GDPR Privacy Policy

Effective Date: 2023
Last Updated: 2025

At Rocket-OS ("we", "us", or "our"), we are committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR) (EU 2016/679). This GDPR Privacy Policy explains how we collect, use, store, and protect your personal information when you interact with our services.

1. Who We Are

Rocket-OS operates as a data controller for personal data processed through our website and services.

πŸ“ Company Name: Rocket-OS
🌍 Website: rocket-os.io
πŸ“§ Contact Email: hello@rocket-os.io

If you have any questions about this policy or your personal data, you can contact us using the details above.

2. What Personal Data We Collect

We collect the following types of personal data:

A. Data You Provide Directly

  • Account Information – Name, email address, company details, and password.

  • Order & Billing Data – Payment details, invoices, and transaction history.

  • Customer Support Requests – Any information shared when contacting our support team.

B. Data We Collect Automatically

  • Usage Data – IP address, browser type, device information, and website interaction details.

  • Cookies & Tracking Data – We use cookies to enhance your experience (see our Cookie Policy).

C. Third-Party Data

  • If you integrate Rocket-OS with third-party apps (e.g., payment processors), we may receive limited data from those services.

3. Legal Basis for Processing Your Data

Under GDPR, we process your data based on the following legal grounds:

Legal BasisExample UsageContractual NecessityTo provide Rocket-OS services, process payments, and manage user accounts.Legitimate InterestsTo analyze trends, prevent fraud, and improve user experience.ConsentWhen you subscribe to our marketing communications.Legal ComplianceWhen required to fulfill legal obligations, such as tax reporting.

4. How We Use Your Data

We use your personal data to:

βœ” Provide and manage Rocket-OS services.
βœ” Process payments and transactions.
βœ” Improve security, detect fraud, and monitor system performance.
βœ” Communicate updates, promotions, and support messages (with your consent).
βœ” Comply with legal obligations and respond to law enforcement requests.

5. How We Share Your Data

We do not sell or rent your data. However, we may share it with:

  • Service Providers – Cloud hosting, payment processors, and analytics tools.

  • Business Transfers – If Rocket-OS undergoes a merger, acquisition, or asset sale.

  • Legal Compliance – If required by law, court orders, or government requests.

Key Third-Party Providers We Use:

  • Google Analytics (for website analytics)

  • Stripe/PayPal (for payment processing)

  • AWS/GCP (for cloud hosting)

6. Data Retention Policy

We retain personal data for as long as necessary to fulfill the purposes outlined in this policy, including:

  • Account Data: Retained until account deletion.

  • Billing & Transaction Data: Retained for 7 years (for tax & legal compliance).

  • Support Queries: Retained for 2 years unless required longer.

When data is no longer needed, we securely delete or anonymize it.

7. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Your RightsWhat It MeansRight to AccessRequest a copy of the personal data we hold about you.Right to RectificationCorrect inaccurate or incomplete data.Right to Erasure ("Right to be Forgotten")Request deletion of your personal data.Right to Restrict ProcessingLimit how we use your data.Right to Data PortabilityReceive your data in a structured format.Right to ObjectObject to data processing, including direct marketing.Right to Withdraw ConsentWithdraw consent for optional data processing.

πŸš€ How to Exercise Your Rights:
To make a request, email hello@rocket-os.io. We will respond within 30 days.

8. International Data Transfers

Rocket-OS may transfer personal data outside the European Economic Area (EEA), including to service providers in the United States.

We ensure all transfers comply with GDPR by using:
βœ” Standard Contractual Clauses (SCCs)
βœ” EU-U.S. Data Privacy Framework (if applicable)
βœ” Other legally recognized transfer mechanisms

9. Data Security Measures

We implement strict security controls to protect your data:

βœ… Encryption – Data is encrypted at rest and in transit.
βœ… Access Controls – Only authorized personnel can access sensitive data.
βœ… Regular Audits – We conduct security reviews and vulnerability assessments.
βœ… Incident Response – In case of a breach, we will notify affected users within 72 hours, as required by GDPR.

10. Automated Decision-Making & Profiling

Rocket-OS does not engage in automated decision-making that significantly affects users. Any data analysis (e.g., fraud detection) is reviewed by humans.

11. Complaints & Supervisory Authority

If you believe your GDPR rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority (DPA).

In the UK, you can contact:
Information Commissioner’s Office (ICO)
πŸ“ Website: https://ico.org.uk

12. Updates to This Policy

We may update this GDPR Privacy Policy from time to time. Any changes will be posted on this page with an updated Effective Date.

πŸ“’ Major changes will be communicated via email or our website.

13. Contact Us

For GDPR-related inquiries, please contact us:

πŸ“§ Email: hello@rocket-os.io
🌍 Website: rocket-os.io