UniCredit Research >  Data Protection

Data Protection


This data privacy notice applies to the research websites of UniCredit Corporate & Investment Banking https://www.unicreditresearch.eu and to https://www.research.unicredit.eu of UniCredit Bank GmbH. The pages of this website may contain links to other providers that are not covered by this data privacy notice.
Personal data are only collected, processed and used at UniCredit Bank GmbH in line with the requirements of applicable data privacy provisions.

Below is a quick and easy overview showing what personal data we collect from you through this website and what we do with them. We would also like to advise you of your rights under current data protection legislation and of course tell you who to contact if you have any questions.


Who is responsible for data processing and whom should I contact?

The data controller is:

UniCredit Bank GmbH
Arabellastr. 12
81925 München
Telephone: +49 (0)89 378 – 0
Email address: info@unicredit.de

You can contact our internal data protection officer at:

UniCredit Bank GmbH
Data protection officer
P.O. Box
80311 München
Telephone: +49 (0)89 378 – 0
Email address: datenschutzrechte@unicredit.de


What personal data do we collect from you?

When you use this website, we collect data out of technical necessity that your internet browser sends to our server (e.g. IP address, downloaded URLs, web browser, operating system, data and time).
If you use our digital research offers, we save this information (e.g. downloaded document, date and time) provided we are legally obliged to do so. Furthermore, we only collect your personal data (e.g. name, email address, postal address) if you contact us.

How do we use your data?

If you send us a message in connection with our website and in doing so give details about yourself (such as your name or email address), we only use these data to communicate with you and for the purpose for which you gave us your data or provided it is necessary to perform the service.
We do not process or use your personal data for any other purpose, unless we are obliged to do so through legal provisions, such as the German Securities Trading Act (WpHG).


What do we use your data for and on what legal basis?

To fulfil contractual obligations (Art. 6 (1b) GDPR)

Data are processed to guarantee easy use of our website and digital research offer.

In order to balance interests (Art. 6 (1f) GDPR)

If necessary, we process your data beyond fulfilling the contract or pre-contractual measures in order to protect our or third party justified interests.

  • to analyse information we collect from website visits
  • to guarantee the Bank’s IT security and IT operations
  • measures on business management and to keep on developing our services and products

Based on legal requirements (Art. 6 (1c) GDPR) or in the public interest (Art. 6 (1e) GDPR)

As a bank, we are also subject to various legal obligations, i.e. statutory requirements and regulations, such as MiIFID, the German Securities Trading Act (Wertpapierhandelsgesetz - WpHG), German Banking Act (Kreditwesengesetz - KWG) and regulatory banking rules, such as those of the European Central Bank, European Banking Authority, German Bundesbank (Deutsche Bundesbank) and the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht - BaFin). For the purposes of processing, these include record keeping requirements, fraud and anti-money laundering as well as compliance with tax monitoring and reporting obligations.


Who receives my data?

Within the Bank, the only departments given access to your data are those that need it to ensure we comply with contractual and statutory obligations. Service providers and vicarious agents engaged by us may also receive data for these purposes if they maintain banking secrecy and data protection. In terms of our website, these are companies in IT sectors. We only use selected service providers that are contractually obliged to process the data they receive solely under our instruction.
Moreover, we do not pass on your data to any other companies.


Are data transferred to a third country or an international organisation?

UniCredit Bank GmbH does not pass on data from this website to agencies in countries outside the European Economic Area (third party countries).


For how long will my data be saved?

We do not process or store your personal data for longer than is necessary for the respective processing purposes.

If your data are no longer required to fulfil contractual or statutory obligations, they will be deleted unless it is necessary for them to be further processed - for a limited period - for the following purposes:

  • Compliance with commercial and tax retention periods: This includes the German Securities Trading Act (Wertpapierhandelsgesetz - WpHG), German Commercial Code (Handelsgesetzbuch - HGB), Fiscal Code (Abgabenordnung - AO), German Banking Act (Kreditwesengesetz - KWG) and Money Laundering Act (Geldwäschegesetz - GwG). The prescribed time limits in the above legislation on retention and documentation vary from two to ten years.

What data protection rights do I have?

  • Every data subject has a right to information under Article 15 GDPR, right to rectification under Article 16 GDPR, right to erasure under Article 17 GDPR, right to restriction of processing under Article 18 GDPR, right to object based on Article 21 GDPR and the right to data portability based on Article 20 GDPR. The restrictions under Sections 34 and 35 German Data Protection Act (Bundesdatenschutzgesetz - BDSG) apply to the right to information and right to erasure. Furthermore, you have a right to lodge a complaint with a responsible data protection supervisory authority (Article 77 GDPR in connection with Section 19 BDSG).

If you would like to assert your rights, please contact our data protection officer with reference to the website https://www.unicreditresearch.eu. Further information from UniCredit Bank GmbH on data privacy notices under Art. 13 GDPR can be found at http://www.hvb.de/eu-dsgvo-hinweise


Use of cookies

This website sometimes uses cookies. Cookies do not cause any damage to your computer and do not contain viruses. They are aimed at making your use of our website more user-friendly, more effective and secure. Cookies are small text files deposited on your computer that your browser stores.

The cookies used by this website are session and permanent cookies for authenticating the user. Session cookies are automatically deleted at the end of your visit. Permanent cookies are stored on your end device until you delete them. These cookies enable us to recognise your browser the next time you visit. You can also adjust your browser in such a way that you will be informed about the setting of cookies, so you can decide to accept cookies either on a case-by-case basis or to reject them in general and also to activate the automatic deletion of cookies when you close the browser. Deactivating cookies may restrict the functionality of this website.

Every browser is different in terms of how it manages cookie settings. This is described in the Help menu of every browser which explains how to change your cookie settings. 

You can delete or block all cookies from this website at any time by activating the corresponding function on your browser. You can find detailed instructions on how to do this in the Help section on your browser or under the following links:

To find out more about cookies and see which ones have been stored, what their content is and how these are managed and can be deleted, please visit www.allaboutcookies.org.


Dealing with social networks

This website does not use any social plugins of social networks such as Facebook, Google+ or Twitter. These networks therefore do not have any way of tracking your activities on our internet pages.


In case of conflict between the provisions of the English version and the German version of this data privacy notice, the latter should prevail.


Version dated 19 July 2018