Banca Finnat s.p.a. App privacy policy

Privacy Policy statement pursuant to article 13 of Regulation (EU) 2016/679 - the General Data Protection Regulation (GDPR) - for the BANCA FINNAT APP

Banca Finnat Spa (the Bank), in the capacity of Data Controller, provides information on how your personal data will be processed, when downloading and using the Banca Finnat App.

The App has been developed by CSE Consorzio Servizi Bancari Soc. Cons. a.r.l., based at San Lazzaro di Savena, Via Emilia 272, VAT registration 00501021208, designated as Data Processor, pursuant to article 28 of the GDPR


The Bank collects personal data directly from the data subjects or third parties. The personal data it collects is then processed in accordance with the GDPR, the Italian Data Protection Code, the Provisions of the Data Protection Authority and the confidentiality requirements that inspire all the Bank's operations. The data may also be processed by third party Processors, for:

A) Complying with the obligations required under the applicable domestic and Community laws, regulations and provisions, as well as the provisions issued by the competent Data Protection Authority and the supervisory and audit bodies (such as the anti-money laundering or fraud prevention regulations, through the relevant identification tools). Supply of personal data for these purposes is necessary for supplying the service, and the related processing does not require the data subject's consent.

B) Purposes strictly related to downloading and activating the Banca Finnat Application (the App) (such as, for example, the acquisition of information relating to the phone model, operating system installed, telephone number, etc., which are necessary to activate the App). To ensure the downloading of the App, and exclusively for the provision of the service, the App users must allow the App to access certain resources of the mobile device, such as:

  1. Camera: the functionality is required for scanning the barcode on a payment slip;
  2. Photos, multimedia and files stored on the device: this functionality is required to display and save any downloaded documents in pdf format;
  3. Position:
    • approximate, based on the web
    • accurate, based on GPS/web data matching
  4. Storage space:
    • alteration or deletion of the contents of the SD card
    • reading the contents of the SD card
  5. other:
    • full web access
    • flash
    • information on the device and the operating system installed

Following is a description of several functionalities, given by way of example and without limitation:


The App features functionalities for acquiring data on the user's geographical position (GPS, WiFI, GSM network). This data is necessary to geolocate the Bank Branches and calculate the distance and route. The data may be collected when the App is running and the user activates the geolocation service, which may be disabled at any time through the operating system settings of the user's device.


The App may use the device's camera each time the QR Code scanning and recognition service is on. This is necessary, because otherwise it would be impossible to scan and process the QR Code. Furthermore, the Bank may collect anonymous information during the App downloads, albeit solely for statistical purposes, to count the number of downloads and users. The supply of personal data for these purposes is not compulsory, but refusing to supply your data means that the Bank will be unable to provide the service. Personal data processing does not require the data subject's consent. The collected data will not be used for client profiling purposes, for offering products and services or for other general commercial purposes. Therefore, no (technical or other) cookies will be used. The information systems and software procedures used to operate the App (Apple Store and Google Play) normally acquire certain personal data of the users, the transmission of which is implicit in the use of the Internet communication protocols, smartphones and devices used. The Bank is not involved in this processing, nor can it be considered responsible in any way. Therefore, reference should also be made to the privacy policies published by the above mentioned platforms.


Personal data is processed using manual or electronic instruments, the logic of which is strictly related to the above mentioned purposes. The data is preserved solely for the time that is strictly necessary to achieve the purposes for which they were collected. Specific security measures have been put into place to prevent the loss of any data and its unlawful or incorrect use and unauthorised access. No personal data acquired in relation to the web services will be disclosed.


The Data Controller is Banca Finnat Euramerica S.p.A., based in Rome, Piazza del Gesù 49. The Data Processor is CSE, Consorzio Servizi Bancari Soc. Cons. a.r.l., based in San Lazzaro di Savena, Via Emilia 272.


The Data Controller has designated as Data Protection Officer Ms. Scatolini Debora, based at Banca Finnat, Piazza del Gesù 49, email: and tel. 06.69933566.


The data subjects are entitled, at any time, with respect to their personal data, collected in accordance with the sections above, to obtain confirmation as to the existence of any personal data relating to them, to know the contents and origin of the data, to verify its accuracy or request the completion of any incomplete data, or updating or rectification of the data, pursuant to article 16 of the GDPR. The data subjects are also entitled to obtain the deletion or pseudonymisation, or to object to the processing of their data, pursuant to article 21 of the GDPR.

Please send personal data requests to:

Banca Finnat S.p.A.
Piazza del Gesù, 49
00186 – Rome
Tel.: +39 06699331

You may easily stop the collection of personal data and information by the App by uninstalling it at any time.

Building a great asset takes experience, attention and forward-thinking.
Banca Finnat is here to protect and support you along the way.