Privacy Policy

PRIVACY POLICY Pursuant to Art. 13 of EU Regulation 2016/679

The “Data Controller”

Pursuant to art. 13 of EU Regulation  no. 679 of 27 April 2016 “on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC” (hereinafter, “Regulation”), Banca Profilo S.p.A. (hereinafter also: “Company”, and/or “Banca Profilo”), with registered offices in Milan, via Cerva, no.28 – 20122, in its capacity as “Data Controller”, hereby informs you that the personal data acquired, also with reference to existing and/or future business relations, are subject to processing in compliance with the above mentioned regulation. In relation to the aforementioned processing, the Data Controller also provides the following information.

Place of data processing

Banca Profilo S.p.A. with registered office in Milan, via Cerva, n.28 – 20122 – Italy.

Types of data processed

The data collected, for the purposes detailed below, are the following: personal and identification data of the Data Subject, as understood by Article 4(1)(1) of the Regulation; navigation data, the computer systems and software procedures used to operate this website that may acquire, during their normal operation, the Data Subject’s personal data and whose transmission is implicit in the use of Internet communication protocols. In any case, this information is not collected in order to be associated with identified Data Subjects, but, by its very nature, could, through processing and association with data held by third parties, lead to users being identified. This category of data includes the IP addresses or domain names of the computers used to connect to the website, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.

Purpose of processing

Personal data may be used for the provision of services requested by the website users, as well as for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning. The data may also be used to ascertain responsibility in the event of hypothetical cybercrimes that may damage the website or on the request of the authorities.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, which is necessary in order to reply to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the website pages dedicated to particular services on request.


Cookies are a small amount of text information sent to your computer and stored in the directory of your web browser while you are visiting a website. Their purpose is to record but they also sometimes track information about the website’s user experience. They are used for the purposes of improving web surfing by moving from one page to another of the website, saving previously entered user preferences (username, password, etc.), tracking the user’s likes and dislikes so that targeted marketing initiatives can be managed. If restrictions are placed on their use, this will certainly have an effect on the user’s status during consultation. Blocking or removing them from the browser cache may result in an incomplete use of the services offered by the web application. The website may make use of third-party cookies that can collect information about the visitors, any keywords used to reach the site and the websites visited. In this case, it is possible to view the information sheet at The Banca Profilo website may use both persistent cookies and session cookies. The former continue to work even after closing the browser, while the latter work for the duration of the website’s session of use. They expire when the usage session expires.

Method of processing

Personal data will be processed in computerized and telematic form, only for the time strictly necessary to pursue the purposes for which they were collected and, in any event, in such a manner as to guarantee their security and confidentiality.

Banca Profilo also processes the personal data acquired in full compliance with the principle of correctness, lawfulness and transparency. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access.

Categories of subjects to whom the data may be communicated

The data collected will not be disclosed but may be communicated to subjects whose right and interest in accessing your personal data is recognized by law or by secondary and/or EU regulations, to the Data Controller’s internal staff, as well as to companies, associations or professional firms that provide services and activities on behalf of the Data Controller in their capacity as Data Processors for the fulfilment of legal obligations, as well as for any organizational and administrative requirements needed to provide the services requested. The updated list of Data Processors is available for consultation at the Data Controller’s reference office.

Data Subject Rights

We inform you that, pursuant to Articles 15-22 of the Regulation, you may exercise specific rights by contacting the Data Controller, including:

  • right of access: the right to know from the Data Controller whether or not your personal data are being processed and, if so, to obtain access to them and any further information on the origin, purposes, category of data processed, recipients of data communication and/or transfer, etc.;
  • right of rectification: the right to obtain from the Data Controller the rectification of inaccurate personal data without undue delay, as well as the integration of incomplete personal data, also by providing a supplementary declaration;
  • right of erasure: the right to obtain from the Data Controller the erasure of personal data without undue delay in the event that:
    • the personal data are no longer necessary in relation to the purposes of the processing;
    • the consent on which the processing is based has been revoked and there is no other legal basis for the processing
    • personal data have been unlawfully processed;
    • the personal data must be erased in order to comply with a legal obligation.
  • right to object to processing: the right to object, in whole or in part, to the processing of personal data on legitimate grounds, even if the data are relevant to the purpose of collection; and to object, in whole or in part, to the processing of personal data for the purpose of sending advertising material, direct sales, carrying out market research or commercial communication;
  • right to restrict processing: the right to obtain from the Data Controller a restriction of processing in cases where the accuracy of personal data is contested (for the period needed for the Data Controller to verify the accuracy of such personal data), if the processing is unlawful and/or the Data Subject has objected to the processing;
  • right to data portability: the right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another data controller, only where the processing is based on consent and only for data processed by electronic means;
  • right to lodge a complaint with a supervisory authority: without prejudice to any other administrative or judicial remedy, a Data Subject, who deems that the processing operations concerning him or her are in breach of the Regulation, shall have the right to lodge a complaint with the supervisory authority of the Member State in which he or she resides or habitually works, or of the State in which the alleged breach occurred.

If the interested party wishes to receive further information on the processing of his or her personal data, or to exercise the rights indicated above, he/she can contact Banca Profilo S.p.A., with registered office in Milan, via Cerva, n.28, 20122, by telephoning on +39-02.584081, or by sending a fax to +39-02.58316057 or by sending an email to [email protected].

Further information regarding the processing and communication of data provided directly or otherwise acquired may be requested from the person in charge of data processing, Head of the Organization and Systems Area.

We also inform you that Banca Profilo has appointed a “Data Protection Officer” provided for by the Regulation (the so-called DPO). For all questions relating to the processing of your Personal Data and/or to exercise the rights listed above, you can contact the DPO at the following email address: [email protected].

Cookie PolicyPrivacy Policy signed by the Data Controller