This page describes the means of management of this site as concerns the treatment of personal information of the users who consult it. Information on this point is provided, also pursuant to art. 13 of Legislative Decree 196/2003 - Code on the protection of personal information, to those who interact with the Bank's internet services, accessible from the website:
corresponding to the home page of the bank's official website. This document also considers Recommendation 2/2001 which the European Authorities adopted for the protection of personal information to identify the minimum requirements for the on-line collection of personal information. The information is provided solely for the www.group.intesasanpaolo.com site and not for any other sites which may be consulted by the user via links.
The Party responsible for the treatment is Intesa Sanpaolo S.p.A. with Registered office in Torino, Piazza San Carlo, 156 - 10121.
TREATMENT OF INFORMATION
Treatment connected to web services of this site are managed by technical personnel of the office in charge of treatment. No information deriving from the web service is communicated or disseminated. Personal information provided by users who request documentation are used for the sole purpose of providing the service or satisfying the request and are communicated to third parties only if necessary to this end.
TYPES OF INFORMATION TREATED
Surfing information ICT systems and software procedures which are responsible for the functioning of this website acquire, as part of their normal exercise and for the sole period of connection, personal information whose transmission is implicit in the use of Internet communication protocols. Such information is not collected to be associated to identified parties, but which for its very nature may, via processing or association with information held by third parties, permit the identification of users. This category includes the IP addresses or domains of computers used by surfers who access the site, the Uniform Resource Identifier addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the number code indicating the state of the reply given by the server (ok, error, etc.) and the other parameters relative to the operating system and the user's IT environment. Such information is used for the sole purpose of obtaining anonymous statistics on the use of the site and to check its correct functioning and is immediately cancelled after processing. Such information may be used to ascertain responsibilities should hypothetical IT crimes be committed to damage the site: without prejudice to this use, to date information on web contacts does not persist for over seven days.
Information voluntarily provided by the user Any facultative, explicit and voluntary e-mail sent to the addresses indicated in this site entails the subsequent acquisition of the address of the sender, necessary to respond to requests, as well as any of other personal information contained in the e-mail. The use of personal information to send advertising materials or commercial information, to sell products or services by the Bank requires the prior consent by the sender who must fill in the specific box. Specific summaries will be progressively provided or visualised in the site's pages prepared for particular services which may be requested.
No personal information of users is acquired by the site as concerns this point. Cookies are not used for the transmission of personal information and no so-called persistent cookies of any type nor any other systems to trace users are used. The use of so-called session cookies (which are not memorised in a persistent way on the user¿s computer and dissolve when the browser is closed) is strictly limited to the transmission of session identification information (made up of random numbers generated by the server) necessary to enable the secure and efficient surfing of the site. So-called session cookies used in this site are an alternative to the use of other ICT techniques which may prejudice the confidentiality of the surfing of users and do not permit the acquisition of the user's personal identification.
MEANS OF TREATMENT
Personal information is treated with automated instruments for the sole time strictly necessary to achieve the purposes for which it has been collected. Specific security measures are complied with to prevent the loss of information, illicit or unfair uses and unauthorised accesses.
RIGHTS OF INTERESTED PARTIES
Persons whose personal information is treated have the right at any time to obtain the confirmation of existence or not of personal data and to know its content and origin, verify exactness or request integration, update or correction (art. 7 of Legislative Decree 196/2003).
Pursuant to the same article interested parties have the right to request the cancellation, transformation in anonymous form or blockage of information treated in violation of the law, as well as to oppose, in any case, for legitimate reasons, to its treatment.
Requests must be made to the address firstname.lastname@example.org or sent to Intesa Sanpaolo S.p.A. - Tutela Aziendale - Privacy, Piazza San Carlo, 156 10121 Torino (Italy).