1. Data Controller
ADSBItalia is an independent, non-profit technical project operating a global ADS-B and MLAT network.
The Data Controller is:
No Data Protection Officer has been appointed. Privacy requests may be sent directly to the email address above.
2. Scope of this policy
This policy applies to personal data processed in connection with:
- visits to the ADSBItalia website and related web services;
- messages sent through contact forms, email or support channels;
- registration, connection, monitoring and support of ADS-B and MLAT feeder stations;
- security, diagnostics, abuse prevention and technical administration of the network.
External websites and platforms linked from ADSBItalia apply their own privacy policies.
3. Personal data processed
Website and technical data
Server systems may process IP addresses, timestamps, requested URLs, browser and device information, referring pages, response codes, diagnostic data and security events.
Contact and support data
When you contact ADSBItalia, we may process your name or alias, email address, message content, technical information you provide and subsequent correspondence.
Feeder-station data
For participating stations, ADSBItalia may process feeder name or alias, UUID or another technical identifier, authentication or registration token, hostname, public IP address, coordinates, altitude, software or connection mode, connection status, timestamps, service logs and diagnostic information.
Tokens and equivalent credentials are confidential technical identifiers and are not intentionally published.
ADS-B and MLAT data
The network receives technical aviation data broadcast by aircraft and MLAT results generated by participating receivers. These data may include aircraft identifiers, positions, timestamps and related telemetry. They are primarily technical and operational, but in some circumstances may be linkable to an identifiable person.
4. Purposes and legal bases
Personal data are processed only where a lawful basis applies, including:
- steps requested by you or performance of an arrangement under Article 6(1)(b) GDPR, for feeder registration, connection and support;
- legitimate interests under Article 6(1)(f) GDPR, for operating and improving the network, monitoring availability, detecting faults, preventing abuse and securing systems;
- consent under Article 6(1)(a) GDPR, where required for non-essential cookies or optional communications;
- legal obligations under Article 6(1)(c) GDPR, where processing or disclosure is required by law.
ADSBItalia does not sell personal data and does not use feeder information for unrelated advertising profiles.
5. Public feeder information
To document network coverage and feeder availability, some station information may be displayed on public pages or maps. Depending on the current configuration, this may include feeder name or alias, country or region, connection status, participation mode, coordinates, altitude and network statistics.
Location notice: precise station coordinates may reveal the approximate location of a receiver and may indirectly reveal a home or operating address. Feeder operators should use a non-identifying feeder name and contact ADSBItalia if they need clarification or a change to public display. Accurate coordinates remain technically important for MLAT.
6. Cookies and local storage
The website uses local storage under the key adsbitalia_cookie_consent_v1 to record the visitor's cookie preference and the date on which it was updated. This storage is necessary to remember the choice and remains on the device until it is deleted through the browser or replaced by a later choice.
Google Analytics 4
ADSBItalia uses Google Analytics 4, measurement ID G-72F1CRGC0M, to obtain aggregate statistics about visits, pages viewed, approximate geographic area, devices and browsers. The service is provided by Google Ireland Limited. ADSBItalia does not use Google Analytics for personalised advertising.
Google Consent Mode v2 is configured with analytics and advertising storage denied by default. Before consent, the Google tag may receive the consent status and limited cookieless technical signals. Analytics storage is activated only after the visitor accepts the analytics category.
After consent, Google Analytics may set first-party cookies including _ga, used to distinguish users, and _ga_<container-id>, used to maintain session state. Google indicates a default duration of up to two years; browser restrictions or Analytics configuration may shorten this period.
The legal basis for analytics storage is consent under Article 6(1)(a) GDPR and Article 122 of the Italian Privacy Code. Consent can be refused or withdrawn at any time using the “Cookie settings” button shown on every public page. Withdrawal does not affect prior lawful processing. Refusing analytics does not prevent use of the website.
Further information is available in Google's Privacy Policy and Google's information about Analytics data safeguards and international transfers.
7. Service providers and recipients
Personal data may be accessible, only where necessary, to providers supporting web hosting, virtual servers, storage, backups, DNS, security, email delivery, content distribution, system maintenance or specialist technical support.
Data may also be disclosed to competent public authorities where required by applicable law.
8. International transfers
ADSBItalia is a global network and some infrastructure or service providers may operate outside the European Economic Area. Where required, appropriate safeguards are used, such as European Commission Standard Contractual Clauses and supplementary technical or organisational measures.
9. Data retention
Data are retained only for as long as reasonably necessary. Typical periods are:
- website, access and security logs: normally up to 12 months;
- contact and support correspondence: normally up to 24 months after the last substantive interaction;
- active feeder registration and configuration data: for the period in which the station participates in the network;
- former feeder records and operational logs: normally up to 24 months after removal or last activity;
- backup copies: according to the applicable rolling backup cycle.
Longer retention may apply where necessary for security incidents, abuse investigations, legal claims or legal obligations.
10. Security
ADSBItalia applies technical and organisational measures appropriate to the nature of the project and the risks involved, including access restrictions, confidential token handling, encrypted web connections where supported, system updates, logging, backups and monitoring for faults or abuse.
No internet-connected service can guarantee absolute security. Suspected vulnerabilities or incidents should be reported to privacy@adsbitalia.it.
11. Your GDPR rights
Where the GDPR applies, you may have the right to:
- access your personal data;
- request correction of inaccurate or incomplete data;
- request erasure where the legal conditions are met;
- request restriction of processing;
- receive data in a portable format where Article 20 GDPR applies;
- object to processing based on legitimate interests;
- withdraw consent at any time where processing is based on consent;
- lodge a complaint with a competent supervisory authority.
Requests may be sent to privacy@adsbitalia.it. ADSBItalia may request information needed to verify identity and identify the relevant feeder, communication or record.
12. Automated decision-making
ADSBItalia does not make decisions about individuals that produce legal or similarly significant effects solely through automated processing. Automated monitoring may classify a feeder as online, offline or unavailable for technical display and diagnostics only.
13. Children
The website and feeder service are not specifically directed at children. A minor should participate only with the involvement of a parent or legal guardian where required by applicable law.
14. Supervisory authority
You may lodge a complaint with the data-protection authority of your habitual residence, place of work or the place of the alleged infringement.
Garante per la protezione dei dati personali
Piazza Venezia 11, 00187 Rome, Italy
Telephone: +39 06 696771
Email: protocollo@gpdp.it
Website:
www.garanteprivacy.it
15. Changes to this policy
This policy may be updated when the website, feeder network, infrastructure or legal requirements change. The latest revision date appears at the top of the page.
Questions about this policy may be sent to privacy@adsbitalia.it.