個人情報保護に関する基本方針 

アリタリア‐イタリア航空会社は、高度情報通信社会における情報セキュリティと個人情報保護の重要性に鑑み、以下の基本方針に基づき、会社が保有する個人情報の適正な管理と保護に努めます。

1.個人情報に関連する法令等の遵守

個人情報保護法及びその他の関連法令等を遵守します。

2.航空運送事業者としての責務

航空運送事業者として、個人情報の特性（プライバシーに係る情報など）を考慮した適正な個人情報の取扱いを行います。

3.個人情報の安全管理措置の徹底

取扱う個人データの漏えい、滅失又は毀損の防止、その他個人データの安全管理のために必要かつ適切な措置を講じます。

4.個人情報の漏えい等事故時の告知についての方針

万一、事故が発生した場合には、被害を最小限に留めるとともに、速やかに必要な情報を公開し、再発防止策を含む適切な対策を講じます。

5.個人情報の第三者提供についての方針

正当な理由がある場合を除き、お客様の同意なく個人データを第三者に提供しません。

6.保有個人データの開示等の求めについての方針

お客様からの保有個人データの開示、訂正、利用停止等の請求に対して適切に対応します。

7.相談窓口の明確化

お客様からの問い合わせ、苦情や要望に対応するための相談窓口を定め、誠意をもって迅速に対応します。

8.コンプライアンス・プログラムの継続的改善の実施

個人情報保護のための内部管理体制（コンプライアンス・プログラム）の継続的な改善を行います。

9.方針の公開

本方針を含む情報セキュリティおよび個人情報保護に関する方針をホームページなどに掲載することにより、広く社会に公開します。

イタリア本国の個人情報に関する方針につきましては、下記をご確認下さい。(英語によるご案内となります）

Privacy policy, as per Italian D.lgs 30.06.2003 N.196, Art. 13

This privacy policy, as per Italian D.lgs 30.06.2003 N.196, Art. 13 regulating in Italy all European Union directives on the matter, sets out how Alitalia - Compagnia Aerea Italiana S.p.A. (Alitalia S.p.A.) uses and protects any information that you give Alitalia S.p.A. when you use this website.

Alitalia S.p.A. is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

For security reasons, we are obliged, to provide local authorities throughout the world, particularly customs and immigration, personal and travel data of our customers, acquired during normal flights procedures; also in Italy, where requested by the Central Immigration Department and by the Border Police. This communication is mandatory to fulfill the transport contract.

Furthermore, this privacy policy conforms to Italian Gruppo di Lavoro art. 29 for the Protection of personal data n.2/2007 of 15 February 2007, reviewed and updated on 24 June 2008, on the Passengers Information relating to the transfer of PNR data to USA authorities (for more details, please check Information for passengers traveling to the USA).
Alitalia S.p.A. may change this policy from time to time by updating this page. You should check this page every time you visit this website to ensure that you are happy with any changes.

Handling of the data

The handling of the personal data is carried out to ensuring that your information is secure and private, and is carried out with manual and electronic means to memorize, handle and forward the data. Personal data will be handled following proper standards, collected and registered for specific purposes, explicit and legitimate, exact and, if necessary, appropriate, complete and not exceeding the standards requested to fulfill the obligation, stored in a way that will allow to recognize the individual only for a period of time not exceeding the time required to fulfill the obligation for which they have originally been collected and subsequently handled.

Data provided voluntarily by users

Alitalia collects personal information and other data, which are submitted by users voluntarily via web or mobile registration forms, as well as forwarded to the Company via mail or email in an explicit and voluntary way. Such data may concern essential information required to carry out the service requested by the user (i.e. Newsletter) and/or to contact the user (name, mail address, any other personal data inserted in the letter).
The optional, explicit and voluntary forwarding of emails to the address given on this site, implies the acquisition of the email address, essential to reply to the requests, and of any other additional personal data in the communication.

Surfing data collected by electronic means

Information systems and software procedures for the correct functioning of the Alitalia S.p.A. web and mobile sites acquire, during normal use, personal data, whose transmission is implicit in the use of internet communication protocols (i.e. user IP address or domain name of the computer used to access the web, URI of the requested resources, time of request or session time, server submitted query method used, files’ size received as request response, numeric code concerning the status of the server response and other kind of information related to the operating system and the user IT environment). The Alitalia S.p.A. website uses technologies like cookies, to collect statistical information on the use of the web (i.e. total number of visitors on the sites, number of visitors per single page, name of the domain of origin of visitors’ internet services supplier) and to improve the surfing experience.

Cookies

During surfing of the Alitalia S.p.A. website, information is collected through files called "cookies", which help to identify your computer or browser. A cookie is an encrypted string of text stored on your computer or on the mobile phone, to be able to recognise it quickly the next time. In the case of Mobile site cookies, the latter memorise only name, surname and ticket number. In the case of computer cookies, these allow a customisation of an internet website, to make surfing smoother and an improved display of most requested information by quantitative check-out of web pages access. Cookies used do not memorise personal data except the IP address. Cookies retained information is anonymous and remain so as the cookie identification number is not associated to personal data supplied by surfers.
You may always disenable cookies by changing your browser settings.

Why we collect data

Alitalia collects the necessary personal data of the users to carry out authorization, habilitation and personalization of accesses to the various areas and contents of the Company’s website. Furthermore, Alitalia S.p.A. collects the necessary data to fulfill its contractual obligations towards clients, deriving from booking processes and purchases of travel means. We require this information to provide you with this service, giving access to the data to operational and commercial Alitalia staff, and to airline Partners dealing commercial agreements.

The personal and/or sensitive data given or acquired during the contractual relationship may be given, in the measure requested to carry out the service, to:

• Internal Alitalia S.p.A.personnel with the intent of improving our products and services (as per D.Lgs 196/2003; 
• Third party companies carrying out services which are essential towards Alitalia operations.

With reference to sensitive data, these may be handled even without explicit consent of the person as per art. 26, n.4, D. Lgs 196/2003. However these data will not be distributed. Be reminded that from time to time (not as part of the ordinary management of this website) the Authorities may request information and details as per art. 157 of D. Lgs. 196/2003, to check on the management of personal data. In these instances, Alitalia S.p.A. is obliged to comply to avoid a fine.

Alitalia S.p.A., as "Owner" of the relative data management, informs that the data will be handled and used exclusively as per purposes highlighted in this communication.

Exercising your rights

The Customers of Alitalia S.p.A. can contact the Data controller and/or data supervisor in charge of the processing  in order to exercise their rights as prescribed by article 7 "Access to personal data and other rights" of Legislative decree 196/2003 no. 196. To exercise these rights, passengers must also send communication to the following e-mail address: privacy@alitalia.it.

If you no longer wish to receive communications from Alitalia, please follow the procedures listed below:

• For commercial communication from the Alitalia group, click on the unsubscribe link found at the bottom of each email from Alitalia. 
• For communications to MilleMiglia members, we kindly ask you to log on the online MilleMiglia service and update your profile accordingly by choosing "nothing" in the "Information on the latest deals and news" section, then click on the "update" button. Alternatively, you can contact our Customer Relations. 

Right to access your personal data

Alitalia S.p.A. clients may request details of personal information held, to the Owner and/or data Manager, under art. 7 "Right to access personal data" of D. Lgs. 196/2003 n.196.

List of people in charge of personal data handling. Compulsory information as per art.13 letter f Law Decree DLGS/196/2003: 

• Senior Vice President "PURCHASING AND SERVICES"
• Senior Vice President "ALLIANCES AND STRATEGIES"
• Senior Vice President "CHIEF FINANCIAL OFFICER"
• Senior Vice President "GENERAL COUNSEL & AUDITING"
• Senior Vice President "MARKETING, REVENUE MANAGEMENT & NETWORK"
• Executive Vice President "CHIEF OPERATING OFFICER"
• Senior Vice President "HUMAN RESOURCES"
• Senior Vice President "CHIEF INFORMATION OFFICER"
• Senior Vice President "SALES AND DISTRIBUTION"
• Senior Vice President "INSTITUTIONAL RELATIONS & COMMUNICATION"
• Vice President "CHIEF OF THE STAFF"