RockED Privacy Policy

effective April 30, 2026

This Privacy Policy (this “Privacy Policy”) describes the types of personal information we, The RockED Company Inc., a Delaware corporation (“RockED”, “us,” our” or “we”), may collect about you in the context of your use of use of, and access to, our websites located at www.rocked.us and all other websites, mobile sites, services, applications, mobile applications, platforms and other tools where these terms appear or are otherwise referenced (collectively the ”Website”) and the features and functionality thereof (the “Service(s)”), the purposes for which we use the information, and the circumstances in which we may share such information.

When you visit the Website, we collect certain personal information about you. As used in this Privacy Policy, “personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, to you or your household.

By using the Website, you consent to the collection and use of your personal information as described in this Privacy Policy, and as applicable, our Terms of Use, and as permitted or required by law. If you do not agree with the terms set out in this Privacy Policy, please do not use our Website or Services.

COLLECTION OF PERSONAL INFORMATION

The categories below describe the personal information we have collected in the past twelve months or may collect about you and the sources from which we collect those categories of personal information.

Category	Description	Source of Information
Personal Identifiers	name, email address, telephone number, postal address	you
Account Information	name, email address, password, postal address, phone number	you
Device and/or Online Identifiers	IP address; session ID; session timestamps	you; devices associated with you; third party information providers
Internet, Browser, and Network Activity	clickstream website tracking information; data related to user browser activity, including browser visits, page views, visits, and unique visitors data; search history; and cookies or other similar technologies	you; devices associated with you; third party information providers
AI Interaction Data	transcripts of AI roleplay sessions, including user voice inputs (converted to text), AI-generated text responses, session metadata (timestamps, duration, module/course identifiers), and performance scores generated by AI scoring models	You; AI systems operated by RockED on its infrastructure
Commercial Information	information about products or services purchased, used, or considered	you; third party information providers
Professional or Employment Information	employer and employment status	you; third party information providers
Education Information	information that is not publicly available or personally identifiable, as defined in the Family Educational Rights and Privacy Act (20 U.S.C.§1232g, 34 C.F.R. Part 99)	you; third party information providers
Log Information	information automatically recorded by our servers, including but not limited to, your Internet Protocol address, operating system, browser type and language, referring URLs, access times, pages viewed, links clicked and other information about your activities on the Website	you; devices associated with you; third party information providers
Mobile Device Information	hardware model, operating system and version, unique device identifiers, and mobile network information	devices associated with you; third party information providers
Cookies and Other Tracking Technology Information	See section below entitled “Cookies and Other Tracking Technologies” for a description of what cookies or other tracking technology may be employed on the Website	devices associated with you; third party information providers
Location data	Region, country and city/municipality	you; devices associated with you; third party information providers
Payment data	Payment card number, name on card, billing address, phone number, card security code and expiration date	you
Inferences drawn from other personal information	Inferences drawn from any of the information identified above to create a user profile reflecting user preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes	you; devices associated with you; third party information providers

USE OF PERSONAL INFORMATION

We may use your information for the following purposes:

Sending you communications and administrative emails;
Personalizing and tailoring the features, performance and support of the Website;
Identifying you as a user on the Website;
For the performance of a contract between you and us;
Fulfilling orders you may place on the Website;
Sending you promotional/marketing information, advertising, newsletters, offers or other information from us;
Sending your promotional/marketing information, advertising, offers or other information from us related to our affiliate partners;
Providing support related to your account or orders you may place on the Website;
Providing you with opportunities and functionality that we think would be of particular interest;
Analyzing, benchmarking and conducting research on user data and interactions with the Website;
Processing, scoring, and evaluating your interactions with AI-powered training features, including AI roleplay sessions, to generate performance assessments and feedback;
Sharing AI roleplay transcripts, scores, and performance data with your employer, dealership, or the organization that provides you access to the Website for the purpose of training evaluation and workforce development;
Improving and maintaining the quality, accuracy, and functionality of our AI-powered features, including by reviewing transcripts for quality assurance, debugging, and prompt optimization;
Using de-identified AI roleplay transcripts to improve, enhance, and develop our AI models, machine learning systems, algorithms, and related technology, and to develop new products, services, and data products;
Converting your voice inputs to text using speech-to-text technology and converting AI-generated text responses to audio using text-to-speech technology provided by third-party service providers;
Generating aggregated and anonymized analytics regarding AI feature usage, including completion rates and engagement metrics, for reporting to employers, content partners, and for internal product development.
Processing services, maintaining user accounts, resolving disputes, preventing fraud and verifying your identity;
Monitoring, maintaining, administering and improving Website performance;
Protecting your, our, or third parties’ networks, systems, property, or physical safety;
Complying with requests from regulatory agencies, law enforcement, and other public and government authorities, as well as with relevant industry standards and policies;
Enforcing our contracts, terms, and conditions or otherwise exercising our legal rights; defending ourselves from claims; and complying with laws and regulations that apply to us or third parties with whom we work;
Aggregating the information collected via cookies and similar technologies to use in statistical analysis to help us track trends, analyze patterns, and conduct research and product development;
Responding to your inquiries related to employment opportunities or other requests;
Contacting you by email or telephone, from time to time, as part of a secondary fraud protection or to solicit your feedback;
Participating in any merger, acquisition, or other corporate transaction;
Meeting our or third parties’ audit and compliance requirements; and
For any other purposes that we may specifically disclose at the time you provide or we collect your information.

Anonymized or Aggregated Information

We may also use data that we collect on an aggregate or anonymous basis (such that it does not identify any individual users) for various business purposes, where permissible under applicable laws and regulations, including for research, product development, and the purposes set forth above. We may publish or otherwise provide our research containing this aggregated data in our products and services to third parties. If you would like to opt out of inclusion of your information in such aggregated data, please email privacy@rocked.us.

SHARING OF PERSONAL INFORMATION WITH OTHER ENTITIES

We may share personal information about you with other entities, including entities that provide services to us. We do not disclose your personal information collected through the Website to other entities, except as described in this Privacy Policy.

Applicable law requires that we identify the categories of personal information we share for business purposes. We disclose the following categories of personal information for business purposes: personal identifiers, device and online identifiers, information about your internet, browser, and network activity, protected classifications, biometric information, commercial information, professional or employment information, education information, inferences drawn from other personal information, payment data, and location data.

We may share your personal information with the following types of entities or in the following situations:

Service providers: We engage service providers to facilitate our operation of the Website and provide the Services. These service providers analyze information about the Website and your use of the Website. Information disclosed for these purposes may include device and online identifiers, ISP information, session ID and /or session log data, information about your internet, browser, and network activity, and location data.

With AI Service Providers: We use third-party service providers in connection with our AI Features, including for the purposes of hosting AI models and to provide text-to-speech services that convert AI-generated text responses into audio for playback during AI roleplay sessions. You will find more detailed information regarding how we use such third-party service providers and what AI Feature data we may share in the section below entitled “Detailed Information on the Processing of Your Personal Information.”

Legal authorities, emergency responders and other legal requirements: We may disclose personal information to third parties as permitted by, or to comply with, applicable laws, regulations, or legal obligations, including but not limited to responding to a subpoena or similar legal process, protecting against fraud, cooperating with law enforcement or regulatory authorities, protecting and defending the rights or property of RockED, preventing or investigating possible wrongdoing in connection with the Website/Services, protecting the personal safety of users of the service or the public, and protecting against legal liability. Information disclosed for these purposes may include device and online identifiers, information about your internet, browser, and network activity, and location data.

For Business transfers: We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of our assets, financing, or acquisition of all or a portion of our business to another company.

Affiliates: We may share your personal information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that we control or that are under common control with us.

With Business partners: We may share your personal information with third party companies that are our business partners to offer you certain products, services or promotions.

With Training Content owners: We may share information concerning your interaction with and activities on the Website including training completion rate and performance, as well as your personal information, with your employer, or the owners, providers, or licensees of training content to which you may have access. This may include data generated through your use of AI Features, such as s roleplay performance scores, completion data, and, where applicable, transcripts of AI roleplay sessions.

With other users: when you share personal information or otherwise interact in the public areas of the Website with other users, such information may be viewed by all users and may be publicly distributed outside. If you interact with other users or register through, a third party social media service such as Facebook, Instagram, X, Google, or LinkedIn (“Third-Party Social Media Service”), your contacts on the Third-Party Social Media Service may see your name, profile, pictures and description of your activity. Similarly, other users will be able to view descriptions of your activity, communicate with you and view your profile.

User Testimonials and Feedback: We often receive testimonials and comments from users who have had positive experiences with our products and Services. We occasionally publish such content. When we publish this content, we may identify the user who submitted the content by their first and last name and may also indicate their home city. We obtain the user’s consent prior to posting their last name along with the testimonial. We may post feedback submitted to us on the Website from time to time. If you make any comments on a blog or forum associated with the Website, you should be aware that any personal information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these blogs and forums.

AI Roleplay Interaction Data

Collection of AI Roleplay Transcripts

When you interact with our AI Roleplay feature, we may collect and record your AI Roleplay transcripts, including any personal information you voluntarily provide during your conversation. This data is collected to enhance our service quality, improve user experience, improve training content, and ensure the security of our systems.

Use of Collected AI Roleplay Data

We use the collected AI Roleplay transcripts to:

Analyze and improve the performance, accuracy, and features of our AI Roleplay.
Monitor and ensure compliance with our usage policies.
Enhance customer support and respond to inquiries effectively.
Conduct internal research and analytics to better understand user needs.
Provide insight and analysis to training content owners

Sharing of AI Roleplay Data with Third Parties

We may share your AI Roleplay transcripts with third-party service providers (who process the data on our behalf and are restricted to processing for our purposes), and we may also license, sell, or otherwise provide your AI Roleplay transcripts) to third-party business partners and licensees for any lawful purpose, including AI model training, product development, market research, and commercial data products.

We may also share with third parties that are training content owners your AI Roleplay transcripts related to your interaction with their training content that you have interacted with on the Website.

Additionally, we may disclose your AI Roleplay transcripts if required by law, regulation, or a valid legal process, or when necessary to protect our rights, property, or safety, or those of our users or others.

Cookies and Other Tracking Technologies

We, our affiliates and/or other persons acting on our or their behalf use cookies and similar technology, such as web beacons (also known as clear GIFs or pixel tags), or similar technologies as they may develop over time to collect, use, and share information when you visit our online services or interact with us online, via email or through other electronic means Cookies are small pieces of data sent from a website and stored on a device. Cookies may enable us to capture and compile statistical information about how you use our online services, including information relating to your device’s IP address, the frequency of your visits, readership data (such as the average length of visits, which pages are viewed or shared during a visit or other interactions with our content, such as time spent viewing videos, PDFs read and links clicked), authentication information, acceptance or rejection of website terms, and periods of inactivity. To learn more about cookies, including information on what cookies have been set on your device and how cookies can be managed and deleted, visit https://allaboutcookies.org/

Our online services also use web beacons. Web beacons are invisible tags and may be placed on a webpage, in advertisements, or in an email or other message. They usually work in conjunction with cookies, registering when a particular device visits a particular page. For example, web beacons may count the number of individuals who visit our Website from a particular advertisement or who enroll in a service after viewing a particular advertisement.

“Clickstream” data (e.g., information regarding which of our Website pages you access, the frequency of such access, and your product and service preferences) may be collected by RockED itself, or by our service providers, using cookies, web beacons, page tags, or similar tools that are set when you visit the Website or when you view an advertisement we may have placed on another website. Clickstream data and similar information may be shared internally within RockED and used for administrative purposes to assess the usage, value and performance of our online products and services; to improve your experience with the Website; and as otherwise permitted by applicable law or regulation. This information may be processed by us for the purposes described above, or on our behalf by other entities, solely in accordance with our instructions.

How We Use These Technologies

We, our services providers, and third party business partners may use information collected from cookies, web beacons, and similar technologies for the following purposes:

to allow our online services to operate as you have requested; to understand how our online services are accessed and used; to recognize you when you return to our Website;
to assess the effectiveness of advertising and readership content;
to deliver marketing communications that may be of interest to you, including ads or offers tailored to you; and
for other purposes described above under “USE OF PERSONAL INFORMATION.”

We may combine the information that we collect through cookies, web beacons and similar technologies with other personal information we have collected from you from both online and offline sources.

We may work with service providers to promote our products and services both on the Website and other websites. For example, if you visit a page on the Website or third-party websites that provides information about one of our products or services, a cookie may be placed on your browser or device that identifies the product or service you viewed. This information allows us, our service providers, and our third-party business partners to deliver more relevant and tailored content, such as ads for that particular product or service.

Other than service providers, we do not allow unaffiliated third parties to collect personal information about your activities on the Website.

Managing Your Preferences

Web Browser Preferences

Many web browsers allow you to manage your preferences. You can set your browser to refuse cookies or delete certain cookies. Unless you have adjusted your browser setting so that it will reject cookies, our system may issue cookies when you access or use our online services. In the event you refuse to accept cookies by adjusting your browser setting, some or all areas of our online services may not function properly or may not be accessible.

You can also opt out of online targeted advertising by companies participating in the Digital Advertising Alliance by visiting https://www.aboutads.info/choices.

Mobile Device Preferences

Your mobile device may give you the ability to opt out of the use of information about the mobile browsers or apps you use in order to serve you ads that are targeted to your interests. You can stop the collection of location information from your mobile device by changing the preferences on your mobile device.

Do Not Track Policy

Most browsers can be set to send signals to third party websites requesting them not to track the user’s activities. At this time, we do not respond to “do not track” signals. Consequently, our third party service providers may indeed track and collect information about your online activities over time while navigating to, from and on our online services, notwithstanding any “do not track” signals we may receive.

Our Security and Data Storage Procedures

Our goal is to protect your personal information submitted to us through our online services. We maintain reasonable physical, electronic, and procedural safeguards that comply with applicable law to guard nonpublic personal information about you against loss, misuse or unauthorized access, disclosure, alteration or destruction of the information you have provided to us through our online services. We have internal policies governing the proper handling of consumer information by personnel and requiring third parties that provide support or marketing services on our behalf to adhere to appropriate security standards with respect to such information. The security of your personal information is important to us, but please note that no method of transmission over the Internet, or method of electronic storage is perfectly secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

The Website and our Services are United States-based, and are controlled, operated and administered from our offices within the United States. However, RockED, its operations, workforce, and service providers are located throughout the world. Depending on how you interact with us, your personal information may be handled and stored in, accessed from, or transferred to different countries. Whenever we transfer personal information to different countries, we take steps to ensure that the personal information we transfer receives adequate protection in the jurisdictions that we handle or store it.

If you have additional questions about how we protect your information, please contact us at privacy@rocked.us.

Links to Other Websites

This Privacy Policy only applies to the use and disclosure of information we collect through our online services. Our online services may contain links to other websites belonging to third parties that are not affiliated with us. The inclusion of any link on our Website or otherwise in our online services does not imply our endorsement of the linked website or service. While we try to link only to websites that meet our standards and respect for privacy, we are not responsible for the content, security, or privacy practices employed by other websites, or links posted on our online services. Information you disclose to other parties or through such sites is subject to the privacy and security practices and policies of those parties or websites. We disclaim all liability, to the extent permissible, with regard to your access to such linked websites. Access to any other websites is at your own discretion and we encourage you to read the privacy statements of each and every website or online services visited in order to learn how such third parties may treat your information.

Information Collected from Third Party Companies

We may receive personal information and/or anonymous data about you from companies that provide our Services or products by way of a co-branded or private-labeled website or companies that offer their products and/or services on the Website. We may add this information to the personal information we have already collected from you via the Website or Services in order to improve the Services we provide, the features we offer you, or the functionality of the Website.

Email Communications

We will periodically send you free newsletters and e-mails that directly promote our products, our business partners’ products, the use of our Website or the Services. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information below). Withdrawing your consent for one mailing list will not affect your receipt of messages from other mailing lists or of information concerning your purchases. Despite your indicated e-mail preferences, we may send you service related or administrative communications, including notices of any updates to our Terms of Use or Privacy Policy.

Detailed Information on the Processing of Your Personal Information

Our third-party service providers have access to your personal information only to perform their tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Website

We use third-party cloud service providers, including Amazon Web Services (“AWS”) (https://aws.amazon.com/privacy/) and Microsoft Azure (https://privacy.microsoft.com/en-us/privacystatement), to host, store, and process data in connection with the operation of our platform.

We use Google Analytics to help us understand how our customers use our Website. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

We use RB2B (operated by Retention.com) to identify visitors to our website. When you visit our website, cookies and similar technologies may be used to associate your browsing activity with other information about you, including your email address, for purposes of marketing and sales outreach. This service is designed to resolve visitor identity for U.S.-based visitors only. You may opt out of this data collection at https://app.retention.com/optout. For more information, see RB2B's privacy policy at https://www.rb2b.com/privacy-policy.We use Vimeo to host and serve content on our Website. You can read more about how Vimeo uses your Personal Information here: https://vimeo.com/privacy

Customer Relationship Management.

We use HubSpot, Inc. ("HubSpot") to manage customer relationships, send marketing communications, host web forms, and analyze website activity. When you interact with our website or submit information through our forms, HubSpot may collect personal information such as your name, email address, IP address, and browsing behavior using cookies and similar tracking technologies. For more information, see HubSpot's privacy policy at https://legal.hubspot.com/privacy-policy.

Artificial Intelligence Features

The Website includes AI-powered features, including AI roleplay and AI coach functionality (collectively, "AI Features"). This section describes how we collect, use, and share information in connection with your use of AI Features.

How AI Features Work & Data We Collect

When you use an AI Feature, you engage in a simulated conversation with an AI system. Your voice inputs are converted to text using speech-to-text technology and sent to an AI language model hosted on RockED’s own infrastructure. The AI model generates a text response, which is then converted to audio by a third-party text-to-speech provider and played back to you. When the session is complete, the full transcript of the conversation is processed by a separate AI scoring model that evaluates your performance and generates a score. You are interacting with artificial intelligence technology, not a human, during these sessions.

When you use AI Features, we collect:

The text transcription of your voice inputs and all AI-generated responses;
Session metadata, including the date and time of the session, which course or certification the roleplay is associated with, your user identity, and your employer or dealership affiliation;
Performance scores generated by our AI scoring model based on the transcript of your session; and
Points and leaderboard rankings derived from your AI roleplay completion and performance.
Provide you with real-time AI-generated responses during roleplay sessions;
Score and evaluate your performance in AI roleplay sessions;
Track your training progress, including course and certification completion;
Share your transcripts, scores, and performance data with your employer or the organization providing you access to the Platform;
Generate and update leaderboard rankings visible to other users within your organization;
Review transcripts internally for quality assurance, debugging, and improvement of AI prompts and models;
Use de-identified transcripts to improve, enhance, and develop our AI models and related technology; and
Generate aggregated and anonymized usage reports.

How We Use AI Feature Data

We use the data collected through AI Features to:

AI Feature Data Sharing

AI Feature data may be shared with the following parties:

Your Employer/Organization: Your AI roleplay transcripts, performance scores, completion data, and leaderboard rankings may be accessed by your employer, dealership, or the organization that provides you access to the Platform, including managers and administrators within your organization.

Text-to-Speech conversion Providers: We use third party service providers (currently, ElevenLabs) for text-to-speech conversion. When AI-generated text responses are converted to audio, the text of the AI response (not your input) is transmitted to ElevenLabs for processing. We use AWS to host our AI models and store data. These service providers process data on our behalf and are contractually prohibited from using your data for their own purposes. The text of the AI-generated response (not your voice input) is transmitted to ElevenLabs for this purpose. You can read more about how ElevenLabs uses data here: https://elevenlabs.io/privacy. Our AI language models and data are hosted on Amazon Web Services and Microsoft Azure infrastructure. For more information about AWS, see: https://aws.amazon.com/privacy/. For more information about Azure, see: https://privacy.microsoft.com/en-us/privacystatement.

Training Content Owners and OEM Partners: If applicable, aggregated or individual performance data related to AI Features may be shared with the owners, providers, or licensees of training content to which you have access, consistent with the data sharing described elsewhere in this Privacy Policy.

RockED Personnel: RockED employees may access AI roleplay transcripts for quality assurance, debugging, customer support, product improvement, and AI model improvement and development purposes.

AI Scoring and Automated Decision-Making

Our AI Features use automated scoring models to evaluate your performance in roleplay sessions and generate a score. These scores contribute to your training progress, leaderboard position, and course or certification completion status. Your employer or organization may have access to these scores and may use them as part of its own evaluation of employee training and development. RockED does not use AI scores to make employment decisions about you. However, because your employer has access to this data, it is possible that your employer may consider AI roleplay performance as one factor among others in its own employment-related decisions. If you have questions about how your employer uses your AI performance data, please contact your employer directly.

AI Model Improvement

RockED may use de-identified AI roleplay transcripts to improve, enhance, and develop its AI models, machine learning systems, algorithms, and related technology, and to develop new products, services, and data products. When transcripts are used for this purpose, we take reasonable steps to de-identify the data before use in model improvement by removing direct identifiers such as your name, user ID, and employer affiliation. De-identified data used for AI model improvement may be retained for as long as reasonably necessary for that purpose, even after the original transcript has been deleted. Data used for AI model training, licensed to third parties, or incorporated into aggregated analytics may be retained indefinitely, including after the original transcript has been deleted from your account, and may not be retrievable or deletable.

Data Retention for AI Features

We retain AI roleplay transcripts and associated performance scores for the duration of your (or your organization's, or employer’s) relationship with RockED, and for a reasonable period thereafter as necessary to fulfill the purposes described in this Privacy Policy, unless a shorter retention period is agreed upon with your employer or organization, or unless you request deletion of your data as described below. Performance scores and assessment results derived from AI Features may be retained for the duration of the user's relationship with the platform and for a reasonable period thereafter, in order to maintain longitudinal performance records. Aggregated and anonymized data derived from AI Features may be retained indefinitely. De-identified data used for AI model improvement may be retained for as long as reasonably necessary for that purpose, even after the original transcript has been deleted.

Your Rights Regarding AI Feature Data

You may request deletion of your personal information, including AI roleplay transcripts and scores, by contacting us at privacy@rocked.us. Deletion requests will be processed in accordance with applicable law and the data rights provisions set forth elsewhere in this Privacy Policy. Please note that if your AI roleplay data has already been shared with your employer or organization, we cannot retrieve or delete copies held by those parties. De-identified data that has been incorporated into AI model improvement datasets may not be retrievable or deletable. In certain jurisdictions, you may have additional rights with respect to automated decision-making and profiling, including the right to opt out of profiling that produces legal or similarly significant effects. To exercise these rights, please contact us at privacy@rocked.us.

AI Disclosure Notice

When you use the AI Features, you are interacting with artificial intelligence, not a human. AI-generated responses are produced by machine learning models and do not constitute professional advice, training certification, or an evaluation by a human instructor or supervisor. AI outputs may contain errors or inaccuracies. Your use of AI Features is subject to the End User License Agreement and this Privacy Policy.

Social Logins

Social login is a form of single sign-on that allows you to create a new account or sign into your account on our Website using your existing login information from a social-networking service such as Facebook or Google or Twitter instead of creating a new login account specifically for our Website. It is designed to simplify logins.

You don’t have to use a social login. We offer registration that uses your email address instead and is not linked with an existing social-networking account.

If you register or access your account on our Website with a social networking service (or later link your account to one), we will collect certain information about you from that social networking service, and what we collect depends on your privacy settings with that social networking service.

For more information about these services and their privacy policies, please visit their websites here:

Facebook: https://www.facebook.com/about/privacy/update?ref=old_policy

Google: https://policies.google.com/privacy?hl=en-US

LinkedIn: https://www.linkedin.com/legal/privacy-policy

X (Twitter): https://twitter.com/en/privacy

Email Marketing

We may use third party email marketing service providers to manage and send emails to you. We may use your personal information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.

Payments

We may provide paid products and/or services within the Website. In that case, we may use third-party services for payment processing and subscription billing management including:

Stripe, Inc. for payment processing. We do not store or collect your payment card details. That information is provided directly to Stripe, whose use of your personal information is governed by Stripe's Privacy Policy (available at https://stripe.com/privacy).

Maxio for subscription invoicing and billing management. Maxio receives billing information, subscription details, and related personal information necessary to manage your subscription. Maxio's use of your personal information is governed by Maxio's Privacy Policy (available at https://www.maxio.com/privacy).

These service providers adhere to industry-standard security practices, including PCI-DSS standards as managed by the PCI Security Standards Council, which help ensure the secure handling of payment and billing information.

Behavioral Advertising

As described above, we use your personal information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (NAI) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

We may use the following providers for such advertising and you can opt out of targeted advertising by using the links below:

Meta (Facebook & Instagram) (https://www.facebook.com/settings/?tab=ads)

Google (https://www.google.com/settings/ads/anonymous)

Reddit (https://www.reddit.com/settings/privacy)

LinkedIn. (To opt out of LinkedIn's targeted advertising, visit your LinkedIn advertising settings at https://www.linkedin.com/psettings/advertising (LinkedIn account required), or visit https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out if you do not have a LinkedIn account.)

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

Please note that any opt out is specific to the browser you use. You may need to opt out on every browser on every device that you use.

PROTECTING CHILDREN’S PRIVACY ONLINE

Protecting the privacy of minors is important to RockED. We comply with the Children’s Online Privacy Protection Act in the United States, and similar laws around the world, where applicable. The Website, and the Services are not directed to or intended for individuals under 18 years of age. We do not knowingly collect or solicit personal information from or about individuals under the age of 18, or the relevant minimum age under applicable local legal requirements, except as permitted under applicable law. If you become aware that we have collected personal information from a minor, please contact us at privacy@rocked.us so that we can promptly investigate and address the issue.

CALIFORNIA RESIDENTS

California residents should be aware that this section does not apply to personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) and its implementing regulations, the California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994; or other information subject to a California Consumer Privacy Act (CCPA) exception.

Your Rights under the CCPA

Under this Privacy Policy, and by law if you are a resident of California, you may have the following rights:

The right to notice. You must be properly notified about which categories of personal information that are being collected; the purposes for which the personal information is being used and the categories of personal information that we disclosed about you for a business purpose; Additionally, you have the right to know the categories of personal information about you that we sold or shared and the categories of third parties to whom it was sold or shared.

The right to access / the right to request. The CCPA permits you to request and obtain from us information regarding the disclosure of your personal information that has been collected in the past 12 months by us or its subsidiaries to a third-party for the third party’s direct marketing purposes.

The right to say no to the sale or sharing of personal information. You also have the right to ask us not to sell or share your personal information to or with third parties for cross-context behavioral advertising or other purposes.

The right to know about your personal information. You have the right to request and obtain from the Company information regarding the disclosure of the following:

The categories of personal information collected
The sources from which the personal information was collected
The business or commercial purpose for collecting or selling the personal information
Categories of third parties with whom we share personal information
The specific pieces of personal information we collected about you

The right to correct personal information. You also have the right to request correction of any inaccurate or incomplete personal information that we maintain about you. If you believe any personal information we have is incorrect, please contact us with the details, and we will make the correction where required.

The right to delete personal information. You also have the right to request the deletion of your personal information that has been collected in the past 12 months.

The right not to be discriminated against. You have the right not to be discriminated against for exercising any of your consumer rights, including by:

Denying goods or services to you
Charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties
Providing a different level or quality of goods or services to you
Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Your CCPA Data Protection Rights

In order to exercise any of your rights under the CCPA, and if you are a California resident, you can email us at privacy@rocked.us.

California law requires us to verify the requests we receive from you when you exercise certain of the rights listed above. To verify your request, we will check the information you provide us in your request against third party identity verification tools. As part of this process, we may call you after you submit your request to verify information. You may also designate an authorized agent to exercise certain of the rights listed above on your behalf by providing the authorized agent with power of attorney pursuant to the California Probate Code. If an authorized agent submits a request on your behalf, we will contact you to verify that they represent you.

RockED will disclose and deliver the required information free of charge within 45 days of receiving your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice.

Do Not Sell or Share My Personal Information

We do not sell, and have not within the last twelve months sold, your personal information. However, the third party service providers we partner with (for example, our advertising partners) may use technology on the Website that may be considered or constitute a “sale” of personal information as defined by the CCPA law. If you are a California resident and wish to opt out of the sale or sharing of your personal information as defined under CCPA law, you may do so by emailing us at privacy@rocked.us.

Website

You can opt out of receiving ads that are personalized as served by our service providers by emailing us at privacy@rocked.us.

Mobile Devices

Your mobile device may give you the ability to opt out of the use of information about the apps you use in order to serve you ads that are targeted to your interests:

“Opt out of Interest-Based Ads” or “Opt out of Ads Personalization” on Android devices
“Limit Ad Tracking” on iOS devices

You can also stop the collection of location information from your mobile device by changing the preferences on your mobile device.

“Do Not Track” Policy as Required by California Online Privacy Protection Act (CalOPPA)

Our Website does not respond to Do Not Track signals. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track signals by visiting the preferences or settings page of Your web browser.

Your California Privacy Rights (California’s Shine the Light law)

Under California Civil Code Section 1798 (California’s Shine the Light law), California residents with an established business relationship with us can request information once a year about sharing their personal information with third parties for the third parties’ direct marketing purposes. If you’d like to request more information under the California Shine the Light law, and if you are a California resident, you can contact us by email at privacy@rocked.us.

COLORADO RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Colorado, according to the “Colorado Privacy Act” (also known as “CPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. The CPA gives Colorado consumers the right to (i) opt-out from the sale of their personal data, or use of personal data for targeted advertising and certain types of profiling; (ii) (ii) know whether a controller is collecting personal data; (iii) to access, correct or delete personal data that a controller has collected about them; and (iv) to download and remove personal data from a platform in a format that allows the transfer to another platform. If you are a Colorado consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

CONNECTICUT RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Connecticut, according to “An Act Concerning Personal Data Privacy and Online Monitoring “ (also known as “The Connecticut Data Privacy Act” or the “CTDPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. This part of the document uses the term “personal data” as defined in the CTDPA. Connecticut law gives Connecticut consumers the right to: (i) access, correct, delete, or obtain a copy of their personal information in a portable format, and (ii) opt out of the processing of your personal data for the purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you. If you are a Connecticut consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

DELAWARE RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Delaware, according to the “Delaware Personal Data Privacy Act “ (also known as the “Delaware Privacy Law” or the “DPDPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. This part of the document uses the term “personal data” as defined in the DPDPA. Delaware law gives Delaware consumers the right to: (i) confirm whether a controller is processing the consumer’s personal data and access such personal data; (ii) correct inaccuracies in the consumer’s personal data, taking into account the nature of the personal data and the purposes of the processing of the consumer’s personal data; (iii) delete personal data provided by, or obtained about, the consumer; (iv) obtain a copy of the consumer’s personal data processed by the controller, in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another controller without hindrance, where the processing is carried out by automated means; (v) obtain a list of the specific third parties to which the controller has disclosed the consumer’s personal data; and (vi) opt out of the processing of personal data for the purposes of targeted advertising, the sale of personal data, or profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning the consumer. If you are a Delaware consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

FLORIDA RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Florida, according to the “Florida Digital Bill of Rights ” (also known as the “Florida Privacy Law” or the “FDBR”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. This part of the document uses the term “personal data” as defined in the FDBR The FDBR gives Florida consumers the right to: (i) confirm whether the controller is processing their personal data and provide them access to their personal data; (ii) correct inaccuracies in the consumer’s personal data, taking into account the nature of the personal data, and the purposes of the processing of the consumer’s personal data; (iii) delete personal data provided by, or obtained about, the consumer; (iv) obtain a copy of the consumer’s personal data in a portable and, to the extent technically feasible, readily usable format if the data is available in a digital format; (v) opt out of the processing of their personal data for targeted advertising, the sale of their personal data, or profiling in furtherance of a decision that produces a legal or similarly significant effect concerning a consumer; and (vi) opt out of the collection or processing of sensitive data, including precise geolocation data. If you are a Florida consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

INDIANA RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Indiana, according to the “Indiana Consumer Data Protection Act” (also known as the “Indiana Data Privacy Law” or the “INCDPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. This part of the document uses the term “personal data” as defined in the INCDPA The INCDPA gives Indiana consumers the right to: (i) confirm whether or not a controller is processing the consumer’s personal data; (ii) correct inaccuracies in the consumer’s personal data that the consumer previously provided to a controller, taking into account the nature of the personal data and the purposes of the processing of the consumer’s personal data; (iii) delete personal data provided by, or obtained about, the consumer; (iv) obtain either a copy of; a representative summary of the consumer’s personal data that the consumer previously provided to the controller in a portable and, to the extent technically practicable, readily usable format; and (v) opt out of the processing of their personal data for targeted advertising, the sale of their personal data, or profiling in furtherance of a decision that produces a legal or similarly significant effect concerning a consumer. If you are an Indiana consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

IOWA RESIDENTS

KENTUCKY RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Kentucky, according to the Kentucky Consumer Data Protection Act (the “KCDPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the privacy policy. This part of the document uses the term “personal data” as defined in the KCDPA. Kentucky law gives Kentucky consumers the following rights with respect to a “controller” of personal data (as defined under the KCDPA) to: (i) confirm whether their personal data is being processed, and access, correct, delete, or obtain a copy of their personal information in a portable format, and (ii) opt out of the sale or sharing of their personal data for the purposes of targeted advertising or profiling in furtherance of decisions that produce legal or similarly significant effects concerning them. If you are a Kentucky consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

MARYLAND RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the privacy policy. The provisions contained in this section apply to all who are consumers residing in the State of Maryland, according to the Maryland Online Data Privacy Act (the “MODPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the privacy policy. This part of the document uses the term “personal data” as defined in the MODPA. Maryland law gives Maryland consumers the following rights with respect to a “controller” of personal data (as defined under the MODPA) to: (i) confirm whether their personal data is being processed, and access, correct, delete, or obtain a copy of their personal information in a portable format, (ii) obtain a list of the categories of third parties to which a controller has disclosed their personal data and (iii) opt out of the sale or sharing of their personal data for the purposes of targeted advertising or profiling in furtherance of decisions that produce legal or similarly significant effects concerning them. If you are a Maryland consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

MINNESOTA RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the privacy policy. The provisions contained in this section apply to all who are consumers residing in the State of Minnesota, according to the Minnesota Consumer Data Privacy Act (the “MCDPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the privacy policy. This part of the document uses the term “personal data” as defined in the MCDPA. Minnesota law gives Minnesota consumers the following rights with respect to a “controller” of personal data (as defined under the MCDPA) to: (i) confirm whether their personal data is being processed, and access, correct, delete, or obtain a copy of their personal information in a portable format, (ii) obtain a list of the categories of third parties to which a controller has disclosed their personal data, (iii) opt out of the sale or sharing of their personal data for the purposes of targeted advertising or profiling in furtherance of decisions that produce legal or similarly significant effects concerning them, or (iv) question the result of profiling, be informed of the reason that profiling resulted in specific decision, if feasible, be informed of what actions the consumer might have taken to secure a different decision and the actions that the consumer might take to secure a different decision in the future, review the consumer's personal data used in the profiling, and if a decision is found to have been based on inaccurate personal data, to have the data corrected and the profiling decision reevaluated based upon the corrected data. If you are a Minnesota consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

MONTANA RESIDENTS

NEBRASKA RESIDENTS

NEVADA RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Nevada, according to the “Nevada Privacy of Information Collected on the Internet from Consumers Act” (also known as the “Nevada Privacy Law” or the “NPICICA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. The NPICICA gives Nevada consumers the right to request that a company not sell their personal information. If you are a Nevada consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

NEW HAMPSHIRE RESIDENTS

NEW JERSEY RESIDENTS

OREGON RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Oregon, according to “Oregon Consumer Privacy Act”, and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. The Oregon Consumer Privacy Act gives Oregon consumers the right (i) to know that a controller is processing or has processed their personal data; the categories of personal data the controller is processing or has processed; and a list of specific third parties for which data has been disclosed; (ii) to correct inaccuracies in personal data about the consumer, taking into account the nature of the personal data and purpose for processing the personal data; (iii) delete personal data about the consumer, including personal data the consumer provided to the controller, personal data the controller obtained from another source and derived data; (iv) to opt-out of the processing of their personal data for targeted advertising, sales or profiling of the consumer in furtherance of decisions that produce legal effects or effects of similar significance; and (v) to obtain a portable and readily usable copy of their personal data. If you are an Oregon consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

RHODE ISLAND RESIDENTS

TENNESSEE RESIDENTS

TEXAS RESIDENTS

UTAH RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Utah, according to the “Utah Consumer Privacy Act” (“UCPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. The UCPA gives Utah consumers the right to (i) access, delete, or obtain a copy of their personal information in a portable format, and (ii) opt out of the processing of your personal data for the purposes of targeted advertising, the sale of personal data. If you are a Utah consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

VIRGINIA RESIDENTS

This part of the document integrates with and supplements the information contained in the rest of the Privacy Policy. The provisions contained in this section apply to all who are consumers residing in the State of Virginia, according to the “Virginia Consumer Data Protection Act” (“VCDPA”), and, for such consumers, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy. The VCDPA gives Virginia consumers the right to (i) access, correct, delete, or obtain a copy of their personal information in a portable format, (ii) to request that a company not sell their personal information, (iii) to opt- out of the processing of their personal information for any targeted advertising, and (iv) not be discriminated against for exercising any of the data privacy rights granted. If you are a Virginia consumer and wish to exercise these rights, please submit your request by emailing us at privacy@rocked.us.

INTERNATIONAL USERS

Our online services are United States-based and are controlled, operated and administered by RockED from its offices within the United States of America, and are made available to you on an unsolicited basis, without any marketing or promotion regarding these online services to you from RockED or its personnel. This Privacy Policy is provided in accordance with and subject to applicable U.S. law. If you decide to continue to access our online services from your location outside the United States, you hereby agree that your use of those services is subject to this Privacy Policy and your personal information will be transferred to or processed within the United States.

EUROPEAN ECONOMIC AREA (“EEA”) USERS

GDPR Privacy Notice: This notice is for people who are located in the European Economic Area (“EEA”). Our processing of personal data of people who are in the EEA is governed by the General Data Protection Regulation (the “GDPR”). The GDPR requires us to provide certain information to you about your personal data, which we refer to in this notice as your personal information.

Legal Basis for Processing Personal Information under GDPR

We may process personal information under the following conditions:

Consent - you have given your consent for processing personal information for one or more specific purposes.
Performance of a contract - provision of personal information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
Legal obligations - processing personal information is necessary for compliance with a legal obligation to which we are subject.
Vital interests - processing personal information is necessary in order to protect your vital interests or of another natural person.
Public interests - processing personal information is related to a task that is carried out in the public interest or in the exercise of official authority vested in RockED.
Legitimate interests: processing personal information is necessary for the purposes of the legitimate interests pursued by RockED.

In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Your Rights under the GDPR

The Company undertakes to respect the confidentiality of your personal information and to enable you to exercise your rights under the GDPR.

You have the right under this Privacy Policy, and by law if you are within the EEA to:

Request access to your personal information. The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your personal information directly within your account settings If you are unable to perform these actions yourself, please contact us by email at privacy@rocked.us to assist you. This also enables you to receive a copy of the personal information we hold about you.
Request correction of the personal information that we hold about you. You have the right to have any incomplete or inaccurate information we hold about you corrected.
Object to processing of your personal This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to our processing of your personal information on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request erasure of Your personal information. You have the right to ask us to delete or remove personal information when there is no good reason for us to continue processing
Request the transfer of Your personal information. We will provide to you, or to a third-party you have chosen, your personal information in a structured, commonly used, machine-readable Please not that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw Your You have the right to withdraw your consent on using your personal information. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Website.

Exercising of Your GDPR Data Protection Rights

You may exercise your rights of access, rectification, cancellation and opposition by contacting us by email at privacy@rocked.us. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.

You have the right to complain to a Data Protection Authority about our collection and use of your personal information. For more information, if you are in the EEA, please contact your local data protection authority in the EEA.

Contacting Our GDPR Data Protection Officer

We have designated a Data Protection Officer whom you have the right to contact with regard to all issues related to processing of your personal information and to the exercise of your rights under the GDPR. You may contact our Data Protection Officer by email at privacy@rocked.us.

EEA data subjects may contact the data protection officer with regard to all issues related to processing of their personal data and to the exercise of their rights under the GDPR.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify or supplement this Privacy Policy at any time. Therefore, we recommend that you review this Privacy Policy, updated and posted on this Website, regularly for changes. The effective date of this Privacy Policy, as stated above, indicates the last time this Privacy Policy was revised.

Your continued use of our online services after we have changed the Privacy Policy signifies your acceptance of the revised terms. This Privacy Policy may be changed from time to time to reflect changes in our practices concerning the collection and use of personal information related to your use of the Website. Under certain circumstances (i.e., with respect to material changes to this Privacy Policy), we may also elect to notify you through additional means, such as by posting a notice on the Website or sending you an email. The revised Privacy Policy will be effective immediately upon posting to our Website.

OUR OTHER PRIVACY POLICIES OR NOTICES

This Privacy Policy provides a general statement of the ways in which RockED protects your personal information when you access and use this Website. You may, however, in connection with specific products or services offered by RockED, be provided with separate privacy policies or notices that describe the privacy practices associated with your use of those products or services.

CONTACT US

If you have any questions about this Privacy Policy, you can contact us:

By email: privacy@rocked.us

By mail: The RockED Company Inc.

ATTN: Privacy Compliance Officer

1 E. Broward Blvd, Suite 1210

Fort Lauderdale, FL 33301

RockED Privacy Policy

effective April 30, 2026

© 2025 The RockED Company Inc. 1 E. Broward Blvd Suite 1210 Fort Lauderdale, FL 33301Privacy Policy | Terms of Use | Do Not Sell My Personal Information | Digital Millennium Copyright Act

© 2025 The RockED Company Inc. 1 E. Broward Blvd Suite 1210 Fort Lauderdale, FL 33301
Privacy Policy | Terms of Use | Do Not Sell My Personal Information | Digital Millennium Copyright Act