Information notice pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR)
WHY THIS INFORMATION?
Pursuant to Regulation (EU) 2016/679 (“GDPR”), this page describes how personal data are processed. This notice is provided pursuant to Article 13 GDPR. The notice does not apply to any third‑party websites that may be reached via links on this website, for which no responsibility is assumed.
Processable personal data
Personal data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to that natural person’s physical, physiological, genetic, mental, economic, cultural or social identity (Recitals 26, 27 and 30 GDPR).
Data of contracting parties/users.
Browsing data: the computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
Data provided voluntarily: the optional, explicit and voluntary sending of messages to the contact addresses indicated on this website and/or the completion of data collection forms entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data included.
Information regarding the processing of personal data carried out through Social Media platforms
The processing of personal data carried out by the operators of the Social Media platforms used by the Controller is governed by the information they provide in their respective privacy policies. The Controller processes the personal data provided by users through the pages dedicated to Social Media platforms, in order to manage interactions with users (comments, public posts, etc.) and in compliance with applicable legislation.
COOKIES AND OTHER TRACKING SYSTEMS. WHAT ARE THEY? WHAT ARE THEY FOR?
Please refer to the cookie policy published in the website footer and at the following link.
1. WHO IS THE DATA CONTROLLER? HOW CAN YOU CONTACT THEM?
The Data Controller is NBC Elettronica Group S.r.l., with registered office at Via Tavani, 2/C – 23014 Delebio (SO), Italy, in the person of its pro tempore legal representative. You can contact the Controller for any information by e‑mail: [email protected].
2. PURPOSE OF PROCESSING, LEGAL BASIS, DATA RETENTION PERIOD, NATURE OF PROVISION
PURPOSE OF PROCESSING | LEGAL BASIS | DATA RETENTION PERIOD | NATURE OF PROVISION |
Browsing this website. The data necessary for the use of web services is also processed in order to: • obtain statistical information on the use of the services (most visited pages, number of visitors by time slot or daily, geographical areas of origin, etc.). • check the proper functioning of the services offered. | The processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not override them, taking into account the reasonable expectations of the data subject and the activities strictly necessary for the operation of the website and browsing itself (Art. 6(1)(f) and Recital 47 GDPR). | Retention of browsing data will last for the duration of the browsing session. In any case, such data will not persist for more than seven days. | Provision of data is necessary for browsing the website. |
Use of cookies and similar technologies. Please refer to the cookie policy in the website footer. | For non‑essential, non‑technical cookies and similar technologies, processing is based on consent to the processing of personal data (Art. 6(1)(a) and Recitals 42 and 43 GDPR). Consent is given through the website’s banner and cookie policy. | Please refer to the cookie policy in the website footer. | Please refer to the cookie policy in the website footer. |
In addition to browsing, personal data will be processed for:
PURPOSE OF PROCESSING | LEGAL BASIS | DATA RETENTION PERIOD | NATURE OF PROVISION |
A) CONTACTS, sending contact requests, information. | The processing is necessary for the performance of a contract to which the data subject is party or in order to take pre‑contractual measures at the data subject’s request (Recital 44). Art. 6(1)(b) GDPR. | Maximum 12 months. | Provision is necessary. Failure to provide the necessary data will make it impossible to be contacted and to receive information. |
B) HANDLING YOUR REQUESTS and requests from other data subjects pursuant to Articles 15 et seq. GDPR (data subject rights). | The processing is necessary for compliance with a legal obligation to which the Controller is subject (Recital 45). Art. 6(1)(c) GDPR. | 5 years from closure of the request, unless disputes arise. | Provision of personal data is mandatory, as it is indispensable to fulfil legal obligations. |
3. WHO WILL RECEIVE THE PERSONAL DATA? DATA RECIPIENTS
Personal data will be disclosed to entities that will process the data as independent Controllers, or as Processors (Art. 28 GDPR), and will be processed by natural persons (Art. 29 GDPR) acting under the authority of the Controller and the Processors on the basis of specific instructions regarding the purposes and methods of the processing. Data will be disclosed to recipients belonging to the following categories:
Entities based in Italy that provide services for the website and communication networks, including e‑mail, hosting and website management.
Competent authorities for compliance with legal obligations and/or orders of public bodies, upon request.
The list of Art. 28 Processors is available by writing to [email protected].
4. WILL DATA BE TRANSFERRED TO NON‑EEA COUNTRIES?
Personal data will not be transferred to countries outside the EEA. In particular, it should be noted that data will be stored within the EEA for website hosting, management, development and maintenance services. All third parties to whom data may be disclosed are based within the EEA.
5. IS THERE AN AUTOMATED PROCESS?
Personal data will be processed by traditional manual, electronic and automated means. No fully automated decision‑making processes are carried out.
6. WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?
Data subjects may exercise their rights as set out in Articles 15 et seq. GDPR by contacting the Controller at [email protected].
The Controller guarantees data subjects the possibility to request, at any time, access to their personal data (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18). The Controller (Art. 19) shall communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data has been disclosed. The Controller shall inform data subjects who request it of such recipients.
The Controller guarantees the right to data portability (Art. 20) and, in the case of requests under Art. 20, will provide data in a structured, commonly used and machine‑readable format.
Data subjects have the right to object (Art. 21), at any time, to processing based on legitimate interest, by writing to the above contacts with the subject line “objection”.
If data subjects believe that the processing of personal data carried out by the Controller infringes the provisions of Regulation (EU) 2016/679, they are free to lodge a complaint with the national supervisory authority, in particular in the Member State of their habitual residence or place of work, or where the alleged violation of the Regulation occurred (Garante per la Protezione dei Dati Personali https://www.garanteprivacy.it/), or to seek the appropriate judicial remedies.
7. CHANGES TO THIS PRIVACY NOTICE
The Controller may change, modify, add to or remove any part of this Privacy Notice. To facilitate verification of any changes, the notice will contain an indication of the date of its update.
Date of update: 26 September 2025