My Mortgage

FIDEA SRL, having registered office in Servigliano (FM), Via Circonvallazione Clementina n ° 4 (hereinafter Data Controller), in its role of data controller, informs you, pursuant to art. 13 D.Lgs. 30.6.2003 n. 196 (hereinafter, Privacy Code) and art. 13 EU Regulation n. 2016/679 (hereinafter, GDPR), that your data will be processed in the following manner and for the following purposes:

1. Data subject to processing

The Data Controller processes personal data (such as name, surname, company name, address, telephone number, e-mail address, bank and payment details, income data — hereinafter data), sent to us by you via electronic means, ordinary mail or handed over personally to our employees or brought to our offices; required for the services requested by you. Health and judicial data may also be processed in case they are included or necessary for the professional purposes.

2. Purpose of the processing

Your personal data are processed:
A) Without your express consent (art. 24 a), b), c) Privacy Code and art. 6 b), e) GDPR), for the following Service Purposes:
- to perform the services you have requested from the Data Controller for the disbursement of loans, mortgages and any other credit type, also through requests for various certifications, submission of requests to public offices or companies providing services; to provide services of banks, financial brokers and insurance products directly offered through the web portal as well as through web campaigns linked to the aforementioned portal; to offer telephone consultancy, even prolonged, about the offered products / services ; to provide banks, financial brokers and insurance companies with the data and information resulting necessary for the provision of the requested services; to advise the customers about products and/or services belonging to the categories of those requested, except for the faculty referred to in point 8 below:
- to fulfil the obligations established by law (administrative, accounting, fiscal and tax and for purposes related to anti-money laundering obligations), by regulations, by the Community legislation or by any other authority.
- to exercise the Data Controller's rights, such as the right to defence in a court;
B) with your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Marketing Purposes:
- the sending of newsletters, commercial communications and/or advertising material, services and special offers, as well as assistance and customer care services, via e-mail, ordinary mail and/or SMS and/or telephone.

3. Processing methods

The processing of your personal data is carried out though the steps indicated in art. 4 of the Privacy Code and art. 4 n. 2 of the GDPR, and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic processing. The Data Controller may, in compliance with the specific legislation about this matter, use cookies or web alerts on customer browsers for the purpose of information gathering. The data will not be transferred elsewhere and will only be stored in our computer systems. The Data Controller will process personal data for the time necessary to fulfil the aforementioned purposes and for no more than 10 years from the end of the relationship for administrative purposes and for no more than 3 years from the collection of data for Marketing Purposes.
The Data collected and processed may be made available to:
Data Controller collaborators, like managers or appointed persons; companies operating in the credit or insurance field with which FIDEA already has stipulated or is going to stipulate a commercial collaboration or some co-brokerage agreements so that they will be able to offer financing or insurance products; to the banks or financial brokers, even in absence of assignment of an professional contract, for the sole purpose of reporting the name/identity of the client, in connection with the financing requests; to third parties, physical or legal, to companies that offer anti-fraud services or services are necessary for credit evaluation through databases; to real estate companies and to professionals providing notary activities and translation and interpreting services; the data will be shared with them only if they are involved and functional to the fulfilment of the requested services; to the Data Controller's consultants (as autonomous Data Controllers), for the aspects that may concern them and according to the methods established by law. The data will not be disseminated and will be destroyed when we have no longer need them or there is no obligation to keep them.

4. Access to data

Your data may be made available for the purposes referred to in art. 2.A) and 2.B):
- to employees and collaborators of the Data Controller, people in charge and/or internal managers of the processing and/or system administrators.
- to third parties or other subjects (for example credit institutions, professional offices, insurance consultants, interpreters, notaries etc.) who carry out outsourced activities on behalf of the Data Controller, as external data processors.

5. Communication of data

Without the need for express consent (pursuant to Article 24 letters a), b), d) Privacy Code and art. 6 letters b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to: judicial authorities if they are explicitly requested, as well as with those subjects to whom the communication is mandatory by law for the accomplishment of the said purposes. These subjects will process the data as independent data controllers. Your information will not be disseminated.

6. Data transfer

Personal data are stored in our computer system and will not be transferred abroad. The Data Controller has in any case the right to move the servers to server farms in the EU territory only and only if necessary. In this case, the Data Controller hereby ensures that the data will be transferred in accordance with the applicable legal provisions, under the standard contractual clauses provided by the European Commission.

7. Provision of data and consequences of refusal to reply

The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence, we cannot guarantee the related services.

8. Rights of the involved party

As an involved party, you own the rights described in art. 7 of the Privacy Code and art. 15 GDPR and precisely the rights to:
I. obtain confirmation of the existence or absence of personal data about you, even if they are not yet registered, and the communication of this data in an intelligible form;
II. obtain info about: a) the source of personal data; b) the purposes and methods of the processing; c) the method applied in case of processing of data through electronic instruments; d) the ID details of the Data Controller, the managers and the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them, in their role of designated representative in the State territory, managers or agents;
III. obtain: a) updating, rectification or, in case of necessity, additions of data; b) the cancellation, transformation into anonymous form or blocking of data unlawfully processed, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the official confirmation that the operations referred to in letters a) and b) have been communicated, also their content, to those to whom the data have been made available, except in the case in which this fulfilment is impossible or involves using means which are manifestly disproportionate to the assured right;
IV. to object, partially or completely a) to the processing of personal data concerning you, even if pertinent to the purpose of the collection, for legitimate reasons; b) to the processing of personal data concerning you for the purpose of sending advertising material. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods, extends to traditional ones. The possibility to object to these marketing communications remains, even partially, in charge of the involved party. Therefore, the involved party can decide to only receive communications using traditional methods or automated communications, or neither of these.
You also have the rights referred to in articles 16-21 GDPR (right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right of opposition) and, if applicable, the right to complain to Guarantor Authority. It is also your duty to promptly communicate the updating of your data by e-mail and/or registered post.

9. How to exercise rights

You can exercise your rights at any time by sending:
- a registered letter to Fidea SRL, Via Circonvallazione Clementina 4, 63839 Servigliano (FM)
- an e-mail to amministrazione@fideacredito.it.
Please note that Fidea srl appointed a Data Protection Manager to protect your data. His name is Mr Sauro Antonelli, he can be reached at +39.348.4893536 or e-mail address: s.antonelli@fideacredito.it.

10. Data Controller, responsible and agents

The Data Controller is Fidea srl, with registered office in Servigliano (FM), Via Circonvallazione Clementina N. 4. The updated list of data processors and persons allowed to process data is located in the registered office of the Data Controller.