Privacy Policy

At Rocketship Ventures S.R.L (“Rocketship Ventures S.R.L,” “we,” “us,” or “our”), we take your privacy seriously. We respect the sphere of privacy to which every individual is entitled and handle personal information with care, transparency, and accountability.

This Privacy Policy applies to personal information we collect through our websites, platforms, and operations. It explains what we collect, how we use it, how we protect it, and the rights available to data subjects.

• Respect for the sphere of privacy: We recognize and protect each individual’s right to privacy in accordance with applicable law.
• Consent: We obtain prior, unequivocal, express, and valid consent from the data subject (or an authorized representative) before collecting personal information. Consent must be written, either handwritten or electronic. Where the law provides another lawful basis, we will rely on that basis only when appropriate and permitted.
• Data quality: We maintain personal information so that it is materially truthful, complete, and accurate for the purposes for which it is processed. We take reasonable steps to verify and update data.
• Access and dispute: Data subjects have the right to access their personal information and may dispute any erroneous or misleading information about them at any time. We will review and respond promptly.
• Security and protocols: We implement necessary technical and organizational measures to ensure a secure environment for personal information. We maintain an internal protocol detailing procedures for collection, storage, access, use, transfer, retention, and deletion.
• Breach notification: If a breach of personal information occurs (loss, destruction, misplacement, unauthorized access or disclosure), we will notify PRODHAB and affected data subjects within five business days from the time of the breach, in line with applicable requirements.

• Identification and contact data: name, business email, phone number, company, role/title.
• Marketing and communications data: subscription choices, engagement metrics, event registrations, survey responses.
• Technical data: IP address, device identifiers, browser type, pages visited, time and date of visits, referring URLs, and cookies or similar technologies.

• To provide and improve the website, including feature delivery, support, and security.
• To communicate with you about updates, features, events, and thought leadership, consistent with your preferences and with written consent where required.
• To personalize content, measure performance, and conduct analytics.
• To comply with legal obligations, enforce terms, and prevent fraud or misuse.

• Written consent (handwritten or electronic), obtained prior to collection where required by law.
• Performance of a contract and steps taken at your request before entering into a contract.
• Legitimate interests in operating, securing, and improving our operations, provided these interests do not infringe the sphere of privacy or your fundamental rights and freedoms.
• Compliance with legal obligations.

• Service suppliers and technological intermediaries: We engage vetted providers (e.g., hosting, analytics, communications, payment processors) under written agreements requiring confidentiality, security, and data protection measures consistent with this Policy.
• Not considered a transfer: The provision of personal information by the database controller to a service supplier, technological intermediary, or entities in the same economic interest group is not considered a transfer of personal information and does not require the data subject’s authorization. We nonetheless apply appropriate safeguards and oversight.
• Legal and compliance: We may disclose information to comply with applicable law, regulation, legal process, or governmental request; to enforce agreements; or to protect rights, safety, or property.
• Business transactions: In the context of a merger, acquisition, reorganization, or sale of assets, we may share personal information subject to confidentiality and continued protection.

Where data is processed across borders, we implement appropriate safeguards (contractual, technical, and organizational) and ensure that privacy rights are preserved and protected as required by applicable law.

• Access: Request confirmation whether we process your personal information and obtain access to it.
• Rectification and dispute: Dispute and request correction of any erroneous or misleading information about you at any time. We will assess and update inaccurate, incomplete, or misleading data without undue delay.
• Consent management: Where processing is based on written consent, you may withdraw your consent prospectively at any time, subject to legal or contractual restrictions.
• Objection and restriction: Object to or request restriction of processing where permitted by law.
• Portability and deletion: Request a copy of your data in a portable format and, where applicable, deletion, subject to retention and legal requirements.

Contact us at contact@rocketship-ventures.com. Please include:

• Your full name and contact details.
• A clear description of your request.
• Proof of identity or authorization (if acting on behalf of another).

We respond within the timeframes set by applicable law and will explain any limitations that may apply.

We retain personal information only as long as necessary to fulfill the purposes described in this Policy, to comply with legal, regulatory, or contractual obligations, to resolve disputes, and to enforce our agreements. We apply documented retention schedules and secure deletion or anonymization procedures.

We implement layered technical and organizational safeguards appropriate to the risk, including:

• Access controls, authentication, and role-based permissions.
• Encryption in transit and at rest where appropriate.
• Network and application security, logging, and monitoring.
• Secure development practices, vulnerability management, and regular testing.
• Vendor due diligence and contractual protections.
• Employee training and confidentiality obligations.

We maintain an internal protocol that documents:

• Lawful collection and written consent procedures.
• Data minimization and purpose limitation.
• Data accuracy checks and update processes.
• Secure storage, access, and transfer procedures.
• Incident response and breach notification steps, including notifying PRODHAB and affected data subjects within five business days after a breach.
• Retention and deletion practices. We review and update our protocol periodically.

We use cookies and similar technologies to operate our website, remember preferences, and analyze usage. Where required, we request written electronic consent prior to setting non-essential cookies. You can adjust browser settings to refuse or delete cookies; some features may not function properly without them. See our Cookie Notice for details.

Our website may link to third-party websites or services Their privacy practices are governed by their policies, not ours. Review their terms before providing personal information.

If we detect or reasonably suspect a breach involving personal information, we will:

• Activate our incident response plan.
• Contain, investigate, and remediate the incident.
• Notify PRODHAB and affected data subjects within five business days after the time of the breach, including available details on scope, risks, and measures taken.

We may update this Policy to reflect operational, legal, or regulatory changes. We will post updates here. For material changes, we will provide additional notice where appropriate. Your continued use of the website after an update signifies acceptance.

For any questions or requests related to this Privacy Policy:

Rocketship Ventures S.R.L

San José, Central, Mata Redonda, Sabana Oeste, Next to Ucimed, Start Sabana building, No. 1209, Costa Rica

Email: contact@rocketship-ventures.com

Where applicable, this Policy is designed to align with Costa Rican data protection requirements and oversight by PRODHAB. You may contact PRODHAB to lodge a complaint, without prejudice to any other administrative or judicial remedy.