The material published on the website www.icbcit.com, consisting of internal production articles, press releases, news on the Bank and on Group companies and photographic reproductions, is owned by the Industrial and Commercial Bank of China (ICBC) or by companies of the ICBC Group.
Therefore, everything published on the website cannot be, reproduced, modified, copied, transferred or downloaded nor used in any way without the prior consent of ICBC.
ICBC assumes no responsibility for any errors or omissions of any kind relating to the material published on the website or on websites connected to it; consequently, the Bank is not liable for any damages or prejudices arising from the consultation of the website.
The logos and trademarks on the www.icbcit.com website are owned by ICBC or companies of the ICBC Group. They may not be used on other media or on any other website without the written and prior consent of ICBC or the companies that own the trademarks and logos.
ICBC through the web site www.icbcit.com manage data provided by users during the web navigation according with Regulation (EU) 2016/679 (hereinafter, also, “GDPR”) and Italian law of harmonization.
Information pursuant to articles 13 and 14 of the Regulation (EU) 2016/679 and the Italian law of harmonization
Following the consultation of this website, data relating to identified or identifiable persons may be processed. According to Articles 13 and 14 of European Regulation 2016/679 (hereinafter, also, "GDPR") and Italian law of harmonization, Data Subject’s personal data (hereinafter, also, "User") are collected and processed by ICBC (Europe) S.A. Milan Branch (hereinafter, also, "Owner" or "ICBC"), in quality of data controller, and for this reason gives the information relating to the processing of Data Subject’s personal data.
The navigation and consultation of this Website does not require to provide any personal data and/or sensitive one, but in some areas of this Website user may be required to fill out forms to allow the use of specific services freely requested by the user, in these cases specific information on the processing of personal data will be provided.
According to article 9 of the GDPR, special categories of personal data are intended those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
Type of data processed
Access to the site does not require user to enter personal details.
The informatics systems and software procedures used to allow the consultation of this website acquire, during their normal operation, some identification data whose transmission is implicit in the use of Internet communication protocols. Those information are not collected to be associated with identified parties but could, by their own nature, through processing and association with data held by third parties, allow the users identification.
This category of data includes IP addresses or computers’ domain names used by users connecting to the site, URI (Uniform Resource Identifier) of requested resources, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the status of the response from the server (successful, error, etc ...) and other parameters relating to the users’ operating system and computer environment.
Cookies are not used for personal information transmission, nor are used so-called persistent cookies of any kind, or systems for tracking users. The use of so-called session cookies (which are not permanently stored on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site.
For further details about cookies:
The request to send e-mail, in the sections of the website where this is provided, necessarily involves the collection of some personal data, including the e-mail address.
Purposes of Data processing
Data eventually provided by the user are processed in relation to the Bank usual activity and for the following purposes:
●Purposes strictly connected and functional to the management of the relations with the customers;
●Purposes related to law stated obligations, by European regulations and legislation as well as by provisions issued by Authorities empowered by law and by supervisory and control boards;
●Purposes functional and/or related to the Bank’s activity for which Data Subject has the right to express or not his specific, explicit and informed consent.
Nature of Data provision
Except for what have been specified for navigation data, user is free to provide or not personal data requested in forms. A refusal to provide such data may, however, make impossible to obtain what user has requested. Data processing legal basis may be, in accordance with Article 6 letters a., b., and c. of the GDPR, data subject specific, explicit and informed consent, the execution of a contract to which data subject is a party or the execution of pre-contractual measures taken at data subject request or the fulfillment of a legal obligation to which the data controller is subject.
Method of Data processing
Personal data processing is carried out by manual, computer and telematics means in such a way as to guarantee data security and confidentiality both when using traditional means and telematics or innovative distribution channels. Personal data will be kept for a period of time strictly related to the pursuit of the individual purposes for which the data were collected, in any case the criteria used to determine the above storage periods are based on the respect of the retention periods stated by law and the principles dictated by Article 5 of the GDPR.
Communication of the data
Any personal data provided by the user will be processed by appointed personnel (according to the present privacy informative, “appointed personnel” means each “person authorized by the Data Controller to process personal data) according with articles 4, 10 and 29 of the GDPR) and by persons appointed as data processors.
An updated list of third parties who are identified as "Processors" is available, by request, sending a communication to the address below or an email to: email@example.com
Rights of the Data Subject
In relation to the processing of Data, you are entitled to exercise the rights provided for in Articles 15 to 22 of the 2016/679 European Regulation, (following reproduced in abbreviated form). At any time you can exercise the aforementioned rights sending an email to: firstname.lastname@example.org
Data Controller and Data Protection Officer
The Data Controller is ICBC (Europe) S.A. Milan Branch, Via Tommaso Grossi 2, 20121, Milano. Data Controller can be contacted at the following address: email@example.com.
The Data Controller has appointed a Data Protection Officer (also, “DPO”), at any time you can contact the DPO at the following email address: DPO@it.icbc.com.cn.
RIGHTS OF THE DATA SUBJECT
Articles 15 to 22 - Regulation (EU) 2016/679 of the European Parliament and of the Council
According to articles 15 to 22 of the GDPR, the Data Subject has the right to access to a copy of the information comprised in their personal data, object to processing that is likely to cause or is causing damage or distress, object to decisions being taken by automated means, obtain the limitation of the process(in certain circumstances), have (in certain circumstances) his personal data rectified, integrated, blocked, erased or destroyed, obtain the portability of his personal data and the right to propose a claim to the Privacy Authority.
Fund transfer activity through SWIFT
The Data Controller, in addition to the information already provided, informs you that, in order to carry out international financial transactions (e.g. cross-border transfer) and certain specific domestic transactions (e.g. transfer of significant amount), requested by you or in your favor, it is necessary to use an international messaging service.
The bank shall provide SWIFT (owner of the SWIFTNet Fin system) with data referred to the person carrying out the transactions (e.g. the names of the payer, the payee and the respective banks, the bank details and the sum), which are necessary for carrying out the transactions.
Actually, Banks cannot carry out the above operations requested by customers without using this interbank network and without communicating the above data. Any refusal to provide data therefore makes impossible to carry out the operations requested. The processing of your data is carried out using manual, computer and telematics means in a logic strictly related to the purposes themselves and, in any case, to ensure the security and confidentiality of the data.
Furthermore, Bank informs you that:
●all customer data used to carry out such financial transactions are currently - for operational security reasons - duplicated, transmitted and temporarily stored in copy by SWIFT on a server of the company located in the United States of America;
●data stored on this server can be used in the USA in accordance with local regulations. Competent US authorities (in particular the Treasury Department) have had access to it - and will be able to access it further - on the basis of measures that can be taken under US counter-terrorism legislation. The subject is widely debated in Europe in various institutions in relation to what is provided for in the European regulations on the subject of the protection of personal data;
●At any time you may exercise the rights provided by Articles 15 to 22 of European Regulation 2016/679.