Privacy Policy

Last Updated: 23/02/2026

Introduction

When you use the services of Tirana International Airport (TIA), including checking real-time flight information, planning your travel, exploring B2B opportunities, or using any digital services provided through our Website, you entrust us with your personal data.

Tirana International Airport Sh.p.k. (“TIA”, “we”, “us”, “our”) is committed to protecting personal data and ensuring transparency regarding its processing.

This Privacy Policy explains how we collect, use, disclose, store, and protect personal data in accordance with Albanian Law No. 124/2024 “On Personal Data Protection” and other applicable legislation.

By accessing or using our Website, you acknowledge that you have read and understood this Privacy Policy.

Data Controller

The Data Controller responsible for processing personal data is:

Tirana International Airport Sh.p.k.

Address: Rruga e Aeroportit, Rinas 1504, Tirana, Albania

Email: [email protected]

TIA determines the purposes and means of processing personal data and ensures that processing is lawful, fair, and transparent.

Where required by law, TIA has appointed a Data Protection Officer (DPO).

You may contact us at the email above for any data protection inquiries.

Categories of Personal Data Collected

TIA may collect and process the following categories of personal data:

Information Provided Directly by You

• Name and surname
• Email address
• Phone number
• Company name
• Any information included in contact forms, partnership requests, recruitment submissions, or other communications

Automatically Collected Information

When you use our Website, we may automatically collect:

• IP address
• Browser type and version
• Device and operating system
• Pages visited and time spent
• Referring URLs
• Technical logs and usage data

This information is collected through cookies and similar tracking technologies.

Cookies and Tracking Technologies

] Our Website uses cookies to ensure proper functionality, enhance user experience, analyse traffic, and maintain security.

Cookies are categorized as:

• Strictly Necessary Cookies – required for Website functionality
• Analytics Cookies – used to measure and improve performance
• Preference Cookies – used to remember user settings

Non-essential cookies (analytics, preference, marketing) are used only based on your explicit consent, obtained through our cookie management banner.

You may withdraw or modify your consent at any time via the cookie settings tool available on the Website.

You may also configure your browser to refuse cookies; however, certain features may not function properly.

Purposes and Legal Bases for Processing

In accordance with Law No. 124/2024, personal data is processed only when a valid legal basis applies. Under Law No. 124/2024, personal data is processed only when there is a valid legal basis.

Personal data is processed to respond to inquiries and contact requests based on your consent or pre-contractual steps. It is processed to manage business relationships and partnerships based on contract performance, for recruitment processes, processing is based on pre-contractual steps or your consent, website analytics using non-essential cookies are based on your consent, processing for IT security and fraud prevention is based on legitimate interest. Processing to comply with legal requirements is based on a legal obligation.

When processing is based on legitimate interest improving business operations and protecting our systems, TIA ensures that such interest does not override your fundamental rights and freedoms.

Whether Providing Data is Mandatory

The provision of certain personal data may be necessary to respond to your inquiry, enter into a contract, or comply with legal obligations. Failure to provide required information may result in our inability to deliver the requested service.

Data Sharing

TIA does not sell personal data.

We may share personal data with:

• IT and hosting providers
• Website analytics providers
• Security service providers
• Legal, audit, and professional advisers
• Public authorities when legally required

All third-party processors are contractually bound to process data only under our instructions and to maintain appropriate security measures.

International Data Transfers

If personal data is transferred outside Albania or the European Economic Area (EEA), we ensure appropriate safeguards are implemented, including:

• Standard Contractual Clauses
• Adequacy decisions
• Other legally recognized transfer mechanisms

These safeguards ensure an equivalent level of data protection.

Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, accounting, or regulatory obligations.

After the retention period expires, personal data is securely deleted or anonymized.

Data Security

TIA implements appropriate technical and organizational measures to protect personal data, including:

• Encryption where appropriate
• Secure firewalls
• Access control mechanisms
• Intrusion detection systems
• Regular system monitoring
• Backup and recovery procedures

Access to personal data is limited to authorized personnel bound by confidentiality obligations.

While we apply industry-standard safeguards, no digital system can be guaranteed to be completely secure. We continuously review and update our security measures to address evolving threats.

Your Rights Under Law No. 124/2024

In accordance with Albanian data protection law, you have the right to:

• Access your personal data
• Rectify inaccurate or incomplete data
• Request erasure (“right to be forgotten”)
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact: [email protected]

We will respond to your request within one (1) month of receipt. This period may be extended where legally permitted, in which case you will be informed accordingly.

If you believe that your personal data has been processed in violation of applicable law, you have the right to lodge a complaint with the supervisory authority:

Commissioner for the Right to Information and Protection of Personal Data

You may contact the authority directly in accordance with its official procedures.

Automated Decision-Making

TIA does not carry out automated decision-making or profiling that produces legal effects or similarly significant consequences for individuals.

Children’s Data

Our Website is not intended for individuals under the age of 16. We do not knowingly collect personal data from minors.

If we become aware that such data has been collected, we will take appropriate steps to delete it.

Third-Party Links

Our Website may contain links to external websites. TIA is not responsible for the privacy practices or content of third-party websites. Users are encouraged to review their respective privacy policies.

Changes to This Privacy Policy

This Privacy Policy is subject to periodic review to reflect legal, regulatory, or operational changes.

All updates will be published on this page with a revised “Last Updated” date.

Contact Information

For questions or concerns regarding this Privacy Policy or the processing of personal data, please contact:

Tirana International Airport Sh.p.k.

Rruga e Aeroportit, Rinas 1504

Tirana, Albania

Email: [email protected]