1. Who are the subjects of the treatment 1.1 DATA CONTROLLER The Data Controller is ADACI Associazione Italiana Acquisti e Supply Management (hereafter, the “Data Controller”), based in Milan (MI), Via Imperia 2 – P. IVA 02111100158. The Controller holds in the highest regard the right to privacy and protection of personal data of its Users. For any information in relation to this privacy policy you may at any time contact the Controller by sending:

• a registered letter with return receipt to the address Via Imperia, 2 – 20142 Milan (MI);
• an e-mail message to segreteriasede@adaci.it

1.2 PARTIES TO WHOM PERSONAL DATA MAY BE DISCLOSED

• Your data may be disclosed to our service company ADACI Formanagement Srl SU of which ADACI Italian Purchasing and Supply Management Association is the sole member.
• Your data may also be communicated to Companies/professional firms that provide assistance and/or consulting services to the Data Controller, in accounting, administrative, tax, legal, fiscal and financial matters, as well as to third party service providers to whom the communication is necessary for the provision of the service/contract performance. Said individuals will process the data in their capacity as Data Processors.
• The Data Controller may also communicate your data to administrative, institutional and/or judicial Authorities and to any other entity to which the communication is obligatory by law and/or for the fulfillment of the purposes indicated in this statement. Said parties will process the data in their capacity as autonomous Data Controllers.
• Your data will not be disseminated.

2. What type of data do we collect? 2.1. DATA YOU PROVIDED US WITH DIRECTLY

• contact data such as first name, last name, date of birth, email address, phone number;
• other data: professional category, company name, VAT number/tax code;
• third party data (e.g., data of family members).

2.2. DATA WE COLLECT AUTOMATICALLY

• data collected using cookies or similar technologies: for more information, please visit the “Cookies” section.

3. How do we use the data collected? 3.1. TO GRANT YOU ACCESS TO OUR SERVICES

• event registration;
• payment of participation fee;
• sending administrative communications.

3.2. TO INFORM YOU ABOUT OUR ACTIVITIES

• invite you to events and meetings organized by us or by third parties our Partners.

4. Is the provision of data mandatory?

• The provision of personal data is compulsory only for the processing necessary for the provision of the services referred to in point 3.1 (refusal for purposes of service provision makes it impossible to use the service itself);
• on the other hand, it is optional for the purposes referred to in point 3.2, and any refusal to give consent has no negative consequences on the provision of the services offered within the website https://www.adaciconvention2025.com and related applications.

5. How can you get information about your personal information? 5.1 EXERCISING YOUR RIGHTS

• access, update, delete, restrict or object to processing;
• revoke consent;
• receive your data in a structured format;
• lodge a complaint to the Data Protection Authority;
• email: segreteriasede@adaci.it

6. How and for how long will your data be stored?

• Data stored for the time strictly necessary to fulfill the purposes in point 3.
• Invoices and accounting records: stored for 11 years.
• Deleted or anonymized after expiration or request.

7. How do we ensure the protection of your data?

• Security measures compliant with GDPR Art. 32.

8. Can the privacy policy change over time?

• Yes. Significant changes will be notified via the site or other means.