GEAC S.p.A. is committed to protecting the privacy and security of its customers/users and values its responsibility regarding the protection of your personal information.

This Privacy Policy applies to users’ personal data we collect, how and why we use it, to whom we disclose it, and how we protect their privacy in accordance with EU Reg. 679/2016 (European Data Protection Regulation – GDPR) and Legislative Decree. 196/03 Privacy Code as amended and updated by Legislative Decree. 101/2018.


The Data Controller of personal data is GEAC S.p.A., located at Strada Statale 20/1 – 12038 Levaldigi – SAVIGLIANO (CN) – Italy.


By “personal data” we mean data about the data subject who views or uses our website or in all other cases described below. Personal data may include identification data, contact data, information relating to the travel itinerary, such as the reservation number, or information relating to the use of our website.

Some information about the data subject’s personal information may be transmitted by providers who offer services on our behalf or by third parties acting on behalf of the data subject’s customer, such as travel agents, tour operators, or others who book a flight on behalf of the data subject.


GEAC S.p.A. uses the personal data of the data subject for the purposes listed below:

  1. Communication with the customer: personal data are processed for the purpose of responding to inquiries about services offered, travel documents, lost luggage, etc;
  2. Response to customer requests to exercise their rights under the Data Protection Act: your data will be acquired for the purpose of registration to the document area for the exercise of your rights;
  3. Financial, audit and tax relations: i.e., to carry out activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations;
  4. Site browsing: in relation to the possibility of detecting technically necessary data of the data subject, e.g.: IP address, while browsing the site;
  5. Maintenance of safety by safety reports in named or anonymous form: any data you provide (identifying and contact data) for the purpose of completing the Ground Safety Report will be processed in order to manage the reports and improve our service;
  6. Suggestions for improving our services and complaints: the data you provide will be processed in order to manage the improvement of our services or handle a complaint;
  7. Inclusion in the supplier register: for the procurement of works, supplies and services;
  8. Meeting room request: : The data you provide will be processed only for meeting room reservation;
  9. Receiving newsletters: your personal data will be processed for sending newsletters. If you provide us with your explicit consent, your data may optionally be processed for CUF to send you commercial or advertising communications;
  10. Access permits with self-declaration: the data you provide will be processed in order to respond to your request for the issuance of permits within the airport area;
  11. Access to the document area: data are acquired for the purpose of registration to the document area to consult the documents contained therein (such as but not limited to the Airport Regulations, Service Charter, airport emergency plans);
  12. Request for Services for Passengers with Reduced Mobility (PRM): the data you provide (including special categories of data under Art. 9 GDPR) will be processed solely for the purpose of best managing special assistance to PRMs;
  13. Application for exemption from parking payment for persons with disability badges: the data you provide (including special categories of data under Art. 9 GDPR) will be processed only to handle the exemption to parking payment;
  14. Advertising spaces: your personal data will be processed to manage the dissemination of your company’s image.

You are not obliged to provide us with your personal data but, by not doing so, you may not be able to use our services, or the functionality of our services may be impaired.

Your data may only be disclosed to subjects authorized by the undersigned GEAC SpA, data controller, as data processors or delegates. Your personal data will not be disclosed or disseminated.


The Reg. EU 679/2016 – GDPR and the Privacy Code and subsequent amendments (hereinafter also national legislation) confer specific rights that provide the interested party with control of their personal data.

GEAC S.p.A., in order to facilitate the exercise of these rights by the data subject, sets out below further information on the rights of the data subject and the measures taken to comply with them.

Access to data : the interested party has the right to know if GEAC SpA keeps his personal data and, if so, to receive a copy of the data in question

Data portability: the interested party has the right to receive some of the data in a mobile and reusable format

Data rectification: if the interested party believes that GEAC SpA retains incorrect or incomplete information, he is invited to submit a request for rectification

Deletion of data : GEAC SpA will keep the data of the interested parties for the period necessary to carry out the purposes indicated in this Notice and where it is obliged to keep the data in order to comply with legal obligations

Objection to data processing: the interested party has the right to object to the use of their data at any time

Revocation of consent: the data subject may revoke the consent given to the processing of his or her data at any time. This does not affect the lawfulness of the processing prior to the withdrawal of your consent.

A data subject may exercise his or her rights regarding the data GEAC S.p.A. keeps by sending such a request to the contacts below.


The information that you provide as an interested party through sending an e-mail and/or through filling out the registration form is used only to answer your questions or to fulfill your requests; only after your express manifestation of consent, our company may use your personal information for purposes such as sending promotional and commercial information, i.e., regarding new product or service offerings. Finally, only upon further manifestation of your specific consent, your personal data may be made available to our business partners who are able to transmit useful information or to send promotional material of your interest. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.

GEAC S.p.A. is committed to protecting the personal data of the data subject by taking appropriate technical and organizational measures against unauthorized or unlawful processing and accidental access, loss, destruction or damage of such data. GEAC SpA constantly promotes measures aimed at improving the level of information security, in accordance with regulatory changes.

How we protect the data of the interested party:

When the data subject provides personal data through our website, this information is transmitted securely over the Internet, using an appropriate encryption system.

The information that is provided will be stored in our systems contained on our premises or those of assigned third parties. As outlined in this Policy, it is also possible for GEAC S.p.A. to provide access to customer information to third parties acting on behalf of GEAC S.p.A., for the purposes described in this Policy and for other purposes approved by the data subject. Where these third parties are engaged to process personal data on our behalf, we will require that they implement appropriate technical and organizational measures to protect such data.

The personal data of the interested party can be processed outside the European Economic Area (European Economic Area, also known as “EEA” means the European Union, Great Britain, Iceland, Liechtenstein and Norway), including by personnel operating outside the EEA who work for us or for our suppliers or agents (this includes personnel dedicated to, among other things, the fulfillment of the customer’s booking, for example ground staff handling assistance at the airport, and the provision of support services). If the data subject’s personal data are transmitted outside the EEA, GEAC SpA will request that one of the following data protection conditions be present, in compliance with the relevant laws:

  • that the country in which the data of the interested party is transferred is required, at the request of the European Commission, to provide an adequate level of protection;
  • in the absence of this request, that the contract that binds such suppliers to GEAC SpA includes the clauses approved by the EU regarding the protection of user data;
  • where our suppliers’ access to customer data is from the US, that suppliers participate in the EU-US Privacy Shield, a self-certification mechanism designed to protect data that is transferred to US companies.

We may also provide links to third party websites through our website. These websites provide their own Privacy Policy and are beyond the control of GEAC S.p.A. Please note that this Privacy Policy does not apply to such websites and GEAC S.p.A. is not responsible for any information that third parties may collect through these websites. Furthermore, in some cases, we may be required by law to disclose the personal data of users, if customers, to third parties such as airports and customs agencies, in which case we will have limited control over how the data will be protected once transmitted.


The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, …) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against this site.


Cookies are small text strings that the sites visited by the user send to their terminal (usually the browser) where they are stored before being re-transmitted to the same sites at the next visit by the same user. Two macro-categories are identified: “technical” cookies and “profiling” cookies.
This site uses the so-called “technical” cookies for the sole purpose of “transmitting a communication over an electronic network, or as strictly necessary for the provider of a service explicitly requested by the user, in order to provide this service” (art . 122, paragraph 1, of the Code): they can be divided into navigation or session cookies, which guarantee the normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas) and / or analytics cookies, similar to technical cookies when used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site and / or functionality cookies, which allow the user to navigate according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided. The use of “technical” cookies (session variables whose values stored on the hard disk of the device can still be deleted: it is also possible to disable cookies by following the instructions provided by the main browsers) is strictly limited to the transmission of session identifiers ( consisting of random numbers generated by the server) and software usage data necessary to allow the safe and efficient exploration of the site: the session variables (so-called cookies) can avoid the use of computer techniques that are potentially prejudicial to the confidentiality of navigation of the users and do not allow the acquisition of personal identification data of the user. This site does not in any way use the so-called “profiling” cookies (aimed at creating profiles relating to the user and used in order to send advertising messages in line with the preferences expressed by the same in the context of surfing the net). This site uses so-called “third-party” cookies aimed at receiving on your device, while browsing a site, cookies sent from different sites or web servers (information is stored at third parties): a example is represented by the presence of “social plugins” for Facebook, Twitter, Google+ and Linkedin (these are parts of the visited page generated directly by the aforementioned sites and integrated into the page of the host site) whose use is aimed at sharing content on social networks network (the presence of these “plugins” involves the transmission of cookies to and from all sites managed by third parties: the management of the information collected by “third parties” is governed by the relevant information to which please refer).
Complete list of Privacy Policy third-party cookies used:
google map:

google analytics:

How can I disable cookies?

Most browsers (Internet Explorer, Firefox, etc.) are configured to accept cookies. However, most browsers allow you to control and even disable cookies through your browser settings. We remind you, however, that disabling navigation or functional cookies can cause the site to malfunction and / or limit the service offered.


Your data may be communicated by us, with this term meaning the disclosure of it to one or more specific subjects, in the following terms: to subjects, public and private, who can access the data by virtue of the provision of law, regulation or Community legislation, within the limits set by these rules (for example, social security and welfare institutions and bodies, associations of local authorities, administrations and public bodies, associations, foundations, associations and / or insurance bodies or bodies are mentioned) to subjects who they need to access the data for purposes auxiliary to the relationship between the parties, within the limits strictly necessary to carry out the auxiliary tasks (by way of example, banks and credit institutions, service providers, carriers and shipping companies are mentioned) , to our consultants, within the limits necessary to carry out their assignment at our company, subject to our letter of appointment which imposes the duty of confidentiality and security.

Your data will not be disclosed by us, with this term meaning the disclosure of it to indeterminate subjects in any way, including by making them available or consulting, unless a specific consent, free, informed and unequivocal, expressed by you and granted for each type of treatment.


Our Privacy Policy (Privacy Policy) is a dynamic tool and may be modified in case of changes in our data processing procedure. We may therefore decide to update this Notice to ensure that the information provided is always relevant and compliant with data protection laws. Any new version of this Policy will be posted on our website and will include the date it was last updated.


All interested parties may exercise their rights or ask any request or question pertaining to this Privacy Policy or by regular mail to the following address:


Provincial Road 20/1

12038 Levaldigi – Savigliano (CN) – Italy

or via


Updated: 12/22/22