Global Data Protection and Privacy Notice
Rocket Software (“Rocket,” “we,” “us” or the “Company”) has issued this Global Data Protection and Privacy Notice (“Notice”) to describe how we handle personal information that you may provide to us.
We respect the privacy of individuals and are committed to handling personal information responsibly and in accordance with applicable law. This Notice sets out the personal information that we collect and process about you, the purposes of the processing and the rights that you have in connection with it.
If you are in any doubt regarding the applicable standards, or have any comments or questions about this Notice, please contact us at the contact details in Section 10 below.
2. The types of personal information we collect
We may require basic information which identifies you as an individual (“Personal Information”), such as your name, email address and phone number, in order to transact business with you, on behalf of the company you work for, as our customer. We will only use such Personal Information for the purposes of providing information which you have requested, fulfilling business transactions, or for other purposes set out in this Notice.
We may also collect Personal Information indirectly from third parties, such as our business partners or third party providers of marketing lists.
We may collect the following information:
- Name and job title
- Company or organisation
- Contact information including email address and telephone number(s)
- Demographic information such as postal code, preferences and interests
- Language spoken
- Other information relevant to customer surveys and/or offers
- IT information required to provide access to systems and networks such as IP addresses, log files and login information
- Information pertinent to fulfilling business transactions on a customer’s behalf.
We do not intentionally collect sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, or data concerning health or sexual orientation. However, please note, that you might choose to voluntarily make available to us such sensitive information when reporting a concern to support your concern (see Section 3.4 Legal purposes below).
3. Purposes for processing personal information
3.1 Business transactions with customers
We process Personal Information through the Company’s global IT systems, which include tools and systems that help us to administer customer accounts, orders and business transactions and share information across Company systems, and with related corporate entities, as described in Section 4.1 below. This includes transferring Personal Information to our servers in the US (see also Section 6.1 below). Our parent company in the US, Rocket Software, Inc. may host these servers or utilize third party servers and applications, but in either case will be responsible for the security access of Personal Information on the systems.
3.2 Rocket websites, marketing, subscriptions, social media
You may provide Personal Information to the Company through our website “contact” page, to request product information or other resources such as product demos, webinars, downloads or documentation, or participate in the Company’s online forums or customer community. Personal Information gathered from the forms you fill out on our websites is used in any of the following ways:
- To provide you with information about our products and services and select third party products, including product alerts, releases, upgrades and patches
- To ask you to participate in surveys about products, services, news and events
- To allow you to download products, access webinars or product demos
- To access customer support portals or participate in a Blog
- To aggregate broad demographic information to understand general user trends
- To enable our compliance with export control and other laws and regulations
We may make use of Personal Information that we collect to help us administer the website and/or for marketing purposes. We may send you information about products that might be of particular interest to you. In addition to product updates, promotional and informational e-mails that we send to users from time to time, we may, on occasion, invite you to participate in a focus group, phone survey or send you postal mail.
On occasion, we may offer customers and website users the opportunity to participate in third party or co-branded promotions, sweepstakes or special programs. The use or transfer of any Personal Information provided for such purposes may be subject to additional terms.
The Internet is a global environment and using the Internet to collect and process data can involve the transmission of data on an international basis. By browsing our website and communicating electronically with us, you acknowledge our processing of data in this way.
The Company’s websites contain links to other websites. Portions of our website make chat rooms, forums, blogs, message boards, and/or news groups available to you. Any information that you disclose in these areas could be made public. Please exercise caution when deciding to disclose any Personal Information. When you have used these links to leave our website, we cannot be responsible for the protection and privacy of any information which you provide while visiting such sites and such sites are not governed by this Notice. You should review the data protection and privacy statements applicable to such websites.
You may always opt-out of receiving marketing communications through our subscription center at http://www.rocketsoftware.com/unsubscribe or, for e-mail communications, by clicking on the link provided at the bottom of our e-mail to you.
If you do not wish us to make use of your Personal Information in this way, please email [email protected].
3.3 Other legitimate business purposes
We may also collect and use Personal Information when it is necessary for other legitimate purposes, such as to help us conduct our business more effectively and efficiently, for example, for general IT resourcing on a global level and information security/management.
3.4 Legal purposes
We also may use your personal information where we consider it necessary for complying with laws and regulations, or to exercise or defend the legal rights of the Company’s global group of companies. At times, you might also voluntarily decide to make available personal information including sensitive personal information to us when making us aware of a concern in relation to Rocket’s Code of Conduct, Rocket’s other or customers’ policies, and laws and regulations and such disclosure is necessary to support your concern. When this happens and provided local privacy laws in your country permit this, such voluntarily provided personal information would be used only in investigating a concern to help defend your rights or ensure Rocket remains in compliance.
4. Who we share your personal information with
4.1 Within Rocket
Employees, contractors and agents of the Company may be given access to Personal Information which we collect, but their use will be limited to the performance of their duties and the reason for processing. Our employees, contractors and agents who have access to your Personal Information are required to keep that information confidential and are not permitted to use it for any other purposes.
Personal Information may be shared among related entities within the Rocket group of companies, including Rocket Software Inc. in the United States. As the parent company, Rocket Software, Inc. provides products, support and operations services, and centralized corporate functions to its subsidiaries. The Company’s subsidiaries include but are not limited to: Rocket Software (Beijing) Co., Ltd., Rocket Software Canada, Inc., Rocket Software Pty. Ltd., S.A.S. Rocket Software France, Computer Corporation of America (Intl) Ltd., Rocket Software B.V., Rocket Software Deutschland GmbH, Rocket Software UK Limited, Rocket Software Japan Ltd., Computer Corporation of America, Rocket Software Development India Pvt. Ltd. and Fundi Software Pty Ltd., Rocket Software Switzerland S.A., RSD America, Inc., RSD Software Australia Pty Ltd., RSD Singapore Pty Ltd., Rocket Software Lithuania UAB (For a list of Rocket global locations, please see: http://www.rocketsoftware.com/company/locations.)
4.2 Business partners
We will never sell, rent or disclose to unaffiliated third parties your Personal Information unless we have your permission or are required by law to do so. When we permit a third party to access Personal Information, we will implement appropriate measures to ensure the information is used in a manner consistent with this Notice and that the security and confidentiality of the information is maintained.
We disclose the Personal Information we collect to the following third parties:
- Business partners for the purposes of providing services, support and products to customers. If you purchase a product or service developed or owned by a third party, we may provide to the product owner or licensor the same information you provide to us for purposes of the third party providing the products or services to you.
- Third parties where disclosure is required or authorized by law
- Service Providers who provide business services to us. We do so on a "need to know basis" and in accordance with applicable data privacy law.
The Company has entered into Data Protection Addenda with its third party subprocessors as applicable. A list of such subprocessors is available at:
4.3 Lawful grounds
We may disclose Personal Information to third parties on other lawful grounds, including:
- To comply with our legal obligations, regulation or contract, or to respond to an administrative or judicial process
- In response to lawful requests by public authorities (including for national security or law enforcement purposes)
- If necessary to exercise or defend against potential, threatened or actual litigation
- If necessary to protect the vital interests of another person
- In connection with the sale, assignment or other transfer of all or part of our business, or
- With your consent.
5. Controlling your personal information
You can request correction, update and deletion of your Personal Information via e-mail sent to [email protected], and we will use reasonable efforts to contact you regarding your request. To update or delete your Personal Information or correct an inaccuracy, we may ask you to verify your identity and cooperate with us in our effort.
6. Exercising your privacy rights
6.1 Transfer of personal information
As we operate at a global level, we may need to transfer Personal Information to countries other than the ones in which the information was originally collected. When we export your personal information to a different country, we will take steps to ensure that such data exports comply with applicable laws. For example, if we transfer personal information from the European Economic Area to a country outside it, such as the United States, we will implement an appropriate data export solution such as entering into EU standard contractual clauses with the data importer, or taking other measures to provide an adequate level of data protection under EU law.
6.2 Privacy rights
If you are a resident of the European Union, a country benefitting of an European Commission Adequacy Decision, or a country with similar data protection laws, you can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. You can exercise these rights by contacting us using the contact details provided in Section 5 above.
You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority. If we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
If you are an individual who is an ordinarily residing in the State of California, please you have these rights under the California Consumer Privacy Act as amended by the California Privacy Regulations, effective January 1, 2023:
- Know what personal data is being collected about you.
- Know whether your personal data is sold or disclosed and to whom.
- Say no to the sale of personal data.
- Access your personal data.
- Request deletion of your personal information.
- Not be discriminated against for exercising your privacy rights.
For State of California residents, the personal data mentioned here in this policy, are classified as follows:
Category A: Identifiers consisting of, as the case may be, Data Subjects’ full names, their company/business email addresses and telephone numbers as well as company/business addresses;
Category B: California Customer Records Personal Information categories consisting of a name, signature and job title on fully executed contracts;
Category C: Characteristics of protected classifications under California or federal law, such as race or ethnicity, national origin (i.e. nationality), citizenship status, religion, sex (including pregnancy, childbirth, and related medical conditions), age (40 and older), marital status, sexual orientation, gender identity and gender expression, AIDS/HIV, medical condition, political activities or affiliations, military or veteran status. Category C only applies exceptionally, if and when you freely and voluntarily make this available to Rocket as explained under Section 3.4 Legal purposes above; and
Category D: Commercial information such as Rocket products or services the Data Subject purchased, obtained, or was interested in.
Rocket does not sell your Personal Information. If you exercise your rights under the CCPA, Rocket will not discriminate against you.
To learn more about the CCPA and your privacy rights, visit California Consumer Privacy Act of 2018.
7. Data retention
Personal Information will be retained no longer than necessary in relation to the business purposes for which such Personal Information is provided and to fulfill legal requirements.
We are committed to ensuring that your information is secure and confidential. We have put in place appropriate technical, physical and administrative procedures and means to safeguard and secure the information we may collect or might receive from you in order to prevent unauthorized access or disclosure.
9. Updates to this notice
We reserve the right, in our discretion, to make changes to any part of the website or this Notice. We may change Notice from time to time by updating this page. You should check this page from time to time to ensure that you are aware of any changes. This Notice is effective from January 1, 2023. By continuing to use the Company’s website and business services, you consent to this Notice as amended.
10. Contact information
If you have any questions about this Notice, or wish to make a complaint about our data handling practices, you may contact:
Data Protection Officer
Rocket Software UK Limited
4 The Square, Stockley Park
Uxbridge, UB11 1ET United Kingdom
0800 520 0439 (toll free)
Email: [email protected]
We will investigate any complaints received in writing and do our best to resolve them with you as soon as possible.