EU Regulation 2016/679 (General Regulations on Data Protection, "Regulation") and the Italian legislation in force, including Legislative Decree no. 196 of 30 June 2003 as amended (Personal Data Protection Code), (together "Applicable Regulations") establish the right of anyone to the protection of personal data concerning him/her. The applicable regulations, therefore, require that personal data is processed in compliance with fundamental rights and freedoms and the dignity of the user, with specific reference to the right to the confidentiality and protection of personal data.
Pursuant to the provision of the Supervisory Authority for the protection of personal data, "Identification of simplified methods for the privacy policy and acquisition of consent for the use of cookies", dated 8th May 2014 and published in the Official Gazette on 3rd June 2014, Società per azioni Esercizi Aeroportuali S.E.A. (“Company”), as data controller, provides the following information relating to cookies installed on the websites www.milanolinate-airport.com, www.milanomalpensa-airport.com, wifi.seamilano.eu (together defined “Site”).
The provision of such personal data for these purposes is mandatory and a refusal to provide the data may make it impossible for the Company to carry out the purpose for which the personal data is collected.
1. Information on cookies used
Cookies are small strings of text sent to your terminal (usually the browser) by a website you visit. Cookies are then saved on your terminal so that they can be sent back to the same website when you next visit it.
Cookies perform various functions and allow you to browse the Site efficiently, remembering your preferences and improving your browsing experience.
They can also help customize advertisements shown while browsing and marketing activities directed to you, ensuring that they are carried out in accordance with your interests and preferences.
While browsing on the Site, you may also receive cookies on your terminal sent by different sites or web servers, where certain elements (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the Site you are visiting, may reside. There may be, then, in that respect:
First Party Cookies, sent directly from the Company to your device.
Third Party Cookies originating from a third party.
You can change your cookie settings at any time.
Two categories of cookies are used on the Site: technical cookies and anonymous analytics cookies.
2. Technical and Analytical Cookies that do not require consent
Technical cookies are those used merely to “transmit a communication on an electronic communication network or, to the extent strictly necessary, to the company supplying information services, specifically asked by the contractor or user to supply said service”. Such cookies do not require consent. They are not used for any other purpose and are installed by the Company. The use of such cookies is intended to improve the functionality of the Site. They can be divided into browsing or session cookies, which guarantee normal browsing and use of the website (allowing, for example, a purchase to be made or users to identify themselves in order to access reserved areas); analytics cookies, similar to technical cookies when used directly by the website manager to collect information in aggregated form on the number of users and on how they visit the website; functionality cookies that enable users to browse according to a series of selected criteria (e.g. language, products chosen for purchase) in order to improve the service offered.
For the installation of technical cookies - and those similar to these as described above - prior consent of users is not required. On the other hand, remains unaffected the obligation to provide the Cookie Policy pursuant to the Privacy Policy and that the Company, if it uses only such devices, may provide in the manner it deems most appropriate.
The following technical cookies are used:
JSESSIONID: third party session cookies, created by the server to maintain the session. It expires at the end of the session;
_GRECAPTCHA: cookie set by Google reCAPTCHA; it lasts 6 months;
_ga: third party cookie created by Google Analytics; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for two years;
_ga_[*] - Cookie whose function is to store and count page views. It has a validity period of 1 year;
_gat: third party cookie created by Google Analytics; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for 10 minutes;
_gid: third party cookie created by Google Analytics; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for 24 hours;
OTZ - Cookie that is used by Google Analytics to track information on website traffic. It has a validity period of 1 month;
_utma: third party cookie created by Google Analytics; used to collect information and to generate statistics about unique visitors accessing the website. It lasts for two years;
utmb and _utmc: These are the two cookies that identify the session (visit). Google Analytics uses them to calculate the metrics based on time and duration of visit, or time spent on the page. They expire when the browser is closed or the website exited
_utmt: tracking cookie, created by Google Analytics. It lasts for 10 minutes
_utmz - Cookie created by Google Analytics to identify the Traffic Source. It gathers information about the origin of the visit (organic search, link on another site, online campaign, etc.). It lasts for six months
DV: a cookie set by Google. It is used to identify unique users by assigning a randomly generated number as a client identifier
1P_JAR: cookie created by Google (gstatic) to collect anonymous statistical data. It has a duration of 1 month;
_gat_UA-23035441-26: third party cookie created by Google Analytics on milanomalpensa-airport.com; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for 10 minutes;
_gat_UA-23035441-27: third party cookie created by Google Analytics on milanolinate-airport.com; used to collect information and to generate statistics about website use without providing personal information about individual visitors to Google. It lasts for 10 minutes.
MAPP cookies (more information can be found at the following link: https://documentation.mapp.com/1.0/en/which-cookies-are-set-by-mapp-intelligence-7211196.html):
wtstp_eid: lasts for six months. Alphanumeric cookie used to identify the user’s unique browser.
wtstp_sid: lasts for the current session. Cookie used for tracking visit metrics.
wt_mcp_sid: lasts for 30 minutes. Cookie used for tracking visit metrics.
wtstp_geid: provides information on the user’s device. Lasts for the current session.
wtstp_nv: provides information on new or returning visitors. It lasts for a maximum of six months.
wtstp_nv_s: provides information on new or returning visitors. It lasts until the user closes the browser.
wtstp_rla: cookie used to detect the workload. It keeps track of the number of requests that can be sent to the analysis tool. It lasts until the user closes the browser.
wt_nbg_Q3: cookie set by the Load Balancer to send all requests from a user to the same server. Lasts for the current session.
wtstp_ref: cookie used to determine the referrer source of the traffic. It is deleted as soon as it is used.
Cookies by Equativ:
Pid: third-party cookie, provided by equativ.com, intended to enable the display of advertisements on a specific browser and domain. It remains active for 13 months;
Pbw: third-party technical cookie, provided by equativ.com, which collects cached data by browser ID, operating system ID and screen size. It remains active for 2 days;
TestIfCookie: third-party cookie, provided by equativ.com, used to remember user preference regarding acceptance of session cookies. Only active during the site session;
TestIfCookieP: stores the user’s preference regarding the acceptance of persistent cookies, which remain on the device after the session. It remains active for 13 months;
Sasd: used to determine which country the user is from, allowing the site to display content in the correct language. Remains active for 1 day;
Vs: technical cookie used to count new visits; it contains a timestamp of the last time the user visited the site; when the user returns, a new visit is counted if this value is older than 30 minutes. It remains active for 30 minutes;
dyncdn: this technical cookie is used to enable a performance monitoring pixel of the referring web portal for a specific endpoint and its traffic. It is necessary for Equativ to balance traffic loads in case of large traffic volumes. It remains active for 1 day;
x-smrt-d: technical cookie used for debugging purposes by the Equativ service; only active during your session on the website.
Sasd2: third-party technical cookie provided by equativ.com, used to set a date that indicates the visitor’s entry into the website and is used for analytical purposes on the website. It lasts for 1 day.
Other Cookies
_iub_cs-34040271: This cookie enables the saving of cookie consents (issued by Iubenda Cookie Solutions). It lasts or one year
usprivacy: This cookie is used by the IAB CCPA Compliance Framework to store the user’s decision to give up the collection of their data. It is valid for 1 year
3. COOKIES FOR WHICH CONSENT IS REQUIRED
3.1 Third-party cookies (experience enhancement)
The company uses interconnection tools with external sites and functionalities to provide a better user experience (e.g. Facebook Login and Google Maps). Often associated with a graphic element of the site such as an action button or a specific logo (e.g. the Facebook button or Google), these cookies are used to integrate the functionality of other sites into the one you are browsing. The respective operators are responsible for these cookies and you can object to their use directly on the information pages of the respective operator.
Other cookies of experience enhancement
NID: This cookie is used to store your preferences and other information (such as your preferred language, the number of results you prefer displayed on a search results page, and your preference for enabling Google’s SafeSearch filter). It has a validity period of 6 month
UULE - Customization cookies, send precise location information from your browser to Google servers so that Google can show you results relevant to your location. The use of this cookie depends on your browser settings and whether you have chosen to activate the location for your browser. It has a validity period of 6 hours.
CONSENT - Google uses the "CONSENT" cookie to store your cookie choices. It has a validity period of 2 years.
SOCS - Google uses the "SOCS" cookie to store your cookie choices. It is valid for 13 months.
AEC - cookie that ensures that requests within a browsing session are made by the user and not by other sites. These cookies prevent malicious sites from acting on a user’s behalf without their knowledge. It has a validity period of 6 months.
3.2 Third-party cookies (analysis and adevertising purposes)
Third-party profiling cookies are provided by third-party companies and one example of their use is to allow users to view advertising banners with the latest products displayed on the e-commerce platform. These cookies allow for the creation, distribution and monitoring of digital marketing campaigns and show users products that could be of interest to them. Profiling cookies are processed using automated systems suitable for storing and managing Personal Data in accordance with the purposes described and in such a way as to ensure the security and confidentiality of such data.
The following third-party cookies are used:
a) The company uses analytics cookies, other than those described in the previous paragraph 2 of this Notice, to analyse reports on demographic data and user interests. Activation of these functions enables Google Analytics to collect traffic data via Google advertising cookies and anonymous identifiers, in addition to data collected via a standard implementation of Google Analytics. The site collects and uses data from Google’s interest-based advertising or third-party audience data (e.g. age, sex and interests) from Google Analytics and Google Analytics functions implemented on the basis of display advertising (e.g. remarketing, demographic data and interest reports from Google Analytics) only for statistical and audience analysis purposes. Such data are collected and aggregated anonymously using proprietary or third-party software (e.g. Google Analytics). More information on the cookies listed above can be found at the following link: https://business.safety.google/adscookies/
b) Mapp cookies (more information listed above can be found at the following link: https://mapp-wiki.atlassian.net/wiki/spaces/DMPCustomers/pages/426132/Privacy+Compliance#Privacy&Compliance-CookiesandDomains)
id - This cookie represents the cookie ID set and used by the data management platform (DMP) for user recognition and synchronisation with partner systems. Synchronising the user ID allows the DMP to use the data outside the platform. It lasts for two years.
ans3, dbm1, check, r - This cookie is used by the DMP. It contains data indicating whether a cookie ID is synchronised with the DMP. Synchronising the user ID allows the DMP to use the data outside the platform. It lasts for two days.
flx1_pages_viewed_within_visit - This cookie collects the pages viewed during a user’s visit. Only put in place when custom events are configured within the DMP. It lasts for one session.
flx1_time_on_site - This cookie collects the time the user has been on the site. Only put in place when custom events are configured within the DMP. It lasts for one session.
flx1_conversion_count_{ID} - This cookie keeps track of the number of custom events per user. It is only put in place when custom events are configured within the DMP and a value is set for ‘deduplication’. Its duration is customised to the user.
flx1_conversion_count_{ID}_expires - This cookie keeps track of when the cookie expires. It is only put in place when custom events are configured within the DMP and a value is set for ‘expiry’. Its duration is customised to the user.
flx1_session_id_{ID} - This cookie stores a unique value that can be used to identify multiple DMP events for a single session. It lasts for the session (15 minutes).
Accepting and declining cookies
By clicking on the "I accept" button, the User consents to the installation on their device of cookies for the Site on which they are browsing.
In case of non-acceptance of cookies by abandoning navigation, there is not a "I do not accept" button, but the cookies on the Site will not be installed on the device. Any cookies already recorded locally in the browser will remain recorded but will no longer be read or used by the Company until a later and possible acceptance of the use of cookies.
We will always be able to remove these cookies at any time through the methods described in the following paragraphs
1. Purposes of Personal Data processing
We use cookies on our above websites for the following purposes:
a) Execution of IT authentication
b) Session monitoring
c) Definition of user profile according to preferences expressed during browsing.
2. Nature of Personal Data conferral and consequences of a potential refusal to respond
With reference to points a) and b) pursuant to paragraph 1 above, the installation of these cookies is not subject to prior user consent, as they are strictly necessary to transmit the communication on an electronic communication network. Without these cookies, some areas of the Websites may not be accessible or may not function properly. With reference to point c) pursuant to paragraph 1. above, user consent is necessary in connection with the installation of these cookies and a potential refusal does not in any way preclude website browsing.
3. Scope of disclosure and dissemination of Personal Data
For the above purposes, Personal Data may be communicated by the Company:
- to all parties whose right of access to such Personal Data is recognized by virtue of regulatory provisions and/or Authorities;
- to our collaborators, employees, consultants and suppliers, within the scope of their respective duties.
The updated list of third party companies, appointed as external data processors pursuant to article 28 of the Regulations, is available at the Company's registered office.
In any case, except as provided for above, Personal Data will not be disclosed, specifically they will not be disclosed to the public or, in any case, to an indeterminate number of parties.
Personal Data collected by SEA is not processed outside the European Economic Area.
4. Identification details of the Data Controller and Data Protection Officer
The Data Controller in accordance with the Code is Società per Azioni Esercizi Aeroportuali S.E.A., with registered office in Segrate (Milan) at Milan Linate Airport.
It is possible to contact the Data Protection Officer, also for the exercise of the rights of data subjects pursuant to articles 15-22 of the Regulation, by sending an email to: privacy@seamilano.eu.
5. Rights pursuant to Arts. 15-22 of the Regulation
With regard to the processing of the Personal Data collected, you are entitled, pursuant to Articles 15 to 22 of the Regulation and where applicable, to obtain from the Company the rectification, integration or erasure (the "right to be forgotten") of your Personal Data; the right to obtain the limitation of the processing and the right to the portability of your Personal Data; the right to object to the processing of your Personal Data, including profiling; and finally, the right to lodge a complaint with the Guarantor Authority. You may exercise these rights by sending your request to the Data Protection Officer at the following address privacy@seamilano.eu or by ordinary mail addressed to the Data Protection Officer - 20054 Segrate (Milan), at Milan Linate Airport. For a more extensive and complete version of the disclosure, you can refer to the website's Privacy Notice.
How can I disable cookies
When a user accesses any of the pages of the Sites, there is a banner that contains a short information. By clicking on "I accept", you consent to the use of cookies. Any refusal to use profiling cookies does not in any way preclude navigation on the Sites; below are the ways on how to disable cookies
1. Third party cookies
Advertising companies allow you to opt out of receiving targeted ads, if desired. This does not prevent the setting of cookies but stops the use and collection of certain Personal Data by such companies.
For more information about the cookies installed on your browser (including the ability to access the information of the Third Parties related to cookies installed by these through the Sites) and opt out, please visit www.youronlinechoices.eu/it/
2. Equativ:
For more information https://equativ.com/cookie-policy/
3. Major browsers
Most browsers (Internet Explorer, Firefox, Chrome, etc.) are configured to accept cookies. The cookies saved to the hard disk of your device can in any case be deleted and cookies can also be disabled by following the instructions given by the main browsers; links to the instructions offered by the major browsers are listed below:
If you are using a mobile device, please refer to its instruction manual to find out how to manage cookies.
For more information about cookies, including how to view cookies that have been set on your device, how to manage and delete them, please visit https://www.allaboutcookies.org/.
Google Analytics cookies can be rejected according to the procedure indicated by Google (see https://tools.google.com/dlpage/gaoptout?hl=en). Therefore, by using this website without rejecting Google's cookies, you consent to the processing of data about you by Google in the manner and for the purposes set out above. To view Google's privacy policy for the Google Analytics service, please visit http://www.google.com/analytics/learn/privacy.html. To find out about Google's privacy policy, please visit http://www.google.com/intl/en/privacy/privacy-policy.html.
For further information on the processing of the user's personal data, consult the Privacy Policy