Data Protection Policy




Measures we take to protect your data.

We take data protection seriously. This document outlines some of the measures we take to protect your data when you use the services provided by the Rock & Wall.


When you close your account, it's really gone.

We permanently delete all your account data when you close your "the Rock & Wall" account.


Backups are destroyed after 30 days.

All our server logs and database backups are permanently deleted after 30 days. So when you delete your "the Rock & Wall" account, you know all your data is removed from our systems within 30 days.


We only send data to necessary services.

The Rock & Wall relies on some third-party services, Google Analytics (for analysing web traffic), and Amazon Web Services (for hosting our application and data). These third-party services help us run the Rock & Wall reliably, securely, and efficiently. We do not ever sell your data to unaffiliated third-parties for marketing purposes.


We ask before we look.

We don’t view customer dashboards or connected accounts unless they grant explicit permission to do so as part of a support ticket.


We take security seriously.

All communications between the Rock & Wall and your browser are encrypted, our production database is encrypted-at-rest, and we encrypt our back-end services as much as is practical. We host in a secure environment and retain backups for 30 days.


We’ve made changes for the GDPR.

We've made changes to help the Rock & Wall customers comply with the GDPR and we've improved our own internal data protection and security.


For the Rock & Wall members:


How long we store information:

We store this personally identifiable information for as long as your the Rock & Wall account is open and active. After 6 years of inactivity, your account will be automatically deleted.


Right to update your information:

You may visit your Account page in your the Rock & Wall dashboard to update your information at any time.


Right to be forgotten:

You may close your "the Rock & Wall" account at any time. When a membership account is deleted from the Rock & Wall, all personally identifiable information in your account - including that of any members - is completely erased from our systems (including backups) within 30 days.



Our application and production database runs on AWS (Amazon Web Services) and a secure server in hardened and physically secured data centres located in the United Kingdom. Our production database is encrypted at rest. We will inform you of any significant security breach within 72 hours.