ADRIA FERRIES S.P.A. - PRIVACY POLICY

 

This document describes the principles governing the data processing performed by ADRIA FERRIES S.P.A. (with registered office in Via Thaon de Revel, no 4, 60124 Ancona (AN), hereinafter also "Adria Ferries" or the "Company"), as the Controller.

We would like to inform you about the processing methods used for the personal data you provided when you registered for the various services available on www.adriaferries.com.

Please note that, for the services supplied, your data will be processed lawfully, fairly and in a transparent manner, ensuring that it is correct and adequate, relevant and limited to what is necessary with respect to the purposes pursued each time, depending on the service being accessed.

The data acquired by Adria Ferries is processed in accordance with Regulation (EU) 679/2016, on "the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC" (hereinafter the "Regulation" or "GDPR"). Information on the Cookie Policy adopted by the company for this website is contained in the pertinent section.

 

Controller

Adria Ferries S.p.A., with registered office at Via Thaon de Revel, no 4, 60124 Ancona (VAT number: 02197160423)

Purpose

The conclusion, management and execution of operations associated with the maritime transport agreement

Legal basis

Fulfilment of contractual obligations or the steps necessary prior to entering into a contract or by law, in order to manage the maritime transport contract

Data transfer

The data may be transferred if there are adequate safeguards in place protecting the rights of the data subject

Rights of the data subject

• Access to the personal data;

• Obtain rectification or erasure of the data or restriction of processing;

• Obtain data portability;

• Object to processing of the data;

• Lodge a complaint with the competent supervisory authority.

 

 

CONTROLLER

The controller is:

Adria Ferries S.p.A., with registered office at Via Thaon de Revel, no 4, 60124 Ancona, Italy (VAT number: 02197160423).

You can contact Adria Ferries at any moment to exercise your rights as specified in this document, by writing to: This email address is being protected from spambots. You need JavaScript enabled to view it. 

 

EXTERNAL DATA PROCESSORS

The Controller uses shipping agencies (appointed as Processors) and other agencies (appointed as Sub-processors) for the purposes of processing specified hereunder.

Furthermore all external service providers are appointed as Processors. The Controller has appointed a Data Protection Officer, who possesses specific knowledge of data protection regulations and practices and is capable of performing the tasks set forth in Art. 39 of Regulation (EU) 679/2016 and may be contacted at: This email address is being protected from spambots. You need JavaScript enabled to view it. 

 

SUBJECT OF PROCESSING

Processing operations may relate to:

  • personal details (first name, surname, address, date and place of birth);
  • contact details (e-mail and telephone number);
  • data concerning membership of professional categories or registration with loyalty or membership schemes signed with third-party companies.

Some of the sensitive data referred to in Art. 9 of Regulation (EU) 679/2016 may also be processed, namely:

  • data concerning particular needs due to the state of health.

It is optional to provide this data. The acquisition and processing of said data not only allows the company to satisfy passengers’ needs as far as possible, but also to achieve the purpose set forth by the Ministry of Infrastructures and Transport Circular no. 104/2014, namely "collect information and data on passengers [...] to facilitate search and rescue operations and to optimise the resources needed to deal with an SAR event".

 

PURPOSES OF PROCESSING OF THE DATA

(ART. 24, LETTERS A, B, C, OF THE DATA PROTECTION CODE AND ART. 6, LETTERS B, E, OF THE GDPR)

Your data will be processed for the purposes specified each time in a specific policy provided before you access each service and in relation to which you will be asked to give your consent to processing (as the legal basis for processing). The purposes pursued through registration with the services accessible on the website are listed below.

In particular, the data will be processed for purposes associated with the mutual obligations under a maritime transport contract:

  1. management of requests for an estimate;
  2. conclusion, management and execution of operations associated with the maritime transport agreement;
  3. sending of information on the journey purchased (such as any delays, etc.);
  4. supply of the products and services purchased on board ship;
  5. extraction of statistical information, in anonymous form;
  6. transmission of data to shipping agencies, port authorities, judicial authorities and law enforcement agencies;
  7. sending of claims in relation to the maritime transport.

Granting of consent to processing of your personal data will be optional or compulsory, depending on the purposes being pursued for each service. However, we must hereby inform you that, if consent is compulsory, Adria Ferries will be unable to supply the service or will supply it only in part if you refuse to give it.

 

DATA PROCESSING METHODS

(ART.4 DATA PROTECTION CODE AND ART.5 GDPR)

The data will be processed, also using automated means, in compliance with the methods indicated in the GDPR, which provides, among other things, for the data to be:

  • processed according to principles of lawfulness, fairness and transparency;
  • collected for specified, explicit and legitimate purposes ("purpose limitation");
  • adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed (‘data minimisation’);
  • accurate and up to date ("accuracy");
  • kept for a period no longer than is necessary for the purposes for which the personal data is processed (‘storage limitation’);
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage (‘integrity and confidentiality’).

The personal data will be stored for ten years from the date of the end of the journey for purposes of keeping of accounting records and any needs originating from disputes with passengers.

The Controller will process the personal data for as long as is necessary to achieve the aforesaid purposes and, in any case, for no longer than thirty-six months after the collection of consent to processing, consent that may be withdrawn at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

 

DATA

STORAGE PERIOD

PURPOSES OF STORAGE

• Personal and contact data;

• Data concerning membership of professional categories or registration with loyalty or membership schemes signed with third-party companies;

• Any data concerning particular needs due to the state of health

Ten years from the end of the journey

• Keeping of accounting records

• Disputes with passengers

 

LEGAL BASIS

The legal basis for the processing listed here above ("Purposes of processing of the data" par. 2, points 1-5) is the fulfilment of contractual obligations or the steps necessary prior to entering into a contract or by law, in order to manage the maritime transport contract.

For point 7 of paragraph 2 "Purposes of processing of the data", the legal basis for processing is fulfilment of the Controller’s legal obligations and the public interest in protection of safety in ports.

 

TRANSFER AND/OR DISCLOSURE OF THE DATA

The data may be communicated both to other companies in the group to which Adria Ferries belongs and also to entities in third countries, including outside the European Union, with the adoption of appropriate procedures and with respect to the aforementioned purposes. Furthermore, it may be necessary for Adria Ferries to disclose the personal data, on the basis of laws, legal proceedings, disputes and/or requests made by public or government authorities inside or outside the State of residence of the data subject, purposes of national security and/or other issues of public importance. When legally possible, Adria Ferries will inform the data subject before disclosing the data. Adria Ferries may also disclose the data if it establishes in good faith that said disclosure is reasonably necessary to enforce and protect its own rights and activate the available remedies.

  

RIGHTS OF THE DATA SUBJECT

(ART.7 OF THE DATA PROTECTION CODE AND ART.15 - 21 OF THE GDPR)

We also inform you that, for each service for which you register, you may exercise the following rights at any moment:

  • access to the personal data, requesting that said data be provided to you in intelligible form, and also to be informed of the purposes of processing (Art. 15);
  • obtain rectification (Art. 16) or erasure (Art. 17) of the data or restriction of processing (Art. 18);
  • obtain data portability (Art. 20);
  • object to processing of the data (Art. 21);
  • lodge a complaint with the competent supervisory authority.

These rights may be exercised by sending the requests to: This email address is being protected from spambots. You need JavaScript enabled to view it. 

Please also note that the Data Protection Officer (DPO) appointed by the Company can be contacted at the following e-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it. 

 

NATURE OF GRANTING OF THE DATA AND CONSEQUENCES OF FAILURE TO PROVIDE DATA

The data must be provided to allow precise fulfilment of the company’s contractual obligations and those prior to entering into a contract and your failure to provide will make it impossible to enter into the maritime transport contract and to fulfil the legal obligations and those of the public interest in protection of safety in ports.