Index

Foreword

Dear User,

this Privacy Policy is provided pursuant to art. 13 of Regulation 2016/679/EU - on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter also referred to as the "Regulation" or "GDPR").

Within this Privacy Policy you will find information relating to the processing of your personal data, resulting from the navigation within the web spaces and the use of services made available to you through the website.

You will be provided with specific and/ or supplementary information on the processing of your personal data on each occasion in which we collect them, in your interaction with the site or by virtue of contractual relationships established with our company; you can see them all at any time by clicking on the links in the section “Informatives" at the end of this page.​

Warning: this Privacy Policy does not apply to web services provided by third parties, which you may use or consult, reached through hypertext links. In this regard, we invite you to consult the privacy notices and privacy policies provided by these third parties in the appropriate locations.

Definitions

Privacy Regulation: The GDPR, the Privacy Code, the Measures of the Guarantor and in general all the legislation on the protection of individuals with regard to the processing of Personal Data.

GDPR or Regulation: European Union Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data (General Data Protection Regulation).

Personal Data: Any information concerning an identified or identifiable person. In addition to the data provided by the User by means of any forms within the individual areas of the Web Services, this also includes data relating to navigation. 

Data Subject: The identified or identifiable person to whom the Personal Data refers.

Navigation Data: The computer systems and software procedures used to operate the Web Services acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could allow, through processing and association with data held by third parties, to identify users. However, if the browsing session takes place after accessing the Reserved Area (c.d. log in), the data collected are associated with the User's personal account.

Navigation data includes:

  • IP addresses or domain names of the computers used by the users who connect to the site;

  • the addresses in URI notation (Uniform Resource Identifier) of the requested resources;

  • the time of the request;

  • the method used to submit the request to the server;

  • the size of the file obtained in response;

  • the numerical code indicating the status of the response given by the server (successful, error, etc.);

  • other parameters relating to the User's operating system and computer environment.

Data provided by the User: These are the data that the User voluntarily and knowingly transmits through the sending of communications (e.g., through e-mail, to the addresses within the web domain) or through the completion of special forms, if present within the spaces provided by the Services.

The Data provided by the User are only those strictly necessary for the purposes from time to time pursued by the Services (for precise indications regarding the categories of data collected from time to time, please refer to the individual privacy policies of reference). By way of example, such data may include:

  • personal data;

  • concerning contact details (e.g. e-mail address);

  • related to the contractual position of the User-Customer;

  • geolocation data (if the User has expressed consent to the collection of data relating to his/her location);

  • concerning the use of individual Services made available to the User;

  • concerning facts and events exposed by the User in his messages (in this regard, and for his greater protection, the User is invited not to provide information that is not strictly pertinent to the subject of the request and the nature of the Services provided by the Company).​

Data Controller or the Holder: The entity that decides on the purposes and methods of the processing of Personal Data. With reference to the Web Services, it is the Company of the Unipol Group to which this site refers and of which you can find the references at the bottom of each page.

Services or Web Services: The services provided through the internet network, used through the website and/or any APPs.

User: The interested party (person) who browses, consults, accesses or uses the Web Services.

DPO: The Data Protection Officer. The User concerned may request clarification on the processing of Personal Data or exercise their rights by contacting the DPO, in the manner and form indicated in the section “How to exercise the rights and/or request information on data treatment".

Privacy Guarantor: The Guarantor for the protection of personal data, the Italian national supervisory authority for the protection of personal data. Consulta il see the Privacy Guarantor website.

Cookies: Cookies are pieces of information recorded on your device (e.g., within the memory of your browser) when you visit a website or use a web application.

Each cookie may contain various data, such as, for example, the name of the server from which it comes, a numerical identifier, etc..

See the Cookie Policy for more information.

Information on the processing of User personal data​​

Below we provide you with useful information regarding the processing of Personal Data carried out through the Web Services.

In particular, we want to inform you:

  • of the identification and contact details of the Data Controller;

  • degli estremi di contatto del Responsabile per la protezione dei dati (DPO);

  • delle categorie di Dati Personali trattati attraverso i Servizi Web;

  • delle finalità per cui tali Dati Personali sono di volta in volta trattati;

  • dei presupposti che legittimano il trattamento dei suddetti dati (cosiddette basi giuridiche);

  • della durata della loro conservazione, sempre strettamente necessario al perseguimento delle finalità dichiarate; e

  • delle categorie di destinatari della comunicazione dei dati.

Data controller: UnipolTech S.p.A.

Registered office: Via Stalingrado 37 – 40128 Bologna.

Categories of Personal Data, purpose and legal basis of the processing and terms of data conservation​

1. Categories of Personal Data:

   1.1. Navigation Data:

      1.1.1. ​​Purposes of processing:

a. To enable web navigation and the provision of Services.​

Legal basis: Need to execute a contract of which the interested party is part or to provide a service at the request of the same. The data will be kept for the duration of navigation within the Services.

b. To obtain anonymous statistical information on the use of the Web Services, for the sole purpose of monitoring their correct functioning.​

Legal basis: legitimate interest of the Company. The collected data are aggregated and made no longer traceable to the individual user who browsed.​

c. To ensure the security and proper functioning of the Web Services, as well as to ascertain responsibility, in case of hypothetical crimes, and in order to protect our rights accordingly.

Legal basis: Legitimate interest of the Company. The data will be kept for (1 month) and subsequently for the time strictly necessary to carry out any investigations, to define any disputes and, in general, to protect our rights. 

​   1.2. Data provided by the User: provision of Web Services:​

      1.2.1. Purposes of treatment:

a. Registration Reserved Area and functionalities related to the provision of related Web Services.​

Legal basis: Need to execute a contract in which the interested party is a party. The data will be kept for the time of activation of the account. In the case of Services related to a contractual position of the User, Personal Data may be stored for additional time for administrative-accounting purposes and on the basis of the provisions of the regulations applicable from time to time (generally, 10 years).

b. Request for information.

Legal basis: Need to execute requests made by the interested party (pre-contractual phase) or legitimate interest. The data will be kept for the time necessary to provide the feedback.

The conferment of your Personal Data is free and optional. Please note, however, that for the pursuit of certain purposes (to provide the appropriate feedback requested, for the registration to the Reserved Area or for the provision of individual services) is essential; if not provided, in such cases, it may not be possible to proceed with the pursuit of these purposes.

Failure to provide data (and consent) for any marketing or profiling purposes does not affect the other services requested.

We invite you, however, to consult the individual informatives on the processing of data for more details.

Modalities of data processing and recipients of data communication

The above data will not be subject to disclosure and may be known by employees of our company specifically authorized to process them. They may also be acquired and/or processed by other companies of the Unipol Group and/or the companies. Processing operations may be carried out by external subjects to whom we entrust the performance of activities on our behalf, and with whom we stipulate specific agreements aimed at regulating the processing of data.

Finally, data may be communicated upon request to public authorities or law enforcement agencies.

The processing of Personal Data is always subject to the adoption of appropriate security measures to ensure the confidentiality, availability and integrity of the data.

​​​​Cookies

The Web Services may use technical, analytical and profiling cookies, both first and third party.

The cookies are essential to improve the Services and to provide products that are always in line with the preferences of the Users.

The possible use of profiling and/or third party cookies will always be subject to your prior consent.

To learn more, click here.

User rights (as an interested party)​

The Privacy Law (art. 15-22 of the Regulation) guarantees the User, in his capacity of interested party, the right to access the data concerning him, as well as to obtain the rectification and/or integration, cancellation or portability. The Privacy Policy also gives the User the right to request the limitation of the processing of data and to object to the processing, as well as the possibility to revoke any consent given (the revocation does not affect the lawfulness of the treatment carried out until that moment).

In particular, the User may request:

  • Access to data: the User may request from the Data Controller:

    • confirmation that it is processing data concerning him/her;

    • copy of the data concerning him/her;

    • information regarding the processing of data (e.g. legal bases, retention periods, categories of data recipients, etc.);

The User may always make such a request.

  • Rectification or integration of data: The User may request the Data Controller to:

    • rectify;

    • update;

    • modify the Personal Dapa processed.

If the processed data is inaccurate or incomplete.

  • Data Deletion: The User may request the Data Controller to delete the Personal Data it is processing because:

    • the Personal Data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;

    • the User revokes the consent on which the processing is based, and if there is no other legal basis for the processing;

    • the User objects to the processing pursuant to Art. 21 and there is no overriding legitimate reason to proceed with the processing;

    • the Personal Data has been unlawfully processed;

    • the Personal Data must be erased in order to comply with a legal obligation under Union or Member State law to which the data controller is subject.

  • Limitation of the processing of Personal Data: the User may request that the Controller does not carry out any processing operation on his/her Personal Data, other than storage, except with the User's consent or to protect his/her rights:

    • the User disputes the accuracy of the Personal Data, for the period necessary for the Data Controller to verify the accuracy of such Personal Data;

    • the processing is unlawful and the data subject objects to the erasure of the Personal Data and requests instead that its use be restricted;

    • although the data controller no longer needs the Personal Data for processing purposes, the Personal Data is necessary to the data subject for the establishment, exercise or defence of a legal claim;

    • the User has objected to the processing, pending verification of whether the legitimate reasons of the data controller prevail over those of the data subject.

  • Opposition to the processing of Personal Data: The User may oppose processing based on legitimate interest (including the sending of promotional communications) or public interest.

    There must be reasons related to the particular situation of the User, except if the objection is to processing for direct marketing purposes.

  • Objection to an automated decision-making process: The User may object to automated decision-making processes. If such a process is necessary for the conclusion of a contract, is based on an explicit consent, is authorized by law or regulation of the State or the European Union, the User has the right to obtain human intervention by the data controller, to express his opinion and to challenge the decision.

    A prerequisite is that there is a decision based solely on automated processing, including profiling, which produces legal effects concerning the User or similarly significantly affects the User's person.

  • Portability of Personal Data: The User has the right to receive in a structured, commonly used and machine-readable format Personal Data concerning him/her on the following assumptions:

    • the data has been provided by the User; and

    • the processing is based on consent or on a contract; and

    • the processing is carried out by automated means.

  • Revocation of consent: The User may revoke the consent given. The revocation does not affect the lawfulness of the processing carried out until that moment.

    The User may always submit such a request.​

How to exercise the rights and/or request information on data treatment​

The "Data Protection Officer" is available for any doubts or clarifications, for the exercise of the rights of the Data Subjects and to provide an updated list of the categories of data recipients.

Data Protection Officer or DPO: privacy@unipoltech.it

This does not affect your right to apply to the Privacy Guarantor, also by means of a complaint, where deemed necessary for the protection of your Personal Data and your rights in this regard.​

Informatives​

Unipol Customers

Linear Customers

Arca Customers

​Qshino Customers

Back to index

​​Request for access to telematic data, according to Article 13 EU Regulation no. 679/2016 - General Data Protection Regulation

Instructions for sending request

For the compilation of the form we suggest to read carefully each part, as there are mandatory fields and according to the choices made will be visible only the fields that must be completed. Proceeding from one field to another with the "tab" key you are sure not to skip any box, and if you need to request more periods, once the first one is filled in (complete with date and time, as in the example) a "+" is activated that will allow you to enter additional dates.

Only if all the form has been filled in correctly, the "NEXT" button is activated to go to the next screen, and from here you can click on "generate document", at this point it will be possible to print the document, sign it and reload it in order to send the request, together with the required identity documents.

Only if the documents congruent with what has been declared previously are loaded, the sending can be concluded.​

Request form