PRIVACY POLICY

This section explains how the site treats the personal information of the users who visit it. According to
Article 13 and Article 14 of Regulation (UE) 2016/679, the policy is also made available to those who interact
with the Bank’s web services, accessible electronically from the address: www.savetour.it
This document also takes into account Recommendation no. 2/2001 on the protection of personal data that
the European authorities have adopted to identify the minimum requirements for the collection of personal
data online.
The policy applies only to the site in question and not to any other websites that the user accesses via links.
The data controller is Intesa Sanpaolo S.p.A with head office at Piazza San Carlo, 156 – 10121, Torino.

DATA PROCESSING

The processing of data associated with the web services on this site is handled only by the technical
personnel of the service responsible for processing. None of the data obtained by a web service is
communicated or disclosed to third parties.
The personal data provided by users who request information material are used for the sole purpose of
offering the service and are disclosed to third parties only when strictly necessary.

DATA CATHEGORIES

Browsing data

During normal use, the IT systems and software procedures for running this website acquire some personal
data the transmission of which is implicit in the use of Internet communication protocols.
It concerns information that is not collected to be associated with specific individuals, but by their own very
nature could, through the processing and association with data held by third parties, allow users to be
identified
This category of data includes IP addresses or domain names of computers used by users who connect to
the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the
method used to submit the request to the server, the size of the file obtained in response, the numerical code
indicating the status of the response from the server (successful, error, etc.) and other parameters related to
the operating system and the users. This data is used only to obtain anonymous statistical information on the
Site and to check its correct functioning and is deleted immediately after processing. The data could be used
to ascertain responsibility in case of hypothetical computer crimes against the Site: except for this possibility,
the data on web contacts are stored for 12 months.

Data provided voluntarily by the user

The elective, explicit and voluntary sending of e-mail messages to the addresses posted on the website
entails the subsequent acquisition of the sender address, which is necessary to answer any queries, as well
as of any other personal information included in the message.
Specific summary information dedicated to particular services on request will be provided or displayed on the
pages of the website.

COOKIE POLICY

Cookies are small text strings exchanged between a server and the web client. They are used to perform
automatic authentication, session tracking and storage of specific information about users accessing the
server.
This site uses Technical Cookies to save the User’s session and to perform some activities strictly necessary
for its functioning, for example in relation to load balancing. It may also use Cookies to save your navigation
preferences and optimise your browsing experience. These cookies may include language and currency
settings, or cookies for the management of aggregate and anonymous statistics by the site owner. Technical
Cookies also covers “Web Analytics”, which are used to collect aggregate and anonymous statistics on site
use by visitors.

Managing cookies from browser settings

This website works best if cookies are enabled. Using your browser settings you can, however, disable the
use of cookies on your computer. If you completely disable cookies, you may disable some functionalities of
the site or prevent it from functioning correctly overall. Even with all cookies disabled, your computer will
continue to store a small quantity of information, which is necessary for the basic functioning of the site. For
information on how to change your cookie settings, refer to the website of your browser provider.
For information on how to change cookie settings you can refer to the website of the manufacturer of your
browser.

METHODS OF PROCESSING

The personal data are processed using automated tools only for the period of time required to fulfil the
purposes for which the data were collected. Special security measures are taken to prevent the loss of data,
illicit or improper use, and unauthorised access.

RIGHTS OF THE DATA SUBJECT

In your capacity as Data subject, you may exercise, at any time towards the Data Controller, the rights
provided by the Regulation (right of access, right to rectification, right to erasure, right to restriction of
processing, right to data portability, right to object) by sending a specific request in writing to the e-mail
address dpo@intesasanpaolo.com or; via post to the address Intesa Sanpaolo S.p.A., Piazza San Carlo,
156 – 10121 Turin, Italy.

Complete information notice on www.intesasanpaolo.com