General Data Protection Regulation (EU) No. 2016/679 (GDPR)
Generfid S.p.A. (hereinafter also referred to as the “Company”) institutionally processes the personal data of third parties, taking the necessary measures to ensure the confidentiality and security of the processed data, in tune with technological progress in general and computer progress in particular. We always pay the utmost attention to the confidentiality, protection and security of information in our possession. Especially those related to personal data of our customers.
This section analyzes how the site is managed with regard to the processing of personal data of users who consult it.
Browsing our site for consultation does not involve any explicit request for personal data; however, technologies are in use that involve the storage of some data related to the tools used, in some way traceable to the Surfer; these are described on this page of the site.
In application of current data protection regulations, we have organized ourselves as follows:
- The owner of the processing of personal data is GENERFID SPA, 20123 Milan – Via dei Piatti, 11;
- the Owner has appointed a Data Protection Officer (“Data Protection Officer” or “DPO”), whom you may contact to exercise your rights, as well as to receive any information related to them and/or this Policy, by writing to:
- DPO Generfid c/o Banca Generali, Corso Cavour 5/A – 34132 Trieste;
- By sending an e-mail to: DataProtectionOfficerGENERFID@generfid.it.
The Data Controller and the DPO, including through the designated facilities, will take charge of any request from you concerning the processing of your personal data and provide you, without undue delay and in any case, at the latest, within one month of receipt of the request, with information regarding the action taken regarding the request.
For specific needs, the Company makes use of third parties to whom it entrusts parts of its process. These subjects take on the role of “External Managers” of the Company’s processing, or operate completely independently as “Autonomous Holders” of subsequent processing having purposes described in the specific information notes of the aforementioned Autonomous Holders.
For the same purposes, data may be disclosed to Generali Group companies in Italy or abroad.
The Company acquires only the personal data strictly necessary to enable you to navigate the website.
It may happen that Generfid, in response to information freely provided by you (by way of example through an e-mail message sent by you to us), occasionally becomes aware of special categories of data, such as data disclosing racial and ethnic origin, religious or philosophical beliefs, political opinions, trade union membership, as well as personal data disclosing health, sex life or sexual orientation. Such data will not be subject to any processing operation by the Data Controller, except of course for the respect by the Data Controller itself of the principles of security, confidentiality and privacy with respect to the possible presence of such data in its information systems and without prejudice to the possibility on your part to exercise the rights of the ‘Interested Party provided for by the legislation, where applicable in this case.
Purpose of Treatment
(a) To allow you to browse this website;
(b) Monitoring of website navigation.
Nature of conferral: mandatory.
Consequences of refusal to provide data: Failure to provide data may result in the inability to offer you a smooth navigation of the website.
Legal basis for processing: legitimate interest.
Personal Data Retention Period: Your personal data will be processed for as long as necessary to carry out the purposes of the processing described above and in accordance with the retention timeframes imposed by the regulations pro tempore in force.
The Company processes personal data by adopting all necessary security measures, both physical and computerized, in accordance with the provisions of the GDPR and in compliance with the regulations and provisions of the pro tempore Personal Data Protection Authority in force on the subject.
What rights do you have as a data subject
Generally speaking, in relation to the processing carried out by Generfid, as a data subject you may, under the conditions provided for in the GDPR, exercise the rights enshrined in Articles 15 to 21 of the GDPR and, in particular, the following rights:
- Right of access: the right to obtain confirmation as to whether or not personal data concerning you are being processed and, if so, to obtain access to your personal data, including a copy thereof.
- Right of rectification: the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and/or the supplementation of incomplete personal data;
- Right to erasure (right to be forgotten): right to obtain, without undue delay, the erasure of personal data concerning you.
- Right to restriction of processing: right to obtain restriction of processing, when:
- the data subject disputes the accuracy of personal data, for the period necessary for the owner to verify the accuracy of such data;
- processing is unlawful and the data subject objects to the deletion of personal data and instead requests that their use be restricted;
- personal data are necessary to the data subject for the establishment, exercise or defense of a legal claim;
- the data subject has objected to the processing under Article 21 GDPR, during the period pending verification as to whether the data controller’s legitimate reasons prevail over those of the data subject.
- Right to data portability: the right to receive, in a structured, commonly used and machine-readable format, personal data concerning you provided to the Data Controller and the right to transmit them to another data controller without hindrance, if the processing is based on consent and is carried out by automated means. In addition, the right to have your personal data transmitted directly from the Company to another controller if this is technically feasible;
- Right to object: the right to object, at any time on grounds relating to your particular situation, to the processing of personal data concerning you based on the lawful condition of legitimate interest or the performance of a task carried out in the public interest or in the exercise of official authority, including profiling, unless there are legitimate grounds for the Controller to continue the processing that override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of a legal claim. In addition, the right to object at any time to the processing if personal data are processed for direct marketing purposes, including profiling, insofar as it is related to such direct marketing.
- Right to revoke consent – in cases where processing is based on consent, right to revoke consent to the processing of your data at any time, subject to the lawfulness of processing based on consent prior to revocation;
- right to lodge a complaint with the Italian Data Protection Authority, Piazza di Montecitorio n. 121, 00186, Rome (RM).
Privacy and site security
During navigation within a website it is technically possible, even in the absence of an explicit registration to the service by the Surfer and without his active role, to carry out a collection of information which, for these reasons, is defined as passive. In particular, the ways in which IP Addresses, Cookies and other session identifiers, Internet Tags, Browsing Data are used are described below, including whether they can be excluded and their implications.
Regarding the passive collection of information the site:
- does not use Ip Addresses (Internet Protocol addresses) to collect information, but stores them in browsing data;
- uses Navigational Data only for statistical purposes as aggregate data;
- Does not use Internet Tags.
With regard to the active collection of information, the services offered on www.generfid.it comply with the following:
- E-mail: Data received through the website’s e-mail contact is used only to respond to the Surfer’s requests and for no other purpose; such data is retained for statistical and background check purposes only. Individual names may be placed on specific Mailing Lists only at the express request of the Surfer who wishes to receive certain documents (news, financial disclosure, etc.) on a regular basis.
WHAT ARE COOKIES
Cookies are a kind of “reminders,” short “lines of text” containing information that can be saved on a user’s computer when the browser (e.g., Chrome or Internet Explorer) calls up a particular website.
Thanks to cookies, the server sends information that will be re-read and updated every time the user returns to that site. This will allow the website to automatically adapt to the user by improving the user’s browsing experience.
WHAT COOKIES ARE FOR
Cookies are mainly used for:
- To improve the user’s browsing experience within the site.
TYPES OF COOKIES
By way of example, the following types of cookies can be identified:
STRICTLY NECESSARY COOKIES
Also called “technical” cookies, they are essential for navigating through the site using all of its features. Without these cookies, it would not be possible to provide the services requested. These cookies do not collect information to be used for commercial purposes. Cookies set by platforms supporting the bank’s security infrastructure fall into this category.
Generfid’s website works optimally if cookies are enabled. You may, however, decide not to allow cookies to be set on your computer; to do so, access the “Preferences” of your browser.
For information on how to change your cookie settings select the browser you are using below:
Where browsing the website is done through a browser installed in a mobile device, the relevant software manufacturers make the relevant guides to cookie management available online.
If you disable cookies, you may disable some functionality of the website. Even with all cookies disabled, your browser may continue to store a small amount of information needed for basic website functionality.