This statement contains a description of how Banca Finnat S.p.A. (the Bank) processes the personal data of visitors to its website, pursuant to article 13 of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data (aka the General Data Protection Regulation, abbreviated as GDPR), and is provided to persons who interact with the Bank's online services, which can be accessed via the home page at https://www.bancafinnat.it. The statement applies solely to the Bank's websites and not to any other websites accessed via links in the Bank's website. This statement has also been inspired by Recommendation 2/2001 adopted on 17 May 2001, by the Data Protection Working Party (DPWP), set up by the European Data Protection Authorities, in accordance with article 29 Directive No. 95/46/EC, on certain minimum requirements for collecting personal data on-line, and, in particular, the procedures, timelines and nature of the information that data controllers are required to provide to users when they visit a web page, regardless of the reasons for which they are visiting the page.

The Data Controller and Data Processor.

Whenever you visit this website, your personal data may be processed, as an identified or identifiable natural person. The Data Controller in this case is Banca Finnat S.p.A., based in Rome, Piazza del Gesù 49. The Data Processor is Mr. Arturo Nattino, also based at Piazza del Gesù 49, ROME, Tel. 06.69933.1, email: banca@finnat.it.

The Data Protection Officer.

The Data Controller has designated as Data Protection Officer (DPO), pursuant to articles 37-39 of the GDPR, Ms. Debora Scatolini, who you may email directly at dpoprivacy@finnat.it or call at 06.69933.566.

Data processing facility.

Personal data collected in relation to the web services herein will be processed at the Bank's head office. Your personal data will not be disclosed and will be processed solely by the personnel authorised by the Bank. Your data will be used solely for the purpose of providing the requested service and may be disclosed to third parties only to the extent that this is absolutely necessary for this purpose.

Types of processed data.

Browsing data: the information systems and software procedures used to operate this website normally acquire the personal data of visitors, the transmission of which is implicit in the use of the Internet, based on the TCP/IP protocol. This information is not collected to be associated with specifically identified data subjects, but, by its very nature, could allow users to be identified through the processing of and association with data held by third parties. This data category includes "IP addresses" or the domain names of computers used by users visiting the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (success, error, etc.) and other parameters related to the user's operating system and computer set-up. This data is used solely to collect anonymous statistical information about the use of the Bank's website. The data could be used to determine responsibility, in the event of any cybercrimes affecting the Bank's website, or other connected or related websites, and, except in these circumstances, web contact data is not currently stored for more than seven days.
Data supplied voluntarily by the use: the request to send emails to the addresses indicated in the specific section of the Bank's website entails the acquisition of some of the sender's personal details, including the email address for answering the requests. Specific summary information will be gradually reported or displayed in the website pages prepared for the specifically requested services.
Cookies: cookies are not used to transmit data of a personal nature, nor are so-called persistent cookies, or user-tracing systems, used here. The use of so-called session cookies (which are not permanently memorised on the user's computer and are eliminated when the browser is closed) is strictly limited to the transmission of session identifiers (formed by random numbers generated by the Bank's web server), needed to allow safe and efficient browsing. The session cookies used on this website avoid the use of other computing systems, which might otherwise jeopardize the browsing confidentiality of users, and do not allow the collection of personal data capable of identifying users.

Optional nature of the supply of personal data.

Except as specified for the browsing data, you are free to provide your personal data in the electronic request forms in the website sections prepared for special services provided on request. Moreover, the failure to provide your data may entail the impossibility of fulfilling your requests.

Data processing.

Your personal data may be processed using electronic and digital tools and will be stored on digital storage media or on paper, solely for the time that is strictly necessary to fulfil the purposes for which they were collected. We will implement appropriate security measures to make sure that your data is not lost or unlawfully or incorrectly processed or accessed by unauthorised persons.

Data subject's rights.

The data subjects, whose personal data has been collected in accordance with the preceding sections, are entitled at any time to request and obtain confirmation as to whether their personal data exists and to know the contents and origin of the data, check its accuracy or request its completion, if incomplete, updating or rectification, pursuant to article 16 of the GDPR. The data subject is also entitled to obtain the deletion, pseudonymisation or object to the processing of the personal data, pursuant to article 21 of the GDPR.

Any requests must be sent to:

Banca Finnat Euramerica S.p.A
Piazza del Gesù 49
Rome
Tel. 06.69933.1
email: privacy.bfe@finnat.it

Minors.

The Bank does not intentionally use its website to request data from minors aged below16 years.

Versions of the privacy policy.

Considering that the current state of advancement of automatic control mechanisms does not guarantee that they are exempt from errors and malfunctioning, this document is the "Privacy Policy" of the website of Banca Finnat S.p.A and shall be updated over time (the various versions will be made available).

Building a great asset takes experience, attention and forward-thinking.
Banca Finnat is here to protect and support you along the way.