IT / EN

PRIVACY POLICY NOTICE

 

Introduction

In accordance with EU Regulation 2016/679 (hereinafter “Regulation” or “GDPR”) and applicable data protection laws, Nobel Partners Advisory srl, located in Florence at Viale A. Vespucci n. 58 (hereinafter “Data Controller”), provides this notice regarding the purposes and methods of processing personal data, as well as the measures adopted to ensure its security.

 

 

1. Who is the Data Controller?

The Data Controller is Nobel Partners Advisory srl. The “Data Controller” is the individual or legal entity that determines the purposes and means of processing personal data.

 

 

2. What personal data do we process?

According to Article 4 of the GDPR, “personal data” refers to any information related to an identified or identifiable individual. Nobel Partners Advisory srl processes the following data:

  • Common identification data: name, surname, date and place of birth, personal contacts, VAT number, bank details, residential address, province, and postal code.
  • Personal data of employees, clients, and management in the case of legal entities.

The processing will be carried out in accordance with the principles of fairness, lawfulness, and transparency.

 

 

3. On what legal bases do we process your data?

The processing is carried out in accordance with Article 6 of the GDPR and is based on the following legal bases:

  • Performance of a contract or pre-contractual measures (Art. 6, para. 1, letter b);
  • Compliance with legal obligations to which the Data Controller is subject (Art. 6, para. 1, letter c);
  • Legitimate interest of the Data Controller in the context of the professional relationship with the client (Art. 6, para. 1, letter f).

 

4. For what purposes do we process your data?

Personal data is processed for:

  • Proper and complete execution of the professional assignment (e.g., Merger & Acquisition, business valuations, strategic and financial planning, financial and industrial restructuring, due diligence);
  • Compliance with regulatory obligations, including tax and anti-money laundering regulations;
  • Management of relationships with credit institutions;
  • Verification, exercise, or defense of a right in legal proceedings.

 

5. How do we process your data?

The processing will be carried out using electronic and manual tools, adopting security measures suitable for protecting the data from unauthorized access, loss, or unlawful use.

 

6. Who can we communicate your data to?

Your data may be communicated to:

  • Professionals and collaborators appointed;
  • Third-party companies providing services on behalf of the Data Controller;
  • Credit institutions, insurance companies, hardware/software maintenance providers;
  • Competent authorities for legal obligations;
  • Other subjects within the limits established by applicable laws.

All third parties operate as Data Processors or independent Data Controllers.

 

 

7. Is the provision of your data mandatory?

Yes, the provision of data is necessary for the execution of the professional assignment. Failure to provide the data may result in the inability to fulfill contractual obligations.

 

 

8. How do we protect your data?

We have adopted technical and organizational security measures in accordance with Art. 32 of the GDPR to prevent unauthorized access, loss, or unlawful use of data.

 

 

9. For how long do we retain your data?

Data will be retained for the time strictly necessary to fulfill the purposes mentioned above:

  • 10 years from the termination of the contractual relationship for administrative and accounting purposes;
  • For the entire duration of the assignment received;
  • For the time required to fulfill legal obligations and for legal defense purposes.

 

10. Where are your data transferred?

Data is stored within the European Union. Any transfer to non-EU countries will only occur to countries with an adequacy decision from the European Commission or with appropriate safeguards.

 

 

11. What are your rights?

Under Articles 15-22 of the GDPR, you have the right to:

  • Access your data;
  • Request correction or deletion;
  • Object to the processing;
  • Request data portability;
  • Limit processing in the cases provided by Art. 18 of the GDPR;
  • File a complaint with the Data Protection Authority.

Requests should be sent via email to info@nobelpa.com.

 

 

12. Changes to this notice

We reserve the right to update this notice. Any substantial changes will be communicated promptly.

 

 

13. Data Processors

The complete list of Data Processors and authorized persons is available upon request at info@nobelpa.com.

 

 

Last updated: March 2025