INFORMATION ART. 13 EU REGULATION N. 2016/679 (GDPR)
Pursuant to EU Regulation 2016/679 (hereinafter, "GDPR Regulation" or "GDPR") and the current national legislation on the protection of personal data (hereinafter, together with the GDPR, "Privacy Law"), Mediobanca - Banca of Credito Finanziario SpA based in Milan, Piazzetta Enrico Cuccia 1 (hereinafter, "Mediobanca" or the "Joint Owner MB") as controller of your data is required to provide you with the following information.
All personal data are processed, in compliance with the provisions of the law and the obligations of confidentiality, for purposes strictly connected and instrumental to the following purposes:
- Purpose of the processing and obligatory nature of the provision of data
All personal data are processed, in compliance with legal provisions and confidentiality obligations, for purposes strictly related to the following purposes:
- purposes related to the obligations established by law, by regulations, by community legislation, as well as by provisions issued by the competent authorities or supervisory and control bodies. The provision of personal data for these purposes is mandatory. Failure to provide the data will prevent Mediobanca from carrying out the activity requested by you which presupposes the fulfillment of a legal obligation by the same. The legal basis of the processing is identified in the fulfillment of the legal obligations to which Mediobanca is subjected.
- purposes strictly connected and instrumental to keeping an address book of the buyers of the publications published by Mediobanca, for the forwarding of the publications themselves and for the preparation of invoices. The provision of personal data for these purposes is mandatory as it is necessary for the execution of obligations arising from the contract. Failure to provide your data will make it impossible for Mediobanca to follow up on your pre-contractual / contractual requests and to execute the contract. The legal basis of the processing is identified in the need to execute the contract stipulated with Mediobanca.
- purposes related to the promotion and sale of Mediobanca products and services by letter, telephone, sending advertising material, newsletters, electronic communication systems, conducting market research, sending invitations or personalized gifts, public relations activities, including targeted and / or customized, including the assignment to companies that carry out the transmission, enveloping, transport and sorting of communications to customers, as well as in relation to the communication of such data to the companies of the Mediobanca Group . The granting of consent for these purposes is not mandatory. Failure to provide consent will not affect the satisfaction of your requests and the execution of your contracts but will make it impossible for Mediobanca to send you commercial communications. The legal basis of the processing is identified in the consent you have expressed.
- Legal basis
The legal basis is given, depending on the purpose of the processing, from the fulfillment of laws, execution of contractual obligations or the express consent of the interested party
- Methods of processing
The processing of your personal data will take place, in compliance with the provisions of the Privacy Law, by means of paper, IT or telematic tools, with logic strictly related to the purposes indicated and, in any case, with methods suitable to guarantee their security and confidentiality in accordance with the Law. Privacy.
- Communication and dissemination of data
For the pursuit of the purposes described in point a) above, your personal data will be known by Mediobanca employees who will operate as authorized persons / employees of the processing
Furthermore, your data may be disclosed to:
a) other companies belonging to the Group;
b) subjects who handle the bagging, shipping and archiving of documentation relating to customer relations;
c) other subjects that Mediobanca makes use of in various capacities for the supply of the requested product or service;
d) entities that provide services for the management of the Mediobanca IT system;
e) subjects that provide professional tax, legal and judicial consultancy and assistance services;
f) subjects who carry out the auditing and certification of the financial statements;
g) supervisory and control authorities and bodies and in general subjects, public or private, with publicistic functions;
h) marketing firms and market research firms;
i) subjects that detect financial risks for the purpose of preventing the risk of insolvency such as, for example, the Bank of Italy;
l) subjects that manage national and international systems for the control of fraud against banks and financial intermediaries.
Your personal data will be transferred outside the European Union only in the presence of an adequacy decision of the European Commission or other adequate guarantees provided for by the Privacy Law (including binding corporate rules and standard protection clauses).
Personal data processed by Mediobanca are not subject to disclosure.
- Data retention
In compliance with the principles of proportionality and necessity, personal data will be stored in a form that allows identification of the data subjects for a period of time not exceeding the achievement of the purposes for which they are processed, i.e. taking into account:
- the need to continue to store the personal data collected to offer the services agreed with the user;
- the existence of specific regulatory obligations (code legislation, anti-money laundering legislation, legislation on investment services, legislation on tax monitoring, etc.) or contractual obligations that make it necessary to process and store data for certain periods of time.
Mediobanca take reasonable steps to ensure that inaccurate personal data are corrected or deleted.
- Rights of the interested party
The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or request its integration or updating, or the correction (articles 15 and 16 of the GDPR).
Furthermore, the interested parties have the right to request cancellation, limitation of processing, withdrawal of consent, data portability as well as to lodge a complaint with the supervisory authority and to oppose in any case, for legitimate reasons, to their processing ( art.17 and following of the GDPR).
These rights can be exercised by written communication to be sent to: firstname.lastname@example.org
Mediobanca, also through the designated structures, will process your request and provide you, without undue delay, with information relating to the action taken regarding your request.
- Joint controllers and Data Protection Officer
The data controller is Mediobanca - Banca di Credito Finanziario S.p.A. based in Milan, Piazzetta Enrico Cuccia 1.
The Data Protection Officer can be contacted at the following email addresses:
Last update april 2019