ORock Technologies, Inc. Website Privacy Policy

Version: 1.3

Last modified: 09/13/18




ORock, Technologies Inc. respects your privacy and is committed to protecting it. This privacy policy applies to https://orocktech.com (“Website”) and to all products and services offered by ORock (collectively, “ORock”, “ORock Platform”, “We”, “Us” or “Our”). This Privacy Policy describes ORock’s policies and procedures on the collection, use and disclosure of your personal data when you use the ORock Platform. It also describes the choices available to you regarding the use of, your access to, and how to update and correct your personal data. We will not use or share your confidential information with anyone except as described in this Privacy Policy. This Privacy Policy does not apply to information we collect from other sources. This website is not intended for children and we do not knowingly collect data relating to children. Information which you do not designate as confidential may be publicly available and disclosed.

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. Our website and related services are hereinafter collectively referred to as our “services”. We respect your privacy and are committed to maintaining and using any information we collect through your use of our services responsibly.

ORock is data processor for the processing of personal data in relation to ORock accounts and in relation to the use of our website. This Privacy Policy only concerns the processing for which ORock is data processor.

Please read this Privacy Policy carefully prior to accessing or using our services. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this Privacy Policy.

If you have any questions, please contact as at: privacy@orocktech.com.


The Information We May Collect

Our primary purpose in collecting information from or about you is to provide you with a safe, smooth, efficient, and customized experience. Depending on the manner in which you use our services, we collect information about you that we deem necessary for providing services and features that optimize, secure, and ease your user experience with ORock.

Personal Information or Personal Data (“PII”): ORock may collect and process information that could be directly or indirectly associated with you; information such as your full name, company name where applicable, user name and password, phone number, email address, billing or mailing address, credit/debit card information and other information that you share with ORock. You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our services because such information may be required in order for you to register for an account; purchase products or services; participate in a contest, promotion, or survey; ask a question; or initiate other transactions on our website.

Payment Information: For the purposes of billing ORock accounts, we may request your credit card and certain contact information, such as a billing address. We retain credit card information internally for the purpose of all payment processing related to our services. The payment information is necessary in order for you to use our services and failure to provide such information may result in you not being able to use our services.

Third Party Payment Processors: Payments processed via the ORock Platform by third party payment processors are subject to the terms of use and privacy policies of those payment gateways and are not accessible or controlled by ORock. For payments processed via third party payment processors, we may receive information related to your payment card type and last four digits, postal code, country of origin, and payment expiration date. For additional information, we recommend that you review the third party payment processor’s Privacy Policy.

Mobile Application: ORock offers a mobile application and may, depending on your privacy settings, collect certain information about you and your devices when you access our services through your mobile or other Internet connected devices. ORock does not ask for or purposefully track any precise location-based information. We use mobile analytics software to allow us to better understand the functionality of our services on your mobile or other Internet connected devices, which may record data relating to usage, performance, and download and will be treated like Demographic and Usage Data (discussed below).

Information from Third Party Platforms: You may allow our services to interact with one or more third party social networks or platforms (such as Facebook), which will provide data about you to us (“Platform(s)”). The information you allow ORock to access varies by Platform, and it is affected by the privacy settings you and those that you are connected with establish while using such Platforms. Platforms are operated, controlled, and maintained by third parties that are not operated, controlled, or maintained by ORock. We recommend that you read the terms of use or service and privacy policies of those Platforms to understand how they collect and treat your data and what data they might share with us or other third parties.

Demographic and Usage Data: Cookies and Similar Technologies

ORock may collect information through the use of cookies, HTML5 local storage, and other similar technologies.


“Cookies” are alphanumeric identifiers in the form of text files that are inserted and stored by your web browser on your hard drive. ORock may set and access cookies on your computer or wireless device to track and store preferential information about you. We may gather anonymous information about Users through cookie technology on an individual and aggregate level. Such information is used within ORock internally and is only shared with third party advertisers, if any, on an aggregated or non-personally identifiable basis.

You may opt out of receiving cookies from our website by following the instructions in your web browser. Note, however, that deleting cookies or directing your browser to refuse them may limit your ability to use certain portions of our website that require cookies to function. ORock gathers certain information automatically and stores it in log files. This information may include Internet protocol (IP) addresses, browser type, operating system, and other usage information about the use of our website, including a history of the pages you view.

Non-Personal Information: Web Beacons, Action Tags and Log Files
Web Beacons: Web Beacons, also known as pixel tags and clear GIFs, (“Web Beacons”), are electronic images that allow a website to access cookies and help track marketing campaigns and general usage patterns of visitors to those websites. Web Beacons can recognize certain types of information, such as cookie numbers, time and date of a page view and a description of the page where the Web Beacons are placed. No PII about you is shared with third parties through the use of Web Beacons on our website. However, through Web Beacons, we may collect general information that will not personally identify you, such as: Internet browser, operating system, IP address, date of visit, time of visit and path taken through the website. In addition, we may also use web beacons in HTML-based emails sent to users to track which emails are opened by recipients.

Action Tags: ORock uses action tags. An action tag is a small piece of code that is placed on a webpage or in an email in order to track the pages viewed or the messages opened, the date and time when someone visited our website, the website from which the visitor came, the type of browser used, and the domain name and address of the user’s Internet Service Provider. Action tags allow us to better understand how Users and visitors use the ORock Platform or browse through our pages, so that we can improve access to and navigation through the site, add or modify pages, according to our user’s patterns. Action tags cannot be removed or deleted by our users, because they are part of the programming of a webpage.

Log Files: Log file information is automatically reported by your browser each time you access a web page. When you use the ORock Platform, our servers automatically record certain information that your web browser sends out whenever you visit any website. These server logs may include information such as your web request, IP address, browser type, referring/exit pages, operating system, date/time stamp, the files viewed on our site (e.g., HTML pages, graphics, etc.) and URLs, number of clicks, domain names, landing pages, pages viewed, and other similar information.

Behavioral Targeting
ORock partners with a third party to either display advertising on our website or to manage our advertising on other sites. ORock’s third party partner may use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here – Unsubscribe. Please note you will continue to receive generic ads.
Do Not Track Signals
ORock does not track or use Do Not Track signals.

Note: ORock may also collect other Non-Personal Information as visitors browse our website, such as the web traffic, what pages are visited, from where visitors come, and other demographic information, such as age, gender, and search habits. We may compile this Non-Personal Information to enable statistical analysis of our services that would be used internally or with external assistance to make improvements to our website and services.


How We Use the Information We Collect & Disclosure of your PII

All organizations need a legal reason to use your personal information. If they do not have one, they cannot use such information. There are legal grounds that enable data processing, and we will use your PII in accordance with applicable data protection legislation, this Privacy Policy and the General Data Protection Regulation (2016/679/EU) (“GDPR”). Below are the most relevant grounds you should be aware of with respect to ORock’s legal bases for using or disclosing your PII:

ORock may disclose any of your information, which in some cases includes PII, in the following situations:

1. With your consent. We may transmit your PII to a third party when you give us express permission to do so. For example, this may occur when we complete a transaction on your behalf or at your request.

2. To enter into or to fulfill a contract. We may use your PII to provide you with access to your account or other products you have signed up for.

3. For a legitimate interest. We may use your PII where it would help achieve ORock’s business objectives or to facilitate a benefit to you or someone else. Where we want to rely on legitimate interests as a legal basis, we will carry out a balancing test between our legitimate interests and your privacy rights.

4. With our authorized service providers. ORock may share your PII with our authorized service providers that perform certain services and process PII on our behalf. These services may include providing customer service and marketing assistance, performing business and sales analysis, supporting our website functionality, and supporting contests, sweepstakes, surveys and other features offered through our website. These service providers may have access to PII needed to perform their functions but are not permitted to share or use such information for any other purposes.

5. Payment providers and your bank. For the purpose of administrating payments within our services, we may disclose your PII to third party payment providers and your bank.

6. With our business partners. When you make purchases, reservations or engage in promotions offered through our website, we may share PII with the businesses with which we partner to offer you those products, services, promotions, contests and/or sweepstakes.

7. In connection with a substantial corporate transaction, such as the sale of our business; a divestiture, merger, consolidation, or asset sale; or in the event of bankruptcy. If another company acquires ORock, that company will take on all responsibility for the information we collect, including PII, and it will assume all rights and obligations with respect to that information. Should this happen, the acquiring company may implement its own policies with respect to your information.

8. If we are required to disclose information by law. ORock may be obligated to disclose a User’s personal information, if directed by a court of law or other governmental entity. Without limiting the foregoing, we reserve the right to disclose such information where we have a good faith basis to believe that such action is necessary to: (a) comply with applicable laws, regulations, court orders, government and law enforcement agencies’ requests; (b) protect and defend ORock’s or third party’s rights and property, or safety of ORock, our users, our employees, or others; (c) prevent, detect, investigate and take measures against criminal activity, fraud and misuse or unauthorized use of our services and/or to enforce our Terms of Use or other agreements or policies; and/or (d) protect your personal safety or property or that of the public. In the event that your information is disclosed, we will comply with the law and make commercially reasonable efforts to notify you.


Data Retention

We will save your PII until six months after you erase your user account, or otherwise exercise your right to erase your PII, unless otherwise required by law.


Access to Your Information and other rights

You are at any time, and free of charge, entitled to receive a copy of the PII that we hold about you and information about the processing thereof. Please note that in order to be able to answer your request; ORock will need to be able to determine your identity.

If you believe that any PII we are holding is incorrect or incomplete, please send an email with your specific request to privacy@orocktech.com. We will work with you to make any corrections deemed necessary. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

You have the right to request that ORock restricts the processing of your PII under certain conditions, for example, if you contest the accuracy of the PII, the processing may be restricted for a period enabling ORock to verify the accuracy of the PII or if ORock no longer needs the PII for the purposes of the processing but you require the PII for the establishment, exercise or defense of legal claims.

You have the right to have your PII deleted without undue delay and ORock is obliged to delete your PII without undue delay if, for example the PII is no longer necessary in relation to the purpose for which it was collected or otherwise processed. Please note that ORock is not obliged to delete the PII if ORock can show that the processing is necessary, for example, for the establishment, exercise or defense of a legal claim.
If you provide your email address to ORock, you will always have the opportunity to opt out of receiving email newsletters and promotions through the unsubscribe link in the email communications or by logging into and changing the preferences for your user account. We may send you other types of transactional and relationship e-mail communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please note that changing information in your account, or otherwise opting out of receipt of promotional email communications will only affect future activities or communications from us. If we have already provided your information to a third party (such as a credit card processing partner) before you changed your preferences or updated your information, you may have to change your preferences directly with that third party.

You have the right to object, on grounds relating to your particular situation, at any time to ORock’s processing of your PII if the processing is based on, for example, legitimate interests. If you object to such processing, ORock will no longer be entitled to process your PII based on such legal basis, unless ORock can demonstrate compelling legitimate grounds for the processing which overrides your interests, rights and freedom or if it is conducted for the establishment, exercise or defense of a legal claim.

You have, under certain conditions, the right to receive the PII concerning you and which you have provided to ORock, in a structured, commonly used and machine-readable format and have the right to transmit such PII to another data controller without ORock trying to prevent this, where ORock’s processing of your PII is based a contract or consent and the processing is carried out by automated means. In such case you have the right to request that the PII shall be transmitted from ORock directly to another data controller, where technically feasible.

You also have the right to withdraw your consent, if applicable. If you withdraw your consent, please note that this does not affect the lawfulness of the processing based on your consent before its withdrawal and that ORock may, under certain circumstances, have another legal ground for the processing and therefore may be entitled to continue the processing.

If you would like to exercise your rights, you may contact us on the contact details provided at the bottom of this Privacy Policy.

If you are unhappy with our processing of your PII you may lodge a complaint with a competent supervisory authority, for example in the country of your habitual residence, place of work or of an alleged infringement of the General Data Protection or other applicable data privacy laws.


Our Policy Concerning Children

Our Website is not intended for children under 13 years of age. Our website and services are offered and available only to you if are 18 years or older, or if you are between 13 and 18 years old and have obtained the consent of a parent or legal guardian prior to accessing the website, registering an account, or using the services. If you do not meet this eligibility requirement, you may not use our website or services. ORock does not knowingly collect or store any personal information from or about children under the age of 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information in conformity with the Children’s Online Private Protection Rule (“COPPA”). If you believe that ORock might have any information from or about a child under the age of 13 may submit a request to privacy@orocktech.com and request that such information be removed.


Securing Your Information

ORock takes a range of security measures designed to protect your PII and keep it confidential (unless it is non-confidential by nature) and free from any unauthorized alteration. For example, only authorized employees are permitted to access personal information, and they may do so only for permitted business functions. In addition, we use encryption in the transmission of financial information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your personal information.

Where we have given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping this password confidential. As the safety and security of your information also depends on the precautions you take, we ask you not to share your password with anyone.


Third Parties and Other Information Collectors

Except as otherwise expressly included in this Privacy Policy, this document only addresses the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties through our website, different rules may apply to their use, collection, and disclosure of the personal information you disclose to them. Since we do not control the information use, collection, or disclosure policies of third parties, you are subject to their privacy policies.

Our website may include links to third party websites. Once you have used these links to leave our website, you should note that we do not have any control over third party websites. We are not responsible for the content of such websites or the protection and privacy of any information which you provide while visiting such sites. Third-party websites are not governed by this Privacy Policy. You should exercise caution and look at the privacy policies applicable to the websites in question.


Users Outside of the United States

The services are hosted in the United States and are governed by the laws of the United States. If you are using the services outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States where ORock’s servers and databases are located. By using the Sites, you consent to the transfer of information to countries outside your country of residence.


Transfer of personal information to countries outside the EU/EES

ORock is established in New York, USA. Your PII is therefore transferred outside the European Union (“EU”) and European Economic Area (“EEA”). Such transfer is necessary for the performance of the contract between you and ORock (article 49.1 (b) of the GDPR).

Your PII is also transferred to and processed by third party payment providers. Such transfers are necessary for performance of the contract between you and ORock (article 49.1 (b) of the GDPR).

Some of the third parties identified above may also be located outside the EU/EEA, in which case we will take all necessary steps required under applicable law in order for such transfer of information across borders to be compliant with applicable law. In cases where there is no adequacy decision by the Commission, this may for example include the use of EU model clauses (under Article 46.2 of the GDPR) or ensuring that the recipient is certified under the US-EU Privacy Shield Framework (under Article 45 of the GDPR). You may receive a copy of the relevant safeguards by contacting ORock using the contact details set forth below in this Privacy Policy.


No Rights of Third Parties

This Privacy Policy does not create rights enforceable by third parties or require disclosure of any personal information relating to users of the website.

Changes to the Privacy Policy

We may review and update this Privacy Policy from time to time in our sole discretion and will notify you of such changes. It is our policy to post any changes we make to our Privacy Policy on this page with a notice that the Privacy Policy has been updated on the Website home page. If we make material changes to how we treat our users’ personal information, we will notify you by email to the primary email address specified in your account and/or through a notice on the Website home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Your continued use of the services after receipt of notification of changes to this Privacy Policy is deemed to be acceptance of those changes.


Contact Us
Please note that we have appointed a Privacy Representative who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the Privacy Representative at privacy@orocktech.com. You may also write to C/O Privacy Representative, ORock Technologies, Inc; 11921 Freedom Drive, Suite 1180 Reston, Virginia 20190 or call 571-386-0201.