Privacy Policy
AEROITALIA S.r.l. - Privacy Policy pursuant to EU Regulation 679/2016 and Legislative Decree No. 196 of 30.06.2003 for the processing of data of the website users.
Aeroitalia S.r.l, as Data Controller ("Aeroitalia" or "Data Controller") pursuant to EU Regulation 2016/679 ("GDPR" or "Regulation") and Legislative Decree No. 196/2003 ("Privacy Code") – is committed to protecting the confidentiality of the personal data of the users of its website. This Privacy Policy aims to inform, pursuant to Articles 13 and 14 of the GDPR, those who interact with the website www.aeroitalia.com ("Website"), whether through simple consultation or by using specific services provided via the Website, regarding how the personal data will be processed during its use.
This notice, while not referring to other websites that may be consulted via links contained in this Website, is also provided, pursuant to Article 14 of the GDPR, for the processing of personal data of additional passengers of the flight(s) provided by the user as part of booking the flight(s) through the Website as well as in the use of specific services provided on this Website, including any minor or incapacitated subjects for whom you exercise parental responsibility/legal representation.
The processing of personal data will be based on the principles of fairness, lawfulness, transparency, purpose limitation and storage limitation, data minimization and accuracy, integrity and confidentiality, as well as the accountability principle referred to in Article 5 of the GDPR.
“Processing of personal data” means any operation or set of operations performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure or destruction.
1. DATA CONTROLLER AND DATA PROTECTION OFFICER
The Data Controller is Aeroitalia S.r.l, represented by its acting legal representative, headquartered at via Andrea Mantegna, 8 – 00054 Fiumicino (RM) VAT 16340701008, also contactable at the certified email address: aeroitalia@pec.it.
The Data Protection Officer of Aeroitalia can be contacted at the Data Controller’s headquarters at the above address as well as via email at: privacy@aeroitalia.com.
2. PERSONAL DATA SUBJECT TO PROCESSING
Please note that the personal data subject to processing may include an identifier such as the name, an identification number, data relating to location, an online identifier or one or more characteristic elements of your physical, physiological, mental, economic, cultural or social identity that can render the data subject identifiable, depending on the type of services requested.
The personal data processed through the Website are as follows:
-
a) Browsing data
The IT systems and software procedures provided for the operation of the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These are pieces of information that are not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow the identification of users. This category of data includes IP addresses or domain names of computers used by users who connect to the Website, URIs (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computing environment. These data are used solely to derive anonymous statistical information on the use of the Website to monitor its proper functioning, to identify anomalies and/or abuses; data are usually deleted after processing, unless it becomes necessary to identify those responsible in case of alleged computer crimes against Aeroitalia or third parties. -
b) Data voluntarily provided by the user
Except as referred to in specific vertical notices that may be available in different sections of the Website, this Privacy Policy also applies to the processing of personal data concerning you and voluntarily provided by you when submitting specific requests for assistance and/or information to the Aeroitalia support team via email addresses and/or call center channels of the Data Controller available on the Website (such as, for example, email address, personal data, identifying data, information relating to the booked flight). Regarding these types of data, we invite you to share only the personal data strictly necessary for managing your request, thus excluding information that is not relevant and/or that may fall within the special categories of personal data referred to in Article 9 of the GDPR ([…] personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data intended to uniquely identify a natural person, data concerning health or data concerning a person's sex life or sexual orientation), unless the provision of special data is necessary for managing the assistance request (e.g., in the case of requests for support and assistance in managing special flight needs related, for example, to reduced mobility and/or disability; for special meal requests for medical or religious reasons, etc.). In the event that non-relevant or not strictly necessary personal data are provided for managing your request, the Data Controller will refrain from processing such data and will proceed to delete them immediately.
Pursuant to Article 14 of the GDPR, the Data Controller informs you that the above-mentioned personal data may also relate to additional passengers of the flight, including any minor passengers or incapacitated persons, provided as part of the booking of the flight(s) through the Website or in the use of specific services provided on this Website. -
c) Data processed in connection with online services
Except as referred to in specific notices that may be available in different sections of the Website, this Privacy Policy also applies to the processing of data you provide for the execution of services provided through the Website, with particular reference to the following services:- Online purchase service for airline tickets, including the execution of related administrative activities, such as sending service communications containing the details and updates on the purchased flights to the email address provided by you, in which personal data (name, surname, place and date of birth, tax code, nationality, passport details, and residence), contact data (email and mobile phone number), information relating to the purchased flight (such as departure and destination, departure/arrival date and time, number of seats, number of bags, identifying codes, information on any discount schemes and/or agreements, payment data (e.g., credit/debit card details; voucher payment; bank account details in the case of bank transfer payment, etc.), including information regarding the completed transaction through the payment method selected by you among credit/debit card, bank transfer, and/or PayPal, will be processed. Please note that pursuant to Article 14 of the GDPR, following your choice of using these payment methods, the bank or PayPal, as independent data controllers, will communicate to Aeroitalia the information relating to the occurrence of the payment. With the prior consent of the data subject pursuant to Article 9.2.a) of the GDPR, data belonging to the “special categories” under Article 9 of the GDPR, specifically information relating to health status connected to special needs for you and/or other passengers (such as, for example, conditions of reduced mobility and/or disability, food allergies/intolerances, other health-related information including life-saving medications and electronic medical devices), may also be processed, if necessary, for the booking and/or management of the purchased flight. Pursuant to Article 14 of the GDPR, the Data Controller informs you that the above-mentioned personal data may also relate to additional passengers of the flight, including any minor or incapacitated passengers, or third parties, such as credit card holders used for the purchase, provided as part of the booking and purchase of airline tickets. In this regard, please ensure that such subjects have taken note of this notice and understand the methods by which Aeroitalia processes their personal data.
- Online check-in, change and refund, and upgrade services, including the related administrative activities, such as sending the respective service emails (e.g., containing boarding passes, information on changes and refunds requested, and requested upgrades) to the email address provided by you, in which information relating to the purchased flight (e.g., booking code; airline ticket number; etc.), personal data of the passengers, and contact data, will be processed;
- Reporting and complaints service, in which you may provide personal data, contact details, and information relating to the performed flight (e.g., booking code, flight number, carrier number, date and time, departure and destination), information about lost baggage, including identifying codes associated with the loss of baggage (P.I.R. code), irregularities and/or service failures reported, and any supporting documentation. When uploading any documentation in support of the report and/or complaint, please refrain from providing information relating to third parties and/or information that is not relevant or strictly necessary for managing your request. Otherwise, the Data Controller will refrain from processing such documentation and will immediately delete it.
-
d) Personal data of third parties
When using the services provided on the Website, please refrain from providing information on third parties that is not necessary to communicate to Aeroitalia in connection with the requested services.
In such cases, if provided, you will act as an independent Data Controller, assuming all legal obligations and responsibilities. In this regard, you release Aeroitalia from any claims, demands, or damages arising from processing by Aeroitalia of personal data of third parties provided through your use of the Website functions in violation of applicable data protection regulations. -
e) Cookies and other tracking technologies
Information on the cookies served by the Website is available in the related Cookie Policy available here, which also contains information for managing your preferences.
The personal data mentioned above will hereinafter be referred to as “Personal Data.”
3. PURPOSE, LEGAL BASIS OF PROCESSING, AND NATURE OF DATA PROVISION
The Personal Data will be processed, with the explicit consent of the data subject where necessary, for the following purposes:
- a) to allow navigation and the proper use of the Website, including its security management (“Website Navigation Purpose”);
- b) to allow access to all services provided on the Website by the Data Controller, such as the online booking and purchase service for airline tickets, and the use of all related services, including online check-in, change and refund, and upgrade services, including the execution of all related contractual, administrative, and accounting activities, such as invoicing, payment management and/or complaints, as well as handling and responding to specific requests for information and assistance, both before and after the sale, addressed to the Data Controller via the email addresses and/or telephone numbers provided on the Website, in order to provide the requested support through Aeroitalia’s dedicated team, for example, in managing your bookings, the purchase and sending of travel documents for the requested air transport, making modifications or replacements to already issued tickets, refunds, post-sale assistance, special assistance, and the purchase of additional services for the flight (“Service Provision Purpose”);
- c) to ensure the proper use of the air transport service, including the management of all travel-related needs and assistance services, in fulfillment of the pre-contractual and contractual obligations for sales and assistance, including the execution of “re-protection” and “code sharing” services, in the event that Aeroitalia communicates Personal Data to, or receives them from, another carrier, including the sending of service communications containing details and updates on the purchased flights and/or information deemed necessary to manage aspects related to ongoing health emergencies and/or to facilitate the boarding process of passengers, to the email address provided by you (“Air Transport Service Provision Purpose”);
- d) to manage and respond to reports and complaints submitted to the Data Controller via dedicated forms available on the Website (“Purpose of Managing Reports and Complaints”);
- e) to send, via email, a post-flight questionnaire aimed at gathering the satisfaction level of the data subject regarding the air transport services offered by Aeroitalia, as provided for in the General Conditions of Transport. This allows Aeroitalia to comply with the obligations provided for in Article 783 of the Navigation Code and the “Guidelines on the Quality of Air Transport Services: Standard Service Charters” issued by ENAC, for the preparation of the Service Charter (“Air Service Perception Evaluation Purpose”).
The legal basis for processing Personal Data belonging to the “regular” categories for the purposes of Website navigation, service provision, air transport service provision, managing reports and complaints, and evaluating the perception of air transport services is to be found in Article 6(1)(b) of the GDPR, as the processing of the data is necessary to carry out the pre-contractual measures requested by the data subject, to establish the contractual relationship, to provide the requested services, and to execute and manage the contractual relationship with the Data Controller, in accordance with the General Conditions of Transport applied by Aeroitalia.
With regard to the sending of the post-flight questionnaire for the “Air Service Perception Evaluation Purpose”, as provided for in the General Conditions of Transport, Aeroitalia guarantees you the possibility to stop such sending at any time. You can do this by using the designated function present in the communication itself or by sending a request to privacy@aeroitalia.com, thus stopping the receipt of the post-flight questionnaire.
Any processing of Personal Data belonging to the “special categories” under Article 9 of the GDPR for the purposes of service provision, air transport service provision, and managing reports and complaints is based on the consent given by the data subject pursuant to Article 9(2)(a) of the Regulation; in the event that the health-related data concern minors and/or incapacitated persons, explicit consent for processing must be provided by the person exercising parental responsibility and/or legal representative of the minor/incapacitated person.
Please note that the consent provided for the processing of special category data under Article 9(2)(a) of the GDPR can be revoked at any time, without any prejudice to the lawfulness of the processing carried out before the revocation.
The legal basis for processing Personal Data for insurance purposes for the “regular” data is to be found in Article 6(1)(b) of the Regulation, as the Data Controller, as the policyholder of the insurance policy for the beneficiary passengers, is contractually obligated to communicate the insureds’ data, the details of the purchased flight, and the attached insurance coverage/formulas to the insurance company. It is also noted that, with regard to Personal Data belonging to the special categories and, specifically, to health-related data, they may be transmitted to insurance companies only with the specific consent of the data subject for the communication of such information pursuant to Article 9(2)(a) of the Regulation, in order to allow the proper management of the insurance policy concluded in favor of the data subject.
The provision of Personal Data for the aforementioned purposes under letters a) – e) is optional; however, failure to provide such data may result in the Data Controller being unable to activate and provide the requested services and/or to properly manage and respond to reports and complaints submitted to the Data Controller.
Once provided, the Personal Data may also be processed by Aeroitalia for the following purposes:
- f) compliance with legal obligations, regulations, or national and community laws to which the Data Controller is subject, including provisions from supervisory authorities and/or decisions of judicial and/or administrative authorities, including the fulfillment of accounting and fiscal obligations, obligations and controls arising from sector-specific legislation relating to air passenger transport, e.g., Regulation (EC) 261/2004 and Regulation 1107/2006, including the provisions of Legislative Decree No. 96 of 9 May 2005 (“Navigation Code”) aimed at ensuring a high level of protection for passengers as well as obligations related to safeguarding public health and safety, the detection and suppression of crimes, public order, and civil protection, also in the context of combating crime and terrorism (“Compliance Purpose”).
- g) to identify, pursue, and counteract fraudulent, abusive, or illegal activities conducted against the Data Controller in connection with the use of the Website and its related services (“Anti-fraud Purpose”); the legal basis is to be found in the legitimate interest of the Data Controller and/or the interested clientele pursuant to Article 6(1)(f) of the GDPR, which consists in the need to ensure effective protection against fraudulent, abusive, or illegal activities, also in compliance with the provisions emerging from the current supervisory authority guidelines.
- h) in the event it is necessary to ascertain, exercise, or defend a right in judicial or extrajudicial proceedings, including debt recovery (“Defensive Purpose”), for the pursuit of the Data Controller’s legitimate interest pursuant to Articles 6(1)(f) and 9(2)(f) of the GDPR, as once the Personal Data are provided, their processing might become necessary to ascertain, exercise, or defend a right in court or whenever judicial authorities exercise their functions.
- i) for the direct sending by Aeroitalia, via email, of commercial communications, advertising material, and promotional material for the direct sale of its products and/or services similar to those purchased by you, without your consent, pursuant to Article 130(4) of the Privacy Code and Article 6(1)(f) of the GDPR, and within the limits allowed by the decision of the Data Protection Authority of 19 June 2008. Pursuant to Article 21 of the GDPR, you have the possibility to object to the processing of your data for this purpose at any time, either initially or during subsequent communications, in an easy and free manner by writing to the Data Controller at the contacts provided in paragraph 7 of this notice or by using the link provided at the bottom of each such commercial email.
-
j) for the user interested in purchasing an airline ticket or an ancillary service to complete the purchase process of the already initiated service by sending a reminder email to the address provided during the pre-purchase phase, so‐called “abandoned cart recovery”.
The processing of data for the aforementioned purpose is useful for Aeroitalia’s legitimate interest and for the benefit of the user in order to remind them of any purchase processes that have not yet been completed, also in case of technical problems.
Furthermore, once provided, your Personal Data may be processed, only with specific consent pursuant to Article 6.1(a) of the Regulation, for the following purposes:
- k) subscription to the newsletter, in order to receive via email commercial, promotional, and direct marketing communications and information about the services, products, and offers of the Data Controller (“Newsletter Subscription Purpose”).
The legal basis for the Newsletter Subscription Purpose is found in the free and specific consent provided by the data subject pursuant to Article 6(1)(a) of the GDPR at the time of subscribing to Aeroitalia’s newsletter.
Should you wish to object to the processing of your data for receiving newsletters, you may do so at any time by contacting the Data Controller at the contacts provided in paragraph 7 of this notice or by using the link provided at the bottom of each such email.
The consent given is revocable at any time, without any prejudice to the lawfulness of the processing carried out before the revocation.
The provision of Personal Data for the Newsletter Subscription Purpose is optional and, in case of refusal, no consequence will occur and your access to the services provided by the Data Controller will not be affected in any way.
4. RECIPIENTS OF PERSONAL DATA
The Personal Data may be shared, for the purposes mentioned in paragraph 3 of this Privacy Policy, with:
- persons authorized by the Data Controller to process Personal Data pursuant to Articles 29 and 32 of the GDPR and 2-quaterdecies of the “Privacy Code” (e.g., sales staff, administration and accounting staff, pre and post-sale assistance, CRM, IT system management staff, boarding and welcoming staff, etc.);
- third parties who, in providing the services (by way of example: technological services, assistance services, security services, payment services, persons and/or companies and/or professional firms that provide assistance and consultancy in accounting, administrative, legal, tax matters; entities and companies operating in debt collection as well as in fraud prevention; technical maintenance services, commercial partners; companies offering IT infrastructures and IT assistance and consultancy services as well as software and website design and development; companies offering services to personalize and optimize our services, including those to provide and manage customer service; companies specialized in planning and managing communication projects for marketing purposes on behalf of Aeroitalia, etc.), typically act as data processors pursuant to Article 28 of the GDPR; the Data Controller maintains an updated list of appointed data processors and makes it available for inspection upon request at the above-mentioned headquarters or upon request sent to the addresses indicated in paragraph 7 of this Privacy Policy;
- third parties, independent data controllers, who perform functions strictly connected or instrumental to the air transport activity, to whom the Personal Data may be communicated to enable the proper fulfillment of the pre-contractual and contractual obligations for sales and assistance, including the proper operation of flights, including the execution of “re-protection” and “code sharing” services (e.g., other airlines; entities that carry out control, review, and certification of the activities undertaken by Aeroitalia also in the interest of its customers and users; etc.);
- in the event that the flight purchased is also accompanied by the mandatory and/or optional insurance policy offered by Aeroitalia’s partner insurance companies, the Personal Data may be communicated to such companies as independent data controllers;
- entities, bodies, or authorities, including supervisory authorities – independent data controllers – to whom it is mandatory to communicate Personal Data by virtue of legal provisions or orders from the authorities (e.g., the Central Directorate of Immigration; Border Police; to the UIP (Passenger Information Unit) database of the Member State in whose territory the flight lands or from whose territory the flight departs, pursuant to Article 8 of Directive (EU) 2016/681 of 27 April 2016 on the use of booking code (PNR) data, Aeroitalia, as an air carrier, is obliged to transfer the booking code data of passengers (PNR) in order to prevent, detect, investigate, and prosecute terrorism and serious crimes, etc.).
5. TRANSFER OF PERSONAL DATA OUTSIDE THE EU
The Personal Data provided through the Website will be processed and stored in the Data Controller’s IT systems, whose servers are located within the European Economic Area. Aeroitalia is a global carrier that transports passengers in a plurality of countries around the world. Consequently, in the provision of its air transport services, it may transfer Personal Data to third countries for the proper conduct of its activities, as well as to meet specific requests from the data subject. Therefore, such transfer may be necessary for the execution of the contract concluded between the data subject and the Data Controller, in some cases, to comply with legal obligations to which the Data Controller is subject. It is noted that in the event of transferring Personal Data to Recipients located outside the European Economic Area, the Data Controller ensures that the transfer will take place in compliance with the conditions set out in Articles 44 et seq. of the GDPR, such as the adoption of Standard Contractual Clauses approved by the European Commission, the selection of entities adhering to international programs for the free circulation of data, or operating in countries deemed safe by the European Commission, in compliance with the recommendations 01/2020 adopted on 10 November 2020 by the European Data Protection Board. More information on the transfers and the safeguards adopted can be requested from the Data Controller at the contacts indicated in paragraph 7 of this Privacy Policy.
In particular, in the execution of the purposes of service provision and air transport service provision referred to in paragraph 3, letters b) and c) of this Privacy Policy, the transfer of Personal Data of flight passengers to countries outside the EU for which no adequacy decision has been issued pursuant to Article 45(3) of the Regulation, or in the absence of adequate safeguards pursuant to Article 46 of the Regulation, is based on the provisions of Article 49(1)(b) of the GDPR, as the transfer is necessary for the execution of the contract concluded between the data subject and the Data Controller or for the execution of pre-contractual measures requested by the data subject.
More information is available by sending a written request to the Data Controller at the addresses indicated in paragraph 7 of this Privacy Policy.
6. RETENTION OF PERSONAL DATA
Your Personal Data will be collected and stored in accordance with the principles of minimization and storage limitation as referred to in Article 5(1)(c) and (e) of the GDPR, ensuring security measures to prevent data loss, unlawful or incorrect use, and unauthorized access.
The Personal Data processed for the purposes referred to in letters a), b), c), d), e), f) of this notice will be retained for the time strictly necessary to achieve those purposes, i.e., for the time necessary to provide the requested service, taking into account the legally required retention periods.
For the purpose of newsletter subscription as referred to in letter k) of this notice, your identifying and contact Personal Data will be processed until you revoke your consent pursuant to Article 7 of the Regulation and/or until you object to the processing pursuant to Article 21 of the Regulation (in accordance with the provisions of the Italian Data Protection Authority's Decision of 15.10.2020).
The identifying and contact Personal Data processed for the purpose of soft-spam as referred to in letter i) of this notice will be retained by Aeroitalia until you object to such processing using the link provided at the bottom of each soft-spam email or through other methods indicated in paragraph 7 of this notice. Please note that the Personal Data relating to flights and purchased services, processed for the purpose of defining the soft-spam communications referred to in letter i), paragraph 3 of this notice, will be retained for that purpose for a period of 14 (fourteen) months from the time of registration, unless you object to the processing before that period expires.
In general, the Data Controller reserves the right to retain the data for the time necessary to comply with any legal obligation to which it is subject, including any obligations or orders to transmit Personal Data to authorities, or to satisfy any defensive requirements.
Specific security measures are in place to prevent data loss, unlawful or incorrect use, and unauthorized access. In any case, the Data Controller is committed to processing the Personal Data in accordance with the principles of adequacy, relevance, and data minimization, as required by the GDPR, periodically reviewing the necessity of their retention.
Therefore, once the purposes for which they were collected and processed have been achieved, Aeroitalia will remove them from its systems and records and/or take appropriate measures to render them anonymous, so as to prevent the re-identification of the data subject.
More information regarding the retention period and the criteria used to determine such period may be requested by sending a written request to the Data Controller at the addresses indicated in paragraph 7 of this notice.
7. RIGHTS OF THE DATA SUBJECT
The data subject may exercise their rights and/or request information about the processing of their data by contacting the Data Controller at the contacts below, preferably including "Privacy Rights Exercise Request" in the subject line of the communication.
In particular, you may exercise the following rights at any time:
- Right to withdraw consent (Art. 7 of the GDPR) – You have the right to withdraw any consent provided at any time, without affecting the lawfulness of the processing carried out before the withdrawal;
- Right of access (Art. 15 of the GDPR) – You have the right to obtain confirmation as to whether or not your personal data is being processed, and the right to receive any information relating to that processing;
- Right to rectification (Art. 16 of the GDPR) – You have the right to have your Personal Data rectified if it is incomplete or inaccurate;
- Right to erasure (Art. 17 of the GDPR) – In certain circumstances, you have the right to have your Personal Data deleted from our records;
- Right to restriction of processing (Art. 18 of the GDPR) – Under certain conditions, you have the right to obtain restriction on the processing of your Personal Data;
- Right to data portability (Art. 20 of the GDPR) – You have the right to obtain your Personal Data in a structured, commonly used, and machine-readable format and to transfer it to another data controller;
- Right to object (Art. 21 of the GDPR) – You have the right to object to the processing of your Personal Data, providing reasons for your objection; the Data Controller reserves the right to evaluate such an objection, which may not be accepted if there are overriding legitimate grounds for the processing that prevail over your interests, rights, and freedoms. Furthermore, you may object and thereby stop the receipt of so-called "soft spam" communications by using the link provided at the bottom of each commercial email received. In any event, you may always exercise this right by writing to the Data Controller at the contacts provided below.
- Right to lodge a complaint with a supervisory authority (Art. 77 of the GDPR) – In the event that you believe that the processing of your data violates data protection laws, you may lodge a complaint with the supervisory authority in the Member State where you reside, work, or where the alleged violation occurred, following the procedures set out in the following paragraph;
- Right to judicial remedy (Art. 79 of the GDPR).
To exercise each of your rights, you may contact the Data Controller, in the person of the legal representative, by addressing a communication to the legal headquarters at via Mantegna, n. 8, in Fiumicino 00054 (RM), or by writing to the certified email address aeroitalia@pec.it, or by sending an email to privacy@aeroitalia.com providing the following information:
- Name, surname, and postal address;
- Details of your request;
- Booking code or flight number and date (if your request is related to a flight taken with Aeroitalia).
8. CHANGES
The Data Controller reserves the right to modify or update the content of this notice, in part or in full, even due to changes in applicable legislation. Therefore, the Data Controller invites you to regularly visit this section to be aware of the latest version of this privacy notice.
9. MINORS' CONSENT REGARDING INFORMATION SOCIETY SERVICES
In order to use the services provided through the Website, you must be over fourteen years old: the processing of Personal Data of a minor under fourteen years of age is lawful provided that it is carried out by someone exercising parental responsibility.
10. VIRTUAL ASSISTANCE CHAT
A virtual assistance chat service is available on the Website, designed to support the user in consulting and navigating the information available on the Website itself. The virtual assistance chat does not involve the processing of Personal Data, as it is not linked to user profiles or Aeroitalia’s customer management system. Therefore, it is not necessary to provide Personal Data for its use, including data relating to codes or information on purchased flights, as the virtual assistance chat will not be able to assist in such cases. You are therefore invited not to enter Personal Data in the virtual assistance chat. If such data are accidentally provided, the system will delete or anonymize them immediately. The questions and answers provided in the virtual assistance chat will be used by Aeroitalia in aggregated and anonymous form solely for business intelligence purposes, in order to improve the navigation and content of the website.