Privacy Policy

This Privacy Policy has been created for the safety of your data. Protecting your privacy for us is a matter of particular importance. All the data we store and use is being processed in accordance with the regulations in force in the respective area of law. This privacy policy tells you what to expect us to do with your personal information when you make contact with us or use one of our services. We’ll tell you:

  • why we are able to process your information
  • what purpose we are processing it for
  • whether you have to provide it to us
  • how long we store it for
  • whether there are other recipients of your personal information
  • whether we intend to transfer it to another country, and
  • whether we do automated decision-making or profiling

Controller’s contact details

The operator of and at the same time controller of personal data (unless otherwise stated) within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation/GDPR) is ChellengeRocket Sp. z o.o. headquartered in Rzeszów (Poland) entered into the National Court Register under entry no. 0000638669. There are many ways you can contact us, including by phone, email and post.

Our postal address:

Rynek 60/U6

50-116 Wrocław

Phone +48 695 520 111


Personal data

In order to use the ChallengeRocket site, there shall be set up an account. During registration, we ask you to provide the following personal information: name, email address, password, and location. We only require the information, necessary for the proper functioning of certain parts of the Service. Failure to provide the required data will block the performance of certain fields, requiring the data concerned. Remember that your password and e-mail address will never be displayed publicly!

On your profile, you can add other information as well, such as username, biography, ideas for applications, profile picture or other content or applications for competitions. Additional content will be displayed publicly. Your task, in this regard, is to make sure that you have not typed in any information, that you do not want to share publicly, as well as illegal information.

Personal information is only used for the purpose of providing proper service and, if you agree in order to: send you messages, conduct direct marketing, in particular for the purpose of sending commercial information or to suggest the possibility of taking part in recruitment process. The legal basis we rely on to process your personal data is:

  • article 6(1)(a) of the GDPR, which allows us to process personal data when the data subject has given us consent to the processing of his or her personal data,
  • article 6(1)(b) of the GDPR, which allows us to process personal data when is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract,
  • article 6(1)(f) of the GDPR processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.

We do not collect more information than we need to fulfil our stated purposes and will not keep or process it longer than necessary. The purpose of the information we ask for is to enable the usage of service and partaking in suggested recruitment as well as to sharing with you the materials you agreed to obtain. Providing personal information is voluntary and is tantamount to consent to the processing of personal data by the controller.

Your data protection rights

Your personal data will be processed for the purposes of providing proper service and, if you submit such a statement, in order to: send you messages related to the program electronically, conduct direct marketing, in particular for the purpose of sending commercial information. Remember that you can contact us at any time to obtain information about the use of your personal data and you have rights:

Right of access

You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.

Right to rectification

You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.

Right to erasure

You have the right to ask us to erase your personal information in certain circumstances. You can ask us to delete data about you and, in some circumstances, We must then do so. This is known as the right to erasure. You may sometimes hear it called the ‘right to be forgotten’. You should contact us and let us know what you want erased. You don’t have to ask a specific person – you can contact any part of our organisation with your request. A request can be verbal or in writing. We recommend you follow up any verbal request in writing because this will allow you to explain your concern, give evidence and state your desired solution.

We Can refuse to erase your data in the following circumstances:

  • when we are legally obliged to keep hold of your data,
  • when keeping your data is necessary for establishing, exercising or defending legal claims.

Right to restriction of processing

You have the right to ask us to restrict the processing of your information in certain circumstances ex. a challenge you have made to the accuracy of your data, or an objection you have made to the use of your data.

Right to object to processing

You have the right to object to the processing (use) of your personal data in some circumstances. If we agrees to your objection, we must stop using your data for that purpose unless we can give strong and legitimate reasons to continue using your data despite your objections. You have an absolute right to object to us using your data for direct marketing – in other words, trying to sell things to you. This means it must stop using the data if you object.

Right to data portability

This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.

Right to lodge a complaint with a supervisory authority

If You consider that the processing of your data infringes GDPR without prejudice to any other administrative or judicial remedy, You have the right to lodge a complaint with a supervisory authority in particular in the Member State (EU) of Yours habitual residence, place of work or place of the alleged infringement. You are not required to pay any charge for exercising your rights. We have one month to respond to you. We can also refuse your request if it is ‘manifestly unfounded or excessive’.

In any case w‘ll need to tell you and justify our decision. We should also let you know about your right to complain to the supervisory authority, or through the courts. We have one month to respond to your request. In certain circumstances it may need extra time to consider your request and can take up to an extra two months. If we are going to do this, we’ll let you know within one month that we need more time and why. We might need you to prove your identity. However, we‘ll only ask you for just enough information to be sure you are the person whose data it holds. If we do this, the one-month time period to respond to your request begins from when we receive this additional information.

Sharing your information

We use data processors who are third parties who provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct. In some circumstances we are legally obliged to share information. For example under a court order or where we cooperate with other European supervisory authorities in handling complaints or investigations. 

We might also share information with other regulatory bodies in order to further their, or our, objectives. In any scenario, we’ll satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.

Third party links

Our website may contain third party links (ex. Facebook, Twitter, YouTube, Instagram, LinkedIn) , that will lead to websites owned and administered by other entities. It is full responsibility of user for clicking these links and for making any actions an websites accessed through these links. User is responsible for acquainting himself/ herself with privacy policy of third party. Third party is fully responsible for giving user a chance to read privacy policy and for all data protection and processing matters.


When you visit www., we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do this to find out such things as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

If we do collect personal data through our website, we’ll be upfront about this. We’ll make it clear when we collect personal information and we’ll explain what we intend to do with it. The purpose for implementing all of the above is to maintain and monitor the performance of our website and to constantly look to improve the site and the services it offers to our users. The legal basis we rely on to process your personal data is article 6(1)(f) of the GDPR, which allows us to process personal data when its necessary for the purposes of our legitimate interests.


The ChallengeRocket service uses "cookies". The cookie is a small file with information, collected by the server, on your computer. This information can be read by the server during a single connection to the site. Using the techniques of "cookies" does not permit the levying of any personal data and user address, or any sensitive information from his computer. The technique of "cookies" can only determine the kind of information, the user is interested in.

The user can decide about how cookies are stored on your computer. To do this, change the settings/preferences in the web browser. The default settings for popular browsers usually allow you to store cookies. By using this site you expressly consent to the use of cookies in accordance with the browser settings.

Using the portal by children (<13 years)

ChallengeRocket does not collect personal information from children under the age of 13. If you're under 13, you must ask your parents or legal guardians for permission to use the service before sending any information about yourself.

Acceptance of Privacy Policy

Using the ChallengeRocket service you agree to be bound by the rules arising from this Privacy Policy. Further use of the site is equal to the fact that you are familiar with the content posted in this tab and accept it.

Changes to Privacy Policy

Administrator reserves the right to change this Privacy Policy. Each User of the ChallengeRocket Service shall be bound by current Privacy Policy.


ChallengeRocket pas great attention to the security of your personal information. We also encourage you to protect your data from unauthorized access to your account. Please remember to log out of the service every time after using a shared computer.