Privacy Policy ANOBA

Drafted in accordance with Regulation (EU) 2016/679 of 27 April 2016 (GDPR) and Italian Legislative Decree 196/2003, as amended by Legislative Decree 101/2018. 101.

Introduction

Dear User,
This Privacy Policy describes how the website www.anoba.it is managed with regard to the processing of personal data of users who browse it.
This notice applies whenever a user accesses the Site, even without creating an account or submitting online forms.

Data Controller

The Data Controller is ANOBA S.r.l., with registered office at Via Quattro Novembre 9, 21020 Taino (VA), Italy.

Contact details:

ANOBA has not appointed a Data Protection Officer (DPO), as the conditions set out in Article 37 GDPR do not apply.
For any request related to the processing of personal data, users may contact us using the details above.

Browsing Data and Cookies

During normal operation, IT systems automatically collect certain data whose transmission is implicit in Internet communication protocols (e.g., IP addresses, domain names, URI addresses, date and time of the request, method used, size of the response, status code, and device technical details).
Such data is used exclusively for anonymous statistical purposes and to ensure the proper functioning of the Site.

The Site uses cookies and tracking tools to improve browsing, personalise content, and measure advertising performance. Cookies may include:

  • Technical / strictly necessary cookies: essential for site operation (e.g. session management);
  • Analytics cookies: for anonymous browsing statistics, pseudonymised where possible (e.g., Google Analytics);
  • Marketing and profiling cookies: for targeted and personalised advertising (e.g., Meta Pixel).

Users may manage or revoke consent to cookies at any time via the cookie banner or browser settings.

Purposes and Legal Bases for Processing

ANOBA processes users’ personal data for the following purposes and legal bases:

  • Browsing the Site – Legitimate interest of the Controller (Art. 6(1)(f) GDPR)
  • Account registration and management – Contract performance (Art. 6(1)(b) GDPR)
  • Order processing, payments, shipping, and customer support – Contract performance (Art. 6(1)(b))
  • Tax and accounting compliance – Legal obligation (Art. 6(1)(c))
  • Sending newsletters, promotional or commercial communications – User consent (Art. 6(1)(a))
  • Statistical analysis and marketing activities – User consent or legitimate interest (Art. 6(1)(a),(f))

Note: ANOBA does not use automated decision-making processes nor carry out profiling that produces legal effects for the user.

Data Retention Period

Data is retained according to the following criteria:

  • Browsing data: duration of the session and up to 12 months for security purposes
  • Customer account data: until the account is deleted
  • Order-related data: 10 years (statutory tax and accounting obligations)
  • Marketing data: until consent is withdrawn, and in any case no longer than 24 months
  • Unsolicited applications (CVs): up to 60 days

Data Recipients

Personal data may be shared with:

  • Authorised ANOBA personnel;
  • Service providers supporting Site operation and e-commerce activities (e.g., couriers, IT providers, accounting and legal consultants, marketing agencies);
  • Competent authorities when required to comply with legal obligations.

Data will not be disclosed publicly.

Transfers Outside the EU

Some data may be processed by service providers located outside the European Economic Area (e.g., Google, Meta).
Such transfers occur only under Standard Contractual Clauses (SCCs), adequacy decisions, or other GDPR-compliant safeguards.

Data Concerning Minors

The Site is not intended for individuals under 16 years of age.
ANOBA does not knowingly collect data from minors without parental consent.
Any data inadvertently collected will be deleted without delay.

Whistleblowing

ANOBA promotes legality and transparency through a dedicated whistleblowing system.
Data collected through whistleblowing channels is processed separately and in accordance with applicable legislation (Italian Legislative Decree 24/2023).

User Rights

Under Articles 15–22 GDPR, users have the right to:

  • obtain confirmation as to whether their data is being processed;
  • access their personal data;
  • request rectification, erasure, or restriction of processing;
  • object to processing;
  • obtain data portability;
  • withdraw consent at any time;
  • lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

How to Exercise Your Rights

Requests may be sent via:
Email: hello@anoba.it
PEC: anoba@pec.it
(Please include “Privacy Request” in the subject line.)
ANOBA will respond within 30 days, extendable to 60 days for complex requests (Art. 12 GDPR).

Data Deletion

Data will be erased without undue delay if:

  • it is no longer necessary for the purposes for which it was collected;
  • the user withdraws consent and no other legal basis exists;
  • the user objects to processing and no overriding legitimate grounds exist;
  • the data has been unlawfully processed;
  • deletion is required by law.

Updates to This Privacy Policy

This Privacy Policy may be updated periodically.
The date of the latest revision will be indicated below.
Where appropriate, changes will be notified via the Site or by email.

Last updated: 30 September 2025