In this document, in compliance with the regulations on data protection and privacy in the electronic communications sector, ProntoPegno S.p.A. will provide information to help you to understand what data are collected when you browse our website and how they are used.
The information provided below is based on Recommendation 2/2001 adopted by the European Data Protection Authorities on 17 May 2001, within the Working Party established by Article 29 of Directive 95/46/EC, to identify certain minimum requirements for the collection of personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide Users when they connect to web pages, regardless of the purpose of the connection.
Pronto Pegno S.p.A., with registered office in Milano, Largo Augusto 1/A, ang. via Verziere 13 - 20122 Milano ("Pronto Pegno").
DATA PROTECTION OFFICER (DPO)
The Data Protection Officer (DPO) may be contacted at the:
- postal address of ProntoPegno S.p.A.: Largo Augusto 1/A, ang. via Verziere 13, 20122 Milano
- email address: firstname.lastname@example.org
TYPES OF DATA PROCESSED
The IT systems and software procedures used on this website and the "ProntoPegno" app will routinely acquire certain types of personal data, the transmission of which is implicit in the use of the Internet.
This category of data includes IP addresses, or domain names of the user's computers, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the web server, the size of the response file, the digital code indicating the status of the response from the web server, and other parameters relating to the user's operating system and IT environment. These data are only used to gather anonymous statistical information on the use of the website and check its correct functioning.
Data provided voluntarily by the user
The optional, voluntary sending of emails to the addresses on this website will result in the sender's address being acquired for the purposes of responding to the requests. Any personal information included in the email will also be acquired. Specific summary information may be progressively reported or displayed on the pages of the website set up for particular on-request services.
The data will be processed manually, digitally and electronically using methods strictly related to the purposes for which they were collected. Specific security measures are implemented to prevent data loss, unlawful and incorrect use, and unauthorised access.
This processing takes place within the limits to which you have given your voluntary consent. You have the right at any time to request the users of these solutions to delete the information collected through cookies.
RIGHTS OF DATA SUBJECTS
You may exercise your rights under Articles 15 to 23 of the GDPR at any time by contacting:
The exercise of the rights indicated in this section is not subject to any form of restriction and is free of charge. The Data Controller shall be obliged to provide information on action taken by the data subject without undue delay and within one month of receipt of the request. Extensions are permitted under Article 12(3) of the EU Regulation.
You may exercise the following rights in relation to the processing described in this information notice:
- right of access;
- right to rectification, anonymisation or erasure of data;
- right to withdraw the prior consent at any time, without affecting the lawfulness of processing based on the consent before its withdrawal;
- right to restriction of processing;
- right to data portability;
- right to object;
- right to object to direct marketing;
- right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) if you believe that your rights have not been respected.
Any rectification or erasure of personal data or restriction of processing carried out upon request from the data subject - unless it proves impossible or involves disproportionate effort - shall be notified by the Data Controller to each recipient to whom the personal data have been disclosed.
Communication and disclosure
The data collected may be transferred or disclosed to other companies of the Banca Sistema banking group for activities strictly related and instrumental to the operation of the service, such as the management of the IT system, or for processing carried out by other companies in the group for the same purposes. The personal data provided by users who request the sending of information material (brochures, information material, etc..) are used only to perform the service or provision requested and are disclosed to third parties only where this is necessary for that purpose (companies that provide enveloping, labelling, and dispatching services). Apart from the cases mentioned above, personal data will not be disclosed or released to anyone except where required by contract, or with the authorisation of the data subject. Personal data may be disclosed to a third party, but only in cases where:
- there is express consent for the data to be disclosed to a third party;
- there is a need to disclose the data to third parties in order to provide the requested service;
- it is necessary to comply with requests from judicial authorities or public security authorities.
No data from the web service are disclosed.