Privacy Policy - Website

Information document pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR)

Why this information?

Pursuant to Regulation (EU) 2016/679 (hereinafter ‘GDPR’), this page describes how we process personal data. This information is provided pursuant to Article 13 GDPR. The information does not apply to other third-party websites that may be consulted via links on this website, for which no liability is accepted.

Personal data which can be processed

  • Personal data
    Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier or to one or more features of his physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30 GDPR).
  • Contractor/user data
  • Navigation data
    The computer systems and software procedures used to operate this site acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
  • Data communicated voluntarily
    The optional, explicit and voluntary sending of messages to the contact addresses indicated on this site and/or the filling in of data collection forms entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data entered.


Specific information
Specific information may be present on the pages of the Site in relation to particular services or processing of the data provided.

Cookies and other tracking systems.
What are they? What are they used for?

For Cookies and other tracking systems see the cookies policy in the footer of the site and at the following link

1. Who is the Data Controller? How to contact it?

The data controller is MEC S.r.l., with registered office in via delle Industrie no. 22, 20851 Lissone (MB), in the person of its pro-tempore Legal Representative, who may be contacted for any information by telephone +39.039.481715, e-mail privacy@m-e-c.it

2. Purpose of processing, legal basis, period of data retention, nature of provision of data

Purpose of processing

Navigation on this website. The data required to use the web services are also processed in order to

  • obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.);
  • check the proper functioning of the services offered.

Legal basis

The processing is necessary for the pursuit of the legitimate interests of the data controller or a third party, provided that the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data do not prevail, taking into account the reasonable expectations of the data subject and the activities strictly necessary for the operation of the website and navigation itself.
(Art. 6(1)(f) and C47 of the GDPR)
Data subjects are guaranteed the possibility of obtaining, upon request, information on the balancing test carried out.

Data retention period

Browsing data will be stored for the duration of the browsing session and in any case will not persist for more than 14 days.

Nature of conferment

The provision of data is necessary for navigation on the website.

Purpose of processing

Use of cookies and similar technologies.
See the cookies policy in the footer of the site.

Legal basis

For necessary non-technical cookies and similar technologies, processing is based on consent to the processing of personal data (Art. 6 para. 1 lit. a and C42, C43 GDPR). Consent is given through the banner and cookie policy of the website.

Data retention period

See the cookies policy in the footer of the site.

Nature of conferment

See the cookies policy in the footer of the site.

In addition to navigation, personal data will be processed for:

Purpose of processing

A) CONTACTS, sending contact requests, information.

Legal basis

Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request (C44).
Art. 6(1)(b) GDPR.

Data retention period

Maximum 12 months.

Nature of conferment

The provision of data is necessary.
Failure to provide the necessary data will result in the impossibility of being contacted and receiving information.

Purpose of processing

B) HANDLING OF YOUR REQUESTS and requests from other data subjects, pursuant to Articles 15 et seq. of the GDPR (rights of the data subject).

Legal basis

The processing is necessary for compliance with a legal obligation to which the data controller is subject (C45).
Art. 6(1)(c) GDPR.

Data retention period

5 years from the closing of the application, subject to litigation.

Nature of conferment

The provision of personal data is obligatory, as it is indispensable in order to be able to fulfil legal obligations.

3. To whom will personal data be communicated? Recipients of the data

Personal data will be communicated to entities that will process the data as autonomous Data Controllers, or Data Processors (Art. 28 GDPR) and processed by natural persons (Art. 29 GDPR) acting under the authority of the Data Controller and Data Processors on the basis of specific instructions given regarding the purposes and methods of processing. The data will be communicated to recipients belonging to the following categories:

  • Subjects providing services for the website and communication networks, including e-mail, host and website management;
  • Authorities responsible for fulfilling legal obligations and/or provisions of public bodies, upon request.


The list of Persons in charge of processing art. 28 is available by writing to privacy@m-e-c.it or to the other addresses indicated above.

4. Will the data be transferred to non-EEA countries?

The data will be transferred to non-EEA countries in particular it is specified that it will be transferred on the basis of Article 45 to third countries international organisations for which the Commission has intervened with an adequacy decision: United States of America. In fact, the Data Controller uses suppliers that adhere to the EU-US Data Privacy Framework. In order to receive further information regarding the transfer of data outside the EEA, please contact the Data Controller at the contact details above.

5. Is there an automated process?

Personal data will be subject to traditional manual, electronic and automated processing. Please note that no fully automated decision-making processes are carried out.

6. What are your rights? How can you exercise them?

Data subjects may assert their rights as expressed in Art. 15 et seq. GDPR, by contacting the Data Controller at the e-mail address: privacy@m-e-c.it, or by writing to the contacts listed above.

The data controller guarantees data subjects the possibility of requesting, at any time, access to their personal data (art. 15), rectification (art. 16), deletion of the same (art. 17), restriction of processing (art. 18). The data controller shall communicate (Art. 19), to each of the recipients to whom the personal data have been transmitted, any rectification or erasure or restriction of processing carried out. The data controller shall inform those recipients at their request. The data controller guarantees the right to portability (Art. 20) and, in the event of requests pursuant to Art. 20, shall provide the data subjects with the data in a structured, commonly used and machine-readable format. In the event that data subjects consider that the processing of personal data carried out by the Controller is in breach of the provisions of Regulation (EU) 2016/679, they are free to lodge a complaint with the national supervisory authority, in particular in the Member State in which they normally reside or work, or in the place where the alleged breach of the Regulation occurred (Garante Privacy https://www.garanteprivacy.it/), or to take appropriate legal action.

7. Changes to the policy

The holder may change, modify, add or remove any part of this Privacy Policy. In order to facilitate the verification of any changes, the notice will contain an indication of the date on which the notice was updated.

Date of update: 06/05/2025

MeC S.r.l.
Via delle Industrie 22 – 20851 Lissone (MB)
R.E.A. Monza 603530
Capitale Sociale 60.000,00 i.v.
C.F. 01527490153
P.iva 00716250964
mec@pec.m-e-c.it

BACK TO TOP

© MeC S.r.l. – Lissone – P.IVA 00716250964 – Privacy PolicyCookie PolicyWhistleblowing

Envelope