Privacy Policy of the imprebanca Website

WHY THIS NOTICE

This page describes the methods used to manage the website with regard to the processing of personal data of users who consult it.

This information is also provided pursuant to Article 13 of Regulation (EU) 2016/679 of 27/04/2016 to those who interact with the web services of imprebanca SpA, accessible online at:

www.imprebanca.it

corresponding to the home page of the Bank’s website. This information is provided exclusively for the imprebanca SpA website and not for any other websites that may be consulted by the user via links.

DATA CONTROLLER

Following consultation of this site, data relating to identified or identifiable persons may be processed. The “Data Controller” responsible for such processing is imprebanca SpA, headquartered at Via Cola di Rienzo, 240 – 00192 Rome.

DATA PROTECTION OFFICER

The Data Controller has appointed a Data Protection Officer (“DPO”), whom data subjects may contact to exercise their rights or to receive any information regarding them, by writing to:
Imprebanca SpA, Via Cola di Rienzo, 240 – 00192 Rome – Attn: Data Protection Officer; by sending an e-mail to: dpo.ib@imprebanca.it; or by sending a certified e-mail (PEC) to: dpo.ib@legalmail.it.

The Data Controller and the DPO, including through designated structures, will take charge of your request and provide you—without undue delay and, in any case, no later than one month from receipt—with information regarding the action taken in response to your request.

LOCATION OF DATA PROCESSING

The processing connected to the web services of this site takes place at the aforementioned Bank headquarters as well as at the IT outsourcer used.
Personal data provided by users who submit requests for information material are used solely to perform the requested service and are communicated to third parties only when necessary for that purpose.

TYPES OF DATA PROCESSED

Browsing data

The IT systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and associations with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users connecting to the website, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), and other parameters relating to the user’s operating system and IT environment.
These data are used solely for the purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of personal data through the electronic forms prepared on this site for information requests results in the acquisition of such data in order to process the requests and provide the requested information.
Specific privacy notices are provided with these electronic forms used for data collection.

COOKIE POLICY for  www.imprebanca.it

METHODS OF PROCESSING

Personal data are processed using automated tools for the time strictly necessary to achieve the purposes for which they were collected, by our employees and collaborators, including external ones, designated as data processors.
Specific security measures are implemented to prevent data loss, unlawful or incorrect use, and unauthorized access.

RIGHTS OF DATA SUBJECTS

Data subjects may, at any time and under the conditions established by the GDPR, obtain confirmation as to whether or not personal data concerning them are being processed, access such data, and learn about their content and origin, verify their accuracy, or request their integration, updating, or rectification.
They also have the right to request deletion, restriction of processing, data portability, revocation of consent, to lodge a complaint with the supervisory authority, and to object, on legitimate grounds, to the processing of their data.
Requests must be addressed to the DPO using the methods described above.