Biometric access control privacy policy
Biometric access control privacy – “you board” service
Information on the processing of personal data carried out by Aeroporti di Roma S.p.A. through the facial recognition system installed at Fiumicino airport for access control to airport and boarding areas
In compliance with Articles 13 and 14 of Regulation (EU) 2016/679 – General Data Protection Regulation (GDPR), Aeroporti di Roma S.p.A. (“ADR”), as Data Controller, intends to provide passengers interested in joining some information regarding the processing of personal data carried out by ADR as part of the pilot project (hereinafter the “Project”) relating to the installation at Fiumicino airport of a computer system based on facial recognition technology (using biometric technology, hereinafter the “System”), which makes it easier, faster, and safer for departing passengers to transit, allowing them, in particular, to access security checks and carry out boarding operations without having to show documents or boarding passes.
The Project experimentally involves the use of the System only for passengers on flights to certain destinations or travel routes defined in collaboration with the airport carrier Italia Trasporto Aereo S.p.A. (hereinafter “ITA Airways”), which operates as a separate Data Controller for the areas, purposes, and activities within its competence, and to whose information notice reference is made for further information.
What data we process and how we collect it
To join the Project, ITA Airways passengers who may be interested are required to provide, through the devices located at the multimedia kiosks (hereinafter “kiosk”) installed by ADR for this purpose, some personal data concerning them, without which it would not be possible to participate. The interested passenger can also join the initiative through the specific functionality made independently available in the ITA Airways mobile app (hereinafter “App”), if installed on the relevant mobile device (e.g., smartphone), as indicated in the information provided by the same airline in this context. In the latter case, the personal data recorded and stored on the passenger's device will be acquired by ADR only when the latter, through the ITA Airways app, consents to their transmission to the System.
In particular, during the registration phase (so-called enrollment) necessary to participate in the experiment, the following data are acquired through the kiosk (or the passenger's device, in case of using the specific functionality of the App): (i) some data reported in the passport or electronic identity card (such as number, name, surname, date of birth, date of issue and expiry), as well as the digital photo of the data subject used only to process a biometric template relating to the facial features, to be compared with the one acquired and processed in real-time through the digital photo taken by the camera present in the kiosks (or on the device in use); (ii) some data contained in the boarding pass (flight number and date, departure and destination airport, name and surname) necessary to allow an initial consistency check (match) of the data reported in the identification document and the boarding pass and, subsequently, the usual checks at the airport gates, (iii) the image of the passenger's face, obtained, as mentioned, from the aforementioned digital photo, whose salient features are detected for the purpose of their measurement and transformation into a numerical code (so-called biometric template), which does not allow tracing back to the originally acquired image and which, following the positive comparison with the one obtained from the digital photo acquired from the identification document, is stored in encrypted form and transmitted, together with the data referred to in the previous letters (i) and (ii), to the electronic archive managed by ADR and protected with high-security measures.
These data, stored in encrypted form, will then be used to automatically verify the passenger's identity at the gates dedicated to the experiment and equipped with the same facial recognition technology (highlighted with specific infographics), located before the security checks and boarding gates, in order to extract and automatically verify the data relating to the identification document and the boarding pass that enable access to the aforementioned gates and/or the use of the services provided there. It should be noted that, to allow passage through the gates at the boarding gates, the boarding pass generated by the same company will be transmitted to ITA Airways, confirming the positive outcome of the identity verification and the possession of the necessary documents.
Optional adherence
Adherence to the experiment of the System described above and the provision of the aforementioned personal and biometric data are entirely optional for the passenger departing on ITA Airways flights (as defined above), who remains free to use the usual methods of access to the airport gates, by reading the boarding pass in their possession, subject to, where required (e.g., at the boarding gates), the verification of the relevant identification document. The provision of biometric data is necessary to join and use the System. If the data subject denies their consent to the processing of biometric data, they will not be able to use the System but will still be able to access security checks and carry out boarding operations using traditional methods.
Legal bases of processing
The processing of the passenger's biometric data (relating to facial features necessary for facial recognition) can be carried out by ADR only if the passenger intending to join the experiment has given their consent, while the processing of the other personal data indicated above is necessary to execute the passenger's request to join the Project and to provide the related services, to comply with related regulatory and administrative obligations, and to pursue legitimate interests related to ADR's organizational and technical activities concerning the operation and security of the System, the verification of its reliability, and the analysis and evaluation of the experiment's results. In particular, the provisions of the information on the processing of personal data relating to security checks, to which reference is made on the ADR website's privacy page for security checks, remain unchanged.
As part of the enrollment procedure carried out at the airport kiosk, the data subject can also give further consent to the storage by Aeroporti di Roma S.p.A. of the biometric template derived from their facial features to allow the use of the service in question for the entire duration of the program (1 year). These data, stored in encrypted form, will be used to verify, if the passenger presents themselves at a kiosk on subsequent trips, the passenger's identity to extract and automatically verify the data relating to the identification document and associate a new boarding pass to enable access to the security gates and boarding for the new trip.
How the data will be processed
For the purposes highlighted above, personal data are processed using electronic tools and mainly automated procedures and may be known by ADR's authorized personnel and the service providers of the technologies and hardware and software devices used by ADR for the experiment and the technical activities of installation, management, and maintenance of the System. These providers operate on behalf of ADR as data processors. Subject to the aforementioned transmission of information concerning the positive outcome of the passenger's identity verification and the possession of the necessary documents to ITA Airways at the gates located at the boarding gates, the aforementioned data will not be communicated to third parties, except for any requests for information from judicial and law enforcement authorities required by law, and will not be subject to any transfer to entities established in non-EU countries.
How long the data will be stored
For the aforementioned purposes, the personal data acquired and used for the operation of the System, including biometric data, will be stored by ADR until the passenger's flight departure (in particular until the flight status is updated to “departed”), after which they will be deleted. If the passenger wishes to participate in the experiment for the entire duration of the program, they can give further consent for this purpose, in which case the boarding pass is deleted after the flight departure while the biometric template and other data are stored by ADR for the entire duration of the program (1 year) to allow their use on subsequent trips, with the simple association of their Boarding Passes for future flights, as described above.
If the registration is unsuccessful and/or in case of erroneous presentation at one of the kiosks without registration, no personal and/or biometric data is recorded on our servers. In fact, until the enrollment process is completed, no personal data is stored, remaining only locally and permanently deleted in case of incomplete registration. If there is no interaction with the kiosk for over 30 seconds, the registration process is interrupted, and any data entered is deleted.
However, ADR will retain data relating to the passage through airport gates (gate code, date, and time of passage) in compliance with the security obligations incumbent on ADR as the operator of an airport. Reference is made to the ADR website's privacy page for security checks.
Passenger rights
The GDPR (Articles 15-22) guarantees the passenger, as the data subject, the right to request access to personal data concerning them and – where applicable – the portability of the data provided if subject to automated processing based on consent or contract; the rectification and/or integration if inaccurate or incomplete; the erasure of personal data or the restriction of processing if applicable; the objection to processing for reasons related to their particular situation, as well as the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. The right to lodge a complaint with the Italian Data Protection Authority pursuant to Article 77 GDPR remains unaffected if deemed necessary to protect their rights in this matter.
Who to contact
For further information regarding the aforementioned personal data processing activity and to exercise the rights indicated above, the passenger can contact Aeroporti Di Roma S.p.A., as Data Controller, located at Via Pier Paolo Racchetti 1 - 00054 Fiumicino (RM), and/or contact the Data Protection Officer by sending an email to dpo@adr.it.
Updated in February 2025.
Terms & conditions
- Corporate Governance
- Airport Regulations
- Further information and contacts
- Airport CDM
- SESAR programme
-
Privacy policy
- Web information
- Cookie policy
- Data Protection Officer
- Legal notices
- Privacy CCTV
- Privacy security control
- Mobility privacy
- Biometric access control privacy policy
- Call center privacy
- Privacy Feedback
- Social Media Privacy Policy
- QPass privacy
- Privacy supplier register
- ChatBot Privacy Policy
- Contractors Privacy Policy
- Regulated charges 2025
- Charges Proposal 2025
- 2024 Charges Proposal
- 2024 PRM Charges Proposal
- 2023 charges proposal
- 2022 charges proposal
- 2021 Charges proposal
- 2020 Charges proposal
- 2019 Charges Proposal
- Dynamic tariff proposal 2017/2021