Event by logo netcomm

Privacy Policy

This Privacy Policy (Article 13, Reg. UE/679/2016) refers to the Netcomm Forum 2026 Event (hereinafter also referred to as “The Event”) which will take place on 6-7 May, 2026, in Milan Allianz MiCo, available also through the website www.netcommforum.it and the relevant Application. The Netcomm Forum is a format owned by Consorzio Netcomm, based in Milan, via Serbelloni, 2, developed by Netcomm Services, based in Milan, via Serbelloni, 2 (2021-MI), the service company fully owned by the Consorzio (hereinafter Netcomm).

  • Data subject (or "participant"): is the natural person to whom the personal data belongs and who registers through the Website and attends the Event (also remotely) as a common visitor, user connected online, employee of a sponsoring/exhibiting company, speaker.
  • Data Controllers: Consorzio Netcomm with registered office in Milan (20122 – MI), Via Serbelloni, 2 (Netcomm for brevity), as creators of the Event and Netcomm Services S.r.l., with registered office in Milan (20122 – MI), Via Serbelloni, 2, a service company of the Netcomm Consortium wholly owned by the Consortium.
  • Data processors: TIG Events S.r.l. with registered office in Milan (20146 – MI), via E. Romagnoli, 6 as organizer of the Events; TIG Factory S.r.l., with registered office in Milan (20146 – MI) via Romagnoli, 6, editor and maintainer of the Platform as well as responsible for the processing of users' personal data and the Services provided through it (the "Services").
1. PURPOSES AND LEGAL BASES OF THE PROCESSING

The personal data provided by the Data Subject will be processed for the purposes and according to the logic described in the following Sections

1.1 Website registration, ticket purchase, and redemption of access codes for the Event

Purposes

  1. To manage website registration process, ticket purchases, or the redemption of complimentary access codes for participation in the Event (as governed by the General Terms and Conditions of Sale, to which reference is made), including all related legal, fiscal, accounting, and administrative obligations (e.g., VAT). If registration occurs via LinkedIn, only the following data will be collected: first name, last name, and profile picture; the Data Subject may review the authorization to share such information through the “Partners and Services” section on LinkedIn.
  2. To support participants, including reception, badge printing, information services, technical support, schedule notifications, and similar activities.
  3. To manage spontaneous information requests submitted by data subjects.
  4. To comply with legal, fiscal, or administrative obligations applicable to the Controllers and Processors.
  5. To process the Data Subject’s images (see also Section 1.4).
  6. To send informational newsletters and communications relating to or connected with the Netcomm Forum, as well as training, educational, or promotional initiatives and content of Netcomm and Netcomm Services.

With reference to the purposes described in Section 1.1(i) above, the Website provides the Data Subject (purchasing user) with a facilitated registration and ticket purchase procedure (the access credentials being represented by the Badge), based on artificial intelligence systems operating through an interactive dialogue that collects and processes certain information directly provided by the user. The user is informed, including through the General Terms and Conditions of Sale, that they are interacting with an AI system. The processing is carried out for the purpose of supporting the user in the registration and purchase procedure and does not involve automated decision-making producing legal or similarly significant effects without human oversight and the Data Subject’s final review and confirmation. The user is given the opportunity to review and correct any errors prior to profile creation and completion of the ticket purchase.

Data processed

  • Registration to the Event: identification and professional data such as first name, last name, email address, phone number, corporate role, company name, company type and size, country, postal code, and any LinkedIn URL. Financial data related to ticket purchases.
  • For website and/or APP: technical and online navigation data (IP address, browser type, URLs visited, downloads, cookies, and other tracking technologies), which are transmitted implicitly as part of Internet communication protocols (see the Cookie Policy).

Legal basis

For participation-related purposes (Sections 1.1 (i), (ii), (iii), (v)): Article 6(1)(b) of Regulation (EU) 679/2016 (pre-contractual and contractual measures necessary for the provision of the Services requested by the Data Subject).
For compliance with legal obligations: Article 6(1)(c) of Regulation (EU) 679/2016. For the sending of communications: Article 6(1)(b) and the “soft spam” principle, with the Data Subject’s right to object pursuant to Article 21 of Regulation (EU) 679/2016 through the mechanisms provided, including the direct opt-out link included in emails (unsubscribe from mailing lists).

1.2. Participation in the NETCOMM Forum Event at MICO and/or use of the Website and/or the APP

Purposes

  1. To manage participation in the Event and access to its content via the website and/or the web application (hereinafter, the “APP”), including plenary conferences, workshops, Sponsor and Exhibitor initiatives hosted at exhibition stands, access to, use of, and download of multimedia content (insights) made available by Sponsors, etc.
  2. To manage reporting relating to access to plenary sessions and workshop rooms, whether live or on demand, and to manage reporting concerning the exchange of data between users collected through Badge scanning. These activities involve analysis and profiling (see Sections 1.3 and 1.5).

Data processed

  1. Participation (physical and digital access) and interactions between participants (Badge scanning): first name, last name, email address, job role, company name, company type and size, country, and postal code (collectively, the “registration data”).
  2. For browsing and accessing online content through the website and via the APP: the above-mentioned registration data and personal data that are inherently transmitted as part of Internet communication protocols (e.g., IP addresses, computer domain names, URI/URL addresses), as well as data linked to downloads, cookies, and other tracking technologies enabling optimal use of the services and personalized experiences based on stated preferences and interests.

Legal bases

  • Participation and logistical management: Article 6(1)(b) GDPR.
  • Compliance with legal obligations: Article 6(1)(c) GDPR.
  • Profiling and analysis: Article 6(1)(a) GDPR – explicit consent of the Data Subject given through a clear, informed, and affirmative action (see Section 1.3 below).

The Data Subject may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal (Art. 21 GDPR).

1.3. Disclosure of Data to Sponsors

The Netcomm Forum is an exhibition designed to foster interaction, knowledge-sharing, and in-depth discussion of digital-related topics, consistent with the networking expectations typical of an event of this nature.
Personal data are processed to facilitate these objectives by enabling, on the one hand, interaction between individuals attending physically (e.g., through QR-code scanning) and, on the other, offering professional training content such as workshops, including those sponsored by third parties (Sponsors and Exhibitors), through solutions and services ensuring a secure, engaging, and informed physical and digital experience.

Purposes

  1. i. Communication of the Data Subject’s personal data through reporting mechanisms.
    The Data Subject is informed that access to a workshop room, theatre, plenary conference sessions, participation in initiatives at exhibition stands, the scanning of their Badge by event staff or Sponsors, as well as the online viewing of content (including videos and insights), may result in the disclosure of their Personal Data to the relevant Sponsor by the Organiser. Accordingly, such Personal Data shall be disclosed solely to the Sponsors of the specific session or initiative with whom the Data Subject has engaged through the activities described above. The disclosure takes place through an automated reporting system which makes the collected data available to the relevant Sponsor in real time.     Following the communication of the data, the Sponsor/Exhibitor will process the data as an independent data controller and for its own purposes, including commercial and marketing activities
    To ensure full and informed transparency, before entering the rooms or accessing digital content, the Data Subject is shown specific micro-notices (on-site signage and digital alerts) indicating (i) the process activities (collection and communication), (ii) which Sponsor will receive the data; (iii) the data that will be disclosed (registration data); (iv) the purpose of the communication (commercial/marketing contact by the Sponsor related to the workshop or content accessed); and (iv) that the Sponsor will act as an independent Controller and will provide its own privacy notice pursuant to Article 14 GDPR.
  2. Communication of personal data between participants.
    The Data Subject is informed that access to a workshop room, theatre, plenary conference sessions, participation in initiatives at exhibition stands, the scanning of their Badge by event staff or Sponsors, as well as the online viewing of content (including videos and insights), may result in the disclosure of their Personal Data to the relevant Sponsor by the Organiser. Accordingly, such Personal Data shall be disclosed solely to the Sponsors of the specific session or initiative with whom the Data Subject has engaged through the activities described above. The disclosure takes place through an automated reporting system which makes the collected data available to the relevant Sponsor in real time.

Third Parties: the Sponsor who acquires the data, in the ways and limits described above, will process this information as an Independent Data Controller, thus being able to address commercial communications relating to the products/services offered during the event. The Sponsor is informed that it must provide the interested party with its own information pursuant to art. 14 GDPR. The Organisers therefore remain unaffected by the processing carried out by the Sponsors after the data has been communicated.

Legal basis

Affirmative action and informed consent. The legal basis for communicating data to Sponsors is the Data Subject’s consent under Article 6(1)(a) GDPR, expressed through a clear affirmative action (such as entering workshop rooms, plenary sessions, exhibition stands, accessing the website, etc.) which is recorded through dedicated system logs (date, time, workshop/Sponsor, physical or remotely access). The Data Subject is informed—through this privacy policy and through the micro-notices displayed outside workshop rooms—that the interactions described constitute affirmative actions by which he/her provide free, specific, and informed consent to the communication of their personal data to the relevant Sponsors involved in the selected activity.

Data processed

Only identification and professional data provided during registration (first name, last name, company name, job role, email address) will be communicated to the Sponsor.

Data Subject rights

The Data Subject may exercise the rights provided under the GDPR, as further described in Section 7 of this Privacy Notice. The Data Subject may withdraw their consent to the disclosure of their Personal Data at any time. Such withdrawal shall not affect the lawfulness of any disclosures or processing carried out prior to the withdrawal and shall therefore not have effect in respect of disclosures already made. The Sponsors/Exhibitors receiving the Personal Data act as independent Controllers in relation to such data. The Data Subject may exercise the rights set out in Articles 15–22 of Regulation (EU) 2016/679 directly against them. Upon request, the Organiser may provide confirmation of the disclosures made and the relevant contact details of the Sponsor concerned.

1.4 Processing of Personal Images – Release Form

Purposes

  1. To manage the processing of personal data (first name, last name, job role) and biometric data acquired through video recordings and/or photographs of plenary sessions and workshops (e.g., recording of speakers during presentations, or panoramic shots of the audience including the Data Subject’s image) for the creation of videos, frames, images, photographs, and multimedia materials aimed at institutional purposes of information, scientific dissemination, and promotion of the Event. These materials may be published on the websites of Netcomm and Netcomm Forum, made available via live streaming or on-demand, posted on Netcomm’s official social media pages, and disseminated to the public through media outlets (press, television).
  2. To manage the processing of content shared by the Data Subject while navigating and using the platform.

The Data Subject authorizes, without any claim for compensation, the Controllers and Processors to record and/or acquire the aforementioned materials for the stated purposes and hereby declares that they: (i) waive any claim, including financial, concerning future uses of the reproductions covered by this release against the Controllers and Processors expressly authorized to use them; (ii) release the Controllers from any liability, including financial, arising from improper use of photographic and/or audiovisual material by users of websites, social networks, or third parties (iii) have read and understood the entire privacy notice, including this release, and acknowledge that checking the relevant box (checkbox) constitutes signing this release under their own responsibility.

Data processed

Personal data collected via the registration form, the release form, personal image, and voice (biometric data) acquired as described above.

Legal basis

Images are processed in accordance with copyright and related rights legislation (Arts. 96, 97 et seq., Italian Law No. 633 of 22 April 1941, Art. 10 Civil Code) and Regulation (EU) 2016/679. The authorization constitutes the grant of a non-exclusive, worldwide, unlimited-duration license, transferable to third parties, for the use of the materials, including the rights referred to in Arts. 12–19 of Italian Law No. 633/1941, such as: publication rights; reproduction in any form or manner; transcription, editing, adaptation, processing, and reduction; communication and distribution to the public, including projection, transmission, and dissemination, even in summary or shortened form, by any technical means; and the right to retain copies, including electronic copies, on any known or future technological medium, within the purposes and limits described above. In any case, pursuant to the above-cited law and Art. 10 of the Civil Code, any use of the images that could harm the honor, reputation, or dignity of the person depicted, recorded, or photographed is strictly prohibited. If the Data Subject does not wish their image to be captured during the Netcomm Event, the Organizer recommends avoiding the event areas. The legal basis for processing the personal data is the execution of the contract, i.e., registration on the website/participation in the event/ticket purchase (Art. 6(1)(b) GDPR), together with granting this release.

1.5. Interests and Preferences

Purposes

  1. Analysis of interests and statistical processing of the data provided to evaluate and improve services offered by Netcomm, and to design events increasingly aligned with users’ expectations and deliver communications more closely tailored to interests and preferences;
  2. Analysis of access reports to exhibition spaces and digital environments, also for reporting purposes to be communicated to Sponsors.

Legal basis

Processing is based on Article 6(1)(a) GDPR, i.e., the consent of the Data Subject, which may be withdrawn at any time. In any case, under Art. 21 GDPR, the Data Subject may object to processing at any time using the provided mechanisms: direct opt-out link in emails or by contacting the Controllers to request cessation of communications and exercise of data subject rights.

2. DATA PROVISION AND CONSEQUENCES OF FAILURE TO PROVIDE DATA

Registration on the website for ticket purchase, registration/access to the Platform, APP download, and participation in the Event, whether physical and/or digital, are voluntary activities. They require that the Data Subject has read this privacy notice and provided consent to the processing of personal data. Provision of the data requested in the registration forms for the Website and APP is mandatory to allow registration and the provision of the requested Services. Failure to provide such data will result in the inability to register on the Website and, consequently, to access the Event.

3. AUTHORIZED DATA PROCESSORS AND RECIPIENTS

Collected data will be processed:

  • By the Processors for the purposes described above, by the Controllers, and by any other Processors that may be appointed;
  • By other parties with whom interaction is necessary to provide the Services (e.g., hosting providers);
  • By external parties appointed as Processors, including the following categories: companies providing email delivery services and/or performing invoicing and/or fiscal management activities; companies providing management and maintenance services for the Platform’s IT infrastructure.

Data may be disclosed:

  • With the Data Subject’s consent to the Event Sponsors and Exhibitors through access reports. See Section 1.3 for further details regarding the rationale, methods, and legal basis of such processing;
  • To Judicial Authorities in response to legal requests, to third parties for the fulfilment of fiscal or administrative obligations, or where necessary to achieve the purposes described above.

The personal data of Data Subjects registered on the Platform will not be disclosed or transmitted to third parties except as indicated in this privacy notice.

4. TRANSFER OF PERSONAL DATA ABROAD

No transfers of personal data abroad are currently planned. However, if such transfers become necessary for the provision of services or the achievement of the purposes described, they will be carried out only if strictly necessary. Any transfer to countries outside the EU, other than those covered by adequacy decisions of the European Commission, will be executed in a manner that provides appropriate and adequate safeguards pursuant to Regulation (EU) 2016/679, or under one of the conditions set forth in Article 49 of the Regulation.

5. METHODS AND LOCATION OF PROCESSING

5.1. Personal data will be collected, processed, recorded, consulted, stored, made available to third parties, profiled, and extracted in the terms, methods, and limits described in this privacy notice. Processing will always be conducted in accordance with the purposes for which the data were collected, by personnel expressly appointed by the Controllers and Processors, using paper-based, IT, or telematic tools, or any technological support, within the limits and purposes defined above. Data will be processed by:

  • TIG Events S.r.l., Milan, Via Ettore Romagnoli 6, by its personnel from the marketing, communication, and administrative departments, at its premises and on servers located on-site.
  • TIG Factory S.r.l., Milan, Via Ettore Romagnoli 6, by personnel from IT and marketing-commercial departments, AI process.
  • Netcomm e Netcomm Services, Via Serbelloni 2, Milan, by personnel from marketing-commercial and associative development departments.

Processing activities are conducted to ensure data and system security, implementing specific security measures aimed at minimizing risks of destruction or accidental loss of data, unauthorized access, or unlawful or non-compliant processing relative to the purposes and methods indicated in this privacy notice.

5.2 The Organiser informs that some processing may also be carried out through Artificial Intelligence systems to optimise the execution and facilitate the general user experience, such as when registering on the website and purchasing access tickets (Badges) or converting gift codes. The use of these tools takes place in full compliance with Regulation (EU) 2024/1689 and Regulation (EU) 679/2026. In any case, the use of these systems takes place under human supervision, and the result of the interaction can always be verified and/or corrected by an operator. Finally, the data will be used and operated in a "closed" environment (private AI) and will not be entered into publicly accessible AI systems.

6. DURATION OF PROCESSING AND DATA RETENTION PERIOD

In general, the Data Subject’s personal data will be processed for the time necessary to achieve the purposes indicated, as follows:

  • Purposes under Section 1.1 (registration and ticket purchase): 12 months from the date of registration on the Platform; 10 years for administrative and accounting purposes;
  • Purposes under Sections 1.2 and 1.3 (reporting and Platform-related activities): data will be retained for the time necessary to communicate them to the Sponsor/Exhibitor and, in any case, will be permanently deleted within 6 months after the end of the Event;
  • Purposes under Section 1.4 (personal images): images will be processed in compliance with GDPR principles, for the period necessary to achieve the purposes described;
  • Profiling purposes under Section 1.5: 24 months from the date of data collection, unless the Data Subject requests deletion earlier.

Data are stored in paper and electronic archives at the premises of the Controllers and Processors (for the duration necessary to carry out their duties) to allow the achievement of necessary purposes while fully ensuring the adoption of security measures required by law to protect collected data, preventing risks of loss, theft, unauthorized access, or unlawful or improper use.

7. RIGHTS OF THE DATA SUBJECT

The data subject may exercise at any time the rights provided for in Articles 15 to 22 and Article 34 of EU Regulation / 679/2016. In particular, the data subject has:

  • The right of access to your personal data (art. 15).
  • The right to obtain the rectification of inaccurate personal data (Art. 16).
  • The right to obtain the deletion of data in the presence of the conditions indicated by art. 17 of the Reg
  • The right to obtain the restriction of processing under the conditions provided for in art. 18 of the Reg.
  • The right to request the portability of data concerning you (art. 20)
  • The right to object to automated processing, including profiling (art. 21).

Furthermore, with reference to the processing activities described in Section 1.3, the Data Subject may withdraw their consent to the disclosure of their Personal Data at any time. Such withdrawal shall not affect the lawfulness of any disclosures already made and shall therefore not prejudice the lawfulness of processing carried out prior to the withdrawal. The Sponsors/Exhibitors receiving the Personal Data act as independent Controllers in respect of such data. The Data Subject may exercise the rights set out in Articles 15–22 of Regulation (EU) 2016/679 directly against them. Upon request, the Organiser may provide confirmation of the disclosures made and the relevant contact details of the Sponsor concerned, in order to facilitate the Data Subject in exercising their rights.
The user does not have access to an autonomous personal area for the amendment of their data; any requests for rectification or updating of Personal Data may be exercised by contacting the Controller using the contact details provided.
In addition, the data subject also has the right to lodge a complaint with the national supervisory authority, i.e. the Guarantor for the protection of personal data, with headquarters in Piazza di Montecitorio n. 121, 00186 – Rome (https://www.garanteprivacy.it/). Requests to exercise rights should be addressed to:

  • In relation to the Services provided by the Platform: TIG Factory s.r.l., with registered office in Milan (20146 – MI), via Ettore Romagnoli 6, e-mail: privacy.factory@tig.it

In addition, for information on the processing of your personal data, you can always contact:

The contact details of the companies participating as Exhibitors and/or Sponsors of the Netcomm Forum are provided below in order to facilitate contact by the Data Subject to oppose the processing, through direct contact with the companies: link.