Privacy

We don’t track you.
Our Privacy Policy Outlines This.

Last updated: May 26, 2025

At Rock Stars Unlimited (“we”, “us”, or “our”), your privacy is our top priority. We are committed to protecting your data and ensuring full compliance with the EU General Data Protection Regulation (GDPR). This policy explains what data we collect, how we use it, your rights, and the steps we take to safeguard your information.

1. Data Collection and Usage

We only collect the minimum data necessary to provide and improve our services.

1.1 Website Analytics

We use Umami Analytics, a privacy-friendly tool hosted on our UK server, to understand website activity. Umami collects:

  • Pages visited
  • Anonymous session IDs (not personally identifying)
  • Country (based on IP address; if using a VPN, only the VPN country is recorded)
  • Browser type, device type, and operating system (from the user agent string)
  • No personally identifiable information (PII) is collected through analytics, and we do not use tracking cookies or fingerprinting technologies.
1.2 Subscription and Email Services

If you subscribe to our newsletter, your email address is processed by Plunk (hosted in the UK) and delivered via AWS SES.

  • All subscriptions require double opt-in for explicit consent.
  • All AWS tracking features are disabled to maximise your privacy.
  • Your email is used solely to send you the content you requested and is never shared or sold to third parties.
1.3a Appointment Scheduling

For scheduling, we use Cal.com. When you book an appointment, you may be asked to provide your name, email address, and other relevant details. This information is collected solely to facilitate your appointment and is not used for marketing or shared with third parties beyond what is necessary for scheduling.

Currently, your scheduling data may be processed on Cal.com’s existing infrastructure, which adheres to strict security and privacy standards, including GDPR compliance. Cal.com employs robust security measures such as data encryption, regular vulnerability testing, and multi-factor authentication to protect your information.

1.3b Appointment Scheduling

Upcoming Move to EU Data Residency

We will soon be migrating to Cal.com’s EU-based servers, Cal.eu, which are fully hosted within the European Union. Once this transition is complete, all scheduling data will be stored and processed exclusively within EU borders, ensuring full alignment with GDPR and European data sovereignty requirements. This move provides an added layer of privacy and compliance, as all data will be subject to EU data protection laws by default.

We will update this privacy policy to reflect the migration as soon as it is finalised.

For more information on how Cal.com handles your data, please review their Privacy Policy and Terms of Service. You may also contact us with any questions about how your data is processed in connection with appointment scheduling.

2. Legal Basis for Processing

We process your data only when:

  • It is necessary to fulfil a contract (e.g., providing services you requested)
  • We have your explicit consent (e.g., newsletter subscriptions)
  • It is required to comply with legal obligations
  • It is in our legitimate interest and does not override your rights and freedoms

3. Data Minimisation and Security

  • We collect only what is necessary for each purpose.
  • All data is stored securely on servers located in the United Kingdom.
  • We implement technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction.

4. Data Sharing and International Transfers

  • We do not sell or share your personal data with third parties for advertising or tracking.
  • Data may be shared with trusted service providers (e.g., Plunk, Cal.com) solely to deliver our services.
  • If data is transferred outside the UK/EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent legal mechanisms.

5. Your Rights Under GDPR

You have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Withdraw consent at any time (e.g., unsubscribe from emails)
  • Object to or restrict processing of your data
  • Request data portability in a commonly used format
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, please contact us using the details below.

6. Data Retention

We retain your data only as long as necessary for the purposes described or as required by law. For example:

  • Analytics data is anonymised and not retained in a way that identifies you.
  • Subscription data is deleted when you unsubscribe or request removal.
  • Appointment data is retained only as long as needed to manage your bookings.

7. Children’s Privacy

Our services are intended for a general audience. We do not knowingly collect or process data from children under 16 years of age. If you believe we have collected such data, please contact us so we can promptly delete it.

8. Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

9. Contact Us

We are committed to transparency and user empowerment. Your trust is important to us, and we will never sell your personal information or use it for purposes you have not consented to.

If you have questions or concerns about your privacy or how we handle your data, contact:

Rock Stars Unlimited