Rishon → Privacy Policy

Privacy Policy

RISHON MEDIA SRL

Last updated: May 2026

This Privacy Policy explains how RISHON MEDIA SRL collects, uses, stores and protects personal data when you visit our websites, contact us, subscribe to our newsletter, work with us, apply for collaboration opportunities, or interact with us in a professional or commercial context.

This Privacy Policy applies to the websites:

rishonmedia.com
rishonmedia.ro

and to any related communication with RISHON MEDIA SRL.

1. Who we are

The data controller is:

RISHON MEDIA SRL
CUI: 38074676
Trade Registry No.: J2017014054402
Registered office: Sector 3, Bucharest, Romania
Email: hello@rishonmedia.com

For any questions regarding this Privacy Policy or the processing of your personal data, you may contact us at:

hello@rishonmedia.com

RISHON MEDIA SRL has not appointed a Data Protection Officer. Privacy-related requests are handled through the contact email above.

2. What personal data we collect

Depending on how you interact with us, we may collect and process the following categories of personal data.

2.1. Website visitors

When you visit our websites, we may process technical and usage-related data, such as:

IP address;
browser type and version;
device information;
operating system;
pages visited;
date and time of visit;
referral source;
cookie identifiers and consent preferences;
approximate location derived from technical data;
security logs and anti-spam/anti-bot signals.

Some of this data is necessary for the proper functioning and security of the website. Other data, such as analytics, advertising or behavioural tracking data, is processed only according to your cookie choices.

2.2. Contact form and direct enquiries

If you contact us through the website contact form, by email, by phone or through professional platforms, we may process:

name;
email address;
phone number;
message content;
company name, if included in your message;
role or professional context, if included in your message;
any other information you choose to provide.

The website contact form collects: name, email address, phone number and message.

2.3. Newsletter subscribers

If you subscribe to our newsletter, we process:

email address;
subscription status;
subscription source;
unsubscribe status;
basic email engagement data, such as opens or clicks, where provided by the newsletter platform.

Our newsletter is managed through Beehiiv. You may unsubscribe at any time by using the unsubscribe link included in our emails or by contacting us directly.

2.4. Clients, prospects and business contacts

If you are a client, potential client, partner, supplier, collaborator or representative of an organisation that interacts with us, we may process:

name;
business email address;
phone number;
job title or role;
company name;
professional correspondence;
proposal, contract and project-related information;
billing and payment-related information;
information necessary for communication, negotiation, contracting, service delivery and legal compliance.

2.5. Project-related data

In the course of providing strategic communication, branding, digital strategy, marketing, research, content, audit, consultancy or related services, we may process personal data included in materials provided by clients or generated during the project, such as:

contact details of client representatives;
names, roles and business contact details of employees, collaborators, stakeholders or interviewees;
interview notes or research inputs, where applicable;
access-related information necessary for project delivery;
brand, communication, marketing, social media or website materials that may contain personal data;
professional opinions, feedback or comments shared in the context of the project.

Where RISHON MEDIA SRL processes personal data on behalf of a client and according to that client’s instructions, the client may act as controller and RISHON MEDIA SRL may act as processor. In such cases, the data processing terms are governed by the relevant contract or data processing agreement.

2.6. Applicants and collaborators

If you send us a CV, portfolio, collaboration proposal or professional application, we may process:

name;
email address;
phone number;
professional background;
CV and portfolio;
links to professional profiles;
work samples;
any other information you choose to provide.

We do not request special categories of personal data for recruitment or collaboration purposes. Please do not include sensitive information unless strictly necessary.

2.7. Sensitive data

We do not intentionally collect special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious beliefs, health data, biometric data or similar sensitive information.

If you voluntarily include such information in a message, CV, project material or other communication, we will process it only to the extent necessary for the purpose for which it was provided, or we may delete it if it is not relevant.

3. Why we process personal data and legal bases

We process personal data only where we have a valid legal basis under applicable data protection law.

3.1. To operate and secure the website

We process technical data to ensure that our websites function properly, remain secure, prevent abuse, detect spam or bot activity and maintain website integrity.

Legal basis: legitimate interest in operating and securing our website; legal obligation where applicable.

3.2. To respond to enquiries

We process data submitted through contact forms, email, phone or professional platforms in order to respond to your request, prepare a proposal, discuss potential collaboration or provide requested information.

Legal basis: steps prior to entering into a contract; legitimate interest in managing professional and commercial communication.

3.3. To provide services to clients

We process personal data necessary to deliver strategic communication, branding, digital strategy, consultancy, marketing, audit, research, content, website or related services.

Legal basis: performance of a contract; legitimate interest in delivering professional services; legal obligation where applicable.

3.4. To manage business relationships

We process personal data to manage communication with clients, prospects, suppliers, collaborators, partners and other professional contacts.

Legal basis: legitimate interest in managing business relationships; performance of a contract; legal obligation where applicable.

3.5. To send newsletters

We process your email address to send newsletters, editorial updates and related communications if you have subscribed.

Legal basis: consent.

You may withdraw your consent at any time by unsubscribing or contacting us.

3.6. To conduct analytics and improve the website

We may use analytics tools to understand how visitors interact with our websites, improve content, evaluate performance and optimise the user experience.

Legal basis: consent, where required by applicable law.

3.7. To conduct advertising and remarketing

Where enabled through your cookie choices, we may use advertising and remarketing technologies to measure campaigns, build audiences, analyse performance and deliver relevant communications on platforms such as Meta or LinkedIn.

Legal basis: consent, where required by applicable law.

3.8. To process applications and collaboration proposals

We process CVs, portfolios and collaboration messages in order to evaluate potential professional collaboration.

Legal basis: steps prior to entering into a contract; legitimate interest in assessing collaboration opportunities; consent where applicable.

3.9. To comply with legal, tax and accounting obligations

We process personal data included in contracts, invoices, accounting records, tax records and related documents in order to comply with Romanian and EU legal obligations.

Legal basis: legal obligation.

3.10. To protect our rights and interests

We may process and retain certain data where necessary to establish, exercise or defend legal claims, manage disputes, protect contractual rights, investigate misuse or respond to legal requests.

Legal basis: legitimate interest; legal obligation where applicable.

4. Cookies, analytics and similar technologies

Our websites may use cookies and similar technologies for functionality, security, analytics, performance measurement, advertising and user experience purposes.

We use or may use tools such as:

Google Analytics 4;
Google Tag Manager;
Meta Pixel;
LinkedIn Insight Tag;
Hotjar;
Yoast SEO;
Cloudflare Turnstile;
WordPress-related technical tools;
cookie consent and compliance tools.

Some technologies are strictly necessary for the operation and security of the website. Others, such as analytics, advertising, heatmaps or behavioural tracking technologies, are used only according to your cookie consent choices.

You can manage your cookie preferences through the cookie banner or cookie settings available on the website.

This Privacy Policy provides a general explanation of data processing. Detailed cookie information, including specific cookie categories, providers and durations, is managed through the website’s cookie consent system.

5. Newsletter

If you subscribe to our newsletter, we use your email address to send you editorial, strategic, communication, branding, marketing or business-related content.

Our newsletter is managed through Beehiiv.

You can unsubscribe at any time by:

clicking the unsubscribe link in any newsletter email; or
contacting us at hello@rishonmedia.com.

After unsubscribing, we may retain a minimal suppression record to ensure that we do not send you further newsletter communications.

6. Who we share personal data with

We do not sell your personal data.

We may share personal data with trusted third parties only where necessary for the purposes described in this Privacy Policy, including:

website hosting providers;
WordPress and website maintenance providers;
email and communication providers;
newsletter platforms, including Beehiiv;
analytics providers, including Google;
advertising and social media platforms, including Meta and LinkedIn;
user behaviour and website optimisation tools, such as Hotjar, where enabled by consent;
security and anti-spam providers, including Cloudflare Turnstile;
cloud storage and document management providers;
project management, CRM or collaboration tools;
web developers, designers, consultants, subcontractors or collaborators involved in service delivery;
accounting, tax, legal and audit providers;
public authorities, courts, regulators or other institutions where required by law.

Where required, we use contractual arrangements with service providers to ensure that personal data is processed securely and only according to our instructions.

7. International data transfers

Because we work with international clients, providers and technology platforms, personal data may be transferred or accessed outside the European Economic Area.

This may include transfers to or access from countries such as the United States, the United Kingdom, Switzerland, countries in Latin America, Asia, the Middle East or other jurisdictions, depending on the specific client, provider, platform or project.

Where personal data is transferred outside the European Economic Area, we rely on appropriate legal mechanisms under applicable data protection law, such as:

adequacy decisions adopted by the European Commission;
Standard Contractual Clauses;
contractual, technical and organisational safeguards;
other lawful transfer mechanisms where applicable.

8. How long we keep personal data

We retain personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law.

The following retention periods generally apply:

8.1. Contact form enquiries

Data submitted through the contact form is generally retained for up to 24 months from the last interaction, unless the enquiry leads to a commercial relationship, contractual relationship or other legitimate need for longer retention.

8.2. Commercial correspondence and proposals

Commercial correspondence, proposals, negotiations and related communication may be retained for the duration of the negotiation and for up to 3 years after the last interaction.

Where the correspondence relates to a contract, invoice, dispute, legal claim, audit trail, accounting record or other legitimate business or legal need, it may be retained for up to 10 years, or for the period required or permitted by applicable law.

8.3. Contracts, invoices and accounting records

Contracts, invoices, accounting documents, tax records and related financial documentation are retained according to applicable Romanian accounting, tax and legal requirements.

8.4. Client project data

Project-related data is retained for the duration of the project and for a reasonable period afterwards, as necessary for continuity, documentation, contractual obligations, quality assurance, legal defence or legitimate business purposes.

Where project data is relevant to contracts, invoices, disputes, legal claims, audit trails or regulatory obligations, it may be retained for up to 10 years, or for the period required or permitted by applicable law.

8.5. Newsletter data

Newsletter subscription data is retained until you unsubscribe or withdraw consent.

After unsubscribing, we may retain limited information necessary to document the withdrawal of consent and prevent further newsletter communications.

8.6. CVs, portfolios and collaboration proposals

CVs, portfolios and unsolicited collaboration applications are generally retained for up to 12 months, unless a longer period is agreed with you or unless a collaboration relationship is established.

8.7. Technical and security logs

Technical and security logs are retained for a limited period necessary for website security, troubleshooting, fraud prevention and system integrity, unless longer retention is required for investigation or legal purposes.

When personal data is no longer necessary, we delete, anonymise or securely archive it, depending on the applicable legal and operational context.

9. How we protect personal data

We apply appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

These measures may include:

access controls;
secure hosting;
website security tools;
anti-spam and anti-bot protection;
limited access to personal data based on need-to-know;
confidentiality obligations for collaborators and providers;
secure communication and storage practices;
backup and recovery measures;
regular review of website and operational security.

No method of transmission or storage is completely secure. However, we take reasonable steps to protect personal data in accordance with the nature of the data and the risks involved.

10. Your rights

Under applicable data protection law, you may have the following rights:

the right to be informed about how your personal data is processed;
the right to access your personal data;
the right to request correction of inaccurate or incomplete data;
the right to request deletion of your personal data;
the right to request restriction of processing;
the right to object to processing based on legitimate interests;
the right to data portability, where applicable;
the right to withdraw consent at any time, where processing is based on consent;
the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects.

To exercise your rights, please contact us at:

hello@rishonmedia.com

We may ask you to provide information necessary to verify your identity before responding to your request.

We will respond to your request within the timeframe required by applicable law.

11. Right to withdraw consent

Where processing is based on your consent, you may withdraw your consent at any time.

Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

You may withdraw consent by:

changing your cookie preferences;
unsubscribing from the newsletter;
contacting us at hello@rishonmedia.com.

12. Right to lodge a complaint

If you believe that your personal data has been processed unlawfully or that your rights have not been respected, you have the right to lodge a complaint with the competent supervisory authority.

In Romania, the supervisory authority is:

The National Supervisory Authority for Personal Data Processing
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
Website: www.dataprotection.ro
Email: anspdcp@dataprotection.ro
Address: 28-30 G-ral Gheorghe Magheru Blvd., District 1, Bucharest, Romania

You may also contact us first at hello@rishonmedia.com, and we will make reasonable efforts to address your concern.

13. Automated decision-making and profiling

We do not use personal data to make decisions based solely on automated processing that produce legal effects or similarly significant effects concerning you.

Where advertising, analytics or remarketing tools are used, they may involve profiling or audience segmentation for measurement, optimisation or advertising purposes. Such processing is carried out according to your cookie choices and the settings provided by the relevant platforms.

14. Children’s data

Our websites and services are intended for business and professional audiences. They are not directed to children.

We do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us at hello@rishonmedia.com, and we will take appropriate steps to delete such data where required.

15. Links to third-party websites

Our websites may contain links to third-party websites, platforms, articles, tools or social media pages.

We are not responsible for the privacy practices, content or security of third-party websites. We encourage you to read the privacy policies of any third-party websites you visit.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical or operational changes.

The updated version will be published on this page with a revised “Last updated” date.

Your continued use of our websites after an update means that you have read the updated Privacy Policy.