Privacy Policy

Last updated: 16/04/2026

This privacy policy is provided pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR) and Italian Legislative Decree 196/2003 (Privacy Code) as amended by Italian Legislative Decree 101/2018.

1. Data Controller

The data controller for personal data is:

RENOR AND PARTNERS S.r.l.
Sede legale: Via Cicerone, 15 — 00072 Ariccia (RM), Italia
P.IVA: 16768411007
PEC: renorandpartners@legalmail.it
Email: info@renor.it

Hereinafter referred to as "Controller", "we", or "our".

2. Data Protection Officer (DPO)

The Controller has not appointed a Data Protection Officer (DPO) as the conditions set out in Article 37 of the GDPR do not apply. For any questions regarding the processing of personal data, you may contact the Controller at the details provided above.

3. Scope of Application

This Privacy Policy applies to:

• The mobile application ScanBoost PDF (hereinafter "App"), available on the Apple App Store.
• The associated website (hereinafter "Website").

4. Data Collected by the App

ScanBoost PDF is designed to respect your privacy to the highest degree. The App is completely free and does not include in-app purchases or subscriptions.

The App operates with a 100% on-device approach: all scanning, image processing, filter application, and PDF generation operations are performed exclusively on your device.

4.1. Data NOT Collected

The App does not collect, transmit, or share any data with external servers. Specifically:

• No personally identifiable data (name, email, phone number, etc.) is collected.
• No usage data, diagnostics, or telemetry is sent to the Controller or third parties.
• No analytics SDKs (e.g., Google Analytics, Firebase, Mixpanel) are integrated into the App.
• No advertising tracking SDKs (e.g., Facebook SDK, AdMob) are integrated into the App.
• No device identifiers (IDFA, IDFV) are collected or transmitted.
• The App does not make any network connections to servers of the Controller or third parties (except for optional iCloud backup managed directly by Apple).
• Scanned images and PDF documents never leave your device.

4.2. Data Stored Locally on the Device

The App stores the following data exclusively in the application's local sandbox on your device:

• Scanned images — Photographs of documents captured via the camera, saved in the App's local directory.
• Thumbnails — Reduced-size versions of scans automatically generated for smoother navigation.
• Generated PDF files — PDF documents created by the user from scans.
• Working drafts — Documents in progress that have not yet been finalized.
• Document metadata — Document name, creation date, number of pages, status (draft/completed).
• User preferences — Selected language, iCloud backup status (enabled/disabled).

This data is under your complete control. You can delete it at any time:

• By deleting individual pages or entire documents from within the App.
• By uninstalling the application from your device (all local data will be removed).

4.3. iCloud Backup (Optional)

The App offers the option to back up documents to Apple iCloud. This feature:

• Is completely optional — You can enable or disable it at any time from the App's Settings.
• Is managed entirely by Apple — Data is stored in your personal iCloud account, in accordance with Apple's Privacy Policy.
• Is encrypted — Apple applies end-to-end encryption to data stored on iCloud.

The Controller (RENOR AND PARTNERS S.r.l.) does not have access to your data on iCloud. The contractual relationship for the iCloud service is exclusively between you and Apple Inc.

5. App Permissions

The App requires the following permissions on the device:

• Camera (NSCameraUsageDescription) — Required for scanning documents using the device's rear camera. Captured images remain exclusively on the device and are not transmitted in any way.

The App does not require access to: contacts, address book, GPS location, microphone, photo library, calendar, reminders, Bluetooth, local network, or other personal data.

6. Data Collected by the Website

6.1. Browsing Data

The computer systems and software procedures used to operate the Website acquire, during their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category includes:

• IP addresses
• Browser type and operating system
• Date and time of the request
• Pages visited

This data is used solely for the purpose of obtaining anonymous statistical information on the use of the Website and to ensure its correct operation. The data is stored by the hosting provider (see section 9) and is deleted according to the provider's own retention policies.

6.2. Technical Cookies (Necessary)

The Website uses exclusively the following strictly necessary technical cookies:

• scanboost_cookie_consent — Stores your cookie consent choice. Type: first-party cookie. Duration: 1 year from the date set. Data stored: consent preferences (necessary/analytics/marketing) and timestamp.

These cookies do not require your prior consent pursuant to Article 122(1) of Italian Legislative Decree 196/2003 and Article 6(1)(f) of the GDPR, as they are strictly necessary for the provision of the service expressly requested by the user.

6.3. Analytics and Marketing Cookies

The Website currently does not use analytics, marketing, or profiling cookies.

The cookie management banner on the Website is set up to collect your consent should cookies of these categories be introduced in the future. In that case, this Privacy Policy will be updated before their activation, and cookies will only be installed with your explicit consent (Art. 6(1)(a) GDPR).

6.4. Cookie Consent Management

On your first visit to the Website, an information banner is displayed. You can:

• Accept all cookies — You consent to the use of all categories of cookies.
• Reject non-essential cookies — Only the necessary technical cookies are installed.
• Customize preferences — You individually select the cookie categories you wish to accept.
• Change preferences at any time — By clearing your browser cookies or using the site settings.

You can also configure your browser to block or delete cookies. Below are links to the guides for the main browsers:

• Google Chrome
• Mozilla Firefox
• Apple Safari
• Microsoft Edge

7. Purposes and Legal Basis of Processing

Below is a summary of the processing purposes and their respective legal bases:

• App operation — Legal basis: Art. 6(1)(b) GDPR (performance of a contract). Note: the App does not collect personal data; data is stored locally only.
• Website technical cookies — Legal basis: Art. 6(1)(f) GDPR (legitimate interest of the Controller in the correct operation of the Website).
• Possible future analytics/marketing cookies — Legal basis: Art. 6(1)(a) GDPR (explicit consent of the data subject, revocable at any time).
• Website browsing data — Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the security and correct operation of the Website).

8. Data Sharing and Disclosure

The Controller does not share, sell, transfer, or disclose any personal data of users to third parties.

The parties that may become aware of the Website browsing data are:

• Hosting provider — IONOS SE (see section 9), acting as data processor pursuant to Art. 28 GDPR, limited to server access logs.
• Apple Inc. — Only if the user voluntarily enables iCloud backup from the App. Apple acts as an independent data controller for the iCloud service.

9. Data Processors

The Controller uses the following data processors (Art. 28 GDPR):

• IONOS SE
  Service: Website hosting
  Registered office: Elgendorfer Str. 57, 56410 Montabaur, Germany
  Processing: storage of server access logs (browsing data)
  Servers located in the European Union
  Privacy Policy: https://www.ionos.it/terms-gtc/privacy-policy/

Apple Inc. (for the iCloud service) acts as an independent data controller. The contractual relationship for iCloud is directly between the user and Apple.

10. International Data Transfers

App: App data remains on your device and is not transferred. If iCloud backup is enabled, data may be stored in Apple data centers located outside the EU, in compliance with the standard contractual clauses (SCCs) adopted by Apple pursuant to Art. 46(2)(c) GDPR.

Website: browsing data is stored on IONOS servers located in the European Union. No data is transferred outside the European Economic Area (EEA).

11. Data Retention Period

• Local App data — Stored on the device until deleted by the user or until the App is uninstalled.
• iCloud backup — Stored according to Apple's policies until deleted by the user from their iCloud account.
• Website technical cookies — The scanboost_cookie_consent cookie has a duration of 1 year from the date set.
• Website browsing logs — Stored by the hosting provider (IONOS) according to their own retention policies, generally no longer than 30 days.

12. Your Rights (GDPR Articles 15–22)

As a data subject, pursuant to Articles 15–22 of the GDPR, you have the right to:

• Access (Art. 15) — Obtain confirmation of the existence of processing and access your personal data.
• Rectification (Art. 16) — Obtain the correction of inaccurate personal data or the completion of incomplete data.
• Erasure (Art. 17) — Obtain the deletion of your personal data ("right to be forgotten").
• Restriction of processing (Art. 18) — Obtain the restriction of processing in the cases provided for by the GDPR.
• Data portability (Art. 20) — Receive your data in a structured, commonly used, and machine-readable format.
• Objection (Art. 21) — Object to the processing of your data based on the legitimate interest of the Controller.
• Withdrawal of consent (Art. 7(3)) — Withdraw consent at any time.

How to exercise your rights:

• For the App: since the App does not collect or transmit personal data, you can exercise your rights directly by deleting documents from the App or uninstalling the application.
• For the Website: you can delete cookies through your browser settings (see section 6.4).
• For requests to the Controller: you can write to info@renor.it or via certified email (PEC) to renorandpartners@legalmail.it. We will respond within 30 days of receiving the request, as required by Art. 12(3) GDPR.

13. Right to Lodge a Complaint

Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with the competent supervisory authority. In Italy, the supervisory authority is:

Garante per la Protezione dei Dati Personali
Web: www.garanteprivacy.it
Email: garante@gpdp.it
PEC: protocollo@pec.gpdp.it
Tel: (+39) 06.696771

14. Minors

The App is rated 4+ on the App Store and is therefore accessible to users of all ages. However, the App does not collect any personal data and does not require account creation, therefore the issue of minor's consent under Art. 8 of the GDPR does not arise.

Regarding the Website, consent to non-essential cookies may only be given by users who are at least 14 years old (the threshold established by Art. 2-quinquies of Italian Legislative Decree 196/2003 for Italy). If you are under 14, we ask that you do not consent to non-essential cookies without the authorization of a parent or guardian.

15. Security Measures

The Controller adopts appropriate technical and organizational measures to ensure a level of security appropriate to the risk, pursuant to Art. 32 of the GDPR. In particular:

• App: data is stored in the protected sandbox of the iOS application, accessible only by the App itself. The iOS operating system ensures data isolation between applications.
• iCloud backup: protected by Apple's end-to-end encryption.
• Website: connection protected via HTTPS protocol (TLS encryption). Security headers configured (X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, Referrer-Policy).

16. Changes to the Privacy Policy

The Controller reserves the right to modify this Privacy Policy at any time, informing users by publishing updates on this page with an updated "last updated" date.

In the event of substantial changes affecting the purposes or methods of processing, the Controller will provide adequate notice before the changes take effect.

We encourage you to periodically review this page to see the latest version of the Privacy Policy.

17. Applicable Legislation

• Regulation (EU) 2016/679 (GDPR)
• Italian Legislative Decree of June 30, 2003, No. 196 (Privacy Code)
• Italian Legislative Decree of August 10, 2018, No. 101 (GDPR Alignment)
• Italian Data Protection Authority Provision No. 229/2014 (Cookies)
• Italian Data Protection Authority Guidelines of June 10, 2021 on cookies and other tracking tools