For using ROCK IS HERE websites and mobile app. 

Effective as of 01 October 2020

At Rock is Here Ltd.  we are committed to ensuring and protecting your privacy at any time you are using our apps, websites, or registered via your email or Facebook account.

We process personal data exclusively in compliance with the statutory provisions of the European General Data Protection Regulation (GDPR), the national data protection regulations based thereon, and the Austrian Telecommunications Act (TKG).

In this privacy policy, we therefore inform you about the most important aspects of data processing in connection with the use of our websites or mobile app solutions.
We provide you with a detailed overview of how we use your information that you provide us with or that we lawfully obtain in accordance with the conditions set out herein.

1.What personal data do we collect from you?

Data can be collected and processed when our platform Rock is Here, mobile apps, or website is used by you. The following are approved methods of collection:

Email addresses: If you sign up via your email account we collect the email address and the user name information provided.

Facebook account information: If you sign up via your Facebook account we can collect the information you make available during your signup. Facebook will always show you which information we may access.

User-generated content: If you use our apps or websites to create content we collect and process all content created by you. For example: photos, lists, bookmarks, saved places, ratings, reviews, notes.

Mobile app usage logs: If you use our mobile app we collect app usage data. Including in app or user behavior data, and crash data that will be used to improve our services. Actions done in the mobile app like map searches, points of interest (POI) searches, and any other searches, taps on buttons, usage of website or mobile app features, date and time of the usage, timezone, phone and operating system information, language settings of your phone, as well approximate location data deferred from your IP or GPS.

Website usage logs: If you use our mobile app or websites we collect server logs. Including website user behavior data. Actions done on our websites like searches, general behaviour, clicks on buttons or links, date and time of the request, timezone, access state, browser settings and browser info, operating system information, browser language settings, approximate location data deferred from your IP, referrer website information, web search information.

Server logs: If you use our mobile apps or websites we collect server logs. Including date and time of the request, request transaction time, data transferred, access state, HTTP(S) status code.

Precise location information: If you consent then we collect, share, and process precise location information, also through third party software components (mobile “SDKs”).

Device identifiers and IP addresses: If you use our apps we collect your mobile device identifier (such as the iOS UDID or Android Advertising ID) and ip address, if you use our websites we collect your IP address.

2. Legal basis and purpose of data processing

Your data will be stored and processed solely for the purpose of offering our platform, our mobile apps and related services to you and to offer and improve our websites.

Contract fulfillment: The processing of your email addresses, your Facebook account data, or the user-generated content provided by you is required to fulfill the contract (article 6 (1) (b) GDPR): We collect your data for processing, if you voluntarily decide to enter this data. Your data will therefore be processed if you enter it in our mobile app or websites, e.g. because you use our app and create content (photos, lists, bookmarks, saved places, ratings, reviews, notes etc). In this case, your created data will be processed solely for the purpose of carrying out the respective service and are therefore necessary for the fulfillment of the App Usage Agreement.

Legitimate interest: We have legitimate interest in the processing of mobile app and website usage logs, server logs, device identifiers and IP addresses (article 6 (1) (f) GDPR). We use this data for the proper operation of our apps, platform and websites, in particular to detect and eliminate errors. Our legitimate interest within the meaning of the GDPR is also the security and optimization of our services and websites. In this case, we also provide data for statistical and analytical purposes, as well as for the optimization of interest-based advertising to third parties in order to improve our services and products.

Ultimately, we have legitimate interest in processing email addresses, Facebook account data, user-generated content, mobile app logs and website usage logs and for direct marketing purposes. Only data that you voluntarily make available to us and that we dispose of from the contractual relationship are processed. The primary goal of this data processing is customer retention and customer acquisition. We may use this information to notify you about updates, notifications about our apps, products or services that may be of interest to you. We may use your information to recommend services, products, or offers related to travel on our platform, within our apps or websites. 

Explicit consent: If you explicitly consent in our app, we process precise location data also with the help of third-party software components (mobile “SDKs”), we may use precise location data by itself, aggregated, or combined with mobile identifiers (such as IDFAs and Android IDs), and share location data with third parties, for purposes related to advertising, attribution (e.g., measuring ad performance) analytics and research including research to benefit non-profit causes. We will ask for your explicit consent before using or sharing location informations. You are not required to consent and you can withdraw it at any time (see section 3)

3.Storing and processing your personal data / data protection

We process personal information on our servers in many countries around the world. We may process your personal information on a server located outside the country where you live or outside the European Union if you live in the European Union. We take all reasonable processes to ensure your data is secure and in agreement with our Privacy Policy as outlined here.

We use secured servers to ensure proper data storage. All communication containing personal information is kept encrypted for safety measures.

Transmission of data on the Internet can never be ultimately secure. We do not and cannot guarantee security of information collected electronically or transmitted; however, we take all necessary steps to provide the best security available. As a result of our inability to guarantee safety, you are submitting information to us at your own risk. Where needed a password may be necessary to access areas of our apps or website. You are responsible for the safety and confidentiality of the password you generate.

4. Disclosing your information

In addition to the cases mentioned in section 2, your data may be passed on to third parties under the following conditions:

This disclosure occurs when we sell all or a section of our business or assets to a third party.

Personal information can be offered to any member of our company, such as subsidiaries, holding companies and their subsidiaries only if deemed appropriate.

Legal requirements may mean a sharing of your information.

5.Third party links

Any third party web site or app that can be accessed through our platform, our apps or our web pages generally has its own privacy policy. We recommend that you check the conditions defined there. Our privacy policy therefore does not apply to websites or apps that are accessible via hyperlink on our platform (Ulmon Hub), in our apps or on our websites. The content of the linked pages or apps are the sole responsibility of their operators. We expressly exclude any liability and responsibility for the handling of third parties with your data. We point out that third-party websites or apps are beyond our control, we have no control over their data and data processing activities, nor are we aware of the scope of the data collection, the purposes and the retention periods.

6. Contact Informations and Rights

You have a right to information about the personal data that we process (Article 15 of the GDPR), the right to rectification (Article 16 of the GDPR), Deletion (Article 17 GDPR) and the restriction of personal data processing (Article 18 GDPR).

In this case, please contact Rock Is Here Ltd, London, UK, or send an email to

Furthermore, you have a right to appeal to the ICO. Information Commissioner’s Office.

phone: +44 (0)303 123 1113 – Web:  as the competent supervisory authority.

7.  Changes to this Privacy Policy

Updates of our Privacy Policy may be completed frequently, thus you should peruse this Policy habitually.