Menu

Personal Data Protection Policy

Rend s.r.l. is the company that owns the Website https://www.rendstudio.it/en (hereinafter the “Website”) which is committed to protecting the personal data of every person in respect of the identity, dignity of every human being and the fundamental freedoms that are constitutionally guaranteed, in accordance with European Regulation 2016/679 ("GDPR") on the protection of individuals with regard to the processing of personal data and the free circulation of such data. This commitment will be constantly followed by the company under the principle of accountability by consistently putting in place appropriate technical, organisational and policy measures to ensure and be able to demonstrate that processing is carried out in accordance with the GDPR.

Who we are and who you can contact
The Data Controller of the Personal Data collected or otherwise acquired through the Site is the company Rend S.r.l. - C.F. /P.IVA 03595980289 - with headquarters in Via Borgo Padova, n. 102 - CAP 35012 - Camposampiero (Padova) - Contact e-mail address: info@rendstudio.it.


Why this policy and to whom it is addressed
This policy is addressed to users of the Site and to all individuals interested in the processing of their personal data by the Data Controller, as part of its activity ('Data Subject' or 'User').
Access to certain sections of the Site and/or any requests for information or services by users may be subject to the insertion of personal data, the processing of which will take place in compliance with the GDPR.
For the use of specific services on the Site, the interested party will be informed by means of this policy and, where required, specific consents to the processing of personal data will be requested.
This information is provided only for the Site and not for other websites consulted by users through links that may be referred to in this Site.


Definitions
The term personal data refers to the definition contained in Article 4 in point 1) of the GDPR, namely "anyinformation concerning an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity"( "Personal Data").
The GDPR provides that, before proceeding with the processing of Personal Data - with this term having to be understood, according to the definition contained in Article 4 in point 2) of the GDPR,"any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, the organisation, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure or destruction" ("Processing")requires that the person to whom such Personal Data belong is informed of the reasons and purposes for which such data are requested and in which way they will be used.
Personal Data may be communicated to specific subjects considered recipients of such Personal Data. Article 4 in point 9) of the GDPR, defines as the recipient of a Personal Data "the natural or legal person, public authority, service or other body to which the personal data are disclosed, whether a third party or not" (hereinafter the "Recipients").
Personal Data may also be communicated to specific subjects considered pursuant to Article 4 in point 10) of the GDPR," natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;" (hereinafter the "Authorized Persons").
Among other things, according to Article 4 in point 9), of the GDPR," natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;".
In this regard, the purpose of this document is to provide, in a simple and intuitive manner, all the useful and necessary information so that the user can provide Personal Data in an informed and conscious manner and, at any time, request and obtain clarifications and/or corrections.


Categories of Data and Processing
Navigation data
The computer systems and software procedures used to operate this portal acquire, during their normal operation and for the sole duration of the connection, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected for the purpose of associating it with identified interested parties but, by its very nature, it could, through processing and association with data held by third parties, allow the identification of visiting users (e.g. IP addresses), the domain names of the terminals used, the URI (Uniform Resource Identifier) addresses of the requesting parties, the time of requests, etc. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning. The data on web contacts are not stored, the data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site except for possible computer crimes against the sites.


Data provided voluntarily by the User
The User is not required to provide any personal data in order to consult the site. However, any contact, or the optional, explicit and spontaneous sending of messages, by electronic or traditional mail, to the addresses indicated on the site entails the subsequent acquisition of the address, including e-mail, of the sender or of the relative telephone number, necessary to respond to requests, as well as any other personal data included in the relative communications.
This data will be used for the sole purpose of following up on the User's request and may only be communicated to third parties if this is necessary for that purpose.
For the processing of data for such purposes, your consent is not required as the processing is necessary for the execution of pre-contractual measures taken at your request (Art. 6, paragraph 1, letter b) of the GDPR), as well as, where applicable, to fulfil a legal obligation (Art. 6, paragraph 1, letter a) of the GDPR).
These data are kept for the time strictly necessary to provide the user with the requested service and are deleted immediately after, without prejudice to further conservation obligations required by law. The data will not be disclosed.


Information about the processing of personal data carried out through Social Media platforms
Regarding the processing of personal data carried out by the managers of the Social Media platforms used, please refer to the information provided by them through their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of the Social Media platforms used to manage interactions with Users (comments, public posts, etc.) and in compliance with current legislation.


Data processing
The processing will be carried out using both manual and IT and telematic tools in compliance with the regulations in force and the principles of correctness, lawfulness, transparency, pertinence, completeness and non-excessiveness, data minimization and accuracy and with organization and processing logics strictly related to the purposes pursued and in any case in such a way as to guarantee the security, integrity and confidentiality of the processed data, in compliance with the organizational, physical and logical measures provided for by the provisions in force. These will be implemented and increased from time to time, also in relation to technological development, in order to guarantee the confidentiality, availability and integrity of the data processed.


Purposes of the processing, legal bases and storage times

  1. The User's navigation data are used for the sole purpose of obtaining statistical information on the use of the Portal, electronic identification data (IP address, location, cookies, browser, etc.); The legal basis can be identified: legitimate interest art. 6 letter f) and recital 47: the processing is necessary for the pursuit of the legitimate interest of the data controller or of third parties, provided that the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data do not prevail, taking into account the reasonable expectations of the data subject based on his/her relationship with the data controller. Activities that are strictly necessary for the operation of the Site and the provision of the navigation service on the platform. The data retention period is directly linked to the duration of the browsing session. For navigation see cookie policy. Except for what is specified for navigation data (which are necessary in order to allow navigation of the Site), the user is free to provide personal data.
  2. as regards the contact data provided directly by the User (compulsory: name, surname and email address/company, optional: telephone number and documents to be attached), the purpose of the collection is the need to follow up on the User's requests and carry out all the communication activities always related to responding to contact requests and possible forwarding of promotional material by the Data Controller The legal basis can be identified in the pre-contractual or contractual obligations related to responding to requests from the interested party or to the provision of a service, but also in the legal obligations to which the Data Controller is subject. The interested party may, at any time, request the deletion of his/her data from the Data Controller's archives, which will in any case retain the data for a period not exceeding 24 months from the date of collection.
  3. The sending of Newsletters, about events, exhibitions, promotion of services and communications generally managed through an external service. The legal basis for the purpose referred to in letter C, is the prior, express consent of the interested party. These communications may be made by sending e-mails, ordinary mail, via message or even via social media. Failure to provide consent for these specific purposes has the sole consequence of not being able to carry out communication activities by sending promotional communications or newsletters. As provided for by the GDPR, if the interested party has given consent to the processing of personal data for one or more purposes for which it was requested, he may, at any time, revoke it totally and / or partially without prejudice to the lawfulness of the processing based on the consent given before the revocation. The procedures for withdrawing consent are very simple and intuitive; all you need to do is contact the Data Controller using the contact channels provided in this Policy. In addition to the above and for the sake of simplicity, should the Data Subject find himself in the condition of receiving e-mail messages published by the Data Controller which are no longer of interest to him, it will be sufficient to click on the unsubscribe button placed at the bottom of the same to no longer receive any communication, even through further contact channels for which consent had been obtained. Please note that the data provided may be processed for the protection of the legitimate interests of the data controller, including legal defense. The data provided for the aforementioned purposes will be kept for the period necessary in relation to the purpose and, in any case, until the data subject's consent is withdrawn.
  4. Data provided voluntarily by the User (name, surname, e-mail address, position and educational qualification plus the sending of a file containing a CV) when sending a spontaneous job application 'Join the team'. Personal data and, where applicable, special data (if the candidate enters them voluntarily) will be processed for the sole purpose of examining the application and possible recruitment, including the formalization of the application, with a view to possible selection and establishment of a professional collaboration relationship. The data subject may, at any time, request the deletion of his/her data from the Data Controller's archives, which will in any case retain the data for a period not exceeding 24 months from the date of collection.


Automated decisions
The Data Controller declares that it does not adopt decisions likely to affect the Data Subject based solely on automated processing of personal data. All decision-making processes associated with the purposes of the processing described above are carried out with human intervention.


Communication of personal data
Personal Data may be disclosed to specific entities considered as Recipients or to Persons Authorised to process such Personal Data under the authority of the Data Controller. In this perspective, in order to properly perform all Processing activities necessary to pursue the purposes set forth in this Policy, the following Recipients may be in the position to process Personal
  • third parties who carry out part of the Processing activities and/or activities related to the same on behalf of the Data Controller, having their registered office in the countries of the European Union, who have been entrusted with the performance of services, assistance and/or consultancy activities also for the operation of this Site on behalf of the Data Controller. The third parties mentioned above are essentially included in the following categories:(a) subjects with whom the Data Controller has entered into collaboration agreements; (b) subjects operating in the Sector; (c) suppliers involved in the provision of services (d) Consultants and employees / or collaborators of the Data Controller carrying out the functions involved in the activity of the Data Controller who have received, in this regard, adequate instructions on security and proper use of personal data.
  • finally, public authorities or public bodies for the fulfilment of legal obligations to which the Data Controller is subject, and any other public body entitled to request the data, in the cases provided for by law. Where required by law or to prevent or repress the commission of a crime, Personal Data may be disclosed to public authorities or judicial authorities.

Among other things according to Article 4 at point 9), of the GDPR, "public authorities that may receive disclosure of Personal Data in the context of a specific investigation in accordance with Union or Member State law are not considered to be Recipients".
It is understood that the data processed will only be those necessary to achieve the specific purpose, it follows that the data managed through third parties will be limited to the specific purpose.
Personal Data will not be disseminated.


International transfers of personal data
Personal Data will be processed by the Data Controller within the territory of the European Union. In the event that for technical and/or operational reasons it becomes necessary to use entities located outside the European Union, the transfer of Personal Data, limited to the performance of specific Processing activities, will be regulated in accordance with the provisions of Chapter V of the GDPR. All necessary precautions will therefore be taken in order to ensure the most complete protection of Personal Data by basing such transfer: (i) on adequacy decisions of the receiving third countries expressed by the European Commission; (ii) on adequate safeguards expressed by the receiving third party pursuant to article 46 of the GDPR; (iii) on the adoption of binding corporate rules.


The rights of the interested party and their exercise
As provided for in Article 15 of the GDPR, the Interested Party may access the Personal Data, request its correction and updating, if incomplete or erroneous, request its cancellation if the collection has taken place in violation of a law or GDPR, as well as oppose the Processing for legitimate and specific reasons.
In particular, the rights that the User may exercise, at any time, towards the Data Controller are as follows.
  • receive confirmation of the existence of your personal data and access their content;
  • update, modify and/or correct your personal data;
  • request its cancellation (oblivion), transformation into anonymous form, blocking of data processed in violation of the law or limitation of processing;
  • oppose the processing for legitimate reasons;
  • receive a copy of the data provided by you and request that such data be transmitted to another data controller;
  • present a complaint with the competent Guarantor Authority for the Protection of Personal Data.


These rights may be exercised by contacting the Data Controller
Any requests pursuant to Article 15 of the GDPR must be addressed or by email as indicated in the contact section.
Moreover, at any time, you may consult the "Privacy" section of the Website, where you will find all the information concerning the Policy on the processing of Personal Data applied by the Data Controller, the use and processing of Personal Data, updated information on the contacts and communication channels made available to the Data Subject by the Data Controller.


Contacts
For any request or need, the interested party will send a communication that must be addressed to: info@rendstudio.it.


Technical Cookies and Cookies serving aggregated statistical purposes

Activity strictly necessary for the functioning of the Service
This Website uses Cookies to save the User’s session and to carry out other activities that are strictly necessary for the operation of this Website, for example in relation to the distribution of traffic.


Activity regarding the saving of preferences, optimization, and statistics
This Website uses Cookies to save browsing preferences and to optimize the User’s browsing experience. Among these Cookies are, for example, those used for the setting of language and currency preferences or for the management of first party statistics employed directly by the Owner of the site.


Other types of Cookies or third parties that install Cookies
Some of the services listed below collect statistics in an anonymized and aggregated form and may not require the consent of the User or may be managed directly by the Owner – depending on how they are described – without the help of third parties.
If any third party operated services are listed among the tools below, these may be used to track Users’ browsing habits – in addition to the information specified herein and without the Owner’s knowledge. Please refer to the privacy policy of the listed services for detailed information.


Tag Management
This type of service helps the Owner to manage the tags or scripts needed on this Website in a centralized fashion. This results in the Users’ Data flowing through these services, potentially resulting in the retention of this Data.


Google Tag Manager (Google LLC)
Google Tag Manager is a tag management service provided by Google LLC.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States - Privacy Policy. Privacy Shield participant.


Advertising
This type of service allows User Data to be utilized for advertising communication purposes displayed in the form of banners and other advertisements on this Website, possibly based on User interests.
This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.
Some of the services listed below may use Cookies to identify Users or they may use the behavioral retargeting technique, i.e. displaying ads tailored to the User’s interests and behavior, including those detected outside this Website. For more information, please check the privacy policies of the relevant services.
In addition to any opt out offered by any of the services below, the User may opt out of a third-party service’s use of cookies by visiting the Network Advertising Initiative opt-out page.


Facebook Audience Network (Facebook, Inc.)
Facebook Audience Network is an advertising service provided by Facebook, Inc.
In order to understand Facebook’s use of Data, consult Facebook’s data policy. This Website may use identifiers for mobile devices (including Android Advertising ID or Advertising Identifier for iOS, respectively) and technologies similar to cookies to run the Facebook Audience Network service. One of the ways Audience Network shows ads is by using the User’s ad preferences. The User can control this in the Facebook Ad settings. Users may opt-out of certain Audience Network targeting through applicable device settings, such as the device advertising settings for mobile phones or by following the instructions in other Audience Network related sections of this privacy policy, if available.
Personal Data collected: Cookies, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example) and Usage Data.
Place of processing: United States – Privacy PolicyOpt Out. Privacy Shield participant.


Remarketing and behavioral targeting
This type of service allows this Website and its partners to inform, optimize and serve advertising based on past use of this Website by the User.
This activity is performed by tracking Usage Data and by using Cookies, information that is transferred to the partners that manage the remarketing and behavioral targeting activity. In addition to any opt out offered by any of the services below, the User may opt out of a third-party service’s use of cookies by visiting the Network Advertising Initiative opt-out page.


Facebook Remarketing (Facebook, Inc.)
Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy PolicyOpt Out. Privacy Shield participant.


Facebook Custom Audience (Facebook, Inc.)
Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network.
Personal Data collected: Cookies and email address.
Place of processing: United States – Privacy PolicyOpt Out. Privacy Shield participant.


Analytics
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.


Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy PolicyOpt Out.


How to provide or withdraw consent to the installation of Cookies?
In addition to what is specified in this document, the User can manage preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing Cookies. Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this website. Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari e Microsoft Internet Explorer.
With regard to Cookies installed by third parties, Users can manage their preferences and withdrawal of their consent by clicking the related opt-out link (if provided), by using the means provided in the third party’s privacy policy, or by contacting the third party.
Notwithstanding the above, the Owner informs that Users may follow the instructions provided on the subsequently linked initiatives by the EDAA (UE), Network Advertising Initiative (US) e Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar services. Such initiatives allow Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of these resources in addition to the information provided in this document.


Cookie preferences
Click here to customize your cookies settings.


The Data Controller
Rend S.r.l.