Website Privacy Policy

GDPR Reg. EU 679/2016

we inform you that the processing of your personal data will take place in compliance with current legislation on privacy and will be based on principles of correctness, lawfulness, transparency and data protection.  To this end, in compliance with the provisions of Article 13 of European Regulation 2016/679 (GDPR), we indicate below the general information regarding the processing of personal data carried out through this website; further specific information will be presented where necessary directly on the web pages where the collection of data will take place in order to provide you with any type of service.  This information refers exclusively to the data of those who interact with the services accessible from this site.

 

Owner and DPO
The data controller is: Banco delle Tre Venezie S.p.A. with registered office in Padua (Pd), Via G.B. Belzoni, 65.
The interested party for the exercise of the rights referred to in Article 15 to art. 22 of EU Regulation 679/2076 you can contact: Banco delle Tre Venezie S.p.A.,- Privacy and Data Protection, Via G.B. Belzoni, 65 35121 Padova (Pd), e-mail: privacy@bancodelletrevenezie.it, fax: 049-8208401.
For contacts with the DPO (Data Protection Officer): Banco delle Tre Venezie S.p.A., Data Protection Officer, Via G.B. Belzoni, 65 35121 Padova (Pd), mail dpo@bancodelletrevenezie.it,  fax: 049-8208401

 

Methods of data processing on this website

  • Navigation data
    The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site. The owner, in relation to the website, does not store your data.
  • Cookies
    The site uses cookies to improve the user’s browsingexperience.
    Cookies are usually text strings that the websites visited by the user or third-party sites, place and store inside the device used by the user for navigation. The site uses technical cookies where possible subject to anonymization; these are necessary for the proper functioning of a website and to allow the user to navigate; without them the user may not be able to view the pages correctly or to use some services.
    The site also uses statistical cookies, also called analytics cookies,used only to produce aggregate statistics in relation to the individual website visited. Session cookies (non-persistent) are used, strictly limited to what is necessary for the safe and efficient navigation of the sites.
  • Purpose
    The data you provide may be processed for:
    1. the performance of the operations strictly necessary to provide the services and / or information you may request, (navigation through the pages of the site, registration to restricted areas, assistance and recontact, 3. request for appointments, request for information via e-mail, etc.);
    3. the provision of technological services (mailing-lists, newsletters, remote or local assistance and maintenance, etc.), also by specifically authorized third parties;
    4. activities imposed by laws, regulations or provisions in force from time to time and applicable to the services and services offered through the site;
    5. statistical processing on aggregated data in relation to the performance of the site;
    6. evaluations regarding the use of the site by users;
    7. optimize the commercial offer also through focused and selected analysis;
    send advertising and / or commercial proposals based on the profiling of your data, implemented to be able to highlight information and commercial proposals tuned to the interests you have expressed by accessing the pages and using the services available on this site.
    On the pages of the site where your personal data are explicitly collected, you will find where necessary the additional specific privacy policies, as well as the methods for obtaining your consent in cases where the owner uses this legal basis of treatment.
  • Legal Basis
    The processing of your personal data will be carried out on the basis of one or more of the following conditions. In particular, the processing carried out for the purposes described above, which concern:
    – point 1 and point 2, have as their legal basis the need to find your request for information or execute your requests to receive a service directly available through the site;
    – point 3, will have as a legal basis the need to comply with a legal obligation such as the obligation to implement security measures provided for by specific laws of the banking / financial / insurance sector applicable for certain services provided through the site and as such these data and related treatments are mandatory;
    – point 4, since these are anonymized data, i.e. data from which it is not possible to re-identify, even indirectly, a natural person, such data are no longer personal data, therefore the related treatments are exempt from the application of the privacy legislation and a particular legal basis is not necessary;
    – points 5, 6 and 7, will have as their legal basis your informed and free consent, which will be requested on special pages of the site and preceded by our specific information or cookie policy (section dedicated to cookie policy). In this case the provision of data is absolutely free, and in the absence of your consent the data will not be in any way collected and used for these purposes. Where the data controller can make use of another legal basis (legitimate interest, public interest …), you will be provided with a specific and specific information.

 

Transfer of data outside the EU
The processing of your personal data will take place, in compliance with the provisions of the GDPR, using paper, computer and telematic tools, with logic strictly related to the purposes indicated and, in any case, with suitable methods to guarantee security and confidentiality in accordance with the provisions of Article 32 GDPR. The Data Controller may transfer your personal data, to the categories of recipients listed above, both in EU and non-EU countries (in the latter case it will be exclusively countries that guarantee an adequate level of protection in accordance with the provisions of the GDPR or Third Parties that guarantee the correct processing of data in compliance with the European legislation in force by virtue of the Standard Contractual Clause).

 

Categories of Recipients of personal data
Depending on the operation or service, the customer/user’s data may be communicated by the owner to specialized companies that are entrusted with technical and organizational tasks that will process the data as an independent owner or designated manager (e.g. site maintenance companies). The data may also be communicated to those subjects to whom such communication must be made in fulfillment of an obligation provided for by law, by a regulation or by Community legislation, as well as as a result of a provision of the Authority.

 

Processing methods, security measures and storage times
All data will be processed mainly in electronic format. Personal data as well as any other information that can be associated, directly or indirectly, with a specific user, are collected and processed by applying the technical and organizational security measures such as to guarantee a level of security appropriate to the risk, taking into account the state of the art and the costs of implementation, or, where provided, security measures prescribed by specific legislation such as by way of non-exhaustive example: measures provided for by applicable measures issued by the Guarantor Authority for the protection of personal data or by specific laws and regulations for the banking / financial / insurance sector and will be accessible only to specifically authorized personnel. The personal data processed will be kept in a form that allows the identification of the interested parties for a period of time not exceeding the achievement of the purposes for which they are processed (by way of example, the data relating to requests for assistance are kept for a limited period to the resolution of the problem reported), without prejudice to the need to keep them for a longer period following requests from the competent authorities regarding the prevention and prosecution of crimes or, in any case, to assert or defend a right in court

 

Rights of the interested party pursuant to EU Regulation 679/2016
In relation to the processing described in this Notice, as an interested party you may, under the conditions provided for by the GDPR, exercise the rights enshrined in articles 15 to 22 of the GDPR and, in particular, the following rights:

  • Right of access – art.15 EU Regulation 679/2016;
  • Right of rectification – art.16 EU Regulation 679/2016;
  • Right to cancellation – art.17 EU Regulation 679/2016;
  • Right to restriction of processing – art.18 EU Regulation 679/2016;
  • Obligation to notify in case of rectification or cancellation of personal data or limitation of processing – art.19 EU Regulation 679/2016;
  • Right to data portability – art.20 EU Regulation 679/2016;
  • Right to object – art.21 EU Regulation 679/2016;
  • Right not to be subjected to an automated decision-making process – art.22 EU Regulation 679/2016;

The exercise of your rights as a data subject is free of charge pursuant to Article 12 GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller may charge you a reasonable expense contribution, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request. In any case, you can exercise your rights by contacting the e-mail box dpo@bancodelletrevenezie.it attaching a copy of your identity document. In any case, you can exercise your rights by contacting the e-mail box privacy@bancodelletrevenezie.it attaching a copy of your identity document. However, you will always have the right to lodge a complaint with the competent supervisory authority (Guarantor for the Protection of Personal Data), pursuant to art. 77 GDPR, if you believe that the processing of your data is contrary to the Privacy Legislation in force.