Pursuant to arts. 13 and 14 of Regulation (EU) 2016/679 (“the Regulation”), we would like to inform users about how and why the personal data of those interacting with our websites / blogs are processed. This Web Privacy Policy is provided solely for www.ifisfinance.pl and not for other websites possibly consulted by the user through links published on the above website. This Policy considers all sector regulations, with specific reference to:
The Data controller is IFIS FINANCE Sp. z o.o., with registered offices in ul. Wspólna 70, 00-687 Warsaw, Poland. The Data Controller has appointed a Data Protection Officer, who can be contacted by e-mail at: odo@ifis.pl.
1) Data provided voluntarily by users
The user may voluntarily provide the Controller with its personal data, with specific reference to personal information, e-mail address and other contact data, in the following circumstances:
The personal data provided are collected, processed and stored by the process Controller for the following purposes:
The personal data supplied are processed by the Controller solely for the time needed to achieve the purpose they were collected for. Once that purpose has been achieved, the personal data are deleted or made irreversibly anonymous.
2) Navigation data
During their normal operations and solely for the connection duration, the information systems operating this website acquire some personal data transmitted implicitly on using internet communication protocols. This information is not collected to be associated with identified data subjects but, for its very nature, could enable user identification through processing and association with data held by third parties. This data category includes: IP addresses or the names of computers used by users to connect to this website; URI (Uniform Resource Identifier) addresses of the resources requested, the time requests are made, the method used to submit requests to the server, the size of the file obtained in response, the numerical code indicating the status of the answer given by the server (successful, error, etc.), the characteristics of the browser used for navigation purposes, the size of the window in which the browser is performed in the device used, and other parameters related to the user’s operating system and computer environment. These data are only to collect anonymous statistics on how this website is used and to check it operates correctly, and are deleted straight after processing. The data could be used to ascertain responsibilities in any hypothetical computer crimes damaging the website. In that occurrence too, the contact data do not last longer than seven days.
3) Cookies
Cookies are small strings of text that the website sends and memorises in the user’s device; to then be used by the website itself at the user’s next visit. During navigation, the user’s device may also receive cookies sent by different websites or web servers (belonging to so-called “third parties”), on which there could be elements (for example, images, maps, sounds, specific links to the pages of other domains) present on the website visited. Cookies are used for different purposes such as performing IT authentication, monitoring sessions, memorising information on specific configurations concerning users accessing the server.
Cookies can be technical or profiling.
The user can avoid the Controller using cookies by setting its navigation browser settings. However, users who choose to eliminate the technical cookies from their devices, or to stop their storage, might not have access to all website functionalities. Even if the user disables all cookies, the user’s browser will still memorise a small amount of information needed for basic website functionalities.
Here below please find a list of the cookies used on our website, both proprietary and of third parties:
Owner of the cookie (proprietary / of third party) |
Type of cookie (technical / profiling) |
Name of cookie |
Storage times |
Description of the cookie function |
Full information (if of third party) |
---|---|---|---|---|---|
- |
Technical cookie |
cc_bancaifis_adwords, cc_bancaifis_marketing, _socialnetwork, cc_bancaifis_social, |
1 year |
These cookies allow the loading of site monitoring scripts, in order to improve their management. |
- |
Adform |
Profiling cookie |
cid |
2 months |
This cookie optimizes the display of ads based on the movement of the combined user and the various offers of advertisers for the display of user announcements. |
https://site.adform.com/ |
Adform |
Technical cookie |
uid |
2 months |
This cookie is used to give site users a unique user ID that recognizes the user during return visits. |
https://site.adform.com/ |
Bing |
Technical cookie |
_uetsid |
30 minutes |
This cookie allows you to interact with a user who has already visited the website. |
https://privacy.microsoft.com/it-it/privacystatement |
Bing |
Technical cookie |
MUID |
13 months |
Bing Ads uses the Microsoft user identifier (MUID) to allow valid clicks to be counted. |
https://privacy.microsoft.com/it-it/privacystatement |
Bing |
Profiling cookie |
MUIDB |
13 months |
This cookie is a third-party analysis service that links data from the Bing advertising network with actions performed on the website. |
https://privacy.microsoft.com/it-it/privacystatement |
DoubleClick Ad Services |
Profiling cookie |
test_cookie |
15 minutes |
DoubleClick uses cookies to serve ads on third-party websites. This cookie publishes ads relevant to potential customers and collects information on how and if they interact with these ads. |
http://www.google.com/intl/en/ |
Profiling cookie |
fr |
3 months |
This cookie is used by Facebook to track Facebook users with a cookie used for advertising purposes. It contains the encrypted Facebook user ID e Browser ID. |
https://www.facebook.com/policies/cookies/ |
|
Google Universal Analytics |
Technical cookie |
_ga |
2 years |
This cookie is used to identify individual users by assigning a number generated randomly as a client id. It is included in every website and is used to calculate the number of visitors and data used to produce analysis reports. |
https://policies.google.com/privacy |
Google Universal Analytics |
Technical cookie |
_gat |
1 minute |
A cookie used to limit the request speed, limiting the gathering of data on websites subject to intense traffic |
https://policies.google.com/privacy |
Google Universal Analytics |
Technical cookie |
_gid |
24 hours |
This cookie is used to identify individual users by assigning a number generated randomly as a client id. |
https://policies.google.com/privacy |
Webtrekk |
Technical cookie |
wteid_814599373069108 |
6 months |
This cookie is used to recognise the web browser. |
https://www.webtrekk.com/en/legal/ |
WordPress |
Technical cookie |
wp_session |
30 minutes |
Session cookie required by WordPress in order to identify the individual sessions of a user. |
https://automattic.com/privacy/ |
To change profiling cookie use settings click here, or, if you want to change the use settings of all cookies you need to consult the instructions below based on the browser used:
Browser |
Gestione cookie |
---|---|
Chrome |
|
Microsoft Internet Explorer |
https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies |
Safari |
|
Mozilla Firefox |
https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences |
Personal data collected by the website are processed automatically for the time strictly needed to achieve collection purposes. Where needed, processing performed by the Controller on data collected from the website could be based on automated decision-making processes that produce legal effects or have a similar significant effect on the data subject such as, for example, processing performed using profiling cookies. Suitable technical and organisational security measures are complied with to prevent damage, whether material or immaterial (e.g. loss of control of the personal data or limiting rights, discrimination, theft or usurping identity, financial losses, unauthorised decryption of pseudonymisation, prejudice to reputation, loss of the confidentiality of personal data protected by professional secret or any other significant economic or social damage).
To pursue the purposes described or when it is indispensable or required by law or by authorities with the power to impose it, the Controller reserves the right to communicate data to recipients belonging to the following categories:
Subjects belonging to the categories indicated above operate autonomously as separate process controllers, or as processors appointed specifically for the service; the list, updated continuously, is published on the website www.bancaifis.it.
The personal data may be known, related to tasks performed, by Controller employees, including internees, temporary workers, consultants, the employees of external companies, all specifically authorised, instructed and appointed as processors.
Lastly, no data coming from the web services are circulated.
When needed to perform the purposes mentioned, the data of the data subject could be transferred abroad, to non-EU Countries/organisations that guarantee a personal data protection level deemed suitable by the European Commission with a decision; or, in any case, based on other suitable guarantees, for example the Standard Contractual Clauses adopted by the European Commission. A copy of any data transferred abroad and the list of the non-EU Countries/organisations to which the data has been transferred can be obtained from the Controller by submitting a specific request by ordinary mail sent to the registered office of the Controller or by e-mail sent to odo@ifis.pl.
Pursuant to articles from 15 to 22, the Regulation attributes specific rights to the data subject. More specifically, the data subject can obtain: a) confirmation of whether its personal data is being processed or not and, in that case, access to that data; b) rectification of incorrect personal data and integration of any incomplete data; c) erasure of its personal data in cases where it is permitted by the Regulation; d) restriction to processing, for hypotheses set forth in the Regulation; e) communication, to recipients that the personal data were transmitted to, of the requests to rectify/erase the personal data and restrict processing received from the data subject, except when that should prove impossible or imply a disproportionate effort; f) reception, in a structured, commonly-used format readable by an automatic device, of the personal data provided to the Controller and their transmission to another controller, at any time, even if relations possibly held with the Controller should cease. The data subject also has the right to object at any time to its personal data being processed. In those cases, the Controller is obliged to abstain from any further processing, with no prejudice to reasons permitted by the Regulation. The data subject also has the right not to be subjected to a decision based solely on automated processing, including profiling, that causes legal effects concerning him/her and significantly affecting his/her person; unless that decision: a) is needed to finalise or execute a contract between the data subject and the Controller; b) is authorised by Union law or that of the member State the Processor is subject to; c) is based on the specific data subject consent. For the aforementioned letters a) and c), the data subject has the right to obtain human intervention from the Controller, to express its opinion and dispute the decision. Requests may be submitted by ordinary mail sent to the registered office of the Processor or by email sent to odo@ifis.pl. The data subject also has the right to submit a complaint to the data protection Authority pursuant to art. 77 of Regulation (EU) 2016/679, and to take legal action pursuant to arts. 78 and 79 of the Regulation itself.