Privacy Policy

ROCKETWRITER PRIVACY POLICY

CreaTech Ai Solutions Kft.

Introduction

CreaTech Ai Solutions Kft. (2000 Szentendre, Szabadkai u. 2/A, Hungary, tax number: 32556115-2-13, company registration number: 13-09-233998) (hereinafter: Service Provider, Data Controller) submits itself to the following policy.

In accordance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation - GDPR), we provide the following information.

This privacy policy regulates the data processing of the following website: https://rocketwriter.ai

The privacy policy is available at: https://rocketwriter.ai/privacy-policy

Data Controller and Contact Details

Name: CreaTech Ai Solutions Kft.
Registered office: 2000 Szentendre, Szabadkai u. 2/A, Hungary
Email: [email protected]

Definitions

  • "Personal data": any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • "Processing": any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • "Data controller": the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • "Data processor": a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  • "Consent": any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  • "Data breach": a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Principles Relating to Processing of Personal Data

Personal data shall be:

  • processed lawfully, fairly and in a transparent manner ("lawfulness, fairness and transparency");
  • collected for specified, explicit and legitimate purposes ("purpose limitation");
  • adequate, relevant and limited to what is necessary ("data minimisation");
  • accurate and, where necessary, kept up to date ("accuracy");
  • kept in a form which permits identification of data subjects for no longer than is necessary ("storage limitation");
  • processed in a manner that ensures appropriate security ("integrity and confidentiality").

Registration (User Account Creation)

Personal DataPurposeLegal Basis
NameIdentification, secure loginArt. 6(1)(a) GDPR
Email addressCommunication, system messages, loginArt. 6(1)(a) GDPR
PasswordSecure login to user accountArt. 6(1)(a) GDPR
Registration date/IPTechnical operationArt. 6(1)(a) GDPR

2. Data subjects: All users registered on the website.

3. Duration: Until the data subject's deletion request. Personal data is deleted immediately upon deletion of registration.

4. Data recipients: Personal data may be processed by the data controller's authorized employees.

5. Data subject rights: Right to access, rectification, erasure, restriction, data portability, and withdrawal of consent at any time.

Data Processing Related to Service Use

Personal DataPurposeLegal Basis
NameContact, service use, invoicingArt. 6(1)(b) GDPR
Email addressCommunicationArt. 6(1)(b) GDPR
Billing name and addressInvoice issuance, contract fulfillmentArt. 6(1)(c) GDPR

Duration: Until deletion request, except for accounting documents which must be retained for 8 years under Hungarian law.

Contact

When you contact us, we process your name, email address, and message content for the purpose of responding to your inquiry.

Legal basis: Art. 6(1)(a) GDPR - your consent.

Duration: Maximum 2 years from data provision, or until deletion request.

Newsletter and Direct Marketing

You may consent to receive promotional offers and other communications from the Service Provider at the contact details provided during registration.

The Service Provider does not send unsolicited advertising messages. You may unsubscribe from offers without restriction or justification, free of charge, at any time. In this case, the Service Provider will delete all personal data necessary for sending advertising messages.

  • Data processed: Name, email address, subscription date, IP address.
  • Purpose: Sending electronic messages containing advertisements, information about current offers, products, promotions, new features, etc.
  • Legal basis: Art. 6(1)(a) GDPR - your consent.
  • Duration: Until withdrawal of consent (unsubscription) or until the newsletter is discontinued.

Cookies

Prior consent is not required for the use of "session cookies", "shopping cart cookies", "security cookies", "necessary cookies", "functional cookies", and "cookies responsible for managing website statistics".

  • Data processed: Unique identifier, dates, times.
  • Data subjects: All visitors to the website.
  • Purpose: User identification, visitor tracking, customized operation.
Cookie TypeLegal BasisDuration
Session cookies (PHPSESSID, CookieConsent)No data processingUntil browser is closed
Statistical/Marketing cookies (_gcl_au, _fbp)Art. 6(1)(a) GDPR1 month - 2 years

You can delete cookies in your browser's Tools/Settings menu, usually under Privacy settings.

Google Analytics and Google Ads

This website uses Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses "cookies" to help analyze how users use the site.

The Data Controller also uses the "Google Ads" online advertising program and its conversion tracking service. When you visit a website through a Google ad, a cookie is placed on your computer for conversion tracking. These cookies have limited validity and do not contain any personal data.

Based on Google Consent Mode v2, Google also uses two new cookie types: ad_user_data and ad_personalization, which are based on your consent and relate to the use and sharing of data.

More information and Google's privacy policy: https://policies.google.com/privacy

Data Processors

Hosting Provider

Name: Hetzner Online GmbH
Address: Industriestr. 25, 91710 Gunzenhausen, Germany
Email: [email protected]
Purpose: Making the website available, proper operation.

Other Data Processors

  • MailerLite (MailerLite Limited, 38 Mount Street Upper, Dublin 2, D02 PR89 Ireland) - Email marketing
  • Billingo (1133 Budapest, Árbóc utca 6., Hungary) - Invoicing

Online Payment Recipients

PayPal: eBay Incorporated, San Jose, California, USA - https://www.paypal.com

Stripe: Stripe Inc., 185 Berry Street Suite 550, San Francisco, CA 94107 - https://stripe.com

  • Data processed: Billing data, name, email address.
  • Purpose: Processing online payment, transaction confirmation, fraud monitoring.
  • Legal basis: Art. 6(1)(b) GDPR - necessary for online payment performance.

Social Media

  • Data processed: Registered name on social media platforms (Facebook, Instagram, LinkedIn, etc.) and public profile picture.
  • Data subjects: All users who have registered on social media platforms and "liked" the Service Provider's page or contacted the Data Controller through social media.
  • Purpose: Sharing or "liking", following, promoting certain content elements, products, promotions, or the website itself on social media.
  • Legal basis: Art. 6(1)(a) GDPR - your voluntary consent.

Data Subject Rights

  1. Right of access: You have the right to obtain confirmation as to whether personal data concerning you is being processed and to access that data.
  2. Right to rectification: You have the right to have inaccurate personal data rectified without undue delay.
  3. Right to erasure: You have the right to have your personal data erased without undue delay under certain conditions.
  4. Right to be forgotten: If the controller has made personal data public and is obliged to erase it, the controller shall take reasonable steps to inform other controllers that you have requested erasure.
  5. Right to restriction: You have the right to obtain restriction of processing under certain conditions.
  6. Right to data portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format.
  7. Right to object: You have the right to object to the processing of your personal data on grounds relating to your particular situation.
  8. Right regarding automated decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you.

How to Exercise Your Rights

You can initiate access, deletion, modification, restriction, or data portability in the following ways:

By post: 2000 Szentendre, Szabadkai u. 2/A, Hungary
By email: [email protected]

Response Time

The Data Controller shall inform you of the action taken on your request without undue delay and in any event within one month of receipt of the request. This period may be extended by two further months where necessary. The Data Controller shall inform you of any such extension within one month of receipt of the request.

Data Security

The Data Controller and Data Processor implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • pseudonymisation and encryption of personal data;
  • the ability to ensure ongoing confidentiality, integrity, availability and resilience of processing systems;
  • the ability to restore access to personal data in a timely manner in the event of an incident;
  • a process for regularly testing, assessing and evaluating the effectiveness of security measures.

Data Breach Notification

If a data breach is likely to result in a high risk to your rights and freedoms, the Data Controller shall notify you without undue delay.

The Data Controller shall report data breaches to the supervisory authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to individuals' rights and freedoms.

Complaints

You may lodge a complaint with the National Authority for Data Protection and Freedom of Information:

Name: Nemzeti Adatvédelmi és Információszabadság Hatóság
Address: 1055 Budapest, Falk Miksa utca 9-11, Hungary
Postal address: 1363 Budapest, Pf. 9.
Phone: +36-1-391-1400
Email: [email protected]

Legal References

  • Regulation (EU) 2016/679 (GDPR)
  • Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information
  • Act CVIII of 2001 on Electronic Commerce Services
  • Act XLVIII of 2008 on the Basic Conditions and Certain Limitations of Commercial Advertising Activities

Szentendre, Hungary