As of September 1st, 2018
RocketMail cares about security and confidentiality of your data and this is why we strive to ensure that our technical and organizational measures in place respect your data protection rights.
In subscribing to our services or filling in a contact form on our website (www.rocketmail.lu ) or other sites owned by RocketMail, you agree and accept that we may gather, process, store and/or use the personal data submitted in accordance with the rules set forth below.
By giving your consent to us, you also retain the right to have your personal data rectified, to be forgotten and/or to be erased.
Personal Data Collected
- Identity and contact details of the data processor
Personal data is collected on our website by RocketMail, represented by Asma Consulting SOPARFI, a company registered under the laws of Luxembourg under number B157869 and having its registered office at 7 ZAC Haneboesch II, L-4563, Niederkorn (G.D LUXEMBOURG).
- Data Protection Authority Declarations
Declarations on the automated processing of data have been registered with the Luxembourg data protection authority (CNPD) under number T011900
You retain the right to lodge any complaints on data protection with this supervisory authority.
- Data collected on the site
When you subscribe to our services, the following data is collected and managed: email, title, first name, last name, country, Intracommunity VAT number where applicable, login & password, postal address, telephone number, IP address(es) and domain name. By using our services, the following data is collected and managed: log-on data and browsing data where you authorize it, order history, complaints, incidents, information on subscriptions and messages on our site. Some data is collected automatically by reason of your activity on the site (see paragraph on cookies below).
The data submitted should not include any sensitive personal data, such as Government identifiers (i.e. social security, driving license, or taxpayer identification numbers), complete credit card or complete personal bank card numbers, medical records or particulars connected with applications for care or treatment associated with private individuals.
- Purposes of processing and legal basis
The principal purpose of collecting your personal data is to offer you a safe, optimum, efficient and personalized experience. To this end, you agree and accept that we may use your personal data to:
- provide our services and facilitate performance, including verifications relating to you;
- resolve any problems so as to improve the use of our site and services;
- personalize, assess, and improve our services, content and materials;
- analyze the volume and history of your use of our services;
- inform you about our services as well as our partners’ services and/or promotional offers;
- comply with legal and regulatory obligations.
We use the personal data submitted to us only in accordance with the applicable data protection legislation. Our employees and third party providers are under an obligation to respect data privacy.
- Newsletter and marketing emails
An unsubscribe link should be included in every newsletter and marketing email sent by you.
For those of you that have expressly opted in to receive our RocketMail marketing e-mails you are easily able to unsubscribe by following the “unsubscribe” links included in every email.
- Email tracking
Without systematically doing so, we may analyse and track the click rates and the number of emails sent which you open to assess performance rates on your emailing campaigns.
RocketMail publishes a list of Customers & Testimonials on its site with information on our customers’ names and job titles. RocketMail undertakes to obtain the authorization of every customer before publishing any testimonial on its website.
- Third party disclosures
Personal data relating to you collected on our website are destined for RocketMail’s own use and may be forwarded to RocketMail’s partner companies so that we may obtain assistance and support in the context of carrying out our services. RocketMail ensures that it has in place clear data protection requirements for all of its third party providers.
RocketMail does not sell or rent your personal data to third parties for marketing purposes whatsoever.
In addition, RocketMail does not disclose your personal data to third parties, except if: (1) you (or your account administrator acting on your behalf) requests or authorizes disclosure thereof; (2) the disclosure is required to process transactions or supply services which you have requested (i.e. to check you are employing best practice in your mailings or for the purposes of processing an acquisition card with credit-card issuing companies); (3) RocketMail is compelled to do so by a government authority or a regulatory body, in the case of a court order, a summons to appear in court or any other similar requisition from a government or the judiciary, or to establish or defend a legal application; or, (4) the third party is a subcontractor of RocketMail in the carrying out of services (for example: RocketMail uses the services of an Internet provider or a telecommunications company).
- Your data protection rights
In accordance with the French Data Protection Law of 6 January 1978 as amended, and the European General Data Protection Regulation 2016/679 (GDPR) you have a right of access, correction and removal of your personal data which you may exercise by sending an e-mail to the adress indicated at the bottom of this page .Your requests will be processed within 30 days. We may require that your request be accompanied by a photocopy of proof of identity or authority.
You are also able at any time to modify personal data by logging into your account and clicking on “edit my profile”.
You can choose to decline acceptance of all cookies, but your ability to browse certain pages of the site may be reduced. The cookies used by RocketMail are intended to enable or facilitate communication, to enable the services requested by users to be supplied, to recognize users when they re-visit the site, to secure payments which users may make, to register the language spoken by users or other preferences necessary for the service requested to be supplied and to enable RocketMail, internally, to carry out analyses on hit rates and browsing experience so as to improve content, to track email opening rates, click rates and bounce-back rates at individual levels.
By default, cookies are not installed automatically (with the exception of those cookies needed to run the site and RocketMail’s services, and you are informed of their installation by a banner). In accordance with the regulations that apply, RocketMail will require your authorization before implanting any other kind of cookie on your hard drive. To avoid being bothered by these routine requests for authorization and to enjoy uninterrupted browsing, you can configure your computer to accept RocketMail cookies or we are able to remember your refusal or acceptance of certain cookies. By default, browsers accept all cookies.
THIRD PARTY DATA
In the context of using our services, namely creating emailing campaigns and contact lists, RocketMail has access to the information contained in the email contact lists you create in your account, as well as the subject and content of the emails that you send out via our services.
This data is stored on secure servers and only a limited number of people are authorized to access your contact lists, in particular for the purpose of providing support services.
You are easily able to recover your contact lists from your RocketMail account at any time, by clicking on the “export” button. You may also modify and or delete contacts at any time from your account.
In no case does RocketMail sell, share or rent out your contact lists to third parties, nor does it use them for any purposes other than those set forth in this policy. We will use the information from your contact lists only for legal requirements, to invoice and collect summaries for our own statistics and for the purposes of providing you with customer support services.
As creator of the contact lists and associated email campaigns, you are considered the data controller within the meaning of the GDPR, and RocketMail is acting only as a data processor. In this capacity, you are responsible in particular for:
- making all the declarations necessary to the relative data protection authority
- complying with all current regulations in force
- obtaining the explicit consent of the persons concerned when collecting their personal data,
- Ensuring your authority to use the personal data collected in accordance with the defined end purposes and refraining from any unauthorized use.
If a recipient of your emails sent via our services requests us to modify or delete his/her personal data, we will honor that request after proper verification and will inform you of it.
DATA RETENTION PERIODS
RocketMail collects your personal data for the requirements of carrying out its contractual obligations as well as information about how and when you use our services and we retain this data in active databases, log files or other types of files so long as you use our services, and in accordance with the current regulations in force.
RocketMail in no way undertakes to store all your data indefinitely. You are able to access some data so long as you hold an active account with us and for a period that varies depending on the type of data concerned and the subscribed plan (statistics on your account, content of your emails, contact lists, etc.), but, in no event no longer than 13 months after closing of your account. The data may be deleted at any time during active use of your account in accordance with the provisions set forth above.
LOCATION OF DATA STORAGE AND TRANSFERS
The host servers on which RocketMail processes and stores its databases are located exclusively within the European Union (France).RocketMail undertakes not to transfer any data outside the European Economic Area.
RocketMail will inform you immediately, to the extent we are legally authorized to do so, in case of any application or order originating from an administrative or judicial authority relating to your personal data.
Within the framework of its services, RocketMail attributes the very highest importance to the security and integrity of its customers’ personal data.
Thus and in accordance with the GDPR, RocketMail undertakes to take all pertinent precautions in order to preserve the security of the data and, in particular, to protect them against any accidental or unlawful destruction, accidental loss, corruption, unauthorized circulation or access, as well as against any other form of unlawful processing or disclosure to unauthorized persons.
To this end, RocketMail implements industry standard security measures to protect personal data from unauthorized disclosure. In using industry recommended methods of encoding, RocketMail takes the measures necessary to protect information connected with payments and credit cards.
Moreover, in order to avoid in particular all unauthorized access, to guarantee accuracy and the proper use of the data, RocketMail has put the appropriate electronic, physical and managerial procedures in place with a view to safeguarding and preserving the data gathered through its services.
You should keep in mind that any user, customer or hacker who discovers and takes advantage of a breach in security renders him or herself liable to criminal prosecution and that RocketMail will take all measures, including filing a complaint and/or bringing court action, to preserve the data and the rights of its users and of itself and to limit the impacts.
Account Passwords. In adopting the CNIL recommendations on the level of security of passwords, your account password must contain at least 8 characters, 1 letter, 1 number and 1 special character.
Visit our contact page at hhere if you have questions you can email RocketMail’s team member directly by mail to: RocketMail SAS, Legal Department - 7 ZAC Haneboesch II Niederkorn 4563 - Luxembourg