On Protection of Personal Data
This page describes the means of management of this site as concerns the treatment of personal information of the users who consult it. Information on this point is provided, pursuant to the Albanian Law no. 9887, dated 10.03.2008 “On Protection of Personal Data” and other complementary regulations in compliance with best standards of the group Code on the protection of personal information, to those who interact with the Bank's internet services, accessible from the website: http://www.intesasanpaolobank.al/ corresponding to the home page of the bank's official website.
This document also considers Recommendation 2/2001 which the European Union adopted for the protection of personal information to identify the minimum requirements for the on-line collection of personal information.
The information is provided solely for the www.intesasanpaolobank.al/ site and not for any other sites which may be consulted by the user via links.
The Party responsible for the treatment is “Intesa Sanpaolo Bank Albania” SH.A with Registered office in Tirana, Rr. “Ismail Qemali”, Nr.27, P.O.Box 8319.
METHODS OF PERSONAL DATA PROCESSING
Treatment connected to web services of this site is managed by technical personnel of the office in charge of treatment. No information deriving from the web service is communicated or disseminated. Personal information provided by users who request documentation are used for the sole purpose of providing the service or satisfying the request and are communicated to third parties only if necessary to this end.
TYPES OF PERSONAL DATA PROCESSED
Surfing information ICT systems and software procedures which are responsible for the functioning of this website acquire, as part of their normal exercise and for the sole period of connection, personal information whose transmission is implicit in the use of Internet communication protocols. Such information is not collected to be associated to the identified parties, but which for its very nature may, via processing or association with information held by third parties, permit the identification of users. This category includes the IP addresses or domains of computers used by surfers who access the site, the Uniform Resource Identifier addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the number code indicating the state of the reply given by the server (ok, error, etc.) and the other parameters relative to the operating system and the user's IT environment. Such information may be used to ascertain responsibilities should hypothetical IT crimes be committed to damage the site: without prejudice to this use, to date information on web contacts does not persist for over seven days. Information voluntarily provided by the user Any facultative, explicit and voluntary e-mail sent to the addresses indicated in this site entails the subsequent acquisition of the address of the sender, necessary to respond to requests, as well as any of other personal information contained in the e-mail.
MEASURES FOR THE SECURITY AND MAINTAINING THE CONFIDENTIALITY
The Bank guarantees to each user that after the required information has been delivered to Bank's Web server, high standard security system are implemented for storing and further processing of these data, in accordance with the requirements specified in articles 27 and 28 of the Albanian law no. 9887, dated 10.03.2008 "On Protection of Personal Data". The use of personal information to send advertising materials or commercial information, to sell products or services by the Bank requires the prior consent by the sender. Specific summaries will be progressively provided or visualised in the site's pages prepared for particular services which may be requested.
No personal information of users is acquired by the site as concerns this point. Cookies are not used for the transmission of personal information and no so-called persistent cookies of any type nor any other systems to trace users are used. The use of so-called session cookies (which are not memorised in a persistent way on the user’s computer and dissolve when the browser is closed) is strictly limited to the transmission of session identification information (made up of random numbers generated by the server) necessary to enable the secure and efficient surfing of the site. So-called session cookies used in this site are an alternative to the use of other ICT techniques which may prejudice the confidentiality of the surfing of users and do not permit the acquisition of the user's personal identification.
MEANS OF TREATMENT
Personal information is treated with automated instruments for the sole time strictly necessary to achieve the purposes for which it has been collected. Specific security measures are complied with to prevent the loss of information, illicit or unfair uses and unauthorised accesses.
RIGHTS OF SUBJECT OF PERSONAL DATA