Privacy Policy

Version: March 20, 2019

Introduction

ROKiT Enterprises Limited, (EU Data Controller) and its affiliated group companies ("we/us/our") understand that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of everyone who uses our Services (as defined below) and will only collect and use your personal data in ways that are described in this policy, and in accordance with our obligations and your rights under applicable law.

Please read this policy carefully and ensure that you understand it. This policy sets out how we collect, use, store, protect and transfer; (a) data that identifies you, or data from which you are directly or indirectly identifiable ("personal data") and; (b) non-personal anonymous or aggregate data which is not identifiable with a specific person ("non-personal data"); (personal data and non-personal data are collectively referred to as "data").

How to Contact Us

Company Name: ROKiT Enterprises Limited

Registered Office Address: ROK House, Kingswood Business Park, Holyhead Road, Albrighton, Staffordshire, United Kingdom, WV7 3AU.

If you have any questions about our Services or this policy, please contact us by email at ukcontact@rokit.com. Please ensure that your query is clear, particularly if it’s a request for information about the personal data we hold about you (as under the section entitled "Accessing Your Data", below).

What Does This Policy Cover?

This policy applies to your use of any ROKiT or ROK website, device or mobile applications operated, or supplied by us, which link to this policy (excluding, for the avoidance of doubt, any third party mobile applications) ("Services"). This policy applies regardless of how you access the Services. Our Services may contain links to third party websites, applications and plug-ins. Please note that we have no control over how your data is collected, stored, or used by other websites, applications and plug-ins, are not responsible for their privacy statements, and we advise you to check the privacy policies of any such websites, applications and plug-ins before providing any data to them.

This policy applies to all of our Services however, where necessary, we will provide either additional supplementary information or separate versions of this policy which include additional supplementary information about our processing of your data in connection with certain Services. In such cases, the supplementary information or separate version of this policy will be available via links from such Services and will apply to those particular Services.

Children's Privacy

Our websites, applications and other Services are not intended for use by children and we do not knowingly collect data relating to children. Minors under the age of 18 are prohibited from making purchases, including subscriptions, on our websites, applications or other Services.

Your Rights

Under certain circumstances, you have the following rights in relation to the personal data we may collect about you, which this policy and our use of personal data have been designed to uphold:

- The right to be informed about our collection and use of personal data;

- The right of access to the personal data we hold about you. Please contact us for more details using the contact details set out in the section entitled "How to Contact Us" above;

- The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us using the details provided in the section entitled "How to Contact Us" above);

- The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you (we only hold your personal data for a limited time, as explained in the section entitled "Using Your Data" below but if you would like us to delete it sooner, please contact us using the details in the section entitled "How to Contact us" above);

- The right to restrict and/or prevent the processing of your personal data;

- The right to data portability (obtaining a copy of your personal data to re-use it with another service or organisation);

- The right to object to us using your personal data for particular purposes; and

- Rights with respect to automated decision making and profiling.

Under applicable laws in some countries, we may decide not to process requests that require technical effort that is disproportionate, are unreasonably repetitive, risks or negatively affects the privacy of others, are very impractical, or for which access is not otherwise required by applicable local law.

If you have any cause for complaint about our use of your personal data, please contact us using the details provided in the section entitled "How to Contact Us" above and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the relevant supervisory authority in your country.

Your Right to Withhold Information

You may access certain parts of our Services without providing any data at all. However, to use all features and functions available on some of our Services you may be required to submit or allow for the collection of certain data.

You may restrict our use of Cookies. For more information, see our Cookies Policy at the following link [ROKiT Cookies Policy]

What Data Do We Collect?

Depending upon your use of our Services, we may collect some or all of the following personal data and non-personal data (please also see our Cookies Policy covering our use of Cookies and similar technologies at the following link [ROKiT Cookies Policy]). We will only collect personal data from you that you provide to us as part of your use of our Services or when you otherwise interact with us including as part of your registration or creation of accounts or profiles for some of our Services, in the event you order products or services from us, in connection with our provision of customer service to you; when you enter information on our websites or mobile applications, submit survey responses, enter into competitions / prize draws; request marketing information from us, or when you email, call, or otherwise communicate with us. This information may include:

- Identity Data including name, title, date of birth, gender, username, job title, profession, business/company name;

- Contact Data such as email addresses, postal and billing addresses and telephone numbers;

- Location Data including device GPS signals and Wi-Fi access point information;

- Demographic Data such as post code, preferences, and interests;

- Financial Data such as billing, credit / debit card numbers, bank account details and credit history;

- Technical Data including IP address, web browser type and version, a list of URLs starting with a referring website, your activity on our websites, and the website you exit to;

- Device Data such as IMEI number, software or operating system version, device model and device settings;

- Transaction Data including details about payments to and from you and other details of products and services you have purchased from us;

- Usage Data about how you use our Services;

- Preference Data including your preferences about how we communicate with you and what marketing you receive from us.

Using Your Data

All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under applicable laws at all times. For more details on security see the section entitled "Storage & Data Security", below.

Our use of your personal data will always have a lawful basis, either because it is necessary for provisions of the Services to you, our performance of a contract with you, because you have consented to our use of your personal data (e.g. by subscribing to emails, or accepting this policy when registering or creating an account or profile on our mobile applications), or because it is in our legitimate interests. Specifically, we may use your data for the following purposes:

- Providing, administering and managing your access to our Services or registering you as a new customer or user of our Services

- Personalising and tailoring your experience on our Services and personalising and tailoring our products and Services for you;

- Supplying and delivering our products and services to you (please note that we require your personal data in order to enter into a contract with you);

- Billing you for products and services supplied to you, managing payments and collecting and recovering money owed to us;

- Replying to phone calls, emails and other communications from you;

- Sending you emails that you have opted into (you may unsubscribe or opt-out at any time by clicking the unsubscribe link);

- Market research including providing content and advertisements to you and measuring the effectiveness of such advertising;

- Recommending products and services that may be of interest to you;

- In order to improve our Services and create new products and services including through the use of data analytics;

- Providing customer support, after sales service and warranty repair services to you;

- To manage our relationship with you including notifying you about changes to our terms and conditions or privacy policy;

- To allow you to enter into competitions, prize draws or to complete surveys conducted by us; and

- In order to comply with applicable legal requirements.

With your permission and/or where permitted by law, we may also use your data for marketing

purposes which may include contacting you by email, telephone, text message, and post with information, news and offers on our products and services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under applicable law. We will not share your personal data with third parties for marketing purposes without obtaining your express opt-in consent.

Third parties whose content appears on our Services may use third party Cookies, as detailed in our Cookies Policy at the following link [ROKiT Cookies Policy]. Please refer to our Cookies Policy for more information on controlling Cookies. Please note that we do not control the activities of such third parties, nor the data they collect and use and advise you to check the privacy and cookies policies of any such third parties.

You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it.

We do not keep your personal data for any longer than is reasonably necessary in light of the reason(s) for which it was first collected. The retention of personal data will be determined on the following bases:

- only for as long as permitted or required under applicable law or contractual requirements taking into consideration the sensitivity of the data;

- for the minimum time period required in order for us to use such information to provide services to you;

- the amount of time since your last interaction with us or with our Services;

- for statistical and analytical purposes on an anonymous basis where we have a legitimate reason for doing so.

Storage & Data Security

We only keep your personal data for as long as we need to in order to use it as described above in the section entitled "Using Your Data", and/or for as long as we have your permission to keep it.

For data subjects within the European Economic Area ("the EEA") (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein) some or all of your personal data may be stored outside of the EEA. You are deemed to accept and agree to this by using our Services and submitting information to us. If we do store data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA and under the General Data Protection Regulation ("GDPR") including the measures outlined in the section entitled "Sharing Your Data" below.

Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure data collected through our Services including storing your data on secure servers. For example, when you provide sensitive information (such as credit / debit card numbers) to our websites, mobile applications or other Services for any payment transactions, we use transmission encryption technologies such as Secure Socket Layer (SSL). Please be aware that no website, application, or internet connection is completely secure and there is no guarantee that our safeguards and security measures are failsafe or cannot be breached. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Our practices and procedures are designed to limit personal data access to those of our employees, personnel and agents with a legitimate need to access such personal data. Our employees and personnel are bound by confidentiality obligations, which obligate them to protect the confidentiality of our users’ or customers' personal data.

When we dispose of personal data, we use reasonable procedures to erase or render it unreadable (for example, shredding documents and wiping electronic media). We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Due to the design of the Internet and other factors outside our control, we cannot guarantee that communications between you and our servers will be free from unauthorized access by third parties.

Sharing Your Data

We may sometimes contract with third parties to supply services to you on our behalf. These may include customer service, after sales and warranty repair services, payment processing, delivery of products, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights and our obligations under applicable law.

We may disclose personal data about you to third parties with your consent. We may obtain your consent in several ways, such as in writing; online, through "click-through" agreements; orally, including through interactive voice response; or when your consent is part of this policy or the terms and conditions pursuant to which we provide you services. Your consent is sometimes implicit. For example, if you purchase a product and ask that it be shipped to your home, you implicitly consent to our disclosure of your name and address to a third party shipping company to complete delivery.

We may compile statistics about the use of our Services including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personally identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, and advertisers. Data will only be shared and used within the bounds of the law.

In respect of EEA data subjects, we share your personal data within the ROKiT Enterprises Limited group. This will involve transferring your data outside the EEA. We may also sometimes use third party data processors that are located outside of the EEA. Where we transfer any personal data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA and under applicable law including at least one of the following:

- The use of standard contractual clauses to protect the transfer of your data outside the EEA which give personal data the same protection it has in the EEA;

- Ensuring that we transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;

- Where we use service providers based in the United States of America, we may transfer personal data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the United States of America.

In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority.

We may disclose personal data as part of a corporate business transaction, such as a merger or acquisition, joint venture, corporate reorganization, financing, or sale of company assets, or in the unlikely event of insolvency, bankruptcy, or receivership, in which personal data could be transferred to third parties as a business asset in the transaction. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this policy.

Controlling Our Use of Your Data

In addition to your rights under applicable law, if and when you submit personal data via our Services, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of providing your details).

Changes to Our Privacy Policy

We keep this policy under review and may change this policy from time to time (for example, if the law changes or if there are changes to our Services). Any changes will be immediately posted on our websites or other Services and, where appropriate, notified to you when you next use our Services. We recommend that you check this policy regularly to keep up-to-date.