Società per azioni Esercizi Aeroportuali S.E.A., having its registered office in Segrate (Milan) - 20054 - at the Milan-Linate Airport ("SEA"), as the data controller processes the personal data you provide in order to use the facial recognition service through the detection of your biometric data ("FaceBoarding" or "Service") launched by SEA and to carry out, through facial recognition technology, the transit through the pre-security gates and, where provided by your airline, the boarding on the aircraft ("Program").
1. Categories of data processed
FaceBoarding shall be used only by individuals who are 18 years of age or older and have an electronic ID card issued after January 2016 or passport (ICAO 9303 standard documents). In this regard, it should be noted that there may be possible limitations to the use of FaceBoarding related to the issuing country and/or the date of issuance of the ID card.
SEA will process the personal data you have disclosed as part of the performance of security access and boarding operations using facial recognition technology ("Personal Data"). In particular, the following Personal Data are processed:
-
passport and/or electronic identity card and the data in them, such as, for example: first name, last name, MRZ code, date of issuance and expiration date, photograph;
-
Biometric data related to the characteristics of your face (images of your face will not be stored in the airport systems, but used to create a biometric template); and
-
boarding pass and the data in it, such as, for example: date and number of the flight you booked, airline, first and last name.
2. Purposes and legal basis of processing
Personal Data is acquired and processed for the purpose of carrying out identification operations, required by applicable regulations, when performing routine security checks and boarding a flight by using facial recognition technology. The legal basis for the processing is your explicit consent.
3. Whether the provision of Personal Data for the pursuit of the purposes is mandatory or optional
The provision of Personal Data is necessary to carry out registration and identification operations using biometrics (facial recognition technology).
Therefore, if you decide to deny your consent to the processing of your Personal Data and not to provide it, you will not be able to use the Service, but you will still be able to access the security checkpoints and carry out boarding operations, in the traditional manner.
4. Automated decision-making process, rationale, and effects
Your choice to perform the identification operations through biometrics implies that the verification of your identity will take place in a fully automated manner. This requires your prior registration with the Program at the kiosks located at the airport or via your smartphone by downloading the relevant Mobile Application ("App"). The fully automated verification of your identity and that you are the legitimate holder of the boarding pass, for the purpose of registration, is based on (a) matching the biometric templates of the facial image stored in your ID with that of the image captured via the kiosks at the airport or via "selfie" in the case of registration via the App; (b) correlating the details of your ID with the relevant information in the boarding pass; and (c) verifying the validity of the details of the boarding pass and your ID.
If registration is unsuccessful, the Personal Data provided during the registration process will be immediately deleted upon unsuccessful outcome of the registration and SEA may delay or deny your passage to the security turnstiles and/or boarding on the flight you have booked. In any case, you will have the opportunity to contest the decision made, request the intervention of a SEA operator and access security and boarding by following traditional manual procedures.
Even if, whenever you go to the airport for a flight after joining the Program, the identification is unsuccessful, you will be able to access security and boarding by following traditional manual procedures.
5. Recipients of Personal Data
Subject to compliance with the principle of minimization and proportionality, Personal Data may be made accessible to the following parties for the purposes listed above:
a) to employees and contractors of SEA, based on instructions received from SEA and under its authority;
b) to companies, consultants and/or professionals that SEA relies on in the provision of its services including, in particular, the supplier in charge of the development and technical management of the facial recognition identification system – who, where applicable, are duly appointed as data processors or subjects authorized to the processing, as appropriate;
c) to entities (including public authorities) that have access to Personal Data by virtue of law, regulations, or administrative measures; for Personal Data related to boarding passes, this may only occur within 24 hours after the flight takes off (thereafter such Personal Data are deleted); and
d) within 24 hours of the flight's takeoff and limited to the Personal Data related to the boarding pass, to the airlines involved, based on their legitimate interest in performing the relevant verifications through such technological modalities to ascertain the validity of the boarding pass and allow you to access the aircraft (such verifications are required by the National Security Plan prepared by ENAC).
Personal Data will be subject to the highest security standards and will be stored exclusively in encrypted form. Under no circumstances will Personal Data be disseminated or, in any case, disclosed to an indeterminate number of individuals.
6. Transfer of Personal Data
Personal Data will be processed within the European Union.
7. Retention Period of Personal Data and types of registration to the Program
You may elect to use the Service by registering for the Program for a single flight only or for the Long-Term Program. The Long-Term Program will last (a) until December 31, 2025, if you join the same before that date; or (b) until December 31 of the year in which you join such Program, if you join the same after December 31, 2025.
In any case, your face images will be used exclusively to create the biometric template, therefore, they will be deleted immediately from the airport systems after the biometric template is created.
A. Single flight registration
Via kiosk
Should you choose this option:
-
for each subsequent flight for which you intend to use FaceBoarding again, you will have to repeat the entire registration process, thus making a new one via airport kiosk or App; and
-
all of Your Personal Data will be automatically deleted from airport systems 24 hours after the departure of the flight. During the period between registration and deletion of your Personal Data, you will not be allowed to change your registered boarding pass or make new registrations for other flights.
Via App
Should you choose this option, the data related to your ID and the biometric template data (so-called Digital Travel Credentials) will not be automatically transferred to airport systems.
Whenever you associate a boarding pass via the App, your Personal Data will be transferred to airport systems and stored as described below. For this purpose, you will be asked for specific confirmation via the App. During the period between registration and deletion of your Personal Data, you will not be allowed to change your registered boarding pass or make new registrations for other flights.
If you register via the App for a single flight, all of your Personal Data will be automatically deleted from the airport systems 24 hours after the departure of the flight, while the biometric template and data related to your ID (so-called Digital Travel Credentials) will remain stored exclusively on your smartphone, through the dedicated App, in encrypted and PIN-protected mode, allowing you to associate additional boarding passes without having to register again.
The biometric template and the data related to your ID (the so-called Digital Travel Credentials) will be deleted from the App in the following cases: where (i) you decide to delete the App; (ii) SEA decides to deactivate the App; or (iii) your ID is no longer valid (for instance, due to expiration of the validity time limit). Therefore, in such cases you will have to go through the entire registration process again should you wish to use the Service.
B. Registration for the Long-Term Program
Personal Data related to your boarding pass will be deleted 24 hours after your flight departure. Personal Data related to your ID and biometric template will be stored - in encrypted form - until December 31, 2025, if you join the Program before that date or, if you join the Program after December 31, 2025, this data will be stored until December 31 of the year in which you join the Program. After that period, all Personal Data will be irreversibly deleted from the airport's systems.
In addition, if your ID expires during the Program, all your Personal Data will be deleted from the airport's systems, so you will have to register again.
If you register via the App and join the Long-Term Program, your Personal Data is transferred to the airport's systems. The biometric template and the data related to your ID (so-called Digital Travel Credentials) will be stored also on your smartphone, through the dedicated App, in encrypted and PIN-protected mode, allowing you to associate additional boarding passes without having to register again. Such Digital Travel Credentials will be deleted from the App in the following cases: where (i) you decide to delete the App; (ii) SEA decides to deactivate the App; or (iii) your ID is no longer valid (for instance, due to expiration of validity time limits). Therefore, in such cases you will have to go through the entire registration process again should you wish to use the Service.
This registration option can be done either on dedicated kiosk at the airport or App and allows the following additional features compared to registration for an individual flight:
-
possibility of using the pre-registration service and the hybrid process, as described below;
-
possibility of associating multiple boarding passes, as long as they do not relate to the same day of departure, during the all duration of the Program without having to repeat the entire registration process;
-
possibility of updating a boarding pass already registered with a new one related to the same flight.
C. Pre-registration and hybrid process
In the event that you have joined the Long-Term Program via App or kiosk, the Service allows you to pre-register for the Program by providing your ID and facial image data for the creation of the biometric template, so that the System will match them. Instead, you may later provide your boarding pass data by postponing the time of its association with the Personal Data you have already provided.
You can also do the above pre-registration via App and scan via kiosk at the airport your boarding pass to associate it with the Personal Data previously provided via App. This hybrid process can only be used in case you joined the Long-Term Program (in this case, in fact, your Personal Data provided at the time of registration via App is transferred to the airport's systems). In case of use of the hybrid process, the retention times set out in point B above for the Long-Term Program apply.
8. Rights of the data subject
In relation to the processing of your Personal Data, you can exercise the rights set forth in Articles 15 to 22 of the General Data Protection Regulation 2016/679. In particular, you have the right to obtain from SEA the rectification, integration or deletion (so-called right to be forgotten) of your Personal Data; the right to obtain the restriction on processing and the right to the portability of your Personal Data; and the right to lodge a complaint with the Data Protection Authority. You also have the right to withdraw your consent to the processing (without such withdrawal affecting the lawfulness of the processing carried out prior to the same) and to contest the automated decision made by SEA by requesting human intervention by the SEA’s staff in charge.
Notwithstanding the above, you may exercise these rights, including the withdrawal of your consent, at any time, by sending your request to the Data Protection Officer at
privacy@seamilano.eu or by regular mail addressed to the Data Protection Officer- 20054 Segrate (Milan), at Milan Linate Airport.
The exercise of rights is not subject to any form constraint and is free of charge.
9. Data Protection Officer (DPO)
You can contact the Data Protection Officer, including for the purpose of exercising the data subjects' rights mentioned above, by sending an e-mail to
privacy@seamilano.eu.