In this privacy statement we provide a brief explanation about a number of topics to give insight into how we handle personal data. We do this through the following parts:
Privacy statement topics
Content
1. Who is Red Rocket online?
2. Why this privacy statement?
3. What are personal data, which this statement covers?
4. Which personal data do we use?
5. How do we obtain personal data?
6. For what purpose do we use personal data?
7. How long do we retain personal data?
8. With whom do we share personal data?
9. Where do personal data reside?
10. Does Red Rocket Online use automated decision making?
11. What are cookies and how do we use them?
12. How secure are personal data with us?
13. Your rights regarding personal data
14. Dealing with data of minors
15. How do I submit a question or request?
16. About this privacy statement
Who is Red Rocket online?
Red Rocket online is a consulting firm specialized in automation solutions for marketing communication and personnel matters. We own the website https://www.redrocketonline.nl and as the organization responsible for collecting, using and processing personal data, as further described in this privacy statement.
Company: Red Rocket Online
Address: Wester Sint Jansteeg 4
Postal code and city 1621 JE Hoorn
Chamber of Commerce number 66811023
Why this privacy statement?
For Red Rocket Online, privacy is important. When visiting our website https://www.redrocketonline.nl, in communication with and on behalf of customers, interested parties, and as part of our business operations, we process data of individuals.
We ensure that we handle personal data with care and store it securely. In doing so, we ensure that the processing of personal data is in accordance with applicable laws and regulations, such as the General Data Protection Regulation (hereinafter: GDPR).
With this privacy statement, we provide an explanation of our approach to personal data. This provides insight, helps prevent misunderstandings, and provides an opportunity for involved individuals to exercise their rights. In this way, we comply with our duty to provide information.
What are personal data, which this statement covers?
Personal data are all data that can be traced back to a person, such as name, address, email address, or telephone number. Think of individuals as online visitors, private customers, applicants, employees, and contacts of ours or our partners.
Data that cannot be traced back to people, such as information about companies, organizations, or anonymous data, are not personal data. Privacy legislation applies only to personal data. This privacy statement only applies to all personal data that we process. However, even if they are not personal data, such as business data, we as Red Rocket Online naturally ensure appropriate and correct treatment of them as well.
Which personal data do we use?
The personal data we use depend on the processing, the manner and purpose for which it takes place, and the specific circumstances such as the wishes you have entered. For a precise answer you better contact us, as a privacy statement like this is less suitable. We use the following types of personal data:
Direct identifiable personal data, such as:
name
residential or business address
telephone number
personal data in forms or fields filled in and sent to us by individuals
personal data sent to us by parties for processing in the context of an agreement.
all other personal data that we process based on legal grounds or specific purposes, such as the performance of agreed activities.
Indirectly identifiable personal data, such as:
IP address
data related to the device you use to visit our website, insofar as they are identifiable personal data, such as cookies.
pseudonymized data*
* In analysis, we sometimes use technical measures to make personal data difficult (actually impossible) to trace back to individuals (pseudonymization).
Our aim is to avoid processing sensitive personal data in principle. Insofar as there might be sensitive personal data, we minimize the processing and take accompanying measures.
How do we obtain personal data?
We obtain personal data:
via our website,
if you send them to us in any way, or
if we receive them from our clients or parties we work with.
from public sources that have personal data.
For what purpose do we use personal data?
Red Rocket Online collects and processes personal data based on one or more of the following legal grounds:
When this is necessary for the performance of an agreement in which you are a party or for the performance of (pre-) contractual acts upon request;
When this is necessary to comply with a legal obligation;
When this is necessary to safeguard our legitimate interests or the legitimate interests of a third party;
With the consent of the person in question
When Red Rocket Online collects or processes your personal data, this data is intended for one or more of the following purposes: for our business operations, for administration and invoicing, for recruitment and selection activities of us or our clients, for communicating with/for us or on behalf of our clients, to improve our products and services, to determine target groups, to invite for and communicate about events or promotions, to send newsletters, for processing questions/requests, for improving the operation of our website, for preventing and limiting infringement on rights, abuse, and fraud, and to comply with legal obligations.
Which legal basis(es) and purpose(s) apply depends on the specific situation, processing, and the data involved.
How long do we retain personal data?
We do not retain your personal data longer than necessary for the purposes we process personal data. The retention periods depend on the situation, the personal data, and the associated purposes. Safeguarding our business interests in the event of an (threatened) legal dispute, for example, can be an independent purpose for retaining personal data (longer).
As a starting point, Red Rocket Online has the following retention periods:
For (Rejected) job applicants: eight weeks after the end of the application procedure. But with valid permission to retain your personal data longer, this period can also be longer, for example, a year. We make an effort to provide timely and sufficient clarity with permission, so that you are informed and point out that you can withdraw your permission at any time.
For (former) employees: personal data is kept and used during employment, for example, to be able to pay wages and to withhold taxes. For some personal data (such as wage tax declaration), a fiscal retention obligation of five years after the end of the employment also applies.
For independent contractors engaged by us, the retention period for personal data of individuals used by Red Rocket Online is seven years in connection with the legal retention obligation.
(Potential) contacts of clients: the retention period for personal data of clients of Red Rocket Online will be maintained as long as the relationship continues and/or the law requires this.
Suppliers: the retention period for personal data of suppliers of Red Rocket Online will be maintained as long as the relationship continues, and/or we can/will perform work, taking into account applicable and usual retention periods for this.
Visitors to our business location: up to a maximum of 6 months after the day of the visit.
Business data, such as financial data, administrative records, and invoices for value-added tax, we retain for seven years.
If personal data is no longer needed, we ensure that it is deleted and/or destroyed.
If you want to know how long we retain specific data about you, please contact us.
With whom do we share personal data?
We do not share data with anyone who asks for it, but there are situations in which we share (personal) data in our service provision. For example, if you request it, or to perform the agreed services for our clients. In addition to processing data ourselves, Red Rocket Online also uses services from recognized parties with whom we have contracts, such as Google and Meta (known for Facebook and Whatsapp).
We share data with:
Our staff, to the extent required for their work and the purposes. We make written agreements with these individuals to handle personal data confidentially and not to share it with unauthorized persons.
the aforementioned parties with whom we have made agreements for the processing of personal data. We document these agreements, for example in a data processing agreement, so that these parties also comply with applicable legislation.
parties involved in the performance or fulfillment of an agreement between you and Red Rocket Online, or an agreement between you and one of our clients. In the latter case, the client is usually the controller and we are the processor. We process the data in the agreed manner. We do not want to sell personal data to others, or show it to everyone.
parties that assist us or provide advice to safeguard our legitimate interests. If these parties offer services as data controllers, such as lawyers or accountants, they are responsible themselves for the processing of your personal data to comply with the GDPR.
Authorities, courts, and authorities, if we are required to provide personal data, for example on the basis of a judicial order.
In some cases, you can link through our websites to third-party websites. We are not responsible for the data processing or the privacy policy of these third parties. Nor are we responsible for the possible processing of your public personal data by other users of this website.
Where do personal data reside?
We store personal data in different secure locations, depending on the personal data, the processing purpose, and the given circumstances.
If we store data in a digital cloud, our provider may store it for technical and operational reasons in its data centers inside and outside the European Economic Area. Like many companies, we trust that a hosting company like Google or a social media provider like Meta handles and protects data responsibly.
In the event that personal data is transferred outside the European Economic Area, the controller ensures that appropriate measures are taken for safe processing and that the processing party complies with the applicable rules on privacy and data export (such as Chapter Five of the GDPR).
In summary, personal data are stored and processed in secure (online) environments of professional companies.
Does Red Rocket Online use automated decision making?
The short answer is 'no', which we elaborate on to eliminate any confusion on this point.
We are an innovative company and help our clients to make use of technical developments. Some of our clients use software applications to collect and exchange data and personal data more easily. Only the controllers (our clients, not us) decide on the way, use of (personal) data, rules, and make decisions, such as making an offer. This is not 'automated decision making' as meant by the GDPR. Our services make it easier to map information internally, exchange it, so that our clients can make decisions faster and easier.
Red Rocket Online itself uses modern solutions, but we always involve individuals in the decisions we make. We do not make decisions without involving a person.
What are cookies and how do we use them?
Cookies are small pieces of (text) information that are sent to your browser when you visit the Red Rocket Online website, and are then stored on the hard drive or in the memory of your computer, tablet, mobile phone, or other device.
The cookies placed via Red Rocket Online cannot damage your device or the files stored on it. When we refer to 'cookies', we do not only mean these small pieces of (text) information, but also similar techniques with which information is collected, such as device fingerprinting.
For website improvement, for example, we analyze the use of the website, where we use analysis services from Google that use cookies and similar techniques. They process the collected unidentifiable information for future use and may also pass it on to third parties. Think of information such as the duration of website visits or visited pages.
How secure are personal data with us?
We have done a lot to sufficiently secure your data both organizationally and technically. We have secured our systems and various communication methods to ensure that your data do not end up in the hands of others. We also ensure that your data are only used by individuals who have received our permission to do so.
If you have questions, concerns, or tips about our security, please contact us. When we share your data with parties, we ensure that they handle it responsibly and carefully, just like we do. If you notice that this is not the case, please let us know as well.
Realize that despite all our good care, no system is 100% secure and that something can always go wrong: we can never guarantee the security, availability, or confidentiality of personal data under all circumstances. However, we are committed to acting correctly in all circumstances and to ensure the security of your personal data.
Your rights regarding personal data
Because we use your personal data, you have various rights. We list these rights for you below.
Right to information We must explain to you in an understandable and clear manner what we do with your data and what control you have over it. Therefore, we explain in this privacy statement in detail which data we collect from you and how we handle your data.
Right of access You may always ask us to view your data that we have of you.
Right to rectification You may ask us to correct your data if it is incorrect or incomplete.
Right to object You may object to the processing of your data if you do not agree with the way we handle your personal data. This right applies in particular to data that we use for the purpose 'direct marketing'. You can inform us that you no longer wish to receive messages from us.
Right to data portability If you are a customer of ours or have given permission for the use of your data, you may ask us to send you the digital data we have of you. This way, you can transfer that data to another organization if you wish.
Right to restriction You may ask us to limit the use of your data. This means that in some cases we may only retain your data but not use it.
Right to be forgotten You may ask us to delete all data we have of you. We will then delete all data that can be traced back to you. In some cases we may not yet or may not already delete your data. For example, we must retain some data for 7 years for the tax authorities.
Right to lodge a complaint You may lodge a complaint about how we handle your data. If you have a complaint or request, we are happy to resolve it for you. Please contact us for this.
You may also file a complaint with the Dutch Data Protection Authority through their website: https://autoriteitpersoonsgegevens.nl.
Dealing with data of minors
We do not target minors with our website or as an organization. This means that if you are under 18 years old, you need permission from a parent or guardian to use our website. If you are a minor during your visit to our website, we assume that you have received this permission for your visit and that this is appropriate for your age.
If