In this privacy statement, we provide a brief explanation of a few topics to offer insight into how we handle personal data. We do this through the following sections:
Privacy Statement Topics
Contents
1. Who is Red Rocket Online?
2. Why this privacy statement?
3. What is personal data, which this statement pertains to?
4. What personal data do we use?
5. How do we obtain personal data?
6. For what purposes do we use personal data?
7. How long do we retain personal data?
8. With whom do we share personal data?
9. Where is personal data stored?
10. Does Red Rocket Online use automated decision-making?
11. What are cookies and how do we use them?
12. How secure is personal data with us?
13. Your rights concerning personal data
14. Handling data of minors
15. How do I submit a question or request?
16. About this privacy statement
Who is Red Rocket Online?
Red Rocket Online is a consultancy firm specializing in automation solutions for marketing communication and human resources. We own the website https://www.redrocketonline.nl and are responsible for collecting, using, and processing personal data, as further described in this privacy statement.
Company: Red Rocket Online
Address: Herengracht 450
Postal code and city: 1017 CA, Amsterdam
Chamber of Commerce number: 66811023
Why this privacy statement?
At Red Rocket Online, privacy is important. When visiting our website https://www.redrocketonline.nl, communicating with us, or working on behalf of clients and interested parties, we process personal data within the scope of our business operations.
We ensure careful handling of personal data and secure storage. Additionally, we ensure the processing of personal data complies with applicable laws and regulations, such as the General Data Protection Regulation (GDPR).
In this privacy statement, we explain our practices concerning personal data. This provides insight, helps prevent misunderstandings, and offers individuals the opportunity to exercise their rights. This ensures we meet our information obligations.
What is personal data, which this statement pertains to?
Personal data refers to any data traceable to a person, such as name, address, email address, or phone number. This includes online visitors, private customers, job applicants, employees, and contact persons of ours or our partners.
Data not traceable to individuals, such as information about companies, organizations, or anonymous data, is not personal data. Privacy legislation applies only to personal data. Therefore, this privacy statement applies solely to all personal data we process. However, even if data is not personal, such as business data, Red Rocket Online ensures appropriate and correct handling.
What personal data do we use?
The personal data we use depends on the processing, how and for what it occurs, and specific circumstances like your preferences. For a precise answer, it's better to contact us, as this privacy statement is less suitable for detailed responses. We use the following types of personal data:
Directly traceable personal data, such as:
name
residential or business address
email address
phone number
personal data in forms or fields that individuals fill out and send to us
personal data sent to us for processing within an agreement's scope.
all other personal data we process based on legal grounds or certain purposes, like performing agreed tasks.
Indirectly traceable personal data, such as:
IP address
data regarding the device you use to visit our website, as far as these are traceable personal data, such as cookies.
pseudonymized data*
* In analysis, we sometimes use technical measures that make personal data difficult (ideally not at all) to trace to individuals (pseudonymization).
Our goal is to avoid processing sensitive personal data whenever possible. If there are sensitive personal data, we limit processing as much as possible and take related measures.
How do we obtain personal data?
We obtain personal data:
via our website,
if you send it to us in any way, or
if we receive it from our clients or parties we collaborate with.
from public sources that contain personal data.
For what purposes do we use personal data?
Red Rocket Online collects and processes personal data based on one or more of the following grounds:
When necessary for the execution of an agreement you are a party to, or to perform (pre-) contractual actions at your request;
When necessary to comply with a legal obligation;
When necessary to protect our legitimate interests or those of a third party;
With the person's consent
When Red Rocket Online collects or processes your personal data, these are intended for one or more of the following purposes: for our business operations, for administration and billing, for recruitment and selection activities of ours or our clients, for communicating with/on behalf of our clients, to improve our products and services, to determine target audiences, to send invitations and communicate about events or promotions, to send newsletters, to process inquiries/requests, to improve the functionality of our website, to prevent and limit rights violations, misuse, and fraud, and to comply with legal obligations.
Which ground(s) and purpose(s) apply depend on the particular situation, the processing, and which data are involved.
How long do we retain personal data?
We do not retain your personal data longer than necessary for the purposes we process personal data for. Retention periods always depend on the situation, the personal data, and the associated purposes. Safeguarding our business interests in a potential legal dispute can, for example, independently warrant (longer) retention of personal data.
The retention periods Red Rocket Online generally applies are:
For (Rejected) applicants: eight weeks after the application process ends. However, with valid consent to retain your personal data longer, this period may be extended, for example, to a year. We strive to provide timely and sufficient clarity upon obtaining consent, so you are informed and note that you can revoke your consent at any time.
For (former) employees: During employment, data is held and used, for instance, to pay wages and for tax remittances. Certain personal data (such as payroll taxes declarations) are subject to a fiscal retention requirement of five years after employment ends.
For freelancers engaged by us: The retention period concerning the personal data of individuals engaged by Red Rocket Online is seven years due to the legal retention obligation.
Potential contacts of customers: The retention period concerning the personal data of customers of Red Rocket Online will be retained as long as the relationship continues and/or legally required.
Suppliers: The retention period concerning personal data of suppliers of Red Rocket Online will be retained as long as the relationship continues, and/or we perform or will perform work, considering applicable and customary retention periods.
Visitors to our company location: up to a maximum of 6 months after the day of visit.
Business data, such as financial data, administrations, and invoices for VAT are retained for seven years.
If personal data is no longer needed, we ensure it is deleted and/or destroyed.
If you want to know more about how long we retain specific data about you, please contact us.
With whom do we share personal data?
We do not just share data with anyone who asks, but there are situations where we share (personal) data in our services. For instance, if you request it, or to perform agreed services for our clients. Red Rocket Online processes data itself but also uses recognized parties with whom we have contracts, like Google and Meta (known from Facebook and WhatsApp).
We share data with:
Our staff insofar as necessary for their work and objectives. We make written agreements with these individuals to treat personal data confidentially and not share it with unauthorized parties.
the aforementioned parties with whom we have made agreements for processing personal data. We record these agreements, for example in a processing agreement, so the party also complies with applicable legislation.
parties involved in the execution or performance of an agreement between you and Red Rocket Online, or an agreement between you and our client. In the latter case, the client is usually the controller, and we are the processor. We process the data in the agreed manner. We do not intend to sell personal data to others or make it visible to everyone.
parties that assist us or provide advice to protect our legitimate interests. If these parties offer services as a controller, like lawyers or accountants, they are responsible themselves for complying with the GDPR concerning your personal data.
Authorities, courts, and officials if we are required to provide personal data, for instance, on a court order.
In some cases, you can link from our websites to third-party websites. We are not responsible for the data processing or privacy policies of these third parties. We are also not responsible for possible processing of your public personal data by other users of this website.
Where is personal data stored?
We store personal data in various secure locations, depending on the personal data, processing purpose, and circumstances.
If we store data in a digital cloud, our provider may store it for technical and operational reasons within or outside the European Economic Area. Like many companies, we rely on hosting providers like Google or social media providers like Meta to responsibly manage and adequately protect data.
In case personal data is transmitted outside the European Economic Area, the controller ensures appropriate measures are taken for safe processing and the processing party complies with current rules on data privacy and data export (such as Chapter 5 of the GDPR).
In summary, personal data is stored and processed in secure (online) environments of professional companies.
Does Red Rocket Online use automated decision-making?
The short answer is 'no,' which we explain to clear up any confusion on this point.
We are an innovative company and help our clients utilize technological developments. Some of our clients use software applications to make collecting and exchanging data and personal data easier. Only the controllers (our clients, not us) are responsible for the manner, used (personal) data, rules, and making decisions, such as making an offer. This is not 'automated decision-making' as intended by the GDPR. Our service makes it easier to map, exchange, and allow our clients to make decisions faster and easier.
Red Rocket Online itself uses modern solutions, but in the decisions we make, we always involve people. No decisions are made by us without human involvement.
What are cookies and how do we use them?
Cookies are small pieces of (text) information sent to your browser when visiting Red Rocket Online's website, which are then stored on your computer's hard disk, tablet, mobile phone, or another device.
The cookies placed by Red Rocket Online cannot damage your device or the files stored on it. When we refer to 'cookies,' we do not only mean these small pieces of (text) information but also similar techniques used to collect information, such as device fingerprinting.
To improve our website, we analyze, for example, website usage with the help of Google’s analytical services, utilizing cookies and similar technologies. They process the collected non-identifiable information for future use and may pass it on to third parties. Think of information such as the duration of website visits or pages visited.
How secure is personal data with us?
We have gone to great lengths to secure your data both organizationally and technically. We have secured our systems and various communication tools to ensure your data does not fall into the hands of others. We also ensure that your data is used only by people we have authorized.
If you have questions, concerns, or tips regarding our security, please contact us. When we share your data with parties, we ensure they handle it as responsibly and carefully as we do. If you notice that this is not the case, please let us know.
Understand that despite all our good care, no system is 100% secure and that something can always go wrong: we can never guarantee the safety, availability, or confidentiality of personal data under all circumstances. However, we will strive to act correctly in all circumstances and ensure your personal data.
Your rights concerning personal data
Since we use your personal data, you have various rights. Below, we list these rights for you.
Right to information We must clearly and understandably explain what we do with your data and what control you have over it. Therefore, we explain extensively in this privacy statement which data we collect from you and how we handle your data.
Right to access You may ask us to view all of the information we have about you.
Right to rectification You may ask us to correct your information if it is inaccurate or incomplete.
Right to object You may object to the processing of your information if you disagree with how we handle your personal data. This right especially applies to data used for ‘direct marketing’. For example, you can let us know that you no longer wish to receive messages from us.
Right to data portability If you are a customer of ours or have given consent for using your data, you may ask us to send you the digital data we have about you. This way, you can transfer it to another organization if you wish.
Right to restriction You may request that we restrict the use of your data. This means that in some cases, we may only store but not use your data.
Right to be forgotten You may ask us to delete all the information we have about you. We then delete all data traceable to you. In some cases, we cannot or may not delete your information yet, such as needing to retain some data for 7 years for tax purposes.
Right to file a complaint You are allowed to file a complaint about how we handle your data. If you have a complaint or request, we would like to help you resolve it. Please contact us to do so.
You may also file a complaint with the Dutch Data Protection Authority via their website: https://autoriteitpersoonsgegevens.nl.
Handling data of minors
We do not target our website or organization at minors. This means if you are under 18 years of age, you need consent from a parent or guardian to use our website. If you are a minor visiting our website, we assume you have obtained this consent, suitable to your age.
If we suspect you are a minor wanting to take an action with serious (legal) consequences, like placing an order, we will verify whether you have (or need) consent from your parent or guardian and investigate how best to handle any submitted and yet-to-process data.
How do I submit a question or request?
If you have questions or want to know what information we have about you, please contact us.
Send your question or request to us via privacy@redrocketonline.nl. We process your request or complaint within the applicable terms. It is also possible to request the status of an ongoing request or question.
Red Rocket Online may always ask you to identify yourself in questions and requests. We need to know if you are the person whose personal data is being referred to, if you can represent this person, and to determine what we can or cannot disclose.
About this privacy statement
This privacy statement was first established on March 1, 2022, and is routinely updated. We reserve the right to adjust this privacy statement at any time if we deem it necessary. We encourage you to regularly review this privacy statement to stay informed of any changes.
If you have a question after reading this privacy statement, please feel free to contact us by emailing Kevin Bruggink at kevin@redrocketonline.nl. He will be happy to assist you.