Privacy Policy

Last updated: 13.01.2026

This Privacy Policy explains how RookieMind (“we”, “us”, “our”) collects, uses, and protects personal data when you visit our website, use our services, or otherwise interact with us (collectively, the “Services”).

We are committed to protecting your personal data and processing it in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable European data protection laws.

 

1. Data Controller

Data Controller: Paulina Peros
Business Name: RookieMind
Address: Matice hrvatske 15, 21000 Split, Croatia
Email: [email protected] 

 

2. Personal Data We Process

Depending on how you interact with our Services, we may process the following categories of personal data:

2.1 Data You Provide Directly

·       Name

·       Email address

·       Phone number

·       Billing and invoicing information

·       Account or registration information

·       Information you provide when contacting us or using our services

2.2 Automatically Collected Data

When you visit our website, we may automatically collect:

·       IP address

·       Device and browser information

·       Usage data (pages visited, interactions, timestamps)

·       Referrer URLs

This data is collected via cookies and similar technologies, subject to your consent where required.

2.3 Data from Third Parties

We may receive personal data from service providers supporting our business operations, such as:

·       Website hosting and IT providers

·       Payment service providers

·       Marketing and analytics service providers

All such data is processed in accordance with this Privacy Policy.

 

3. Purposes of Processing

We process personal data for the following purposes:

·       To provide and manage our Services

·       To communicate with you and respond to inquiries

·       To manage customer relationships and accounts

·       To send newsletters and marketing communications (with consent)

·       To analyze and improve our Services

·       To ensure website security and prevent misuse

·       To comply with legal and regulatory obligations

 

4. Legal Bases for Processing

We process personal data based on one or more of the following legal bases under Article 6 GDPR:

·       Consent (Art. 6(1)(a))
For marketing communications, newsletters, personalized content, and marketing/analytics cookies.

·       Performance of a contract (Art. 6(1)(b))
Where processing is necessary to provide our Services or fulfill a contract with you.

·       Legal obligation (Art. 6(1)(c))
Where processing is required to comply with applicable laws.

·       Legitimate interests (Art. 6(1)(f))
For ensuring website security, improving our Services, and maintaining business operations, provided your rights and freedoms do not override these interests.

You may withdraw your consent at any time with effect for the future.

 

5. Marketing, Analytics and Automation (Somba.io)

We use Somba.io, a marketing automation and customer engagement platform licensed by Sigrun GmbH, Switzerland.

Somba.io helps us:

·       Analyze user behavior and interactions

·       Segment audiences

·       Send personalized marketing communications

·       Improve the relevance of our content and services

In this context, the following data may be processed:

·       Email address

·       Usage and interaction data

·       Technical data (e.g. IP address, browser, device information)

Somba.io acts as a data processor and processes personal data solely on our instructions and in compliance with GDPR.

Processing for marketing and personalization purposes takes place only with your explicit consent.

 

6. Profiling

We may use limited automated processing, including profiling, to analyze user behavior and preferences in order to personalize content and marketing communications.

This profiling:

·       Does not produce legal effects

·       Does not have similarly significant effects on you within the meaning of Article 22 GDPR

You have the right to object to profiling for direct marketing purposes at any time.

 

7. Cookies

Our website uses cookies and similar technologies to ensure proper functionality, analyze usage, and support marketing activities.

·       Essential cookies are required for the operation of the website

·       Marketing and analytics cookies (including those used by Somba.io) are used only after you give your explicit consent

You can manage or withdraw your cookie consent at any time via the cookie settings on our website.

 

8. Data Sharing

We share personal data only where necessary and in accordance with GDPR, including with:

·       IT and hosting providers

·       Payment processors

·       Marketing and analytics service providers

·       Professional advisors (e.g. legal, tax)

All service providers are contractually bound to process personal data confidentially and securely.

 

9. International Data Transfers

Personal data may be processed by service providers outside your country of residence.

Where personal data is transferred outside the European Union, we ensure appropriate safeguards are in place.

Transfers to Switzerland are based on an adequacy decision by the European Commission, recognizing Switzerland as providing an adequate level of data protection.

 

10. Data Retention

We retain personal data only for as long as necessary to:

·       Fulfill the purposes outlined in this Privacy Policy

·       Comply with legal obligations

·       Resolve disputes

·       Enforce agreements

Retention periods depend on the type of data and applicable legal requirements.

 

11. Your Rights Under GDPR

You have the following rights under GDPR:

·       Right of access

·       Right to rectification

·       Right to erasure (“right to be forgotten”)

·       Right to restriction of processing

·       Right to data portability

·       Right to object to processing

·       Right to withdraw consent at any time

·       Right to lodge a complaint with a supervisory authority

To exercise your rights, please contact us at [email protected].

 

12. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.

However, no method of transmission over the internet is completely secure.

 

13. Children’s Data

Our Services are not directed at children under the age of 16, and we do not knowingly collect personal data from children.

 

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The current version will always be available on our website with the updated revision date.

 

15. Contact

If you have any questions about this Privacy Policy or how we process personal data, please contact:

Email: [email protected]