Privacy Policy

Effective Date: January 20, 2025

This Privacy Policy explains how RotkiX collects, uses, protects, and shares your personal information when you visit our website and use our services.

Table of Contents

1. Privacy Overview

Privacy-First Approach: RotkiX is designed with privacy as a fundamental principle. Our software operates entirely on your local device, ensuring that your portfolio data never leaves your control.

RotkiX ("we," "us," or "our") is committed to protecting your privacy and providing transparency about our data practices. This Privacy Policy applies to:

  • Our website located at rotkix.com
  • Data collected through website forms and interactions
  • Communications and support services
  • Cookies and similar tracking technologies

Important Distinction: This policy covers data collection on our website only. The RotkiX software itself operates locally on your device and does not transmit your portfolio data to our servers or any third parties.

We are committed to compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy regulations.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

Contact Form Information:

Data Type Purpose Required Retention
Full Name Identification and personalized communication Yes 3 years
Email Address Communication and support responses Yes 3 years
Company Business context and tailored responses No 3 years
Interests Understanding user needs and product improvement Yes 3 years

Support Communications:

  • Messages sent through our support channels
  • Technical information provided for troubleshooting
  • Feedback and suggestions about our services

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain information:

Technical Information:

  • IP address and approximate location
  • Browser type and version
  • Operating system information
  • Device type and screen resolution
  • Referring website and exit pages

Usage Information:

  • Pages visited and time spent on each page
  • Click patterns and user interactions
  • Search queries and navigation paths
  • Date and time of visits

2.3 Cookies and Similar Technologies

We use cookies and similar technologies to enhance your browsing experience. For detailed information about our cookie practices, please refer to our Cookie Policy.

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

  • Responding to your inquiries and providing customer support
  • Processing and fulfilling your requests
  • Providing technical assistance and troubleshooting
  • Delivering requested information about our services

3.2 Communication

  • Sending responses to your contact form submissions
  • Providing updates about our services (with your consent)
  • Sending important notices about changes to our policies
  • Facilitating customer support interactions

3.3 Website Improvement

  • Analyzing website usage patterns and user behavior
  • Improving website functionality and user experience
  • Identifying and fixing technical issues
  • Optimizing content and navigation

3.4 Legal Compliance

  • Complying with applicable laws and regulations
  • Responding to legal requests and court orders
  • Protecting our rights and preventing fraud
  • Enforcing our terms of service

3.5 Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your data based on:

  • Consent: For marketing communications and non-essential cookies
  • Legitimate Interests: For website analytics and service improvement
  • Contractual Necessity: For providing requested services
  • Legal Obligation: For compliance with applicable laws

4. Information Sharing and Disclosure

No Portfolio Data Sharing: We never collect, access, or share your portfolio data from the RotkiX software, as it operates entirely on your local device.

We may share your personal information in the following limited circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Website hosting and technical infrastructure
  • Email communication services
  • Customer support platform management
  • Website analytics and performance monitoring

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal process, subpoenas, or court orders
  • Respond to government requests or law enforcement
  • Protect our rights, property, or safety
  • Protect the rights, property, or safety of our users
  • Prevent fraud or other illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to the same privacy protections outlined in this policy.

4.4 Consent-Based Sharing

We may share your information with third parties when you have given us explicit consent to do so for specific purposes.

5. Data Security and Protection

We implement comprehensive security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

5.1 Technical Safeguards

  • SSL/TLS encryption for data transmission
  • Encrypted storage of sensitive information
  • Regular security assessments and vulnerability testing
  • Secure server infrastructure and access controls
  • Multi-factor authentication for administrative access

5.2 Administrative Safeguards

  • Limited access to personal information on a need-to-know basis
  • Employee training on privacy and security practices
  • Regular review and update of security policies
  • Incident response procedures for security breaches

5.3 Physical Safeguards

  • Secure data centers with controlled physical access
  • Environmental controls and monitoring systems
  • Secure disposal of hardware and storage media

Data Breach Notification: In the unlikely event of a data breach affecting your personal information, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of discovery.

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy:

6.1 Retention Periods

Data Type Retention Period Justification
Contact Form Data 3 years from last contact Customer relationship management and follow-up
Support Communications 3 years from resolution Quality assurance and future reference
Website Analytics Data 26 months Google Analytics default retention for trend analysis
Cookie Consent Records 1 year from withdrawal Legal compliance and consent management
Technical Logs 90 days Security monitoring and troubleshooting

6.2 Deletion Procedures

When the retention period expires, we securely delete or anonymize your data using:

  • Secure deletion protocols for digital data
  • Data anonymization for statistical purposes
  • Physical destruction of storage media when necessary
  • Verification of deletion completion

6.3 Legal Hold

We may retain data beyond normal retention periods when required for legal proceedings, regulatory investigations, or to comply with legal obligations.

7. Your Privacy Rights

You have important rights regarding your personal information. The specific rights available to you depend on your location:

7.1 Universal Rights

  • Right to Information: Know what data we collect and how we use it
  • Right to Access: Request a copy of your personal information
  • Right to Correction: Request correction of inaccurate information
  • Right to Deletion: Request deletion of your personal information
  • Right to Withdraw Consent: Withdraw consent for data processing

7.2 GDPR Rights (EU/EEA/UK Residents)

  • Right to Portability: Receive your data in a structured, machine-readable format
  • Right to Restrict Processing: Limit how we process your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Lodge a Complaint: File complaints with supervisory authorities

7.3 CCPA Rights (California Residents)

  • Right to Know: Categories and specific pieces of personal information collected
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the sale of personal information
  • Right to Non-Discrimination: Equal service regardless of privacy choices

7.4 Exercising Your Rights

To exercise your privacy rights:

  1. Contact us using the information provided in Section 12
  2. Specify which right you wish to exercise
  3. Provide sufficient information for identity verification
  4. We will respond within the timeframes required by law

Response Time: We typically respond to privacy requests within 30 days (GDPR) or 45 days (CCPA), though complex requests may require additional time with appropriate notification.

8. International Data Transfers

Your personal information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

8.1 Transfer Safeguards

  • Adequacy Decisions: Transfers to countries with adequate data protection
  • Standard Contractual Clauses: EU-approved contractual protections
  • Certification Programs: Privacy frameworks and certification schemes
  • Binding Corporate Rules: Internal data protection policies

8.2 Data Processing Locations

Your data may be processed in:

  • Countries where our service providers operate
  • Locations of our cloud infrastructure providers
  • Jurisdictions required for legal compliance

You can request specific information about international transfers of your data by contacting us.

9. Children's Privacy

RotkiX services are not intended for individuals under the age of 16, or the minimum age required in your jurisdiction for data processing consent.

9.1 No Collection from Children

  • We do not knowingly collect personal information from children
  • Our website and services are designed for adult users
  • We do not target marketing or advertising to children
  • We implement age verification measures where appropriate

9.2 Parental Rights

If we become aware that we have collected personal information from a child:

  • We will delete the information promptly
  • Parents can request access to their child's information
  • Parents can request deletion of their child's information
  • We will verify parental identity before taking action

Important: If you believe we have collected information from a child, please contact us immediately so we can take appropriate action.

10. Third-Party Services

Our website may integrate with or link to third-party services that have their own privacy practices.

10.1 Current Third-Party Services

Service Purpose Data Shared Privacy Policy
Google Analytics Website analytics Usage data, anonymized Google Privacy
Tawk.to Live chat support Chat messages, contact info Tawk.to Privacy
CDN Providers Content delivery Technical data only Varies by provider

10.2 Third-Party Responsibility

  • Third parties are responsible for their own privacy practices
  • We encourage you to review their privacy policies
  • We select partners based on their privacy commitments
  • We maintain data processing agreements with key partners

10.3 External Links

Our website may contain links to external websites. We are not responsible for the privacy practices of these external sites and encourage you to review their privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws.

11.1 Notification of Changes

When we make changes to this policy:

  • We will update the "Effective Date" at the top of this policy
  • Material changes will be prominently announced on our website
  • We may notify you via email if you have provided contact information
  • Significant changes may require renewed consent

11.2 Types of Changes

  • Minor Updates: Clarifications, contact information, formatting
  • Material Changes: New data collection, sharing practices, rights
  • Legal Updates: Changes required by law or regulation

11.3 Continued Use

Continued use of our website after policy changes constitutes acceptance of the updated terms, unless additional consent is required by law.

Stay Informed: We recommend reviewing this Privacy Policy periodically to stay informed about how we protect your privacy.

12. Contact Information

For privacy-related questions, concerns, or to exercise your privacy rights, please contact us:

Privacy Officer:

support@rotkix.com

Response Times:

  • General privacy inquiries: 5-10 business days
  • Data subject requests: 30 days (GDPR) or 45 days (CCPA)
  • Urgent privacy concerns: 2-3 business days
  • Data breach notifications: Within 72 hours of discovery

Information to Include in Your Request:

  • Full name and contact information
  • Specific privacy right you wish to exercise
  • Detailed description of your request
  • Information to help us verify your identity

Supervisory Authority Contact

If you are located in the European Economic Area and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.

Data Protection Officer: For complex privacy matters or if required by applicable law, you may request to speak with our Data Protection Officer by contacting privacy@rotkix.com.

Business Address:
RotkiX Privacy Department
Complete business address available upon request for legal and regulatory purposes

Commitment to Privacy: Your privacy is important to us. We are committed to addressing your concerns promptly and transparently. Please don't hesitate to reach out with any privacy-related questions or issues.