THE REASON FOR THIS NOTICE
The following is a description of how the website is managed with regard to the processing of the personal data of website users. This information notice is provided to anyone interacting with the web services of the Data Controller, accessible online starting from the address:
THE DATA CONTROLLER AND THE DATA PROTECTION OFFICER (DPO)
As a result of navigating this website, data relating to identified or identifiable persons may be processed.
The “Data Controller” is Aeroporto Valerio Catullo di Verona Villafranca S.p.A., with registered office at Aeroporto Civile di Verona Villafranca, 37066 Caselle di Sommacampagna (Verona), VAT number 00841510233. The company has nominated a DPO who can be reached at the following e-mail address: firstname.lastname@example.org .
TYPES OF DATA PROCESSED, PURPOSES AND LEGAL BASIS FOR PROCESSING
The digital systems and software procedures that run this website, during the course of their normal operation, acquire personal data the transmission of which is implicit in the use of Internet communication protocols.
This information is not collected to be associated to identified data subjects, but by their very nature may – via processing and association with data held by third parties – allow the identification of users.
In this data category fall the IP addresses or the domain names of the computers used by the users accessing the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the answer given by the server (success, error, etc.) and other parameters relating to the user’s operating system and digital environment.
These data are used only to extract anonymous statistical information on the use of the website and to check its correct functioning. They are deleted immediately after processing. The data may be used for assessing responsibility in the event of suspected cybercrime against the website. Otherwise, to date the data regarding web contacts are not kept for more than one month.
The legal basis for processing therefore consists in the legitimate interests of the Data Controller in performing and improving the website services provided.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated in this website or the compilation of specific data entry forms in order to receive services/information or the sending of requests implies the resulting acquisition of the sender’s address, necessary for answering the queries, as well as of any other personal data entered.
The personal data provided by the users sending in applications (for information, for subscribing to a newsletter, for requesting contact, etc.) are processed solely for executing the service or performance requested, unless otherwise indicated in any other information notices regarding the processing of data present in the specific login or subscription pages.
Specific summary notices and any requests for consent, where necessary, shall be progressively reported or displayed in the website’s pages set up for special services on request.
The legal basis for data processing therefore is the fulfilment of contract obligations (requests) of the requesting user.
The website uses technical cookies / third party cookies. No personal data of the users is purposefully acquired by the website.
TRANSFER OF DATA TO THIRD PARTIIES AND TO THIRD COUNTRIES
No data deriving from the web service is released. The personal data conferred by the user (e.g.: first name, last name, e-mail address, phone number, information contained in the complaints) may be communicated, for the performance of the purposes indicated above, to third parties such as:
• subsidiaries or associates belonging to our Group;
• public or private bodies, Law Enforcement bodies for fulfilling legal obligations;
• any external subjects nominated Data Processors for the management and maintenance of the website;
• external consultants, insurance companies and other institutions, airlines and third party airport operators acting as autonomous Data Controllers.
Without prejudice to the foregoing or to whether it is otherwise envisaged in the individual notice regarding the service requested, the data are transferred to third parties only when this is necessary for executing the performance or the service requested (e.g.: lodging a complaint).
PROCESSING METHODS, DATA STORAGE PERIOD AND AUTOMATED PROCESSES
Personal data are processed using electronic means for the period necessary for executing the purposes(s) indicated and, once the latter are completed, stored for the period of time prescribed by law relating to the storage of contracts and administration data and/or for legal defence (10 years from the last use and/or prescriptive event) and/or for the period of time set forth by law. No decision-making process, including profiling, is performed through the website.
Specific safeguards have been put in place to prevent the loss of data, the illegal or incorrect use of data or the unauthorized access to data.
CONFERMENT OF DATA
Apart from the data required for navigation, the user is under no obligation to confer the personal data requested in the forms or anyhow indicated in contacts with the Data Controller. Their non-conferment, however, may result in the impossibility of obtaining what has been requested. The undersigned company, in its capacity as owner of the website and as Data Controller, reserves the right to cancel the subscription and to stop supplying the services should the data conferred to access specific services prove to be untruthful.
RIGHTS OF THE DATA SUBJECT, RIGHT TO LODGE A COMPLAINT AND TO WITHDRAW CONSENT
The subjects to which the personal data refer (data subjects) have the right at any time to request access to their personal data and to have them rectified or erased; to request restriction of processing; to object to processing; to request data portability.
In any case, the data subject has the right at any time to withdraw the consent given for data processing, if any, without affecting the lawfulness of the processing based on consent before its withdrawal.
To exercise the rights envisaged by the regulations in force regarding the protection of personal data and to acquire the complete list of the people in charge of personal data processing nominated for each area and activity, or to obtain information regarding the transfer of data to third countries and related guarantees, the data subject may write to email@example.com
The data subject also has the right to lodge complaints with a Supervisory Authority regarding the processing of data occurring especially in the EU member-State in which he/she normally resides or in the EU member-State in which he/she works or where the alleged violation occurred.