Studio53 is a
Ruder Finn Company

Say Hi!

lily@RuderFinn.com

Headquarters

425 E 53rd St,
New York, NY 10022

Privacy Policy

RUDER FINN PRIVACY POLICY

Updated as of March 13, 2023

Ruder Finn” means Ruder Finn, Inc., RF RLA, Inc., RF Osmosis, Inc., RF Bloom, Inc., Bloom JS, Inc., The SPI Group LLC, TouchdownPR, Inc. and Peppercomm LLC, operating under the Ruder Finn Group of companies (collectively also referred to as “we”, “our”, or “us” in this privacy policy).

This privacy policy applies to the sites that we operate and that link to this privacy policy (collectively, the “Website(s)”). By using the Website, you agree to the use and processing by Ruder Finn of your personal information in accordance with this privacy policy.

This privacy policy does not govern information we process on behalf of our clients. For details about the processing of client data, please see the “Information from Our Clients” section below.

If you are a resident of the following jurisdictions, please see the additional disclosures at the end of this policy:

  • California
  • Nevada
  • Virginia
  • European Economic Area, United Kingdom, and Switzerland

If you have any questions or wish to exercise your rights and choices, please contact us as set out in the “How to Contact Us” section.

The Information We Collect:

Information You Provide.

Ruder Finn collects personal information that is voluntarily provided by visitors to Ruder Finn’s website. The categories of personal information we collect include name, job title, and company name, postal address, email address, telephone and fax numbers. You may choose to provide personal information in the following examples: (i) subscribing to or ordering newsletters and/or publications; (ii) participating in “join our mailing list” initiatives; (iii) participating in bulletin boards, discussion or message forums; (iv) entering or participating in surveys or quizzes; (v) registering for events and conferences; and (vi) when otherwise interacting with us.

If you are applying for a job we may also collect your employment and education history, transcript, writing samples, and references.

Information Collected Automatically:

1

Our Website uses technologies such as “cookies” and other tracking technologies. Cookies are a common part of many commercial websites and allow small text files to be sent by a website, accepted by a web browser, and then placed on your device as recognition for repeat visits to the Website and other sites. You do not need to enable cookies to visit the Website; however, some parts of the Website and some services may be unavailable if cookies are disabled. Some Ruder Finn cookie files will remain on your computer’s hard drive unless and until you manually delete the file. You may generally control your cookie preferences in your browser settings.

We may also use pixels (also known as web beacons) which is code embedded in a service that sends information about your use to a server. There are various types of pixels, including image pixels (which are small graphic images) and JavaScript pixels (which contains JavaScript code). When you access a service that contains a pixel, the pixel may permit us or a separate entity to drop or read cookies on your browser, or collect other information about your visit.

Through the use of tracking technologies, we collect data, including about the features you use, pages you visit, email and ads you view, the time of day you browse, the address of the last URL visited prior to clicking through to the Website, your browser and operating system, your internet service provider, your regional and language settings, and your Internet Protocol (“IP”) address. We also collect imprecise location data derived from your IP address, or other data indicating a city or postal code.

For further information on how we use tracking technologies for analytics and advertising, and your rights and choices regarding them, please see the “Your Rights and Choices” and “Analytics and Advertising” sections below.

Information from Our Clients:

We provide services to our clients, and collect and process personal information about individuals (including through tracking technologies) at the direction of our clients (“client data”). Our processing of client data is governed by the terms of our service agreements with our clients, and not this Privacy Policy. In the event we are permitted to process client data for our own purposes, we will process the client data in accordance with the practices described in this Privacy Policy. We are not responsible for how our clients treat the information we collect on their behalf, and we recommend you review their own privacy policies.

For further information on your rights and choices regarding client data, see the “Your Rights and Choices” section below.

Information from Other Sources.

We also collect personal information from other sources. The categories of sources from which we collect personal information include data brokers from which we purchase data to supplement the data we collect, survey providers, social networks with which you interact, partners that offer co-branded services, sell or distribute our products, or engage in joint marketing activities, and publicly-available sources, including data in the public domain.

The Way We Use Information:

We collect and use information in accordance with the practices described in this Privacy Policy. The information we collect may be used to:

Operate and manage the Websites;

Understand trends, usage, and activity, including through tracking technologies, to make business and marketing decisions;

• Prevent or address fraud, breach of our policies, or other threats of harm;

Conduct research, including through surveys and quizzes;

Send you technical notices regarding updates to our policies, or other administrative messages;

Register you for a conference or other event;

Develop and send advertising, direct marketing, and promotional communications about our and/or other entities’ products, offers, promotions, rewards, events, and services;

Engaging in personalized advertising, including Interest-based Advertising or

Fulfill any other purpose at your direction or with your consent.

Notwithstanding the above, we may use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law. For

information on your rights and choices regarding how we use information about you, please see the “Your Rights and Choices” section below.

Disclosure of Information:

We disclose information we collect in accordance with the practices described in this Privacy Policy. The categories of persons to whom we disclose information include:

Service Providers. We disclose information to service providers that process information on our behalf. Service providers assist us with services such as, data analytics, marketing and advertising, website hosting, and technical support. To the extent required by law, we contractually prohibit our service providers and contractors from retaining, using, or disclosing information about you for any purpose other than performing the services for us, although we may permit them to use publicly available information (as that term is defined by applicable law) or information that does not identify you (including information that has been aggregated or de-identified as those terms are defined by applicable law) for any purpose except as prohibited by applicable law.

Analytics and Advertising. We disclose information to vendors and other parties for analytics and advertising related purposes. These parties may act as your service providers, or in certain contexts, independently decide how to process your information. For more information on analytics and advertising, see the “Analytics and Advertising Choices” section below.

Affiliates. We disclose information with our affiliates and related entities, including where they act as our service providers or for their own internal purposes.

Partners. We disclose information with our partners in connection with offering co-branded services, selling or distributing our products, or engaging in joint marketing activities.

Clients. We disclose information with our business clients when it is relevant to the services we are providing to those clients. Our clients are independent entities and their processing of information is subject to their own privacy policies.

Promotions: In partnership with certain clients, we operate contests, sweepstakes or other promotions, which require registration in order to enter. In such case, your information may be used by us to contact you for winner notification, prize delivery confirmation or other promotional purposes. Your entry in the contest or sweepstakes may, except where prohibited by law, result in your being added to our mailing lists as well as those of our promotional partners or clients associated with the contest or sweepstakes. Acceptance of a prize may require you (unless prohibited by law) to allow us to post publicly some of your information on the Website, such as in social media or on a winner’s page, in the event you win a contest or sweepstakes. Additional terms may apply.

Merger or Acquisition. We disclose information in connection with, or during negotiations of, any proposed or actual merger, purchase, sale or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business.

Security and Compelled Disclosure. We disclose information to comply with the law or other legal process, and where required, in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We also disclose information to protect the rights, property, life, health, security and safety of us, the Service or anyone else.

Facilitating Requests. We disclose information at your request or direction.

Consent. We disclose information with notice to you and your consent.

Notwithstanding the above, we may disclose publicly available information (as that term is defined by applicable law) or information that does not identify you (including information that has been aggregated or de-identified as those terms are defined by applicable law) except as prohibited by applicable law. For information on your rights and choices regarding how we share information about you, please see the “Your Rights and Choices” section below.

Members of the Media, Social Media Influencers/Users, Subject Matter Experts, Stakeholders:

Ruder Finn maintains lists of publicly available information regarding media contacts, journalists, social media influencers, social media users, subject matter experts and other stakeholders and individuals who make their personal and/or professional information and/or opinions publicly available. These lists are accessed and/or used by Ruder Finn for specific business purposes in conducting its own business and in conducting business on behalf of potential and existing clients. Ruder Finn takes reasonable measures to limit the information processed to be relevant to legitimate business purposes and to minimize any risks to individuals associated with the use of such information. Any individual may contact us to access, update and/or restrict use of such information consistent with applicable law by contacting us at privacy@ruderfinn.com.

Links to Other Websites We Don’t Control:

Our Website may contain links to other websites, such as those of our affiliates and clients. Ruder Finn is not responsible for any websites that it does not own or operate. You should carefully review the privacy policies and practices of other websites that you link to from the Website, as we cannot control or be responsible for their privacy practices.

Your Rights and Choices:

In addition to the rights and choices in this section, you may have additional rights based on your jurisdiction. Please click the relevant link at the top of this Privacy Policy or visit the applicable section below for more information. The following describes certain options available to you with respect to the information collected via the Websites:

Tracking Technology Choices.

  • Cookies and Pixels. Most browsers accept cookies by default. You can instruct your browser, by changing its settings, to decline or delete cookies. If you use multiple browsers on your device, you will need to instruct each browser separately. Your ability to limit cookies is subject to your browser settings and limitations.
  • Do Not Track. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com. If you are a California resident, please visit the “California” section below for details on how to exercise your right to opt-out of sales or sharing through preference signals.

Please be aware that if you disable or remove tracking technologies some parts of the Service may not function correctly. Please note the above opt outs only apply to the specific browser or device from which you opt out. We are not responsible for the effectiveness of any opt outs offered by other entities.

Analytics and Advertising Choices.

We use analytics services, such as Google Analytics, to help us understand how users access and use the Service. Google provides tools to allow you to opt out of the use of certain information collected by Google Analytics at https://tools.google.com/dlpage/gaoptout.

In addition, we work with agencies, advertisers, ad networks, and other technology services to place ads about our products and services on other websites and services. As part of this process, we may incorporate tracking technologies into our Websites as well as into our ads displayed on other websites and services. Some of these tracking technologies may track your activities across time and services for purposes of associating the different devices you use, and delivering relevant ads and/or other content to you (“Interest-based Advertising”). The companies we work with to provide you with Interest-based Advertising may be participants of the Digital Advertising Alliance (“DAA”) and/or the Network Advertising Initiative (“NAI”). To opt out of receiving Interest-based Advertising from the participating companies, please visit https://www.aboutads.info/choices and https://www.networkadvertising.org/choices/ for website opt outs and https://www.aboutads.info/appchoices for mobile opt outs. Note that opting out through these links only means that the selected participants should no longer deliver Interest-based Advertising to you, but does not mean that the participants will not process your information for Interest-based Advertising purposes or that you will no longer receive Interest-based Advertising from other companies.

Please note that the above opt outs will only apply to the specific browser or device from which you opt out. We are not responsible for the effectiveness of, or compliance with, any opt out options or programs, or the accuracy of any other entities’ statements regarding their opt out options or programs.

As indicated above, vendors and other parties may act as our service providers, or in certain contexts, independently decide how to process your information. We encourage you to familiarize yourself with and consult their privacy policies and terms of use.

Communications Choices.

You can opt-out of receiving promotional emails from us at any time by following the unsubscribe instructions at the bottom of the emails, or emailing us at the email address set out in the “How to Contact Us” section below with the word UNSUBSCRIBE in the subject field of the email. Please note that you cannot opt-out of transactional emails, such as those about your transactions, servicing, or our ongoing business relations. Please note that your opt out is limited to the email address used and will not affect subsequent subscriptions.

Data Security:

Ruder Finn uses reasonable administrative, technological, physical and other measures to help protect your information from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal information. However, due to the nature of the Internet and related technology, transmission via the internet is not completely secure and we cannot guarantee the security of your personal information and Ruder Finn expressly disclaims any such guarantee.

International Transfer.

We are based in the U.S. and the information we collect is governed by U.S. law. If you are accessing the Service from outside of the U.S., please be aware that information collected through the Service may be transferred to, processed, stored, and used in the U.S. and other jurisdictions. Data protection laws in the U.S. and other jurisdictions may be different from those of your country of residence. Your use of the Service or provision of any information therefore constitutes your consent to the transfer to and from, processing, usage, disclosure, and storage of information about you in the U.S. and other jurisdictions as set out in this Privacy Policy. Where

required by applicable law, we will provide appropriate safeguards for data transfers, such as through use of standard contractual clauses.

Children:

The Websites are not intended for use by individuals under 13 years of age. Ruder Finn will not knowingly collect or maintain personal information (as that term is defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) from children. If you are a parent and believe that we may have collected personal information from children, please contact us so that we may take appropriate measures to investigate and delete such information, if appropriate.

Additional Disclosures for Nevada Residents.

We do not sell and will not sell your covered information (as those terms are defined by NRS 603A.340).

Additional Disclosures for California Residents.

The California Consumer Privacy Act (“CCPA”) and its replacement the California Privacy Rights Act (“CPRA”), provide additional rights to California residents. These additional disclosures address those rights and apply only to California residents.

Our Service is primarily intended to provide information and services to job applicants and business clients. You understand and agree that information collected about you is solely within the context of (i) your role as an employee, job applicant, owner, director, officer, or contractor or (ii) us conducting due diligence regarding, or providing or receiving a product or service to or from your employer.

We acknowledge that you may have rights under the CPRA in connection with the personal information we process on behalf of our clients. If personal information about you has been processed by us as a service provider on behalf of a client and you wish to exercise any rights you have with such personal information, please inquire with our client directly. If you wish to make your request directly to us, please provide the name of our client on whose behalf we processed your personal information. We will refer your request to that client, and will support them to the extent required by applicable law in responding to your request.

Notice of Collection.

We collect the following categories of personal information, as described in the CPRA. For further details on the personal information we collect and how we obtain this information, please review the “The Information We Collect and Process” section above.:

Identifiers, including name, postal address, email address, and online identifiers (such as IP address).

Characteristics of protected classifications under California or federal law, including gender.

Commercial or transactions information, including records of services purchased, obtained, or considered.

Internet activity, including browsing history, search history, and interactions with a website, email, application, or advertisement.

Non-precise geolocation data.

• Employment and education information.

Inferences drawn from the above information about your predicted characteristics and preferences.

We collect and use these categories of personal information for the business and commercial purposes described in the “The Way We Use Information” section above. We disclose this personal information to the categories of persons set out in the “Disclosure of Information” section above.

We do not sell your personal information as that term is traditionally understood. However, some of our disclosures of personal information may be considered a “sale ” or “share” as those terms are defined under the CPRA. A “sale” is broadly defined under the CPRA to include a disclosure for something of value, and a “share” is broadly defined under the CPRA to include a disclosure for cross-context behavioral advertising. We may collect, sell, or share the following categories of personal information for commercial purposes: identifiers, characteristics, commercial or transactions information, internet activity, non-precise geolocation data, and inferences drawn. The categories of third parties to whom we may sell or share your personal information include, where applicable, vendors and other parties involved in cross-context behavioral advertising. For details about your rights regarding sales and shares, please see the “Right to Opt-Out” section below.

We do not knowingly sell or share the personal information of minors under 16 years old who are California residents.

Retention

We retain each category of personal information for the length of time that is reasonably necessary for the purpose for which it was collected, and as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

Right to Know, Correct and Delete.

You have the right to know certain details about our data practices. In particular, you may request the following from us:

  • • The categories of personal information we have collected about you;
  • • The categories of sources from which the personal information was collected;
  • • The categories of personal information about you we disclosed for a business purpose or sold;
  • • The categories of persons to whom the personal information was disclosed for a business purpose or sold;
  • • The business or commercial purpose for collecting or selling the personal information; and
  • • The specific pieces of personal information we have collected about you.

In addition, you have the right to correct or delete the personal information we have collected from you.

To exercise any of these rights, please email us at privacy@ruderfinn.com. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your request.

Right to Opt-Out

To the extent we “sell” or “share” your personal information as those terms are defined under the CPRA, you have the right to opt-out of the “sale” or “sharing” of your personal information by us to third parties at any time. You may

exercise this right through our form at Do Not Sell or Share My Personal Information or by emailing us at privacy@ruderfinn.com and specifying you wish to opt-out. In addition, you may exercise this right by turning on a recognized opt-out preference signal, such as Global Privacy Control, in your browser or extension.

When you submit an opt-out, your opt-out will only apply to sales and shares of personal information through tracking technologies from the specific browser from which you submitted the opt-out because the connection between your browser identifiers and other personal information we have about you is not known to us.

Authorized Agent.

You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.

Right to Non-Discrimination.

You have the right not to receive discriminatory treatment by us for the exercise of any your rights.

Shine the Light.

Customers who are residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To exercise a request, please write us at the email or postal address set out in “Contact Us” above and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.

Additional Disclosures for Virginia Residents

The Virginia Consumer Data Protection Act (“VCDPA”) provides additional rights to Virginia residents. This section addresses those rights and applies only to Virginia residents.

You have the following rights under the VCDPA:

  • • To confirm whether or not we are processing your personal data
  • • To access your personal data
  • • To correct inaccuracies in your personal data
  • • To delete your personal data
  • • To obtain a copy of your personal data that you previously provided to us in a portable and readily usable format
  • • To opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you

To exercise any of these rights, please contact us as set out in the “How to Contact Us” section below and specify which right you are seeking to exercise. We will respond to your request within 45 days. We may require specific information from you to help us confirm your identity and process your request. If personal data about you has been processed by us as a processor on behalf of a client and you wish to exercise any rights you have with such personal data, please inquire with our client directly. If you wish to make your request directly to us, please provide the name of our client on whose behalf we processed your personal data. We will refer your request to that client, and will support them to the extent required by applicable law in responding to your request.

If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at privacy@ruderfinn.com and specifying you wish to appeal. Within 60 days of our receipt of your

appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.

Users Located in the European Economic Area, United Kingdom, and Switzerland:

The General Data Protection Regulation (“GDPR”) provides additional rights to individuals located in the European Economic Area, Switzerland, and the United Kingdom, (collectively, “Europe”). This section addresses those rights and applies only to those individuals.

Roles

Data protection laws in Europe distinguish between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”). Ruder Finn acts as a controller with respect to personal data collected as you interact with our Service. In some instances, Ruder Finn acts a processor on behalf of a client, which is the controller. Any questions that you have relating to the processing of personal data by Ruder Finn as a processor should be directed to the relevant client.

Lawful Basis for Processing

Data protection laws in Europe require a “lawful basis” for processing personal data. Our lawful bases include where: (a) you have given consent to the processing for one or more specific purposes, either to us or to our service providers, partners, or clients; (b) processing is necessary for the performance of a contract with you; (c) processing is necessary for compliance with a legal obligation; or (d) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests. Where applicable, we will transfer your personal data to third countries subject to appropriate or suitable safeguards, such as standard contractual clauses

Your Rights

You have the right to access, rectify, or erase any personal data we have collected about you. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us.

To exercise any of these rights, please contact us as set out in the “How to Contact Us” section below and specify which right you are seeking to exercise. We will respond to your request within 30 days. We may require specific information from you to help us confirm your identity and process your request. If personal data about you has been processed by us as a processor on behalf of a client and you wish to exercise any rights you have with such personal data, please inquire with our client directly. If you wish to make your request directly to us, please provide the name of our client on whose behalf we processed your personal data. We will refer your request to that client, and will support them to the extent required by applicable law in responding to your request.

Please note that we retain information as necessary to fulfil the purposes for which it was collected, and may continue to retain and use information even after a data subject request for purposes of our legitimate interests, including as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements. You also have the right to lodge a complaint with the data protection regulator in your jurisdiction (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm for contact information).

Notification of Changes:

As we provide more services and/or functionality on our Website and as privacy laws and regulations evolve, it may be necessary to revise or update our Privacy Policy. We will endeavor to put an “Updated” note on the link to the Privacy Policy on the Website’s home page so that you will be able to check regarding changes which may be of particular relevance to you. Your continued use of our Websites indicates your consent to the Privacy Policy then posted. If the changes are material, we may provide you with additional notice to your email address.

How to Contact Us:

If you ever have any questions about this privacy policy, or experience any difficulty accessing the information in this privacy policy, please contact us at privacy@ruderfinn.com.

Let’s work together.

Our team is ready to start the conversation.

Reach out at Lily@RuderFinn.com

Join our team.

Interested in working at RF Studio53? We would love to meet you.

Send your resume to Aiden@RuderFinn.com

A CREATIVE STUDIO & PRODUCTION COMPANY