Privacy Policy

With the following privacy policy, we would like to inform you about what types of your personal data (hereinafter also referred to as "data") we process, for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer").


1. Person responsible


Rocketree GmbH

Speditionstraße 15a

40221 Düsseldorf, Germany


Persons authorized to represent the company:
Boonrat Swasdio Sievert, Sunshine Lampert


E-mail address: privacy@rocketree.eu
Imprint: https://www.rocketree.eu/impressum


2. General Information on Data Processing


We take the protection of your personal data very seriously. Your data is handled confidentially and in accordance with the statutory data protection regulations, in particular the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

This Privacy Policy informs you about the type, scope and purpose of the collection and processing of personal data when you visit our website, as well as your rights as a data subject.


The use of our website is generally possible without providing personal data. Where personal data is collected (e.g. name, email address, phone number), this is done voluntarily and only for the purpose of processing your request or providing our services.


3. Collection and Processing of Personal Data


a) When visiting the website

When you access our website, information is automatically sent to our web server by the browser used on your device. This information is temporarily stored in so-called log files. The following data may be collected:

IP address of the requesting device

Date and time of access

Name and URL of the retrieved file

Website from which the access originates (referrer URL)

Browser type and, if applicable, the operating system of your device

Name of your internet service provider

This data is processed for the following purposes:

Ensuring a smooth connection to the website

Ensuring convenient use of our website

Evaluating system security and stability

Administrative purposes

Legal basis: Art. 6(1)(f) GDPR (legitimate interest).
Our legitimate interest arises from the purposes listed above.


b) Contact by email or contact form

If you contact us via the contact form or by email, the information you provide (name, email address, phone number, message) is stored and processed solely for the purpose of handling your inquiry.


Legal basis:

Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures)

Art. 6(1)(f) GDPR (legitimate interest in effective communication)


c) Newsletter

If you subscribe to our newsletter, we will use your email address to send you regular updates about Rocketree and ESG-related topics.
Registration takes place via a double opt-in process.

You can withdraw your consent at any time by clicking the unsubscribe link included in every newsletter email.


Legal basis: Art. 6(1)(a) GDPR (consent).


d) Cookies and Similar Technologies

Our website uses cookies. Cookies are small text files that are stored on your device to help us remember certain preferences and facilitate interaction with our system.

Necessary cookies are technically required for the operation of the website.

Analytics or marketing cookies are used only with your prior consent.

You can change or withdraw your consent at any time using our cookie consent tool.


Legal basis:

Necessary cookies: Art. 6(1)(f) GDPR (legitimate interest)

Optional cookies: Art. 6(1)(a) GDPR (consent)


e) Web Analytics and Third-Party Tools

To improve our website and analyze user behavior, we may use tools such as Google Analytics or Matomo.


Google Analytics (Google Ireland Ltd.)
We use Google Analytics with IP anonymization enabled. This means that your IP address is truncated within the EU/EEA. No combination of data with other Google services takes place. You can prevent Google Analytics from collecting your data by installing the browser add-on available at: https://tools.google.com/dlpage/gaoptout


Legal basis: Art. 6(1)(a) GDPR (consent).


f) Embedded Content from Third Parties

Our website may include content from third parties (e.g. videos, maps, or social media links). When accessing such content, your IP address and possibly other data are transmitted to the respective provider.

This only occurs with your consent.


Legal basis: Art. 6(1)(a) GDPR (consent).


4. Disclosure of Data


Your personal data will only be transferred to third parties if:

  • you have given your explicit consent (Art. 6(1)(a) GDPR),
  • processing is necessary for the performance of a contract (Art. 6(1)(b) GDPR),
  • there is a legal obligation (Art. 6(1)(c) GDPR), or
  • processing is necessary for the purposes of legitimate interests (Art. 6(1)(f) GDPR).

Service providers acting on our behalf (e.g. hosting, email dispatch, maintenance) are contractually bound to comply with the GDPR under data processing agreements (Art. 28 GDPR).


5. Data Transfers to Third Countries


Personal data will only be transferred to countries outside the EU/EEA if:

  • the European Commission has decided that the third country ensures an adequate level of protection, or
  • appropriate safeguards exist (e.g. EU Standard Contractual Clauses in accordance with Art. 46 GDPR).


6. Storage Period


Personal data is stored only as long as necessary to achieve the stated purposes or as required by statutory retention periods. After these purposes or periods expire, the data will be deleted.


7. Your Rights as a Data Subject


You have the right to:

  • Access your personal data (Art. 15 GDPR),
  • Rectification of inaccurate or incomplete data (Art. 16 GDPR),
  • Erasure (“right to be forgotten”) (Art. 17 GDPR),
  • Restriction of processing (Art. 18 GDPR),
  • Data portability (Art. 20 GDPR),
  • Object to the processing of your data (Art. 21 GDPR),
  • Withdraw consent at any time (Art. 7(3) GDPR),
  • Lodge a complaint with a supervisory authority (Art. 77 GDPR).


Supervisory Authority:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestraße 2–4, 40213 Düsseldorf, Germany


8. Data Security


We use SSL/TLS encryption for security reasons and to protect the transmission of confidential content.
Our technical and organizational security measures are regularly reviewed and updated to reflect the latest state of the art.


9. Updates and Amendments


This Privacy Policy is currently valid (as of October 2025).
Due to the continuous development of our website or changes in legal requirements, this policy may be updated.