Blog
Products
Case Studies
About
Contact
Rocking Tech — Privacy Policy

Privacy Policy

This policy details how Rocking Tech Ltd uses and protects your personal data when you interact with our website and services. Last updated: 21 March 2026.

Who We Are

Rocking Tech Ltd is a company registered in England and Wales (Company No. 12280796) with its registered office at 124 City Road, London, EC1V 2NX, United Kingdom.

We are the data controller for any personal data we collect about you. This means we decide how and why your personal data is processed.





Data We Collect

Information You Provide Directly

When you use our services or contact us, we may collect:

  • Contact details: Name, email address, phone number, and company information
  • Service information: Details about services purchased, project requirements, and preferences
  • Communication data: Messages, feedback, and support requests you send us
  • Payment information: Billing details and transaction data (processed securely through Stripe)

Information We Collect Automatically

When you visit our website, we automatically collect:

  • Technical data: IP address, browser type and version, device information, operating system
  • Usage data: Pages visited, time spent on pages, click-through rates, download errors
  • Analytics data: Site navigation patterns and user behaviour (via Plausible Analytics — cookieless, no personal data collected)

Third-Party Information

We may receive information about you from:

  • Payment processors (Stripe) for transaction verification
  • Analytics providers (Plausible Analytics) for website usage insights — Plausible does not collect personal data or use cookies
  • Email service providers for delivery and engagement metrics

MVP Readiness Score — Quiz Analytics

When you complete the MVP Readiness Score quiz on our website, we collect session data to understand how the tool is used and to improve it. This includes:

  • Your IP address (encrypted at rest)
  • Browser, device type, and operating system (derived server-side from your user agent string, which is also encrypted at rest)
  • Approximate geographic location (country, region, city) — resolved locally from your IP address using an on-device database. No data is sent to any third-party geolocation service.
  • Your quiz answers, score, and tier result
  • Time taken to complete the quiz and each question
  • Whether you clicked the Book a Discovery Call button
  • The page you came from (referrer), any UTM campaign parameters, your browser language, and screen resolution
  • A randomly generated session identifier (not linked to any account or identity)

We process this data under legitimate interest (Article 6(1)(f) UK GDPR). We have a legitimate interest in understanding how visitors use our products so we can identify problems, measure effectiveness, and improve the experience. A Legitimate Interest Assessment is documented internally. We do not share this data with any third party. You can request access to or deletion of your quiz session data by contacting us at info@rockingtech.co.uk.





How We Use Your Data

We process your personal data for the following purposes:

Service Delivery

  • Providing website audits, development services, and monitoring solutions
  • Communicating about your projects and deliverables
  • Processing payments and managing billing
  • Providing customer support and technical assistance

Business Operations

  • Improving our website and services based on usage patterns
  • Sending service updates and important notices
  • Managing our business relationship with you
  • Complying with legal and regulatory requirements

Marketing (With Your Consent)

  • Sending newsletters and service updates
  • Providing information about new services that may interest you
  • Following up on enquiries and proposals

Legal Basis for Processing

We process your data based on:

  • Contract performance: To deliver services you've purchased
  • Legitimate interests: To improve our services and grow our business
  • Legal compliance: To meet tax, accounting, and regulatory obligations
  • Consent: For marketing communications (which you can withdraw anytime)




Data Sharing and Third Parties

We Share Data With:

  • Payment processors (Stripe) for secure payment processing
  • Email service providers for communication delivery
  • Analytics providers (Plausible Analytics) for website insights — Plausible does not receive personal data; all analytics are aggregate and cookieless
  • Cloud hosting providers for secure data storage
  • Legal and professional advisors when required

We Never:

  • Sell or rent your personal data to third parties
  • Share your data for others' marketing purposes
  • Use your data for automated decision-making or profiling
  • Transfer data outside the UK/EEA without appropriate safeguards

Legal Disclosures

We may disclose your data if legally required by:

  • Court orders or legal proceedings
  • Law enforcement requests
  • Regulatory investigations
  • Prevention of fraud or illegal activities




Data Storage and Security

Where We Store Data

Your personal data is stored securely within the UK and European Economic Area (EEA). Our analytics provider (Plausible Analytics) processes data within the EU. Some third-party services may process data outside the EEA, but only with appropriate safeguards in place.

Security Measures

We implement industry-standard security measures including:

  • SSL encryption for data transmission
  • Secure cloud hosting with access controls
  • Regular security updates and monitoring
  • Staff training on data protection principles

Data Retention

We retain your data for as long as necessary:

  • Active service data: Duration of service provision plus 7 years for tax/legal requirements
  • Marketing data: Until you unsubscribe or withdraw consent
  • Website analytics: Retained indefinitely in aggregate form (Plausible Analytics — no personal data stored)
  • Quiz session data: 12 months from completion, then automatically deleted
  • Support communications: 3 years for quality assurance
  • Financial records: 7 years for accounting and tax purposes




Your Data Protection Rights

Under UK GDPR, you have the right to:

Access and Portability

  • Access: Request a copy of personal data we hold about you
  • Portability: Receive your data in a machine-readable format

Correction and Control

  • Rectification: Correct inaccurate or incomplete data
  • Restriction: Limit how we process your data in certain circumstances
  • Objection: Object to processing based on legitimate interests

Deletion and Withdrawal

  • Erasure: Request deletion of your data when no longer needed
  • Withdrawal: Remove consent for marketing or other consent-based processing

How to Exercise Your Rights

Contact us at info@rockingtech.co.uk with your request. We'll respond within one month and may request additional information to verify your identity.





Cookies and Tracking

Essential Cookies Only

Our website uses only essential cookies required for the site to function:

  • XSRF-TOKEN: Protects against cross-site request forgery attacks
  • laravel_session: Maintains your session while using the site

These are strictly necessary cookies exempt from consent requirements under UK PECR.

Analytics

We use Plausible Analytics to understand how visitors use our site. Plausible is a privacy-first analytics tool that does not use cookies, does not collect personal data, and does not track individual visitors across sessions. All data is aggregate. No consent is required. For more information, see Plausible's data policy.





External Links and Third-Party Sites

Our website contains links to other websites and services. This privacy policy only applies to Rocking Tech's website and services. Please review the privacy policies of any external sites you visit, as we're not responsible for their data practices.





Children's Privacy

Our services are not intended for children under 18. We do not knowingly collect personal data from children. If you're a parent and believe your child has provided us with personal data, please contact us immediately.





International Data Transfers

When we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the UK Information Commissioner's Office
  • Standard contractual clauses approved by UK/EU authorities
  • Certification schemes ensuring adequate protection




Changes to This Policy

We may update this privacy policy to reflect changes in our practices, services, or legal requirements. We'll notify you of significant changes by:

  • Posting the updated policy on our website
  • Sending email notifications for material changes
  • Updating the "Last updated" date at the top of this policy




Data Breach Notification

In the unlikely event of a data breach that poses risks to your rights and freedoms, we'll notify you within 72 hours and provide clear information about the incident and steps we're taking to address it.





Contact Us and Complaints

Data Protection Enquiries

For questions about this policy or our data practices:

Email: info@rockingtech.co.uk
Post: Rocking Tech Ltd, 124 City Road, London, EC1V 2NX, United Kingdom

If you're not satisfied with our response to any data protection concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

This privacy policy is effective as of the date stated above and applies to all personal data we process about you.