Privacy Policy
PREMISE
Dear User,
this Privacy Policy is provided pursuant to art. 13 of Regulation 2016/679/EU - on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter also referred to as "the Regulation" or "GDPR").
Within this Privacy Policy you will find information relating to the processing of your personal data, resulting from the navigation within the web spaces and the use of services made available to you through the website.
You will be provided with specific and / or supplementary information on the processing of your personal data on each occasion in which we collect them, in your interaction with the site or by virtue of contractual relationships established with our company, you can see them all at any time by clicking on the links in the "Information" at the bottom of this page.
Warning: this Privacy Policy does not apply to web services provided by third parties, which you may use or consult and reached through hypertext links. In this regard, we invite you to consult the privacy notices and privacy policies provided by these third parties in the appropriate locations.
DEFINITIONS
Privacy Law: The GDPR, the Privacy Code, the provisions of the Guarantor and in general all legislation on the protection of individuals with regard to the processing of Personal Data.
GDPR or Regulation: European Union Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data (General Data Protection Regulation).
Personal Data: Any information concerning an identified or identifiable natural person. In addition to the data provided by the User by means of any forms within the individual areas of the Web Services, this also includes data relating to its navigation.
Data Subject: The identified or identifiable natural person to whom the Personal Data refers.
Navigation data: The computer systems and software procedures used to operate the Web Services acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could allow, through processing and association with data held by third parties, to identify users. However, if the navigation session takes place after accessing the Reserved Area (c.d. log in), the data collected are associated with the User's personal account.
Navigation data includes:
- IP addresses or domain names of the computers used by the users who connect to the site;
- the addresses in URI (Uniform Resource Identifier) notation of the requested resources;
- the time of the request;
- the method used to submit the request to the server;
- the size of the file obtained in response;
- the numerical code indicating the status of the response given by the server (successful, error, etc.);
- other parameters relating to the User's operating system and computer environment.
Data provided by the User: These are the data that the User voluntarily and knowingly transmits through the sending of communications (e.g., through e-mail, to the addresses within the web domain) or through the completion of special forms, if present within the spaces provided by the Services.
The Data provided by the User are only those strictly necessary for the purposes from time to time pursued by the Services (for precise indications regarding the categories of data collected from time to time, please refer to the individual privacy policies of reference). By way of example, such data may include:
- personal data;
- concerning contact details (e.g. e-mail address);
- related to the contractual position of the User-Customer;
- geolocation data (if the User has expressed consent to the collection of data relating to its location);
- concerning the use of individual Services made available to the User;
- regarding facts and events exposed by the User in their messages (in this regard, and for its greater protection, the User is asked not to provide information not strictly relevant to the subject of the request and the nature of the services provided by the Company).
Data Controller or the Data Controller: The subject who decides on the purposes and methods of the processing of Personal Data. With reference to Web Services, it is the Company of the Unipol Group to which this site refers and of which you can find the references at the bottom of each page.
Services or Web Services: The services provided through the internet network, used through the website and/or any APPs.
User: The interested party (natural person) who browses, consults, accesses or uses the Web Services.
DPO: The Data Protection Officer. The User concerned may request clarification regarding the processing of Personal Data or exercise their rights by contacting the DPO, in the manner and form indicated in the section "How to exercise rights and/or request information on processing".
Garante Privacy: The Guarantor for the protection of personal data, the Italian national supervisory authority for the protection of personal data. See the website of the Privacy Guarantor.
Cookies: Cookies are pieces of information recorded on your device (e.g., within the memory of your browser) when you visit a website or use a web application.
Each cookie may contain various data, such as, for example, the name of the server from which it comes, a numeric identifier, etc..
See the Cookie Policy for more information.
INFORMATION ON THE PROCESSING OF PERSONAL DATA OF THE USER
Below we provide you with useful information regarding the processing of Personal Data carried out through the Web Services.
In particular, we want to inform you:
- of the identification and contact details of the Data Controller;
- the contact details of the Data Protection Officer (DPO);
- the categories of Personal Data processed through the Web Services;
- the purposes for which such Personal Data are processed from time to time;
- the assumptions that justify the processing of such data (so-called legal bases);
- the duration of their storage, which is always strictly necessary for the pursuit of the stated purposes;
- the categories of recipients of the data communication.
Owner of the treatment | Legal seat |
---|---|
SIAT Società Italiana di Assicurazioni e Riassicurazioni P.A. | Via V Dicembre 3, Genova - 16121 |
Categories of Personal Data, Purposes and Legal Bases of the Processing and Storage Terms
Categories of Personal Data | Purposes of processing | Legal Bases | Data retention periods |
---|---|---|---|
Navigation data | To allow web navigation and the provision of Services | Need to execute a contract of which the interested party is part or to provide a service at the request of the same | For the duration of navigation within the Services |
To obtain anonymous statistical information on the use of the Web Services, for the sole purpose of checking the correct functioning thereof | Legitimate interest of the Company | The data collected are aggregated and no longer traceable to individual users who have browsed the site | |
To guarantee the security and the correct functioning of the Web Services, as well as to ascertain responsibility, in case of hypothetical crimes, and in order to protect our rights consequently | Legitimate interest of the Company | (15 days) and subsequently for the time strictly necessary to carry out any investigations, to define any disputes and, in general, to protect our rights | |
Data provided by the User: provision of Web Services | Reserved Area registration and functions related to the provision of related Web Services | Need to execute a contract to which the interested party is a party | For the time of account activation. In the case of Services related to a contractual position of the User, Personal Data may be retained for additional time for administrative-accounting purposes and on the basis of what is provided for by the regulations applicable from time to time (in general, 10 years) |
Request for information | Need to execute requests made by the person concerned (pre-contractual phase) or legitimate interest | The time required to provide feedback | |
Complaints | Fulfilment of regulatory obligations | 10 years after request |
The conferment of your Personal Data is free and optional. We remind you, however, that, for the pursuit of certain purposes (to provide you with the appropriate feedback requested, for registration to the Reserved Area or for the provision of individual services) is essential, if not provided, in such cases, it may not be possible to proceed with the pursuit of these purposes.
We invite you, however, to consult the individual information on the processing of data for more details.
Modalities of treatment and recipients of data communication
The above data will not be subject to disclosure and may be known by employees of our company specifically authorized to process them. It may also be acquired and/or processed by other companies of the Unipol Group and/or the companies. Processing operations may be carried out by external subjects to whom we entrust the performance of activities on our behalf, and with whom we stipulate specific agreements aimed at regulating the processing of data.
Finally, the data may be communicated upon request to public authorities or law enforcement agencies.
The processing of Personal Data is always subject to the adoption of appropriate security measures to ensure the confidentiality, availability and integrity of the data.
COOKIES
The Web Services may use technical, analytical and profiling cookies, both first and third party.
The cookies are essential to improve the Services and to provide products that are always in line with the Users' preferences.
The possible use of profiling and/or third party cookies will always be subject to your prior consent.
To learn more, click here.
USER RIGHTS (AS INTERESTED PARTY)
The Privacy Law (art. 15-22 of the Regulation) guarantees the user, as the interested party, the right to access the data concerning him, as well as to obtain the rectification and/or integration, cancellation or portability. The Privacy Regulations also give the User the right to request the limitation of data processing and to object to the processing, as well as the possibility to revoke any consent given (the revocation does not affect the lawfulness of the processing carried out up to that moment).
Rights | What does it consist of? | Prerequisites for the exercise |
---|---|---|
Data access | The User may request from the Data Controller:
|
The User may always make such a request. |
Correcting or supplementing data | The User may request the Data Controller to:
|
If the data processed are inaccurate or incomplete |
Erasing data | The User may request the Data Controller to delete the Personal Data it is processing |
|
Limitation of Personal Data Processing | The User can request the Owner that he does not carry out, with the exception of storage only, any processing operation on his Personal Data, except with the User's consent or to protect his rights |
|
Opposition to the processing of Personal Data | The User may object to processing based on legitimate interest (including the sending of promotional communications) or on a public interest | There must be reasons related to the particular situation of the User, unless the opposition is to processing for direct marketing purposes |
Objection to an automated decision-making process | The User may object to automated decision-making processes. In the event that such a process is necessary to conclude a contract, is based on an explicit consent, is authorized by law or regulation of the State or the European Union, the User has the right to obtain human intervention by the data controller, to express his opinion and to challenge the decision | There is a decision based solely on automated processing, including profiling, which produces legal effects concerning the User or which significantly affects the User in a similar way |
Portability of Personal Data | The User has the right to receive in a structured, commonly used and machine-readable format the Personal Data concerning him or her | Provided all of the following conditions are met:
|
Withdrawal of consent | The User may revoke the consent given. The revocation does not affect the lawfulness of the treatment carried out until that moment. | Always |
HOW TO EXERCISE RIGHTS AND/OR REQUEST INFORMATION ABOUT THE TREATMENT
The "Data Protection Officer" is available for any doubts or clarifications, for the exercise of the rights of the interested parties and to provide the updated list of categories of data recipients.
Data Protection Officer or DPO | privacy.siat@unipol.it |
This does not affect your right to appeal to the Privacy Guarantor, including through a complaint, where deemed necessary for the protection of your Personal Data and your rights in this regard.
INFORMATION
Below is a list of the information:
Contractual Information - SIA_Info_Cont_01
Information adequacy - SIA_Info_Adeg_01
Information on estimates - SIA_Info_Prev_01
Claims Information – SIA_Info_Sini_01
Claims consent - SIA_Cons_Sini_01
Information on Home Insurance IVASS - SIA_Info_HIns_03
Information on telephone assistance call center - SIA_Info_AssT_01
Extended video surveillance policy - SIA_Info_VdsE_01