CONTROLLER AND DATA PROTECTION OFFICER
The Controller is UniCredit S.p.A. with registered office at Piazza Gae Aulenti n. 3, Tower A, 20154 Milan (the Bank or UniCredit).
The Data Protection Officer may be contacted at UniCredit S.p.A., Data Protection Office, Piazza Gae Aulenti n. 1, Tower B, 20154 Milan, e-mail: Group.DPO@unicredit.eu, certified e-mail: Group.DPO@pec.unicredit.eu.
THE COOKIES USED BY THIS SITE
Cookies are short strings of text sent to the browser of the user's device (PC, Notebook, Smartphone, Tablet, etc.) when they visit a website. They are stored there and then sent back to the same website the next time the user visits.
UniCredit S.p.A. informs you that this website uses the types of cookies described below, also combined, which are classified based on rulings and indications of the Data Protection Authority, the European Data Protection Board (EDPB), Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and Legislative Decree no. 101 of 10 August 2018.
PERSISTENT COOKIES
These are cookies that are saved on your device and are not deleted automatically when you close your browser session. For some of these cookies, a random unique identifier is generated, which enables web analytics procedures to identify a user that returns to a UniCredit website.
FIRST-PARTY COOKIES
These are cookies created by UniCredit's website and only this website can read and process them.
TECHNICAL COOKIES
These are cookies which are essential in order to be able to:
• browse and use the website (for example "browsing or session cookies"); without these cookies, some operations could not be possible or would be less secure.
• browse according to a series of selected criteria (for example, language, "functionality cookies") and thus improve the service provided and optimise the site. These cookies are collected on an aggregate and anonymous basis.
These technical cookies are installed directly by UniCredit and, as they are not used for purposes other than those strictly necessary to send a communication via an electronic communication network or to provide a service specifically requested by the user, they can be saved in the device without requesting the prior consent of the user accessing UniCredit's website.
ANALYTICS COOKIES
These are cookies used to gather information, on an aggregate and strictly anonymous basis, for internal research on the number of users and how they visit the site. The purpose of these cookies is solely to improve the service provided by UniCredit to all users and to optimise and improve the site.
For analytics cookies, UniCredit uses a mechanism to encrypt the entire IP address (the address assigned to the user's device which is necessary to browse the Internet), and additional personal data, in order to derecognise the user and prevent a user being identified on the sole basis of their IP address.
These types of cookies can be saved in the device without requesting the prior consent of the user accessing UniCredit's website..
PROFILING COOKIES
These are cookies used to send advertising messages in line with user preferences. These cookies are saved in the user's device directly by the Controller, UniCredit S.p.A., or by other entities ("Third Parties").
Consent from the user accessing the website is necessary to save these cookies in the device.
The user can opt not to accept all profiling cookies being saved, via the banner displayed when they first visit the website, or the buttons at the end of this policy, which is also available via the specific links on UniCredit's website.
FIRST-PARTY PROFILING COOKIES : CONTROLLER - UNICREDIT S.p.A.
These are cookies used to send advertising messages in line with user preferences, and according to the purposes indicated. These cookies are installed directly by the Controller The user can opt to not accept these profiling cookies being saved, via the banner displayed when they first visit the website, or via the functions indicated in this policy, which is also available via the specific links on UniCredit's website.
All profiling cookies installed directly by the Controller UniCredit S.p.A. have a maximum validity of 6 (six) months.
THIRD-PARTY PROFILING COOKIES: CONTROLLERS - COMPANIES INDICATED
Cookies managed by third-party companies other than UniCredit S.p.A., that act in a capacity as autonomous (data) controllers are also installed via this website.
The user can opt to not accept these profiling cookies being saved, via the banner displayed when they first visit the website, or via the functions indicated in this policy, which is also available via the specific links on UniCredit's website.
The links indicated below are to the web page of each third-party company, where users can view the policy and information about processing, provided by the company, and where they can give or not give their consent.
As you have read the privacy notice about cookies, please indicate whether you consent to the installation of the profiling cookies described above:
You have not expressed a preference yet
Profiling cookies are NOT ENABLED
Some profiling cookies are ENABLED
Profiling cookies are correctly ENABLED
You can give your consent to only install UniCredit S.p.A. profiling cookies:
You have not expressed a preference yet
Unicredit profiling cookies are NOT ENABLED
Unicredit profiling cookies are correctly ENABLED
| Cookie Name | Holder | Purpose | Duration |
|---|---|---|---|
| UP | UniCredit | Used in the Data Management Platform to distinguish users | 30 days |
| UE | UniCredit | Used in the Data Management Platform to distinguish users | 180 days |
| UT | UniCredit | Contains information about advertisements viewed by users of the Data Management Platform | 30 days |
| __UCGdfsn | UniCredit | Used in the Data Management Platform to define the browsing session | 30 minutes |
| __UCGdfm | UniCredit | Used in the Data Management Platform to optimize the number of calls to server | 7 days |
| UO | UniCredit | Save opt-out preference from user tracking in the Data Management Platform | 60 days |
You can give your consent to only install third-party profiling cookies:
You have not expressed a preference yet
Third-party profiling cookies are NOT ENABLED
Third-party profiling cookies are correctly ENABLED
| Cookie Name | Holder | Purpose | Duration | Info Link |
|---|---|---|---|---|
| UUID2 (.adnxs.com) | Xandr | Utilizzato per identificare in modo univoco il browser o il dispositivo dell'utente tramite un ID | 90 days | https://www.xandr.com/privacy/cookie-policy/ |
| ANJ (.adnxs.com) | Xandr | Utilizzato per la sincronizzazione degli ID con i partner. | 90 days | https://www.xandr.com/privacy/cookie-policy/ |
MANAGING AND DELETING COOKIES BY CONFIGURING THE BROWSER USED
UniCredit S.p.A. informs you that, in addition to the above, website users can express or modify their cookie choices and options via the additional settings of their device browser.
The user can delete or disable any cookie directly, at any time, via the settings and functions of the browser used in their PC, Notebook, Smartphone or Tablet.
The options selected via browser settings will only work from the first time the user connects to UniCredit's website after having changed these settings, for choices made directly on this website.
For further details, see the information and operating procedures for settings, provided by the supplier of the user's browser.
PURPOSE, LEGAL BASIS FOR PROCESSING AND CATEGORY OF PROCESSED DATA
UniCredit S.p.A. will only process personal data gathered from the use of first-party profiling cookies for the following purpose:
The promotion and sale of "dedicated" products and services of the Bank, of UniCredit Group Companies or third-party companies specifically identified through processing and analysis, also using automated techniques or systems, of information relative to preferences, habits, consumer choices, aimed at dividing data subjects into groups that are uniform based on behaviour or specific characteristics.
For UniCredit customers only, that access the Bank's internet banking service using their authentication credentials, the data and information gathered from first-party profiling cookies may be connected with the data and information the bank already has, but only based on consent already provided by customers.
The legal basis allowing for this processing is consent, that the user accessing UnitCredit's website in a capacity as a data subject is free to give or not give and if given, can withdraw at any time.
Providing data necessary for these purposes is not mandatory, and not giving these data will not have any negative effect for the user, nor prevent them from browsing UniCredit's website, apart from them not being able to receive dedicated commercial information.
WITHDRAWING OR CHANGING CONSENT TO THE INSTALLATION OF COOKIES
UniCredit S.p.A. informs users that access the website that they can change their options about storing cookies, at any time, by accessing the "Cookies Policy" on the website.
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA
The natural and legal persons on the list which may be consulted at Bank premises open to the public and on the website may become aware of the user's personal data, in their capacity as Processors, as well as the persons authorised to process personal data, in relation to the data necessary to carry out the tasks assigned to them, belonging to the following categories: employees of the Bank or seconded to the Bank, temporary workers, persons on work placements, consultants and employees of external companies appointed as the Processors.
Data may be communicated to:
a) entities to whom such communication must be made to in order to comply with an obligation of law, regulations or EU law. Further information can be found in the notice for customers published in the "Privacy" section of the www.unicreditgroup.eu website;
ii) financial intermediaries of the UniCredit Group, based on anti-money laundering regulations (see Article 39, paragraph 3 of Legislative Decree no. 90/2017), which provide for the possibility for personal data relative to suspicious activity reporting to be communicated among financial intermediaries of the UniCredit Group;
iii) companies belonging to the UniCredit Group, and namely subsidiaries or affiliates pursuant to Article 2359 of the Italian Civil Code (also located abroad), to whom such communication is permitted as a result of Italian Privacy regulations or a legal requirement.
The detailed list of subjects to whom the data may be communicated can be consulted in the "Privacy" section of the www.unicreditgroup.eu website.
TRANSFER OF DATA TO THIRD COUNTRIES
UniCredit informs you that Personal Data may be transferred to countries outside the EU or European Economic Area (Third Countries), only if recognised by the European Commission as having an adequate level of protection and if the exercise of the rights of data subjects is ensured at all times. Further information can be requested by writing to Group.DPO@unicredit.eu.
RIGHTS OF DATA SUBJECTS
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), gives natural persons, individual companies and/or the self employed ("Data subjects") specific rights, including the right to have their personal data held by the Bank recognised and how said data are used (Right of access), the right to have their data updated, rectified or, if there is an interest, supplemented, as well as have their data erased, anonymised or restricted.
Data subjects may, at any time, withdraw consent, if given, to cookies being saved on their device, and to the processing of personal data resulting from the use of the cookies, according to the terms indicated above, or accessing the "Cookies policy" on the website.
UniCredit informs you that withdrawing consent will only have an effect in the future.
DATA STORAGE PERIOD AND RIGHT TO ERASURE ("RIGHT TO BE FORGOTTEN")
UniCredit will process personal data gathered with the first-party profiling cookies indicated in this policy, for a maximum period of 6 months.
Some data referred to session cookies will instead be kept only for the duration of the session.
At the end of this storage period, , the personal data of data subjects will be erased or kept in a manner that does not allow for the identification of the data subject (e.g. irreversible anonymisation), unless further processing is necessary for one of the following reasons: i) to settle pre-litigation and/or litigation started before the end of the storage period; ii) to continue investigations/inspections of internal control functions and/or external authorities started before the end of the storage period; iii) to follow up requests from Italian and/or foreign public authorities received by/notified to the Bank before the end of the storage period.
If a user connects to UniCredit's website after the maximum time that cookies can be stored, the banner requesting consent will be displayed again.
HOW TO EXERCISE YOUR RIGHTS
You can exercise your rights as a data subject, indicated in the previous paragraph, by contacting:
UniCredit S.p.A., Claims, Via Del Lavoro n. 42, 40127 Bologna, tel. +39 051.6407285, fax +39 051.6407229, e-mail address: diritti.privacy@unicredit.eu.
The deadline for replying is one (1) month, extendible to two (2) months in cases of particular complexity; in these cases, the Bank will provide at least initial communication within one (1) month.
The exercise of rights is, in principle, free; the Bank reserves the right to ask for a contribution in case of requests that are evidently without grounds or excessive (also recurrent).
The Bank may request information necessary to identify the requesting party.
COMPLAINTS OR REPORTS TO THE ITALIAN DATA PROTECTION AUTHORITY
The Bank informs you that you may file complaints or report to the Data Protection Authority or alternatively file a complaint with the Judicial Authorities. The contacts of the Data Protection Authority are available from http://www.garanteprivacy.it.
Having read this Cookies Policy, please express your preference, giving or not giving your consent to profiling cookies being saved on your device.
For this purpose, you can accept or not accept all profiling cookies from the buttons below or consent or not consent to each single type of profiling cookie being installed, from the next buttons.