Privacy Policy

In compliance with Italian Legislative decree n.196/30 June 2003 (“Privacy Code”) and European Regulation n. 679/2016 (“General Data Protection Regulation”), Rainbow CGI wishes to inform You and all users and/or visitors of the website (respectively the “Users” and the “Website”) of our policies regarding the collection and use of the personal data, log files and cookies we receive from users of the Website.

  1. Data controller and Data processors

Data controller is Rainbow CGI Srl (VAT number 08915471000), with registered office in Rome, Via della Bufalotta 374, email (the “Controller”).

The up-to-date list of the data processors will be provided to interested parties and/or Users upon written request.

  1. Automatically collected data – Cookies

a) Automatically collected data

As is true of all websites, we make use of log files, which automatically store the data collected during Your visits. The networks and softwares that make our Website work automatically acquire some information from every user that visits our website; the transmission of such data is implicit in the communication protocols of the internet.

What data is collected:

  • Internet Protocol address (IP) or Your domain name;

  • Type of browser and parameters of the device used to visit the Website;

  • The URI addresses of each requested resource or any alternative method used to find our server;

  • The name of the Internet Service Provider (ISP);

  • date and time of visit;

  • Users’ referral and exit websites;

  • the number of clicks;

  • the size of the file sent to the recipient;

  • the numerical status code (Success, Error, etc…);

  • other parameters related to the operating system and the Users’ IT environment

The collected data is processed by automated means and is aggregated solely with the aim of verifying the correct functioning of the Website.

b) Cookies

The Website makes use of cookies. A cookie is a text file placed on a user’s device, which allows the recording of some parameters and data communicated to a computer system by the User’s browser. Therefore it helps analyse Users’ habits when visiting the Website, and it is used for various purposes: executing online authentication, session monitoring, memorising information on specific configurations of the users who access the server, memorising preferences, etc.

There are different types of cookies:

  1. Technical Cookies: enable Users to navigate the web in a faster and safer way. Without the use of such cookies, some operations could fail or would be more complex.

  2. Profiling Cookies: are used to track a User’s web navigation and create profiles based on Their taste, habits, choices, etc. So that Users can receive targeted and tailored advertising on Their device.

Technical Cookies do not require Users’ consent. Whereas Profiling Cookies do need Your consent: if you don’t want Your device to receive and memorise Profiling Cookies, you need to change Your browser’s safety settings. By changing Your browser’s settings You can decide whether to delete and/or avoid the installation of cookies on Your device.

However, we wish to inform You that after disabling Profiling Cookies You won’t be able to browse the Website in all of its functions.

While navigating the Website, you might also receive so-called Third-Party cookies, sent by other websites or servers. Here is a list of the Third Parties that use cookies on our Website:

  • Google Analytics, a service offered by Google, which You can learn about at this address You can disable the installation of the cookies used by Google Analytics by selecting the corresponding parameters in the options of the Google browser.

By using the Website You automatically accept the use of Cookies and You agree to the processing of the personal data collected by Third Parties.

  1. Purposes of Data Processing

Users’ personal data will be treated by the Controller in accordance with art.6 of the Regulation for the following purposes:

  1. Navigation of the website, by collecting technically useful data, such as the User’s IP address.

  2. Replying to a request for information, sent by way of our contact form.

  3. Legal Obligation, that is to say to fulfil any duty that is enforced by law, by any authority, regulation or European legislation.

  4. Receiving resumes used for recruitment, sent by way of our application form. A specific report will be sent to the related webpage.

Providing personal data for the aforesaid purposes is optional but also necessary, since by not providing it Users’ will not be able to browse the Website and use the services offered by the Controller.

In reference to the purposes defined in the points 3/a, 3/b and 3/d, the lawful basis for processing is the access to the services offered by the Website and which the User has required (in accordance with article 6, paragraph 1, letter c of the General Data Protection Regulation 2016/679).

  1. Security Measures

The information You provide will be mainly processed, by means of IT tools under the authority of the Controller, by external processors and specifically designated and trained entities, in accordance with articles 28 and 29 of the General Data Protection Regulation.

We wish to inform You that the Website makes use of appropriate security measures, in accordance with articles 5 and 32 of the General Data Protection Regulation, aimed at preventing any form of abuse, unauthorized access, data loss, theft, unauthorized destruction, modification or disclosure of Your data.

  1. Nature of data provision

We would like You to know that, for the purposes stated in article 3 of our Privacy Policy, the provision of Your personal data is automatic and necessary to the correct navigation of the Website and to the access to the services provided by the Website.

Please bear in mind that, in any case and at any time, You are allowed to ask the Controller the destruction of Your data by sending a simple informal message to the addresses mentioned in article 1 of our Privacy Policy.

  1. In What context and who we share Your data with

Your data can be shared within the EU, in accordance with what is stated by the Privacy Code and the General Data Protection Regulation, with the following third parties:

  1. any public authority, when enforced by law or upon their request;

  1. external companies, structures and partners that collaborate with the Controller to the correct functioning of the Website activities.

  1. external consultants, when not officially designated as Data Processors.

Users’ personal data will also be shared with third parties that will be allowed to process Their personal data on behalf of the Controller as “External Data Processors”, such as, for example, service and logistics providers, or providers of outsourcing or cloud computing, professionals and consultants.

  1. Duration of Data retention

Your personal data will be stored for the time necessary to fulfil the purposes mentioned in paragraph 3; or for as long as necessary for the legal protection of the interests both of the Users and the Controller.

  1. Your rights

At any time you can exercise Your rights as provided in art. 15 and ff. Of the General Data Protection Regulation: rights of access, rectification, transformation, blocking, erasure, restriction of processing, in the ways and within the limits set by art. 12 of the General Data Protection Regulation.

In case the company stating this privacy policy does not provide response or sends late or inappropriate response, that is to say if You believe there has been a breach of the Privacy Code and/or the General Data Protection Regulation, You can appeal to the personal data protection Authority, at the following addresses:, Email:, Fax: (+39) 06.69677.3785, Phone number: (+39) 06.69677.1.

Data 01/03/2019 Il legale rappresentante