Download Notification on processing personal data

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
Document related concepts
no text concepts found
Transcript 
NOTIFICATION
on the conditions of collection and further processing of personal data
This Notification is aimed at advising clients, or
potential clients, or other persons (hereinafter: “the
Client”) on collection and further processing of
personal data by Banca Intesa a.d. Beograd, 11070
Novi Beograd, Milentija Popovića 7b, Reg. No.
07759231 (hereinafter: “the Bank”), in accordance
with the Law on Personal Data Protection.
I.
DATA PROCESSING BY THE BANK
1) Informing the Client on conditions of data
collection and processing
Conditions of collection and further processing of
personal data not presented in this Notification are
given in relevant Data Processing Records, publicly
available in the Central Data File Register maintained
by the Commissioner for Information of Public
Importance and Personal Data Protection, and
accessible at the address: http://registar.poverenik.rs.
The Bank enables the Client to have insight into
hardcopies of the said records, or delivers them to the
Client at his/her request.
2) Manner of data collection
The Bank regularly collects personal data from the
data subject, and exceptionally data may be collected
also from third parties if:
 Envisaged by a contract concluded with a data
subject;
 Envisaged by a law or another regulation passed
pursuant to a law;
religion, (h) ethnicity, (i) race, (j) language, (k) victims
of violence and (l) sexual life.
Data specified above shall be processed on the basis
of informed consent of the Client, save for data
relating to political party affiliation, health status, or
receipt of social support, when the law allows the
processing of such data without the subject's consent.
The specified data are labelled as “Particularly Sensitive
Personal Data” and protected by special safeguards.
4) Data excluded from processing
The Bank does not process personal data in the
following cases:
 When the Client did not give or withdrew his/her
consent to personal data processing, and the legal
authority for processing data without such consent
is missing;
 If processing is done for the purposes other than
those specified in the Bank’s internal regulations,
or database content;
 If the purpose of processing is vaguely defined,
modified, inadmissible or already achieved;
 If the purpose of such processing is achieved
(when the client is still identified or identifiable);
 If the means of processing data meanwhile
became inadmissible, i.e. if they are not based on
a credible source anymore;
 If the processed data is unnecessary or unsuitable
for the purpose of processing;
 Necessary concerning the nature of the task;
 If the number or type of data processed is
disproportionate to the purpose of processing;
 Related to excessive consumption of time and
resources;
 If the data are inaccurate and incomplete, i.e. if
not based on a credible source or outdated.
 Necessary for the purpose of achieving or
protecting vital interests of a client, in particular
his/her life, health and physical integrity.
II. Right to notification of data processing
3) Particularly sensitive data
At the request, the Bank informs the Client on the
following:
 Personal data processing, as follows:
Data relating to the following are deemed as
particularly sensitive: (a) political party affiliation, (b)
trade union membership, (c) health status, (d) receipt
of social support, (e) criminal record, (f) gender, (g)
- Whether the Bank processes data on the Client
and, if so, which processing operations it
performs;
Page 1 of 3
- Which data are being processed;
- Who the data was collected from, i.e. who was
the source of data;
- The purposes for which the data is being
processed;
- The legal grounds for data processing;
- Which data files contain the data;
 Users of the data:
- Who are the users of the data;
- Data and /or types of data that are used;
- The purpose for which such data is used;
- The legal grounds for the use of data;
 Transfer on personal data:
- To whom the data are transferred;
- Which data are transferred;
- The purposes for which the data are transferred;
- The legal grounds for data transfer.
III. LEGAL GROUND FOR DATA PROCESSING
1) Client's consent on conditions of collection
and processing of data
After the Client is advised on conditions of collection
and further processing of data, he/she may provide
the Bank with valid consent to carry out processing of
personal data:
 In writing (as a separate statement or within other
document, such as questionnaire, contract, etc.);
 Verbally for the record.
Consent may be given through a proxy provided that
such must be certified by the competent authority.
For persons incapable of giving their own consent,
such consent may be given by their appointed
representatives or guardians.
Consent for processing of data on deceased persons
may be given by the spouse, children above 15 years
of age, parents, siblings, legal heirs, or persons
appointed for that purpose by the deceased.
Consent may be withdrawn in writing or verbally for
the record.
 To forward his/her personal data to the central
database of the Intesa Sanpaolo Group, members
of their bodies, shareholders, staff of the Bank,
external auditors of the Bank, as well as other
persons who must have access to such data
because of the nature of their job, and to third
parties with whom the Bank has concluded nondisclosure agreement;
 To use his/her personal data for its regular
business operations and performance of its legal
obligations founded in any existing, completed, or
future agreement with the Client, including
preparation and delivery of offers for other products
of the Bank, market researches, customer
satisfaction analysis, risk assessment, recording,
validation, and updating, as well as analysis and
processing of statistical nature;
 To process any personal data obtained in
accordance with the law and the Bank’s internal
acts, from the Client or third parties, including those
obtained through the Credit Bureau maintained by
the Association of Serbian Banks, in conformity
with the relevant Data Processing Records within
the Central Data File Register accessible at the
address: http://registar.poverenik.rs.
2) Processing of data without client`s consent
The Bank is allowed to process personal data without
the Client`s consent only in the following cases:
 To achieve or protect vital interests of the Client or
a third party;
 For the purpose of fulfilling its legal obligations
prescribed:
-
By a law or other regulation;
-
By an enactment adopted pursuant to the law;
-
By a contract concluded with the data subject,
as well as for the purpose of contract
preparation;
 In other cases envisaged by Law on Personal
Data Protection, for the purpose of achieving a
prevailing justifiable interest of the data subject,
the Bank or a user.
By giving the consent on conditions of collection and
further processing of personal data, the Client entitles
the Bank:
Page 2 of 3
IV. CLIENT’S RIGHTS RELATING TO DATA
PROCESSING
1) Right of access data and right to a copy
At the request, the Bank enables the Client to access
personal data relating to him/her, as follows:
 To review and read the data;
 To make notes.
At the request, the Bank obtains the copy of the said
data to the Client.
Request for accessing and/or copying data shall be
usually submitted in the Bank’s Branch Office, and
detailed instructions may be required from the Bank’s
Call Centre: +381 11 310 88 88.
The Bank notifies the Client on time and location
where the data may be accessed, in any case not
later than 30 days of receipt of an orderly request
from the Client.
2) Unacceptable request
If a request is unintelligible or incomplete, the Bank
shall instruct the requester to rectify any
shortcomings within the adequate deadline.
If the requester fails to rectify shortcomings within the
period specified, and if the shortcomings are such
that the request cannot be processed, the Bank shall
dismiss such request as unacceptable by passing a
relevant resolution.
3) Restrictions of Client’s Rights
The Bank may dismiss the Client’s request in the
following cases:
 If the provision of such information would
significantly prejudice the crime prevention,
detection, investigation and prosecution, or a
major economic or financial interest of the state;
 If the provision of such information would disclose
data identified as confidential under any regulation,
insofar as the disclosure of such data could
seriously prejudice an interest protected by the law;
 If the provision of such information would seriously
prejudice privacy or a vital interest of the Client or
a third party;
 During the stay of processing if the processing
was stayed on the Client’s request.
4) Client’s rights upon obtaining access to data
Upon obtaining access to data, the Client has the
right to file request to correct, modify, update or
deletion of personal data. The request shall be
usually submitted to the Bank’s Branch Office on the
special form of the Bank, in person or by proxy
(provided that such proxy must be certified by the
competent authority).
The Bank shall bring decision on request not later
than 15 days of the date of filling orderly request. In
case of rejection, the Client has the right to lodge an
appeal with the Commissioner for Information of
Public Importance and Personal Data Protection,
within 15 days of receipt of such ruling.
NOTE: The Client shall be informed on this
Notification within the Bank’s premises, and he/she
may require keeping hardcopy of the Notification.
 If the Client requests information referred to the
data already entered in a public register or
otherwise made publicly available;
 If the Client obviously abuses his/her right to
notification, access and copy;
 If the Bank has already notified to the Client the
information he/she requires, and the data have not
changed in the meantime;
 If the information relates to anti-money laundering
or combating financing of terrorism activities;
 If the Bank would be prevented from performing
its operations within its scope of activities;
Page 3 of 3
Related documents
test selection
test selection
Human Subjects Bill of Rights
Human Subjects Bill of Rights
here
here
RELEASE and CONSENT for BACKGROUND CHECK
RELEASE and CONSENT for BACKGROUND CHECK
California Experimental Subject`s Bill of Rights
California Experimental Subject`s Bill of Rights
Experimental Research Subject`s Bill of Rights
Experimental Research Subject`s Bill of Rights
Experimental Subject`s Bill of Rights (California
Experimental Subject`s Bill of Rights (California
Research Participant`s Bill of Rights It is important that the purpose
Research Participant`s Bill of Rights It is important that the purpose
rights of human subjects in medical experiments
rights of human subjects in medical experiments
experimental subject bill of rights
experimental subject bill of rights