Last updated: June 2019

1. Introduction

Thank you for visiting the http://www.rocketads.net/ website (the “Website”). Your privacy and the integrity of any information you provide are important to us at RocketAds Inc (the “Company; We”), the operator of this Website and/or the provider of digital advertising services as described at the Website (the “Services”).

 

We are accountable for our Privacy Policy and the practices on our Website, including the Privacy Policy as set out below. If you have any questions or concerns regarding this Privacy Policy, please address them via e-mail to us via our “Contact Us” page.

 

This Website may be connected by “hyperlinks” to other third party sites. We are not responsible in any way for the privacy practices on other third party’s sites and suggest that you review the privacy policies on those linked sites before using them.

 

Any information stored on our Website is treated as confidential. All information is stored securely and is accessed by authorized personnel only. The Company implements and maintains appropriate technical, security and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.

 

2. Collection and use

2.1 .General

The following sections cover the specifics of each of the three groups from which Personal Data is collected: Website Visitors, Users and Partners. For the purposes of this Policy Personal Data shall mean and may comprise: IP address, first and last name, postal and email address, telephone number, data from social networks, areas of interest, interest in products, as well as information as to the type of relationship that exists between the Company and Visitors, Users and/or Partners.

2.2 Website Visitors and Users

By visiting the Website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not visit this Website. If required by applicable law, Company will seek your explicit consent to process Personal Data collected on this Website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this Website may not be possible. We may collect, record and analyze information of Visitors to this Website. We may record your IP address and use cookies (see: Cookies Policy below). We may add information collected by way of page view activity. Furthermore, Company may collect and process any Personal Data that you volunteer to us in our website’s forms, such as when you subscribe or sign up for information and newsletters. If you provide Company with your social media details, the Company may retrieve publicly available information about you from social media. The Company gathers data about visits to the website, including numbers of Visitors and visits, Geo-location data, length of time spent on the site, pages clicked on or where Visitors have come.

2.2.1 Purpose of processing personal data

The Company uses the collected data to communicate with Visitors, Users and/or Partners, to customize content for Visitors, Users and/or Partners, to show ads on other websites and to improve its Website by analyzing how Visitors and/or Users navigate its Website.

2.2.2 Sharing personal data

The Company may also share such information with service vendors, Partners and/or contractors in order to provide a requested service or transaction or in order to analyze the Visitor and/or Users behavior on its Website.

2.2.3       Cookies

The Website and some of our Services use cookies (small text files containing a string of alphanumeric characters that we put on your computer) and other similar tracking technologies (like web beacons, tags and scripts) to uniquely identify Visitors’ and/or Users’ browser and to gather information about how Visitor and/or User interact with the Websites and services. We use this information for the following purposes: Assisting Visitor and/or User in navigation; Assisting in registration, login and the ability to provide feedback; Analyzing the use of products, services or applications; and assisting with promotional and marketing efforts (including behavioral advertising).

Please see the Company’s Cookie Policy for more information about the type of cookies and tracking technologies that we use on this Website and why, and how to accept or reject them.

We also utilize Google Analytics, a web analysis service provided by Google, to better understand your use of our Website and services. Google Analytics collects information such as how often Users visit the Website, what pages they visit and what other sites they used prior to visiting. Google uses the data collected to track and examine the use of the Website, to prepare reports on its activities and share them with other Google services. Google may use the data collected on the Website to contextualize and personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to the Website is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.

2.2.4 Links to other sites

Please be aware that while visiting the Website, Visitors and/or Users can follow links to other sites that are beyond the Company’s control of influence. The Company is not responsible for the content or privacy policy of these other sites.

2.3 Users

2.3.1. General

In order to provide services to its Users, the Company collects certain types of data from them. This section will describe how these two types of data are collected and used by the Company as well as geographical differences that effect this policy.

2.3.2 Collection of User data

During a User’s registration and later on the Company’s Website, it provides information such as name, email, address, telephone, credit-card number and other relevant data. This information is used by the Company to identify the User and provide them with support, services, mailings, sales and marketing actions, billing and to meet contractual obligations.

The Company’s Users can at any time access and edit, update or delete their contact details by logging in with their username and password. The Company will not retain User’s data longer than it is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.

2.3.3 Collection and Processing of Personal Data

The Company relies on the consent of the individual to process Personal Data (for example, when the user inputs personal information into the Website). On other occasions, the Company may process Personal Data when it needs to do this to fulfill a contract or where it is required to do so by law.

The Company may also process Personal Data when it is in its or its Partners’ legitimate interests to do so and when these interests are not overridden by the individual’s data protection rights (which may vary based on an individual’s jurisdiction).

2.3.4. Geographical location

The Company offers a number of data regions. A “Data Region” is a set of data centers located within a defined geographical area where Visitor and/or User data is stored. Personal Data is not transmitted between Data Regions. For Visitor and/or User with accounts located in European Data Region, all Personal Data is processed in the EEA. For Visitor and/or User with accounts in the Data Regions: United States of America (US), all Personal Data is processed solely in the respective country.

2.3.5. Processing in the European Economic Area (EEA)

For Visitor and/or User with accounts located in European Data Region, all processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and the Company’s processing will take place in accordance with the GDPR.

2.3.6. Controller/Processor

The Company processes Personal Data mainly as a Processor, as defined in the Directive and the GDPR:

The Company, which you as a Partner entered an agreement with, will be the Processor for User data provided by the Company to Partner and the Partner will be the Controller in accordance with Directive and GDPR.

For User data, provided by the User to Company, the Company will be the Controller in accordance with Directive and GDPR. The Company adheres to the Directive of 1995 and the GDPR from May 25th, 2018.

All data collected by the Company will be stored exclusively in secure hosting facilities provided by Amazon Web Services Inc. All hosting is performed in accordance with the highest security regulations. The Company contract with its hosting provider ensures that all hosting is performed in accordance with the highest security regulations.

The Company has adopted reasonable physical, technical and organizational safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the User’s data and/or the Personal Data in its possession. The Company will promptly notify you in the event of any known unauthorized access to, or use of, the User’s data and/or the Personal Data. Please note however that where you are transmitting information over the internet, this can never be guaranteed to be 100% secure.

 

3. Retention and deletion

The Company will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. For User data, Users with an active account will therefore have the responsibility to delete data when required. When a user’s account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law.

 

4. Acceptance of these Conditions

We assume that all Visitors and/or Users and/or Partners have carefully read this document and agree to its contents. If someone does not agree with this Privacy Policy, it should refrain from using the Website and/or the Services. We reserve the right to change this Privacy Policy as necessity. We encourage Visitors and/or Users to frequently check this page for any changes. You acknowledge and agree that it is your responsibility to review this Privacy Policy periodically and become aware of modifications. Continued use of the Website and/or the Services after any changes to these conditions implies acceptance of the revised Privacy Policy.

 

5. Our Legal Obligation to Disclose Personal Data

We will reveal a Visitor and/or User’s Personal Data without his/her prior permission only when we have reason to believe that the disclosure of this information is required to establish the identity of, to contact or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property of the Company or to others who could be harmed by the user’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose Personal Data when we have good reason to believe that this is legally required.

 

6. Children’s Information

The Website is not directed or intended for children under 16 years of age. We do not knowingly collect or solicit information from individuals under 16 years of age. If we later obtain actual knowledge that an end user is under 16 years of age, we will take steps to remove that end user’s information from our systems. Children should always get permission from their parents before sending information about themselves (such as their names, email addresses, and phone numbers) over the internet. We are in compliance with the requirements of COPPA (Children Online Privacy Protection Act), and do not collect any information from anyone under 16 years of age. We will not knowingly encourage any minor to register with the Website or to access those features which require registration.

 

7. Data Protection Officer

The Company has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address: [email protected].

 

8. Further Information

If you have any further questions regarding the data collects, or how we use it, please contact us by email at: [email protected].

The California Consumer Privacy Act (CCPA) was enacted in 2018 and takes effect on January 1, 2020. This landmark piece of legislation secures new privacy rights for California consumers. On October 10, 2019, Attorney General Xavier Becerra released draft regulations under the CCPA for public comment.

The CCPA grants new rights to California consumers

• The right to know what personal information is collected, used, shared or sold, both as to the categories and specific pieces of personal information; • The right to delete personal information held by businesses and by extension, a business’s service provider; • The right to opt-out of sale of personal information. Consumers are able to direct a business that sells personal information to stop selling that information. Children under the age of 16 must provide opt in consent, with a parent or guardian consenting for children under 13. • The right to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.

The CCPA applies to certain businesses

• Businesses are subject to the CCPA if one or more of the following are true: o Has gross annual revenues in excess of $25 million; o Buys, receives, or sells the personal information of 50,000 or more consumers, households, or devices; o Derives 50 percent or more of annual revenues from selling consumers’ personal information. • As proposed by the draft regulations, businesses that handle the personal information of more than 4 million consumers will have additional obligations.

The CCPA imposes new business obligations

• Businesses subject to the CCPA must provide notice to consumers at or before data collection. • Businesses must create procedures to respond to requests from consumers to opt-out, know, and delete. o For requests to opt-out, businesses must provide a “Do Not Sell My Info” link on their website or mobile app. • Businesses must respond to requests from consumers to know, delete, and opt-out within specific timeframes. o As proposed by the draft regulations, businesses must treat user-enabled privacy settings that signal a consumer’s choice to opt-out as a validly submitted opt-out request. • Businesses must verify the identity of consumers who make requests to know and to delete, whether or not the consumer maintains a password-protected account with the business. CALIFORNIA DEPARTMENT OF JUSTICE OFFICE OF THE ATTORNEY GENERAL o As proposed by the draft regulations, if a business is unable to verify a request, it may deny the request, but must comply to the greatest extent it can. For example, it must treat a request to delete as a request to opt-out. • As proposed by the draft regulations, businesses must disclose financial incentives offered in exchange for the retention or sale of a consumer’s personal information and explain how they calculate the value of the personal information. Businesses must also explain how the incentive is permitted under the CCPA. • As proposed by the draft regulations, businesses must maintain records of requests and how they responded for 24 months in order to demonstrate their compliance. o In addition, businesses that collect, buy, or sell the personal information of more than 4 million consumers have additional record-keeping and training obligations.

Cost estimates for CCPA compliance

• According to estimates in the Standardized Regulatory Impact Assessment for the CCPA regulations, the CCPA will protect over $12 billion worth of personal information that is used for advertising in California each year.1 • Preliminary estimates suggest a total of $467 million to $16,454 million in costs to comply with the draft regulation, if finalized, during the period 2020-2030.2

CCPA and GDPR

The California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR) are separate legal frameworks with different scopes, definitions, and requirements. A business that complies with GDPR and is subject to CCPA may have additional obligations under CCPA. • For example, under GDPR, companies must undertake a data inventory and mapping of data flows in furtherance of creating records to demonstrate compliance. Additional data mapping may be important to reflect the different requirements under CCPA. • Under GDPR, companies must develop processes and/or systems to respond to individual requests for access to personal information and for erasure of personal information. These processes and/or systems may be applied to handling CCPA consumer requests, although businesses may need to review and reconcile the different definitions of personal information and applicable rules on verification of consumer requests. • Under GDPR, companies must disclose data privacy practices in a privacy policy. CCPA also requires companies to disclose specific business practices in a comprehensive privacy policy. Many California companies that operate commercial websites and online services must post a privacy policy under the California Online Privacy Protection Policy, or CalOPPA, and will need to update this policy for CCPA. • Under GDPR, companies must draft and execute written contracts with its service providers (“processors”). Companies may need to review these contracts to reflect requirements under CCPA. 1 Berkeley Economic Advising and Research, LLC, Standardized Regulatory Impact Assessment: California Consumer Privacy Act of 2018 Regulations (August 2019). 2 Berkeley Economic Advising and Research, LLC, Standardized Regulatory Impact Assessment: California Consumer Privacy Act of 2018 Regulations (August 2019). This number is specifically the cost associated with the regulations and not general compliance costs associated to the underlying CCPA law. CALIFORNIA DEPARTMENT OF JUSTICE OFFICE OF THE ATTORNEY GENERAL

Next steps in the regulatory process

• The Attorney General is required to promulgate regulations to clarify and operationalize the CCPA. • After holding seven statewide public forums and reviewing over 300 written comments during the preliminary rulemaking stage, the Attorney General released draft regulations on October 10, 2019. • The Attorney General will consider all comments and may revise the regulations in response. • Any revision to the proposed regulations will be subject to an additional 15 day public comment period. • Following the comment period, the Attorney General will submit the final text of the regulations, the final Statement of Reasons responding to every comment submitted, and an updated informative digest to the Office of Administrative Law. OAL has 30 working days to review the regulations, and if approved, the rules will go into effect.

Submitting public comments

• The draft regulations are out for public comment until December 6, 2019 at 5 p.m. PST. The Attorney General will accept written comments by mail or email. • Please visit our website at www.oag.ca.gov/privacy/ccpa for details on submitting comments. Please note that all submissions become part of the public rulemaking record.

Public meetings

• During the comment period, the Attorney General will hold the following public hearings: o December 2, 2019 – Sacramento o December 3, 2019 – Los Angeles o December 4, 2019 – San Francisco o December 5, 2019 – Fresno Please visit the our website at www.oag.ca.gov/privacy/ccpa for details and to RSVP