Employee Rocks
Book a teardown
Legal

Privacy Policy

Last updated: 14 June 2026

We help technology companies build a genuinely good Employee Experience — and that starts with treating people's data with the same care we ask our clients to. This Privacy Policy explains what personal data we collect through our website, why we collect it, who we share it with, and the rights you have over it.

01Who we are

This website is operated by Employee Rocks (“we”, “us”, “our”). For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”), Employee Rocks is the data controller of the personal data described in this policy. You can reach us about anything privacy-related, or exercise any of your rights, by emailing olga@employee.rocks.

02Scope of this policy

This policy applies to personal data we collect through our website and related landing pages, and through the channels we use to communicate with prospects, clients and subscribers. It does not cover third-party websites we link to, which have their own privacy practices.

03What personal data we collect

3.1 Data you give us

3.2 Data we collect automatically

We do not intentionally collect special categories of data (such as health, religion or political opinions) through the website, and we ask that you do not send us such data in free-text fields.

04Why we use your data and our legal basis

Under the GDPR we only process personal data where we have a lawful basis to do so:

05Cookies and similar technologies

Our website uses only strictly necessary cookies that are required for it to function. We do not use analytics, advertising or other tracking cookies, so no cookie consent banner is required. If we introduce such cookies in future, we will ask for your consent first and update this policy.

06Third-party services we use

We rely on a trusted service provider to host the website and our contact email. It acts on our instructions under a data processing agreement and may only process personal data as needed to provide that service:

Service & providerPurposeSafeguards / more info
Website & email hosting — FastmailHosting of the website and operation of our contact email.Data processing agreement in place. Appropriate safeguards apply to any cross-border transfer.

We will update this table if we introduce another processor (for example an analytics or newsletter tool).

07Sharing and disclosure

We do not sell your personal data. Beyond the processors listed above, we may disclose personal data to professional advisers (such as lawyers or accountants), to authorities where required by law, or to a successor entity in the context of a merger, acquisition or reorganisation. Any such recipient is bound to protect your data appropriately.

08International data transfers

Our service provider may process or store personal data in a country other than your own, including outside the European Economic Area (EEA). Where personal data is transferred to such a country, we rely on appropriate safeguards — such as a European Commission adequacy decision or Standard Contractual Clauses, together with any additional measures required — so that your data continues to be protected. You can request more information about these safeguards using the contact details below.

09How long we keep your data

We may keep certain data longer where required to comply with legal, accounting or reporting obligations.

10Your rights

If you are in the EU, the UK or another region with comparable data protection law, you have the following rights in relation to your personal data:

Your rightWhat it means
AccessAsk whether we hold personal data about you and receive a copy of it.
RectificationAsk us to correct inaccurate or incomplete data.
ErasureAsk us to delete your data where there is no overriding reason to keep it.
RestrictionAsk us to limit how we use your data in certain circumstances.
PortabilityReceive data you provided to us in a structured, machine-readable format.
ObjectionObject to processing based on legitimate interests, and to direct marketing at any time.
Withdraw consentWhere we rely on consent, withdraw it at any time without affecting prior lawful processing.
Lodge a complaintComplain to a data protection authority — see the section below.

To exercise any of these rights, email us at olga@employee.rocks. We will respond within the timeframe required by applicable law (one month under the GDPR).

11Data security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse, and we choose service providers who do the same. No method of transmission over the internet is completely secure, so we cannot guarantee absolute security, but we work to protect your data and to respond promptly to any incident.

12Children

Our website and services are intended for business audiences and are not directed at children. We do not knowingly collect personal data from anyone under the age of 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

13Links to other websites

Our website may contain links to third-party websites and embedded content (for example videos or social media). We have no control over, and are not responsible for, the content or privacy practices of those third parties. We encourage you to read their privacy policies.

14Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top and, where appropriate, notify you. Please review this page periodically.

15Contact and complaints

Questions, requests or concerns about this policy or your data? Email us at olga@employee.rocks.

If you are not satisfied with our response, you have the right to lodge a complaint with the data protection supervisory authority in your country of residence.