This section explains how the site treats the personal information of the users who visit it. According to Article 13 and Article 14 of Regulation (UE) 2016/679, the policy is also made available to those who interact with the Bank’s web services, accessible electronically from the address: www.museodelrisparmio.it
This document also takes into account Recommendation no. 2/2001 on the protection of personal data that the European authorities have adopted to identify the minimum requirements for the collection of personal data online.
The policy applies only to the site in question and not to any other websites that the user accesses via links.
The data controller is Intesa Sanpaolo S.p.A with head office at Piazza San Carlo, 156 – 10121, Torino.
The processing of data associated with the web services on this site is handled only by the technical personnel of the service responsible for processing. None of the data obtained by a web service is communicated or disclosed to third parties. The personal data provided by users who request information material are used for the sole purpose of offering the service and are disclosed to third parties only when strictly necessary.
During normal use, the IT systems and software procedures for running this website acquire some personal data the transmission of which is implicit in the use of Internet communication protocols. It concerns information that is not collected to be associated with specific individuals, but by their own very nature could, through the processing and association with data held by third parties, allow users to be identified
This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters related to the operating system and the users. This data is used only to obtain anonymous statistical information on the Site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site: except for this possibility, the data on web contacts are stored for 12 months.
Data provided voluntarily by the user
The elective, explicit and voluntary sending of e-mail messages to the addresses posted on the website entails the subsequent acquisition of the sender address, which is necessary to answer any queries, as well as of any other personal information included in the message. Specific summary information dedicated to particular services on request will be provided or displayed on the pages of the website.
Cookies are small text strings exchanged between a server and the web client. They are used to perform automatic authentication, session tracking and storage of specific information about users accessing the server.
Managing cookies from browser settings
For information on how to change cookie settings you can refer to the website of the manufacturer of your browser.
METHODS OF PROCESSING
The personal data are processed using automated tools only for the period of time required to fulfil the purposes for which the data were collected. Special security measures are taken to prevent the loss of data, illicit or improper use, and unauthorised access.
RIGHTS OF THE DATA SUBJECT
In your capacity as Data subject, you may exercise, at any time towards the Data Controller, the rights provided by the Regulation (right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object) by sending a specific request in writing to the e-mail address email@example.com or; via post to the address Intesa Sanpaolo S.p.A., Piazza San Carlo, 156 – 10121 Turin, Italy.
Complete information notice on www.intesasanpaolo.com