DPO)

 

You can contact the Data Protection Officer, also to exercise your rights pursuant to articles 15-22 of the Regulation, by sending an email to: privacy@seamilano.eu.

8. User rights


In relation to the processing of data, you are entitled to exercise the rights set out in Articles 15 to 22 of the Regulation. Specifically, you have the right to:
a) access and request a copy;
b) request rectification;
c) request cancellation;
d) obtain restriction of processing;
e) oppose processing;
f) receive such data in a structured, commonly-used and machinereadable format and transmit such data without hindrance to another controller, where technically feasible.

To exercise your rights and to withdraw consent, you may send a notification to the Data Protection Manager, in the manner indicated in paragraph 7 above, indicating in the subject "Withdrawal of consent to data processing".

You have the right to file a complaint or report with a supervisory authority, in particular in the Member State where you habitually reside, work or where the alleged breach has occurred. In the event that you wish to refer the matter to the Data Protection Supervisory Authority, you may do so by:

a) registered letter with return receipt addressed to the Garante per la protezione dei dati personali, Piazza Venezia, 11, 00187 Roma;
b) e-mail to: garante@gpdp.it, or protocollo@pec.gpdp.it;
c) fax number: 06/69677.3785.

Exercising of such rights is not subject to any formal restriction and is free of charge.

9. Cookie Policy


EU Regulation 2016/679 (General Regulations on Data Protection, "Regulation") and the Italian legislation in force, including Legislative Decree no. 196 of 30 June 2003 as amended (Personal Data Protection Code), (together "Applicable Regulations") establish the right of anyone to the protection of personal data concerning him/her. The applicable regulations, therefore, require that personal data is processed in compliance with fundamental rights and freedoms and the dignity of the user, with specific reference to the right to the confidentiality and protection of personal data.

Pursuant to the provision of the Supervisory Authority for the protection of personal data, "Identification of simplified methods for the privacy policy and acquisition of consent for the use of cookies", dated 8th May 2014 and published in the Official Gazette on 3rd June 2014, Società per azioni Esercizi Aeroportuali S.E.A. (“Company”), as data controller, provides the following information relating to cookies installed on the websites www.milanomalpensacargo.eu, www.milanolinate-airport.com, www.milanomalpensa-airport.com, www.milanairports.com (together defined “Site”).

The provision of such personal data for these purposes is mandatory and a refusal to provide the data may make it impossible for the Company to carry out the purpose for which the personal data is collected.

9.1. Information on cookies used

Cookies are small strings of text sent to your terminal (usually the browser) by a website you visit. Cookies are then saved on your terminal so that they can be sent back to the same website when you next visit it.

Cookies perform various functions and allow you to browse the Site efficiently, remembering your preferences and improving your browsing experience.

NThey can also help customize advertisements shown while browsing and marketing activities directed to you, ensuring that they are carried out in accordance with your interests and preferences.

While browsing on the Site, you may also receive cookies on your terminal sent by different sites or web servers, where certain elements (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the Site you are visiting, may reside. There may be, then, in that respect:

  •  First Party Cookies, sent directly from the Company to your device.
  • Third Party Cookies originating from a third party.
ÈYou can change your cookie settings at any time. Two categories of cookies are used on the Site: technical cookies and anonymous analytics cookies.


9.2. Technical Cookies

Technical cookies are those used merely to “transmit a communication on an electronic communication network or, to the extent strictly necessary, to the company supplying information services, specifically asked by the contractor or user to supply said service”. Such cookies do not require consent. They are not used for any other purpose and are installed by the Company. The use of such cookies is intended to improve the functionality of the Site. They can be divided into browsing or session cookies, which guarantee normal browsing and use of the website (allowing, for example, a purchase to be made or users to identify themselves in order to access reserved areas); analytics cookies, similar to technical cookies when used directly by the website manager to collect information in aggregated form on the number of users and on how they visit the website; functionality cookies that enable users to browse according to a series of selected criteria (e.g. language, products chosen for purchase) in order to improve the service offered.

The following technical cookies are used:

  • AWSALB: third party technical cookie provided by Amazon Web Services and released by each site's system architecture. Used to distribute traffic on the site to different servers to optimize response times. It lasts for 7 days;
  • cb-enabled: first party cookie that tracks whether or not a user has consented to the use of cookies. It lasts for 1 year;
  •  JSESSIONID: third party session cookies, created by the WebLogic server to maintain the session. It expires at the end of the session;
  • Pbw: third party technical cookie, provided by smartadserver.com, which collects cached data by browser ID, operating system ID and screen size. It lasts for 2 days;
  • Pdomid: third party technical cookie provided by smartadserver.com, used for load balancing. It lasts for 13 months;
  • Sasd: third party technical cookie provided by smartadserver.com, used to determine, via the user’s IP address, which country he/she comes from and allow the website to set the language accordingly. It lasts for 1 day;
  • TestIfCookie: third party cookie, provided by smartadserver.com, used to test if session cookies are accepted. It lasts for 13 months;
  • Trk0: third party tracking cookie provided by smartadserver.com, used to store the publisher page (page ID); it is read by tracking pixels (if any). It lasts for 30 days;
  • Vs: first party technical cookie used to count new visits; it contains a timestamp of the last time the user visited the site; when the user returns, a new visit is counted if this value is older than 30 minutes. It lasts for 30 minutes.

9.3. Cookie analytics

The Company uses analytics cookies to analyze reports on demographic data and user interests. Activation of these functions enables Google Analytics to collect traffic data via Google advertising cookies and anonymous identifiers, in addition to data collected via a standard implementation of Google Analytics. The Site collects and uses data from Google's interest-based advertising or third party audience data (e.g. age, gender, and interests) from Google Analytics and Google Analytics functions implemented on the basis of display advertising (e.g. remarketing, demographic data and interest reports from Google Analytics) only for statistical and audience analysis purposes. Such data are collected and aggregated anonymously using proprietary or third-party software (e.g. Google Analytics).

The following analytics cookies are used:

  • __ga: third party cookie created by Google Analytics; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for two years;
  • __gat: third party cookie created by Google Analytics; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for 10 minutes;
  • _gid: third party cookie created by Google Analytics; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for 24 hours.
  • Sasd2: third party technical cookie provided by smartadserver.com, used to set a date that indicates the visitor's entry into the website and is used for analytical purposes on the website. It lasts for 1 day.

9.4. Accepting and declining cookies

 

With reference to technical and analytics cookies, the installation of such cookies is not subject to your prior consent.

9.5. How can I disable cookies

 

9.5.1. How can I disable third party cookies?

Below are links to web pages with disclosures by the third parties:

SmartAdServer: https://help.smartadserver.com/s/article/Cookiepolicy (versione Inglese).


9.5.2. How can I disable cookies from the major browsers?

Most browsers (Internet Explorer, Firefox, Chrome, etc.) are configured to accept cookies. The cookies saved to the hard disk of your device can in any case be deleted and cookies can also be disabled by following the instructions given by the main browsers; links to the instructions offered by the major browsers are listed below:

Chrome: https://support.google.com/chrome/answer/95647?hl=it
Firefox: https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/deletemanage-cookies#ie=ie-10
Opera: http://help.opera.com/Windows/10.00/it/cookies.html
Safari: https://www.apple.com/legal/privacy/it/cookies/

If you are using a mobile device, please refer to its instruction manual to find out how to manage cookies.

For more information about cookies, including how to view cookies that have been set on your device, how to manage and delete them, please visit https://www.allaboutcookies.org/

Google Analytics cookies can be rejected according to the procedure indicated by Google (see https://tools.google.com/dlpage/gaoptout?hl=it). Therefore, by using this website without rejecting Google's cookies, you consent to the processing of data about you by Google in the manner and for the purposes set out above. To view Google's privacy policy for the Google Analytics service, please visit http://www.google.com/analytics/learn/privacy.html. To find out about Google's privacy policy, please visit http://www.google.com/intl/it/privacy/privacy-policy.html