Privacy Policy

As of May 2026 - pursuant to GDPR (EU) 2016/679

1. Controller

RocketLab Systems e.U.
Owner: Florian Zimmermann
Braunberg 8, 4625 Pennewang, Austria
Email: [email protected]

2. Data We Collect and Why

2.1 Waitlist form

When you sign up via our waitlist form, we process the following data:

• Email address - to contact you regarding product access
• Timestamp of your submission

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in managing our waitlist).
Retention: Your email address is stored until you object to processing or we close the waitlist. We will delete your data immediately upon request.
Storage location: Data is delivered by email to our internal address and stored exclusively on our email server in the EU (host: Netcup GmbH, Germany).

2.2 Server log files

Our web server automatically records the following technical data when you visit the website:

• IP address of the requesting device (anonymised after 7 days)
• Date and time of access
• URL requested, HTTP status code, data volume transferred
• Referring URL, browser type and operating system

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the security and operation of the website).
Retention: 7 days, then automatically deleted.

3. Analytics

We use a self-hosted, privacy-first analytics solution running on our own EU server (Netcup GmbH, Germany). It does not set cookies and does not track you across other websites.

When you consent to analytics, we record the following data per page visit:

• Page URL - to see which pages are most visited
• Referrer domain - to understand where visitors come from (e.g. "google.com")
• Country - derived from a Cloudflare header; no precise location is stored
• Browser type and device category - derived from the User-Agent header
• Daily visitor token - a daily-rotating hash of your IP address (SHA-256, salted). The raw IP is never written to disk. The hash changes each day and cannot be used to track you across days.

Legal basis: Art. 6(1)(a) GDPR - your consent.
Consent: A banner is shown on your first visit. You can withdraw or change your choice at any time by clicking "Analytics settings" in the footer.
Retention: Analytics events are stored for up to 12 months, then deleted.
Storage location: Our own server at Netcup GmbH, Germany (EU).

3a. No Cookies - No Other Tracking

This website uses no cookies of any kind. The analytics consent choice is stored in your browser's localStorage (not a cookie) and remains on your device only. No tracking pixels, advertising networks, or social media widgets are used.

Web fonts are served locally from our own server. No connection is made to Google Fonts, Adobe Fonts, or any other external font service.

4. Data Sharing

We do not share your personal data with third parties. No transfer of data to countries outside the EU/EEA takes place.

5. Your Rights

Under GDPR you have the following rights:

• Access (Art. 15 GDPR) - to find out what data we hold about you
• Rectification (Art. 16 GDPR) - to have inaccurate data corrected
• Erasure (Art. 17 GDPR) - to have your data deleted
• Restriction (Art. 18 GDPR) - to restrict processing
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR) - to processing based on legitimate interest

To exercise your rights, please contact us by email: [email protected]

You also have the right to lodge a complaint with the Austrian Data Protection Authority:
Datenschutzbehorde, Barichgasse 40-42, 1030 Vienna - www.dsb.gv.at

6. Hosting

This website is hosted on a dedicated server at Netcup GmbH (Germany, EU). All processing takes place exclusively on servers within the European Economic Area (EEA). A data processing agreement (DPA) pursuant to Art. 28 GDPR is in place with the hosting provider.

7. Changes to This Policy

We reserve the right to update this privacy policy as needed to reflect changes to our website or legal requirements. The current version is always available at ablatic.ai/datenschutz.html.