Privacy Policy
F.a.or. s.p.a., through its Data Processing Manager, undertakes to: comply with all the provisions of the 2016/679 European Regulation and the other Italian laws and regulations regarding data privacy and security; observe the instructions that will be given by the Data Controller; fulfill the obligations of information and acquisition of consent, when requested, towards the interested parties; guarantee to the interested parties the effective exercise of the rights envisaged by art. 77 of the 2016/679 European Regulations; prepare and update a security system suitable to comply with the safety obligations and the appropriate technical and organizational measures to guarantee a level of safety appropriate to the risk according to art. 32 of the 2016/679 European Regulations; adapt the security system to the future regulatory provisions on the security of the processing of personal data; appoint, in writing, those authorized to process data, providing them with all the instructions necessary for their correct, lawful and safe processing; provide data controllers with authorization to access data and verify periodically, and in any case once a year, the existence of conditions for the conservation of authorizations; prepare, where required, the initial notification and any subsequent changes to be sent to the Guarantor; prepare, where required, the request for prior authorization for the processing of sensitive data; cooperate for the implementation of the provisions of the Guarantor.
AML Policy
F.a.or. s.p.a. carries out the activities outlined in the previous paragraph also in order to comply with the obligations imposed by Anti-Money Laundering Regulations (Legislative Decree 231/07), as fully referenced here, and as implemented through its policies and procedures, in particular: appropriate customer due diligence, aimed at identifying, verifying, and confirming the identity and the information contained in the so-called "Customer Identification Form," as well as, where applicable, those of its Beneficial Owners and Executives; enhanced customer due diligence, where the conditions are met according to the provisions of Anti-Money Laundering Regulations, based on the company's risk approach; periodic updating of the identification documentation and customer information contained in the "Customer Identification Form" collected at the start of the relationship; reporting of suspicious transactions to the competent Authorities; transmission of information flows to the competent Authorities; reasonably designed controls to: a) prevent the establishment of relationships with customers who present issues according to the aforementioned regulations or are otherwise not aligned with the company's risk appetite; b) ensure proper ongoing monitoring of the relationship with its customers.
