2. Contact details of the Controller and of the Data Protection Officer
The Controller is Banca Finanziaria Internazionale S.p.A., Via Vittorio Alfieri, 1 31015, Conegliano (TV).
To guarantee the best protection of the personal data collected, the Bank has appointed a Data Protection Officer who can be contacted at the address: email@example.com.
3. Purposes and legal basis
The personal data are processed for the following purposes:
|a)||Performance of services: Requirement to provide services and to manage your requests sent to the contact points or recorded by completing the specific forms present on the website. This requirement represents the legal basis that legitimises the consequent processing.||The legal basis that legitimises the processing derives from a contractual obligation or a requirement necessary to enter into the contract. In the absence of the data, the Bank will be unable to follow up on your request.|
|b)||Compliance with national and Community legislative requirements: Requirement to comply with obligations imposed by laws, regulations and Community legislation as well as orders imparted by the Supervisory or Control Bodies (e.g. handling of disputes, complaints, etc.).||The legal basis that legitimises the processing derives from a regulatory obligation; therefore, your consent is not required. In the absence of the data, the Bank will not be able to follow up on your request.|
4. Categories of data processed
The IT systems and software procedures that operate this website acquire, during their normal operation, some personal data whose transmission are implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects but could, by its very nature, through processing and association with data held by third parties, allow you to be identified.
This category of data includes IP addresses or domain names of the computers used by you for connecting to the website, addresses in URL (Uniform Resource Locator) notation of the requested resources, time of the request, method used to submit the request to the server, size of the file received in response, numerical code indicating the status of the response (successful, error, etc.), and other parameters relating to your operating system and your computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on use of the website and to ensure its correct operation.
For other types of browsing data collected, please see the Cookies Policy.
Data provided voluntarily by you:
The optional and voluntary transmission of email to the email addresses indicated on our website involves the consequent acquisition of the sender's email address, required to respond to requests, as well as any other personal data included in the communication. This also applies in relation to the handling of complaints sent by you and the response to the same.
You are also free to provide your personal data by way of online forms and contact forms, where provided: the use of those data for the cited purposes by the Bank will occur only subject to consent from the sender.
5. Data processing methods
The personal data are processed by means of the operations indicated in Art. 4, no. 2) of the GDPR and specifically: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, alignment or combination, use, block, communication, erasure and destruction of data. In pursuing the processing purposes, no decision is made based only upon automated processing which produces legal effects relating to you or that significantly affects you.
6. Recipients or categories of recipients of personal data
6.1 The personal data collected may be disclosed to/shared with:
- entities (e.g. administrative, judicial, supervisory and control authorities) to which the disclosure must be made in compliance with an obligation envisaged by law, a regulation or Community legislation;
- entities to which the disclosure of your personal data is necessary or in any case functional to the performance of the procedure or service requested, such as entities performing services of information technology, document archiving, consulting, control, auditing, and certification of activities implemented by the Bank.
6.2 The detailed list of entities to which the data may be disclosed and which act in the capacity of Autonomous Controllers or Processors, can be consulted at the Bank.
6.3 As part of the Bank's internal organisation, your data may also be known by employees, interns and apprentices in the capacity of processing officers.
7. Transfer of data to third countries
The Bank informs you that your personal data may be transferred to countries even not belonging to the European Union or the European Economic Area (known as Third Countries) recognised by the European Commission as having an adequate level of personal data protection or, otherwise, only if all suppliers located in the Third Country contractually guarantee a personal data protection level adequate to that of the European Union (e.g. by signing standard contractual clauses envisaged by the European Commission) and only if the exercise of the rights of the data subjects is always guaranteed.
8. Data storage times
Personal data provided voluntarily are stored for the time necessary to manage the purposes described above. The Bank notes that data on transactions and contractual relationships are usually stored for 10 years, with effect from the end of the relationship, except where the data needs to be stored for longer for the purposes of protection in court or disputes in progress at the date indicated above.
I dati personali forniti volontariamente sono conservati per il tempo necessario alla gestione delle finalità sopra descritte. La Banca segnala che la conservazione dei dati delle operazioni e rapporti contrattuali è – di norma - di 10 anni, decorrenti dall’esaurimento del rapporto, salvo che non vi sia la necessità di ulteriore conservazione per la tutela in giudizio o di controversie in corso alla data sopra indicata.
9. Rights of the data subject
In accordance with Articles 15 to 22, the Regulation provides you with the possibility of exercising specific rights.
In the capacity of data subject, you may exercise, at any time, in relation to the Controller, the rights envisaged by the Regulation and listed below, by sending a specific request in writing to the email address of the Data Protection Officer firstname.lastname@example.org; by post or recorded delivery letter or electronically, to the address Banca Finanziaria Internazionale S.p.A. – Ufficio Clienti, Via Vittorio Alfieri, 1 31015, Conegliano (TV) Treviso, or directly at any branch of the Bank.
In particular, you may obtain:
- confirmation of the existence of processing of personal data relating to you and, in that case, access to those data;
- the rectification of inaccurate personal data and completion of incomplete personal data;
- the erasure of personal data relating to you, in cases where this is permitted by the Regulation;
- the restriction of processing, in the circumstances envisaged by the Regulation;
- the communication, to the recipients to whom the personal data have been disclosed, of requests for rectification/erasure of the personal data and restriction of processing received from the data subject, unless this proves impossible or involves disproportionate effort;
- the receipt, in a structured, commonly-used and machine-readable format, of personal data provided to the Controller, as well as the transmission of the same to another controller, at any time, even upon the termination of any relationships held with the Controller.
You also have the right to object at any time to the processing of personal data relating to you: in those cases, the Controller must refrain from any further processing, except in circumstances permitted by the Regulation.
The deadline for the response is one (1) month, extendable by two (2) months in cases of particular complexity; in these cases, the Bank provides at least an interim communication within one (1) month.
The rights may be exercised, in principle, free of charge; the Bank reserves the right to request a contribution in the case of manifestly unfounded or excessive (even repetitive) requests.
The Bank has the right to request the necessary information for the purposes of identifying the applicant.
You may also lodge a complaint with the Data Protection Supervisory Authority. The contact details of the Data Protection Supervisory Authority for Italy can be consulted on the website http://www.garanteprivacy.it.