Last updated: October 6, 2025
This Privacy Notice describes how DBR factory (the “Site,” “we,” “us,” “our”) collects, uses, and discloses personal data when you visit our site, use our services, make purchases, or communicate with us regarding the Site (collectively, the “Services”). This notice is oriented towards B2B relationships and concerns the data of natural persons (e.g., company contacts) of our customers and suppliers.
Changes to this Privacy Notice
We may update this privacy notice periodically to reflect operational, legal, or regulatory changes. We will post the updated version on the Site and change the “Last updated” date.
How we collect and use personal data
We collect personal data from you, automatically through the Site, and from third parties (e.g., technical service providers, payment and logistics providers). In addition to the specific uses described below, we may use the data to communicate with you, provide and improve the Services, comply with legal obligations, enforce our terms, and protect our rights, our users, and third parties.
What personal data we collect
Data provided directly
- Contact details: first name, last name, role/title, company, address, phone, email.
- Order/contract data: billing and shipping addresses, payment details (e.g., payment confirmation or outcome), notes, and order references.
- Account data: username, password, security settings, and preferences.
- Support: content of communications sent (emails, forms, tickets).
Data collected automatically (“Usage Data”)
When you browse the Site, we may collect IP address, device identifiers, browser/network information, pages visited, response times, interactions, and technical metrics through cookies, pixels, and similar technologies.
Data obtained from third parties
We may receive data from providers operating on our behalf (e.g., hosting/e-commerce, payment, analytics, support, logistics) and from business or advertising partners. Such data is processed in accordance with this policy.
Purpose of processing and legal bases (GDPR)
Provision of products and services
Order management, payments, shipping, returns, transactional communications, account creation and administration. Legal basis: performance of a contract or pre-contractual measures (art. 6(1)(b) GDPR).
Marketing and advertising
Sending commercial communications and personalizing offers (including advertising on our or third-party channels). Legal basis: legitimate interest (art. 6(1)(f) GDPR) and, where required, consent (art. 6(1)(a) GDPR). You can object at any time.
Security and fraud prevention
Detecting, investigating, and preventing fraudulent or harmful activities; account protection. Legal basis: legitimate interest (art. 6(1)(f) GDPR).
Support and improvement
Customer support, Site/Service optimization, and analysis. Legal basis: legitimate interest (art. 6(1)(f) GDPR).
Cookies and similar technologies
We use cookies for functionality, analytics, and personalization/advertising. You can manage them from your browser; blocking them may limit Site functions. For more details, see our Cookie Policy (if available) or the preference management banner.
How we disclose your data
Under certain circumstances, we may share data with:
- Service providers: IT/hosting/e-commerce, payment, analytics, support, cloud storage, order fulfillment and shipping.
- Business and advertising partners: for marketing services and initiatives (according to their respective privacy policies).
- Group companies: for organizational needs.
- Authorities and corporate transactions: for legal obligations or in case of merger, acquisition, transfer, insolvency.
- With your consent: when requested or indicated by you.
Summary of categories and recipients
| Data category | Recipient categories |
|---|---|
| Identifiers (contact details, account data) and contractual/commercial data | Service providers; business partners; affiliates |
| Usage data (logs, interactions, IP) and approximate geolocation | Technical/analytics providers; advertising partners |
We may “share” personal data with advertising partners for behavioral marketing purposes, according to applicable law. We do not use or disclose special categories of data without a proper legal basis and, if required, without your consent.
Minor data
The Services are not intended for minors; we do not knowingly collect personal data from individuals under 18 years of age.
Security and retention
We adopt appropriate technical and organizational measures; however, no measure is perfect. Avoid insecure channels to send us confidential information. We retain data for as long as necessary to provide the Services, comply with legal obligations, manage disputes, and enforce our contracts and policies.
Your rights
Depending on your jurisdiction, you may have the following rights: access, rectification, deletion, restriction, portability, objection, withdrawal of consent (where applicable), and management of communication preferences. To exercise them, contact us at the details below. We may request information to verify your identity or the authorization of a delegated agent. We do not discriminate against those exercising their rights.
International transfers
Data may be processed outside your country of residence. For transfers from the EEA/UK to third countries, we use appropriate mechanisms (e.g., Standard Contractual Clauses or equivalent tools), unless adequacy decisions apply.
Complaints
For complaints, contact us. If you are not satisfied with our response, you can contact the competent Supervisory Authority (for Italy: www.garanteprivacy.it).
Contacts and data controller
DBR factoryVia del Pozzo, 7, 22060 Cucciago (CO), Italy
Email: assistenza@dbrfactory.com
Unless otherwise indicated, DBR factory is the data controller under applicable data protection laws.