Website Privacy Policy
1. Data Controller
The Data Controller of the personal data collected through the Site and/or within the scope of the Customer Service is PROMUNIDI SRL, located at V.le E. Forlanini, 3 Milan, VAT number 01972520157, REA no. MI-1964018.
2. Categories of Data Collected and Purposes of Processing.
PROMUNIDI SRL collects and processes the following categories of personal data of users who visit the Site:
- Browsing Data: these are data acquired by the computer systems and software procedures responsible for the functioning of the Site, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified individuals, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the Site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.), and other parameters related to the user’s operating system and computing environment. These data are collected to allow the user to visit the Site and to obtain statistical information on the use of the Site and to check its proper functioning. The personal data listed above could also be used to ascertain responsibility in case of hypothetical computer crimes against the Site.
- Data Collected Through Cookies: the Site uses technical and profiling cookies. For more information and to manage settings related to cookies, please refer to the Site’s cookie policy.
- For the collection and subsequent processing of the personal data listed above, user consent is not required as the processing is necessary to allow, respectively, browsing on the Site and the use of the services offered therein and, where applicable, to respond to any requests for information, support, or assistance from the user.
Please note that further and more specific information on the processing of personal data in relation to the use of online banking services is available in the privacy area, to which reference is made.
The data processing is carried out with the help of electronic or telematic tools, with logics strictly related to the purposes expressed above and, in any case, in such a way as to ensure the security and confidentiality of the data.
3. Communication, Disclosure, and Transfer of Data
4. Data Retention
User personal data is retained for the time strictly necessary to ensure proper consultation of the Site or, in the case of contacts, for the time strictly necessary to fulfill the user’s request and, in any case, in compliance with legal obligations.
The user may at any time exercise the rights granted by the applicable data protection legislation (art. 7 of Legislative Decree 196/2003 and Articles 15 to 22 of Regulation (EU) 2016/679), including the right to obtain:
- Access to the following information:
- Purposes of the processing;
- Categories of personal data concerned;
- Recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- The existence of the data subject’s right to request from the data controller the rectification or erasure of personal data or restriction of processing of personal data concerning them or to object to such processing;
- Rectification, meaning:
- Correction of inaccurate personal data concerning them without undue delay;
- Completion of incomplete personal data, including by means of providing a supplementary statement;
- Erasure of data concerning them without undue delay, if:
- The data are no longer necessary for the purposes for which they were collected or otherwise processed;
- They withdraw consent on which the processing is based and there is no other legal basis for the processing;
- They object to the processing and there are no overriding legitimate grounds for the processing;
- The personal data have been unlawfully processed;
- The personal data must be erased to comply with a legal obligation;
- The personal data have been collected in relation to the offer of information society services;
- Restriction of processing:
- When they contest the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
- When the processing is unlawful and the data subject opposes the erasure of the personal data and requests instead that its use be restricted;
- When the personal data are needed by the data subject for the establishment, exercise, or defense of legal claims, even if the data controller no longer needs them for processing purposes;
- When they have objected to processing based on their right to object;
- Notification in case of rectification or erasure of personal data or restriction of processing;
- Data portability, i.e., the right to receive in a structured, commonly used, and machine-readable format the personal data concerning them and the right to transmit those data to another data controller, provided that:
- The processing is based on the data subject’s explicit consent for one or more specific purposes or is carried out for the performance of a contract to which the data subject is party and
- The processing is carried out by automated means;
- Objection at any time, on grounds relating to their particular situation, to the processing of personal data concerning them.
The user has the right to lodge a complaint with a supervisory authority if they believe that the rights indicated here have not been recognized.
For the exercise of these rights, the user may contact PROMUNIDI SRL at the contacts indicated above (point 1).