Privacy Policy

Dear Customer,

We at Rocket Languages have built our client base by providing great services and applying our core values - which include treating our clients ethically and transparently - to all our business activities. Part of this involves handling your information. Before you read further, there are a few things we want you to know:

• Rocket Languages does not sell your information.
• We do our best to only collect the information we need in order to provide our services to you.
• At Rocket Languages, we pride ourselves on the security measures we employ to keep your information secure.

We acknowledge that managing your personal information is a responsibility and we will do our best to uphold it and act with integrity.

If you have any questions or cannot find the information you need in our Privacy Policy, please email Rocket Languages’ Privacy Officer at [email protected].

Thanks for reading!

Jason Oxenham

Founder and CEO.

Rocket Languages Privacy Policy

We at Rocket Languages take the privacy of our customers seriously and are committed to protecting the data and personal information entrusted to us.

This Privacy Policy outlines how Rocket Languages collects, uses, and stores information, and how we ensure compliance with the New Zealand Privacy Act 1993 ("Privacy Act"), which is the law governing how personal information is managed in New Zealand. We follow the guiding Principles of the Privacy Act closely and have embedded them in our Privacy Policy. This Privacy Policy applies to all websites and systems we own and operate, and to all services we provide. We have ensured that our Privacy Policy encompasses the requirements of the GDPR and CCPA.

For your quick reference, Rocket Languages maintains a table (located at the end of this document) to outline the information gathered, the purpose and use for which it is gathered, and the approximate length of time this information is held.

From time to time, Rocket Languages may update this Privacy Policy in order to accommodate legislative changes or updates to internal policy. If Rocket Languages makes changes to this Privacy Policy, those changes will take effect immediately upon their posting on our website. Should we enact material changes that may affect you, we will notify you via the email you have provided on your Rocket Languages account.

Last Updated: May 2020

Definitions:

"Rocket Languages", "we", "us", and "our" means Rocket Languages Ltd and any subsidiary, parent, or associated company, including Libros Media Ltd.

"You" and "your" refers to the individual who is the subject of the personal information.

"Personal information", "information", "personal data", and "data" means identifiable information about an individual such as name, address, email address, or phone number.

"Processor" or "data processor" means the person or business who is processing or using personal information given to them by a data controller.

"Processing" or "data processing" means doing something with your data, or using it (for example, using your email address to contact you).

"Controller" or "data controller" means the person or body who determines how and why data may be used. In this case, Rocket Languages is the data controller.

Consent:

In cases where you provide us with personal information, you consent to our collection of it and our use of it for the specific reason for which you provided it, such as:

• creating an account with us;
• verifying your credit card for payment of our services; and/or
• sending us communications or requests for further information.

We may use your information for a secondary purpose, such as marketing our products to you, if you have agreed to this option upon creating an account with us and agreeing to receive email communications from us. You can opt out of receiving emails from us at any time by clicking the "unsubscribe" link in any marketing email from us. You may also refer to further rights regarding your personal information below.

Collecting Personal Information:

We collect your data when you visit our site or use our services. Personal information may be gathered from you in the following ways:

Provided to us directly: This occurs in cases where we request information and you provide it to us (for example, when you create an account with us). We endeavour to limit the information collected to that which is necessary to fulfil your request.

Collected by us automatically: When you use our website, send us emails, or receive emails from us, our systems automatically collect certain information from you, such as your IP address. We also place cookies on your computer. This is to customise your user experience on our website and allow us to measure our system performance and effectiveness.

• IP addresses: These may be recorded for IT security and system diagnostic purposes. This information is generally used in aggregate form to determine web trends and conduct internet traffic analysis. Your IP address also provides us with information about your operating system so that we can ensure your user experience is the best we can offer.
• Cookies: When you visit our website or log into our Members’ Area, cookies will be placed on your computer, smartphone, or internet-enabled device. Cookies allow the site to remember your computer and serve a number of purposes. Third-party tools may place a cookie on your device in order to make their service functionality smoother and allow seamless interaction on our webpage.
• Our system collects information as you navigate our website and browse our pages, to allow us to understand how people are navigating and using our site.

The vast majority of information we collect will be from you directly. Further ways information may be collected about you can be from third parties or from publicly available sources.

Use of Personal Information:

We use your data in order to provide our services to you, operate our website, and assist in the management of the relationship we have with you. We may use your data for purposes such as:

• communicating with you - for example, if you have asked us for information, such as support on your account, or if we have information to send you. We may advise you of any key update to our systems and services that could impact you. From time to time, we may request feedback from you;
• verifying your identity;
• billing you for payment;
• protecting and enforcing our rights in the event that it becomes necessary to;
• marketing - we may send you information on our services, promotions, and general updates;
• analysis and reporting - personal data we collect about you may be used by us in order to produce aggregated, anonymised reporting, such as high-use hours across the course of a day; and/or
• reviewing our systems and assessing how our services can be improved.

Disclosure and Sharing of Personal Information:

There may be times where we need to share your personal information. This may be with:

• our company, including parent or subsidiary companies associated with us;
• our third-party suppliers, agents, and partners with whom we work in order to provide our services to you, such as companies that provide us IT services;
• regulatory and law enforcement bodies, government agencies, or other parties in situations where we consider it necessary (such as assisting in enforcement of the law); and/or
• others - if there is a need to assist in protection of the public revenue, to prevent or lessen a serious threat to public health or public safety, or to prevent or lessen a serious threat to yourself or another individual.

Third Parties:

Most of the time, our third-party providers will only collect and use information on a need-to-know basis in order to provide their services to us or to you.

Please note that any third parties you click through to from our website (such as payment merchants) have their own privacy policies. Once you leave our site, you will no longer be governed by the Rocket Languages Privacy Policy. We recommend you review any third party’s privacy policies as they may differ from ours.

International:

Due to the international nature of our online-based business, you may be living in a country which is different from the one we are based in and subject to for our business (New Zealand). Each jurisdiction has its own laws, which we have made every effort to ensure compliance with.

European Union, United Kingdom, Lichtenstein, Norway, Iceland, or Switzerland: If you are based in the European Economic Area, ("EEA"), your data rights are represented in the General Data Protection Regulation ("GDPR"). New Zealand has status for EEA data, which means our laws are sufficient to protect your information to the standard expected by the GDPR. The GDPR requires us to have a "basis" for processing your personal information. Our basis is that we process your information to perform the contract we have with you, with your consent, and for our legitimate business purposes. Under the GDPR, we are a data controller, and our third-party service providers are data processors.

California: If you are a resident of California, your personal information rights are encompassed in the California Consumer Privacy Act (CCPA). Under the CCPA, you may request information about the data and the categories of data that we have collected about you in the preceding twelve-month period. You may also request information in regards to the reason why we collected the information, any entities or parties with whom we may have shared this information, and any reasons for doing so.

Nevada: Under Senate Bill 220, anyone operating an online service may not sell your personal information without your permission. Rocket Languages does not engage in the sale of the personal information of its clients.

Protection of Personal Information:

Keeping your data secure is a priority to us. Rocket Languages has a series of controls, both within our operational processes and within our system technology, that are designed to protect your data and prevent breaches and malicious hacking attempts. Although internet transmissions and transactions can never be 100% secure, Rocket Languages follows all industry standards to protect personal information.

Payment Information: Your information is managed by our third party shopping-cart host agent, ClickBank of Boise, Idaho, United States of America ("ClickBank"). ClickBank provides Rocket Languages with the platform we use to offer our products and services to you. ClickBank may store your credit card information, which is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) and stored in their database on a secure server that is located behind a firewall. Your information is only stored for the duration of your purchase processing, upon completion of which it is deleted.

Retention of Personal Information:

We only retain your personal data for the length of time in which we have a legitimate business purpose for it. We will retain it for the duration of the relationship we have with you in order to maintain that relationship and provide our services. We will also retain it for a period of time afterward, to comply with our legal, tax, and accounting requirements.

---

1. Please note, Rocket Languages does not take custody of or store your credit card information. You can read ClickBank’s terms of service, privacy policy, and PCI Compliance Information by visiting the following link: https://support.clickbank.com/hc/en-us/categories/360002131492-Policies-Legal-

2. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express, and Discover.

Rights in Relation to Personal Information:

You have certain rights in relation to your personal information – after all, it is yours. You may:

• know what personal information we hold about you, and receive a copy of it upon request. In the event that you request a copy of your personal data, we may request evidence to ascertain and verify your identity;
• request corrections to your personal data. In the event that you request a correction to your personal information and we do not make the correction, we will record that you did make such a request;
• object to the collection or use of your personal data for certain purposes;
• opt out of advertising or marketing campaigns from us;
• opt out of third-party information sharing. This may impact your account and the services we provide;
• request we delete your personal data;
• restrict processing of your personal information. This may mean that your account is no longer valid and may terminate your account;
• request that we transmit your personal data to somewhere else, in a machine-readable format (this is also known as "portability"); and
• withdraw your consent to our processing your personal data.

We will make all reasonable endeavours to manage your request; however, if doing so may prevent us from meeting our legal or regulatory obligations or it is not practical for us, we will advise you within a reasonable time frame.

If you have any questions about how we manage your personal information or would like information on your own data, please email Rocket Languages’ Privacy Officer at [email protected].

Purpose, Scope, and Application of Information Collected by Rocket Languages: