Ticket Privacy Policy

INFORMATION NOTICE on the PROCESSING of PERSONAL DATA pursuant to Article 13 of the GDPR for VISITORS

In compliance with Regulation (EU) 2016/679 (hereinafter the GDPR) and the Italian Privacy Code (i.e. Legislative Decree 196/03 as amended by Legislative Decree 101/2018), we inform you that your data will be processed by NürnbergMesse Italia S.r.l., the organiser of the international trade fair “Focus on PCB” (hereinafter NürnbergMesse I).

In accordance with Article 12 of the GDPR, NürnbergMesse I provides the following information notice as a measure to provide the person accrediting as a Visitor/Buyer (hereinafter also the data subject) with the information referred to in Article 13 of the GDPR and the communications referred to in Articles 15 to 22 and 34 of the GDPR in relation to the processing of the data provided to access the “Focus on PCB” trade fair. Accordingly, pursuant to Article 4(1)(7) and (24) of the GDPR, we inform you that the controller of the processing of personal data is NürnbergMesse Italia S.r.l., NürnbergMesse Italia, Via Renato Fucini 5, 20133 Milano (MI), Tax Code 06596090966, VAT number 06596090966 (hereinafter the Data Controller). You can contact the Data Controller for any need and/or clarification regarding the processing of personal data at: privacy@nm-italia.it or on +39 02 36753260.

The data you freely provide by completing the online registration form available from the trade fair’s official website and collected through the ticketing support of Vivaticket – Ticket distribution – Vivaticket – data relating both to the company details and to the Visitor – do not fall within the special categories of personal data as listed in Article 9 of the GDPR and are processed by the Data Controller on the basis of the conditions of lawfulness set out in Article 6 of the GDPR, for purposes related to the relationship established with the Data Controller and for the following purposes:

1) Accreditation for the “Focus on PCB” trade fair, entry to the exhibition centre, and related IT technical operations and ticketing, carried out both through IEG – Home – Italian Exhibition Group / Manifestazioni – Italian Exhibition Group / Quartiere – Italian Exhibition Group – and Vivaticket S.p.A. – Info Legali – Vivaticket / Vivaticket – in order to perform the contract, enable your actual visit and manage ticketing; 

2) Sending service/operational emails (technical and service communications relating to the pre-fair/fair/post-fair phases);

3) Sending soft spam;

4) Promoting the event through publications or documentation, including online, in which the buyer/visitor is involved;
5) Sending customer-satisfaction surveys and preparing anonymised statistics;

6) Sending commercial communications relating to the activities of the Data Controller (soft marketing);

7) Sending commercial communications relating to the partners of the Data Controller or to the NürnbergMesse Group of which the Data Controller (NürnbergMesse Italia) is part, or its exhibitors, concerning the relevant trade fair sector and/or what is presented at the fair and/or services connected with and useful for the Fair, as well as the electronics sector in a broad sense (without any disclosure of data to the latter);

8) Sending broad-based commercial communications relating solely to the Data Controller and its activities, as well as to events in the field of electronics;
9) Carrying out specific studies for the purpose of sending targeted communications (profiling);

10) Establishing/defending a right;

11) Ensuring the security of the event;

12) Complying with an order from public authorities for the purpose of complying with applicable regulations.

With reference to the above purposes, the legal bases are: for points 1) and 2), the contract between the parties for participation in the event as a Buyer/Visitor (hereinafter the Contract); for points 4), 5), 6), 10) and 11), legitimate interest; for point 3), Article 130 of Legislative Decree 196/03 as amended by Legislative Decree 101/2018; for points 7), 8) and 9), consent freely given by you; for point 12), Article 6(1)(c) GDPR.

Accordingly, with reference to the above, the Data Controller informs you that the data provided for participation as a Visitor in “Focus on PCB”, held at the Vicenza exhibition centre managed by IEG from 13 to 14 May 2026, will be subject to the following processing operations: collection, organisation, storage, consultation, entry in databases (“DB”) or CRM (Zoho and Zoho CRM | Top-rated Sales CRM Software by Customers), sending communications, collection and entry into the ticketing platform operated by Vivaticket and subsequent scanning of your QR code to access the exhibition centre, processing, extraction, processing within and outside the EU only in the cases governed by Articles 45 and 46 of the GDPR, alteration upon your request, updating, erasure, disclosure to processors appointed pursuant to Article 28 of the GDPR for organisational reasons (e.g. Vivaticket, IT implementing Zoho, press office).
Specifically, the Data Controller informs you that, unless you object, it will submit market surveys—customer satisfaction—and industry surveys to you, and will publish, in promotional communications, certain of your company data or your interviews (given in relation to the Data Controller) in journalistic and trade articles—both online and in print. These activities will be carried out on the basis of the Data Controller’s legitimate interest, balanced against the aim of offering you a trade fair that is active and vibrant, with qualified exhibitors, increasing in number and suited to your interests, so as to offer you a service that is increasingly effective, aligned with your interests and capable of enhancing and simplifying your activity. Please note that you may object to what is described here simply by emailing privacy@nm-italia.it or by following the instructions in the footer of the communications; we will act on your request as soon as technically practicable.

Likewise, the Data Controller may also send you soft spam (in accordance with Article 130(4) of the Italian Privacy Code), to the receipt of which you may object at any time by following the instructions in the footer of the emails or by writing to oppo@nm-italia.it; in this case as well we will act on your request as soon as technically practicable.
In addition, in accordance with Article 21 of the GDPR and Recital 47 of the GDPR, on the basis of its legitimate interest (the legal basis legitimising the processing under Article 6(1)(f) GDPR), balanced against the reasonable expectations and interests of the data subject, the Data Controller will send its own soft marketing communications, of interest to visitors’ businesses (by, for example, web marketing, newsletters, telephone contacts, direct email messages, MMS, SMS, WhatsApp, email, fax, hard-copy mail, carried out by the Data Controller or by third-party companies appointed as processors). Please note that you may object by writing to privacy@nm-italia.it and indicating “NO MKTG” in the subject line. It is understood that the data subject may object to marketing at any time by following the instructions contained in the footer of the communications received.

The Data Controller will also carry out the processing operations set out below only following express consent (legal basis: express consent under Article 6(1)(a) GDPR), which you may give or withhold directly online on the ticketing website, for the following purposes:
A) Sending you commercial communications (marketing), in both traditional and modern formats, relating to the activities of the Data Controller’s partners, of the NürnbergMesse Group of which the Data Controller (NürnbergMesse Italia) is part, or of its sponsors/exhibitors, concerning the trade fair sector or what is presented at the fair and/or services connected with and useful for the Fair, as well as the electronics sector in a broad sense, through, for example: hard-copy mail, email, newsletters, MMS/WhatsApp/Telegram/SMS messages, or by contacting you by telephone calls. These activities will be carried out by the Data Controller or by its processors;

B) Sending you commercial communications (marketing), in both traditional and modern formats, relating solely to the Data Controller and its activities, as well as to events in the field of electronics, through, for example: hard-copy mail, email, telefax, newsletters, MMS or SMS messages, WhatsApp, or by contacting you by telephone calls;

C) Carrying out specific studies in order to send targeted communications and personalise content (profiling).
In addition, please note that if you do not wish to receive communications on any of the above topics, or by any of the above-mentioned means, or on any of our partners/exhibitors/sponsors, please let us know by emailing privacy@nm-italia.it.

The legal basis for the processing operations listed under letters A, B and C is consent (see Article 7 GDPR) freely given by the data subject, which may be withdrawn at any time without affecting the lawfulness and validity of what was done on the basis of consent before its withdrawal. To exercise this right, please refer to the section “DATA SUBJECT’S RIGHTS” below.

Disclosure and Dissemination of data: the Data provided by you to participate in the event will NOT be disseminated by the Data Controller. Please note that certain services are provided directly by IEG (e.g. access for disabled persons to the exhibition centre) or by Vivaticket (e.g. the leadscan service). In these cases they act as independent controllers and do not share the personal data collected. You are therefore invited to read their information notices and to contact them directly if you wish to exercise your rights or obtain information about the processing of your personal data by them.

Your data will also be disclosed to third-party companies duly appointed as processors pursuant to Article 28 GDPR, for organisational and IT purposes, as well as to other companies for the organisation of conferences held during the event, disclosure to staff for the preparation of promotional and/or trade journalistic articles in the context of the fair, as well as disclosure to third parties appointed by the Data Controller to promote the event, all in relation to the management of the trade fair activity.

Methods of processing and security measures: processing may take place on paper or by electronic means by persons specifically authorised to process data. Pursuant to Article 13(2)(f) GDPR, the Data Controller confirms that processing does not involve automated decision-making and that profiling is not carried out unless following your express consent to that effect.
The Data Controller adopts appropriate security measures as provided for by Article 32 GDPR to prevent the loss of data, unlawful or improper uses and unauthorised access.

Nature of provision and responsibility: the provision of Data is partly optional. Any refusal by the Buyer to provide the data necessary—marked with an asterisk—to conclude the contract and allow accreditation as a visitor will result in the relationship not proceeding and will therefore compromise participation in the trade fair.
Please note that submission of the participation request will result in the Data Controller processing the data in order to perform the contractual activity. In addition, the exercise of the right to object or the absence of consent to what is set out under points A, B, C and D will in any event allow the Buyer to participate in the trade fair.
The data provided must be truthful and up to date; the organiser accepts no liability for data that are entered incorrectly or are incomplete and/or illegible.
It is understood that the person completing the entire participation request by entering all the requested data is responsible for all of the data provided and for each individual item of data, including as regards its accuracy and truthfulness and the possibility of disclosing it, and will ensure that it may be lawfully used by the Data Controller, holding the latter harmless from any and all claims that may arise and indemnifying the Data Controller against any claims for direct and/or indirect damages.

Retention period: as required by Article 13(2)(a) GDPR, the Visitor is informed that the Data will be retained for 10 years for legal, administrative and insurance purposes (related to the contract for participation in the event), while for other purposes such as marketing they will be retained for no more than five editions of the fair. At the end of the five years, the data subject may be contacted again to check whether they are still interested in receiving communications for the above purposes and, if so, their personal data will be retained again for a further five years.
If the Visitor exercises the right to object, the Data Controller will act on the request as soon as technically practicable.

Data subject’s rights: the Data Controller informs you that the rights of rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, as well as the right of access to the personal data provided and to all consequential information as listed under Article 15 GDPR, are guaranteed to the data subject.

You are also entitled to:
1) request from the controller the rectification and/or erasure of your personal data or restriction of processing, or to object to their processing;
2) data portability under Article 20 GDPR;

3) where processing is based on Article 6(1)(a) or on Article 9(2)(a), withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal;
4) under Article 21 GDPR, object at any time, on grounds relating to your particular situation, to processing of the Data for the pursuit of the Data Controller’s or third parties’ legitimate interest;
5) under Article 22 GDPR, the right not to be subject to a decision based solely on automated processing that produces legal effects or similarly significantly affects you;

6) the data subject also has the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it) or with the supervisory authority of the EU Member State in which the data subject usually resides or works, or of the place where the alleged infringement occurred, in relation to processing that is considered non-compliant (please check the procedure on the website of the competent supervisory authority; for Italy: https://www.garanteprivacy.it/).

We may refuse to comply with your request for erasure (under Article 17 GDPR) for one of the following reasons:

– to exercise the right to freedom of expression and information;

– to comply with a legal obligation or perform a task carried out in the public interest or in the exercise of official authority;
– for reasons of public interest in the area of public health;
– for archiving, research or statistical purposes;

– to establish or defend a legal claim.

Exercising your rights: to exercise the above rights or to obtain further information, simply email mailto:privacy@nm-italia.it indicating in the subject line: exercise of rights.


Response times: once the Data Controller has processed the request of the data subject exercising a right, it will respond within the time limits indicated in Article 12(3) GDPR.


Data breach: should the Data Controller suffer a breach within the meaning of Article 34, entailing a risk to the rights and freedoms of natural persons (data breach), it will—where applicable—notify the Supervisory Authority and inform all data subjects of the incident.

Regulation of the processing of personal data provided by means of paper or digital business cards at the fair. By handing over their business cards to exhibitors at the event and/or to the Organiser—whether in paper or electronic/digital form—with the aim of keeping in contact with them and learning about their news, the visitor consents, pursuant to Article 4(11) GDPR (i.e. consent to the processing of data given by means of an unambiguous positive action), to the processing of the data thus provided for activities consisting of: management, organisation, storage, use, disclosure to members of their company and/or group as well as to joint controllers and to processors appointed under a specific contract, destruction and alteration of the processed data following a report by the data subject, consultation, communication of certain occasional initiatives linked to the activity carried out at the fair by means of soft marketing activities. The data will be retained by the exhibitor and/or by the Organiser until the next edition of the event; for any further processing the exhibitor will obtain the relevant consent from the data subject. It is understood that the rights listed in Articles 15 to 22 GDPR must be exercised directly against the exhibitors.

Photographic and video recordings. The Organiser reminds you that the event is open to the public in relation to operators belonging to the product categories and, therefore, all Italian statutory provisions remain in force regarding the taking of photographs/videos and the collection of audio only (“voices”) by radio and/or for the creation of podcasts carried out at places/events open to the public. The Organiser also reminds you that, directly or through professionals specifically engaged for this purpose, it takes photos and/or makes video recordings during the event in order to document and/or promote it on its website, social channels and trade magazines. The images and videos used will never be detrimental to the honour and decorum of the data subject, who grants the Organiser the irrevocable right and permission to use, free of charge and without time and/or territorial limits, the content in which the data subject appears within the scope of the event. It is, of course, understood that, where it is necessary to obtain consent in relation to particular processing purposes, the Organiser will carry out this activity at the fair, during the event, following an appropriate information notice.
Without prejudice to the above, any Visitor who takes amateur photographs/videos during the event must always take only photos/videos that do not harm the honour and decorum of the event or of the Exhibitors/Visitors. The Organiser therefore reserves the right, at its sole discretion, to require the Visitor not to use certain photos and/or images that may damage the image of the event.

Further processing: in accordance with Article 13(3) GDPR, the Data Controller also informs the data subject that, should it intend to further process the personal data for a purpose other than that for which they were collected, prior to such further processing it will provide the data subject with information regarding that different purpose and any other relevant information and, where required, obtain consent.

Updated on 13 February 2026