We inform you that your personal data, collected through the TS (Transport System) (“TS System” or “System”) is processed by Fondazione Milano Cortina 2026 (“Milano Cortina 2026”) - with registered office at Piazza Tre Torri 3, Milan, VAT no. 97866790153, VAT no. 11199200962 - acting as the Data Controller.

Milano Cortina 2026 has appointed its own Data Protection Officer (DPO) who can be contacted by e-mail at DPO@milanocortina2026.org.

The Data Controller processes the personal data collected by the form above mentioned (“Data” or “Personal Data”). All fields marked with an asterisk are mandatory; therefore, refusal to provide information will result in the inability of receiving any information related to the Programme. For example, Milano Cortina 2026 will collect the following information:

User Account Creation Information
The details required to create user accounts for the responsible organizations to access the system.

 
Data input into TS (Transport Information):

Your Personal Data is processed for the management of System and in according with the Article 6 of GDPR. Additionally, Milano Cortina 2026 will process your email address to send you service-related communications.

Processing may take place with or without the use of electronic tools and Personal Data are protected in such a way as to minimise the risk such as destruction, loss (including accidental loss), unauthorised access/use or use incompatible with the initial purpose of collection. These protections are achieved through the technical and organisational security measures implemented by the Data Controller.

The Data may be made accessible for the above purposes to:

Your data may also be communicated to supervisory bodies, law enforcement agencies, or the judiciary at their explicit request. In such cases, these bodies will process the data as independent data controllers. If applicable, the Data Controller may transfer Personal Data outside the European Union (EU), adopting appropriate safeguards in compliance with the requirements of applicable data protection laws.

Personal Data will be retained for as long as necessary to fulfil the purposes outlined above. After this period, data may be archived for a period not exceeding the applicable legal limitation periods or archiving obligations. In the event of litigation, data will be retained for the duration of the proceedings. Once these periods have expired, the data will be permanently destroyed by the Data Controller, its data processors, and/or sub-processors.

The data subject has the right to obtain, in the cases provided for, access, rectification, deletion and portability of his or her personal data, as well as the limitation of the processing concerning him or her and the objection (Art. 15 et seq. of the GDPR). Furthermore, where the processing is based on consent, you will be able to revoke it at any time without affecting the lawfulness of the processing based on the consent given before withdrawal. You may exercise these rights by sending a registered letter with advice of receipt to the Data Controller's address or an e-mail to privacy@milanocortina2026.org. Finally, if you believe your data has been processed in violation of the GDPR, you have the right to lodge a complaint with the Supervisory Authority - Italian Data Protection Authority (Garante per la Protezione dei Dati Personali), as provided for in Article 77 of the GDPR or to take appropriate legal action (Article 79 of the GDPR).

Milano Cortina 2026 reserves the right to amend this Privacy Policy to reflect changes in the applicable laws. Users are encouraged to regularly review this page for any updates.