Accessibility Rocket

Legal

Privacy Policy

Last updated: 21 June 2026

Accessibility Rocket respects your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit accessibilityrocket.com, contact us, or use our accessibility products and services.

Final privacy and legal conformance depend on the legal entity, actual providers, implementation, retention rules, integrations, and testing.

1. Who we are

Accessibility Rocket is an accessible-first HTML product brand selling website kits, documentation, testing evidence, and optional accessibility services.

Data controller:
Beryllium Lau LLC
Colorado, United States
Email: hello@accessibilityrocket.com

If an EU or local privacy representative is appointed, this page will be updated with their contact details.

2. What this policy covers

This policy applies to:

  • visitors to accessibilityrocket.com;
  • people who contact us through the website or by email;
  • customers, potential customers, and business contacts;
  • people who interact with our products, documentation, or services.

This policy does not cover third-party websites that we may link to.

3. Personal data we collect

Website and security data

When you visit the website, our infrastructure providers may process technical data needed to deliver and protect the site, such as:

  • IP address;
  • browser and device information;
  • request metadata;
  • security logs;
  • approximate location derived from network data;
  • anti-abuse and bot-protection signals.

We use Cloudflare for hosting, performance, security, and bot protection.

Contact form data

If you contact us through the website, we may process:

  • your name;
  • your email address;
  • your organization, if provided;
  • your message;
  • any information you choose to include in the message;
  • technical anti-spam and security data related to the form submission.

We use Cloudflare Turnstile to help protect the contact form from automated abuse.

Customer and commercial data

If you buy a product, request a service, or discuss a commercial project with us, we may process:

  • name and business contact details;
  • company or organization details;
  • project requirements;
  • billing and invoicing information;
  • contractual communications;
  • support and delivery records.

Payment details, if payment processing is enabled, may be handled by a third-party payment provider. We do not intentionally store full card details on our website.

4. Why we use personal data

We use personal data to:

  • operate, secure, and maintain the website;
  • respond to enquiries;
  • prevent spam, abuse, and automated attacks;
  • provide products, documentation, support, and services;
  • manage customer relationships;
  • issue invoices and keep accounting records;
  • improve our products and website;
  • comply with legal obligations;
  • protect our rights, users, and infrastructure.

5. Legal bases

Depending on the context, we rely on one or more of the following legal bases:

  • Legitimate interests: website security, abuse prevention, responding to business enquiries, maintaining service reliability, and improving our products.
  • Contract or pre-contractual steps: when you request a quote, buy a product, request support, or enter into a service relationship with us.
  • Legal obligation: accounting, tax, compliance, and record-keeping obligations.
  • Consent: where we ask for optional consent, such as for non-essential analytics, marketing cookies, newsletters, or promotional communications.

Where we rely on legitimate interests, we consider whether our interests are overridden by your rights and freedoms.

6. Cloudflare and Turnstile

We use Cloudflare services to deliver and protect the website. This may include Cloudflare Pages, Cloudflare security services, Cloudflare Turnstile, Cloudflare Workers or Pages Functions, and related infrastructure.

Cloudflare Turnstile helps verify whether a form submission is likely to come from a human user rather than an automated bot. This protects the contact form and reduces spam and abuse.

7. International data transfers

Our providers may process data in countries outside your country of residence.

Where required, we rely on appropriate safeguards such as adequacy decisions, data processing agreements, standard contractual clauses, or equivalent transfer mechanisms.

If the controller is established in Andorra, Andorran data protection law may also apply. Andorra has an EU adequacy decision for personal data transfers, and Andorran data protection law is aligned with GDPR-style principles.

8. How long we keep personal data

We keep personal data only for as long as reasonably necessary for the purposes described in this policy.

Typical retention periods:

  • contact form messages: up to 24 months after the last meaningful interaction, unless a longer period is needed;
  • customer, billing, and contract records: for the period required by applicable tax, accounting, and legal rules;
  • security and technical logs: for the period needed to protect, debug, and secure the website;
  • consent records, if used: for as long as needed to demonstrate consent and manage preferences.

We may keep limited records for longer where necessary to establish, exercise, or defend legal claims.

9. Who we share data with

We may share personal data with service providers that help us operate the website and business, including:

  • hosting, CDN, DNS, security, and anti-spam providers;
  • email and communication providers;
  • payment providers, if payment processing is enabled;
  • accounting, tax, legal, or administrative providers;
  • contractors or collaborators involved in delivering a requested service.

We do not sell personal data.

10. Your rights

Depending on the law that applies to you, you may have the right to:

  • access your personal data;
  • correct inaccurate data;
  • request deletion;
  • restrict processing;
  • object to processing based on legitimate interests;
  • withdraw consent where processing is based on consent;
  • request data portability where applicable;
  • lodge a complaint with a data protection authority.

To exercise your rights, contact us at: hello@accessibilityrocket.com

We may need to verify your identity before acting on a request.

11. Marketing communications

We do not send marketing emails unless you have opted in or we have another lawful basis to contact you.

You can unsubscribe or object to marketing communications at any time.

12. Children

Accessibility Rocket is not directed to children. We do not knowingly collect personal data from children.

13. Security

We use technical and organizational measures designed to protect personal data, including HTTPS, access controls, Cloudflare security services, and operational safeguards.

No website or online service can guarantee absolute security.

14. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be published on this page with the updated date.

15. Contact

For privacy questions or rights requests, contact: hello@accessibilityrocket.com

See also our Cookies Policy.