This page describes the methods used by the Phoenix Informatica Bancaria S.p.A. website to manage the personal data of those visiting it: following visits to this site, the personal data of those identified or identifiable may be processed.
This information notice is issued also pursuant to Article 13 of Legislative Decree No. 196/2003 – The Personal Data Protection Code (hereinafter the “Code”) to those using the web services of Phoenix Informatica Bancaria S.p.A. (hereinafter Phoenix), accessible through electronic communications services at the web address http://www.phoenixspa.it which is the home page of the website in question.
This information notice is issued in regard to the said Phoenix website and not in regard to other sites which the Visitor might access using the links provided.
This information notice is issued also pursuant to Recommendation No. 2/2001 of the European Data Protection Authorities (meeting as Working Party set up under Article 29 of Directive 95/46/EC), adopted on 17 May 2001 in order to establish minimum requirements for the online gathering of personal data, and in particular the methods, terms and nature of the information which data controllers must provide to users when they access the web pages, regardless of their reasons for accessing them.
Definitions taken from the Code:
• ‘data controller’ shall mean any natural or legal person, public administration, body, association or other entity that is competent, also jointly with another data controller, to determine purposes and methods of the processing of personal data and the relevant means, including security matters;
• ‘data processor’ shall mean any natural or legal person, public administration, body, association or other agency that processes personal data on the controller’s behalf.
Pursuant to the Code, therefore, Phoenix is the data controller only for personal data which might be processed on this site, with express exclusion of data processed on sites accessed through the Reserved Area or via links.
The data controller Phoenix has its registered address at Via Segantini 16-18, 38100 Trento (Italy) and may be contacted using the details provided in the “Contact us” section of the site, specifically using the e-mail address: email@example.com, except to exercise data subject rights pursuant to Article 7 of the Code, for which a specific address is provided (see “Rights of Data Subjects”).
VENUE FOR DATA PROCESSING
Processing connected to the web services provided by this site shall take place at the said registered address of Phoenix, exclusively by the technical staff in the Department in charge of the processing, or by personnel involved in routine maintenance tasks.
Data may also be processed by specialised companies commissioned by Phoenix to perform tasks of a technical or organisational nature for the management of the IT services of the present site. An up-to-date list of such companies is available free of charge from the registered offices of Phoenix, as described in the “Rights of Data Subjects” paragraph below.
No data deriving from the web services provided by this site shall be communicated or disseminated by Phoenix, without prejudice to its obligations under the Law.
Personal data provided by users who make requests for the sending of information literature shall be used solely for the purposes of the service or for fulfilling the request and shall be communicated to third parties only as necessary to these ends.
TYPE OF DATA PROCESSED
The IT systems and software used to power this website gather, as part of their normal workings, some personal data, the transmission of which is implicit in the use of internet communications protocols.
This information is not gathered for the purposes of being correlated with the relevant identified user; but such information could by its very nature be employed to identify users through specific procedures and correlation with data held by third parties.
This data includes IP addresses and domain names of computers use to connect to the site, addresses in URI (Uniform Resource Identifier) notation of the resources requested, date and time of the request, the method used to forward the request to the server, the size of the files obtained in return, the numeric server response status codes (“OK”, “error”, etc.) and other parameters relating to the operating system and the IT environment of the user.
Traffic data is used to gather anonymous statistical data on site use and to monitor the correct working of the site. The data could also be used to identify guilty parties in hypothetical cases of unlawful computer activities against this site: except in such cases, traffic data is currently deleted after two months.
Data provided on a voluntary basis by the user
Voluntary and express sending of e-mails to the addresses indicated on this site automatically involves the acquisition of the address of the sender which is needed to respond to the request as well as other personal data contained in the message.
The Reserved Area of the site makes specific areas available which provide information services, and these require inputting of authentication credentials for access.
No personal data of the user is acquired in this manner by the site.
Cookies are not used for the transmission of personal data, stored over time, or employed as part of systems for tracking users.
The use of session cookies (which are not stored over time in the computer of the users and which disappear when the browser is closed) is strictly limited to transmission of a session identifier (consisting of a random number generated by the server) necessary for allowing safe and efficient navigation of the site, and which are activated only subsequent to the input of user authentication credentials.
Session cookies used on this site allow avoidance of the use of other IT methods which might potentially be prejudicial to the privacy of user navigation; they do not permit the acquisition of the personal identification data of the user.
VOLUNTARY NATURE OF PROVISION OF DATA
Apart from the foregoing specifications regarding navigation, the user is free to provide personal information which might be requested in replies to requests made to the controller of this site.
Failure to provide such information may make fulfilment of such requests impossible.
METHODS OF PROCESSING
Personal data is processed using automated instruments and for the time strictly necessary to achieve the purposes for which the data was gathered.
Specific security measures have been put in place in order to avoid loss of data or illegal or incorrect use or unauthorised access to the same.
RIGHTS OF DATA SUBJECTS
Subjects to which the personal data refers have the right to obtain at any time confirmation of the existence or otherwise of their data, to be informed of its content and origin, to verify its accuracy, and to request its completion, updating, or amendment (Article 7 of the Code).
Pursuant to the same article, data subjects also have the right to request that their data be deleted, rendered anonymous or blocked where illicit processing has taken place, and in any case to object to the processing of their data on legitimate grounds.
Requests pursuant to Article 7 should be addressed to:
Requests pursuant to Article 7 should be addressed to:
Phoenix, Via Segantini 16-18, 38100 Trento (Italy) e-mail: firstname.lastname@example.org