Facebook and Instagram privacy policy

This document provides a publicly accessible privacy policy that tells people what we collect and how we will use this information.

In this data protection statement we (Rocket Bytes GmbH) explain how we process Facebook and Instagram data. Facebook and Instagram data is defined as any information relating to the use of the Rocket Boost Facebook App. This data protection statement is based on the EU General Data Protection Regulation (GDPR). Although the GDPR is a regulation of the European Union (EU), it is of importance to us. The Swiss Federal Act on Data Protection (FADP) is strongly influenced by EU law, and enterprises outside the European Union or the European Economic Area (EEA) must comply with the GDPR under certain circumstances. We have therefore based this data protection statement on the standards of the GDPR.


1. Responsible party

Rocket Bytes is responsible for data processing as described here, unless otherwise agreed in specific cases. If you have any questions regarding data protection, please contact us at the following address: Rocket Bytes GmbH, Dufourstrasse 107, 8008 Zurich, Switzerland, tel.: +41 44 380 25 55, e-mail: social.media@rocketbytes.ch


2. Collection and processing of Facebook and Instagram data

We process Facebook and Instagram data received in the course of relationships with our clients to provide the translation of Facebook and Instagram posts as well as comments and messages. To enable the process we store the following information: page_id, access token, social interaction type (post, comment, message), time, user name and message text.


3. Purpose of data processing and legal framework

We use the Facebook and Instagram data we collect to conclude and handle our contracts with our clients and business partners, in particular for the rendering of legal services for our clients, and to meet our legal obligations in Switzerland and abroad. If you work for one of these clients or business partners, you may also become a data subject within this function. If you have given us your consent to process your Facebook and Instagram data for specific purposes, we will process your Facebook and Instagram data within the context of and based upon this consent, unless we have another legitimate basis or require such a basis for doing so. Once consent has been granted, it may be withdrawn at any time. This will not affect data processing which has already been completed. If the processing of Facebook and Instagram data is required in order to comply with a legal obligation to which Rocket Bytes GmbH is subject, this fulfilment obligation serves as a legitimate basis. If data processing is required to safeguard a legitimate interest of Rocket Bytes GmbH or of a third party, and the interests, fundamental rights and freedoms of the data subject do not override the interest of the former, these legitimate interests will serve as a legitimate basis for data processing.


4. Duration of retention of Facebook and Instagram data

We process and store your Facebook and Instagram data for as long as it is required to meet our contractual and legal obligations or for the purposes pursued by its processing, i.e. for the full duration of the business relationship, for example (from the drafting and processing of a contract until its termination) and beyond, as set out by the statutory retention and documentation obligations. It is possible that Facebook and Instagram data may be stored throughout the period during which claims may be asserted against our enterprise (i.e. during the statutory limitation period in particular), or for as long as we are required to do so by law or due to legitimate business interests (e.g. for evidentiary and documentation purposes). In principle we delete your Facebook and Instagram data or render data anonymous wherever possible as soon as it is no longer required for the purposes stated above. Much shorter retention periods of twelve months or less apply to operating data (e.g. system protocols or logs).


5. Data security

We take technical and organisational security measures to protect your Facebook and Instagram data against unauthorised access and misuse.


6. Obligation to provide Facebook and Instagram data

In the course of our business relationship, you must provide Facebook and Instagram data which is required for the establishment and implementation of a business relationship and the performance of the related contractual obligations (as a rule, you do not have a statutory obligation to provide us with data). Without this data, we will generally be unable to conclude or carry out a contract with you (or with the body or person you represent).

7. Rights of the data subject

Within the scope of the data protection law which applies to you, and insofar as the law provides for it (as in the case of the GDPR), you have the right to access, rectification, erasure, the right of restriction of data processing, and also the right to object to our data processing and to the provision of certain Facebook and Instagram data for the purposes of transmission to another body (data portability). Please be aware however that we reserve the right to exercise the statutory restrictions applicable to us if we are obliged to retain or process certain data, have an overriding interest in such data (insofar as we are allowed to invoke this interest), or need it to assert claims. We will inform you of any costs incurred in advance. We have already notified you of the option to withdraw your consent previously. Please note that the exercising of these rights may conflict with contractual agreements, and could lead to early termination of the contract or result in costs, for example. We will inform you in advance in cases in which this is not already governed by the contract. The exercising of such rights generally requires that you provide clear proof of your identity (e.g. by submitting a copy of your ID if your identity is otherwise unclear or cannot be verified). To assert your rights, you may contact us at the address given in section 1. Moreover, every data subject has the right to assert their claims in a court of law or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home.html).


8. Amendments

We may amend this data protection statement at any time without prior notice. The applicable version is the latest version as published on our website. Insofar as the data protection statement forms part of an agreement with you, we will inform you of any updates by e-mail or other suitable means (e.g. via the legal notice on our website).