The Company Safety - Privacy Unit ensures that personal data are collected and processed in accordance with the legal provisions and the principles expressed in the Code of Ethics. All Group personnel participate in training and updates on this issue, through mandatory initiatives online, as well as through classroom meetings and activities focused on specific areas.
The ongoing efforts to increase employee awareness on the issues of security and privacy, which have always been a key component of banking activities and represent the core of personal data protection, were accompanied by additional attention introduced by the Provision of the Italian Data Protection Authority of 12 May 2011 (effective from 30 September 2014), disclosed to all employees: Based on said provision, any IT activity within the Group's IT system is stored in electronic logs, subject to processing, in order to automatically identify potential irregularities in the processing of customer data - even if only due to improper or anomalous access to said data - and to perform the relevant verifications. Data subjects may access the Group companies' websites for updated information on the processing of personal data and the privacy policies with regard to internet use. In 2014, following 10 requests/reports forwarded by the Data Protection Authority for the protection of personal data, the necessary feedback was provided to companies in the banking group.