ADDITIONAL INFORMATION NOTICE ON THE PROCESSING AND PROTECTION OF PERSONAL DATA RELATING TO THE USE OF MOBILE APPS

In addition to the information notice already provided and available by following the path "Privacy" Information notice for clients (unicredit.it) in the footer of the website Privacy (unicredit.it), which we refer to for any further information not expressly provided for herein, UniCredit S.p.A. (hereinafter also the "Bank"), as Data Controller, informs you in more detail on the processing of your personal data with reference to the activities carried out by the Bank in the context of the use of the UniCredit Mobile Applications (Mobile App).

1. Data controller and data protection officer

The Data Controller is UniCredit S.p.A., with registered office in Milan, Piazza Gae Aulenti n. 3, Tower A, 20154 Milan.

You can contact the Data Protection Officer at UniCredit SpA, Data Protection Office, Piazza Gae Aulenti n. 3, Tower A, 20154 Milan; E-mail: Group.DPO@unicredit.eu; PEC: Group.DPO@pec.unicredit.eu.

2. Purpose and legal basis of processing

UniCredit processes your personal data only if one or more of the following legal bases and purposes of the processing exist:
LEGAL BASISPURPOSE OF PROCESSING

a) Contract and pre-contractual measures

The processing is necessary for the execution of a contract of which you are a part or for the execution of pre-contractual measures adopted at your request

Activities necessary for the purpose of downloading and activating the Mobile APPs and delivering the services you have requested (e.g., providing information through the integrated chat service; providing access to and enabling subscription to products and services through apps including device products and services such as credit transfers and payments, prepaid recharges; smart withdrawal; etc.).

The provision of data for the purpose described above is not mandatory and refusal to provide it does not result in any negative consequences, except for the inability of the Bank to proceed with the activation of the Apps and deliver the requested service.

b) Legitimate interest

Processing is necessary for the pursuit of the legitimate interest of UniCredit, provided that your interests or your fundamental rights and freedoms which require the protection of personal data do not prevail.

Need to pursue the legitimate interest of UniCredit for the purpose of carrying out control activities finalized to prevent and/or restrain fraudulent and/or damaging actions, including those of an IT nature to the damage of the Mobile App user Customer (e.g. in case of app activation/deactivation; of dispositive operations such as credit transfers and/or recharges; smart withdrawal; etc.) by collecting data related to Your location (so-called geolocation). More specifically, the Mobile App, upon first access and/or each reactivation, will ask the operating system of your device for permission to detect your location in real time and, if authorized, will allow the Bank to identify the geographic location of your device.

You will be free to choose whether or not to allow geographic location detection and how the Bank may view your location, based on your device's operating system. You may, however, at any time change your choice from your device's settings and revoke previously granted permissions. From the time of the setting change, UniCredit will not receive or further process such data.

3. Categories of data processed

UniCredit processes the following personal data:

  • personal identification data/contact datails (e.g., first name, last name, cell phone number);
  • information about the device used (e.g., operating system installed, model, etc.),
  • data related to your location (so-called geolocation);
  • additional present information managed by the device, e.g., SMS, photos/media elements/files, Internet connection information, downloaded Mobile APP version, etc.