Privacy Policy

Rokeler Sp. z o.o. ("Rokeler", "we", "us") is the data controller for personal data processed through the rokeler.com website and the Rokeler platform.

Registered office: ul. Wyzwolenia 17/1, 43-170 Łaziska Górne, Poland. Contact: [email protected].

We collect information you give us, information we collect automatically and information from third parties.

• Account data: name, email, password hash, billing address, company name.
• Order data: chosen plan, credits balance, invoices, payment method (we do not store full card numbers).
• Usage data: pages visited, features used, device, browser, IP address, approximate location.
• Support data: messages you send to support, chat transcripts and attachments.
• Marketing data: opt-in preferences, opens and clicks on our emails.

We process personal data on the following legal bases: performance of a contract (providing the service you ordered), legal obligation (tax and accounting), legitimate interest (security, fraud prevention, product improvement) and your consent (marketing communications, optional analytics cookies).

• To create and operate your workspace and deliver the features you pay for.
• To process payments, issue invoices and meet accounting obligations.
• To respond to support requests and send service notifications.
• To detect, prevent and investigate abuse, security incidents and fraud.
• To measure and improve product performance and reliability.
• To send marketing emails — only if you have opted in; you can unsubscribe at any time.

We only share personal data with processors that help us run the service, under written data processing agreements.

• Hosting and infrastructure providers (EU regions where available).
• Payment processors (bank, card processors when activated).
• Email delivery and customer support tools.
• Product analytics and error monitoring.

We do not sell personal data.

Where data is transferred outside the European Economic Area, we rely on Standard Contractual Clauses and additional safeguards required by GDPR.

We keep account data for as long as your account is active and for up to 6 years after closure to meet tax and accounting obligations. Support tickets are kept for 24 months. Marketing data is kept until you withdraw consent.

We use industry-standard safeguards: encryption in transit (TLS 1.2+), encryption at rest, least-privilege access, audit logging, regular backups and vulnerability scanning. No system is 100% secure, but we work continuously to protect your data.

Under GDPR you have the right to access, rectify, erase, restrict or port your data, to object to certain processing and to withdraw consent at any time. You can exercise these rights by emailing [email protected]. You also have the right to lodge a complaint with the Polish Data Protection Authority (UODO).

We may update this Privacy Policy from time to time. Material changes will be announced via email or an in-app notice at least 14 days before they take effect.