CUSTOMER LOGIN  |  Watch Demo
Search
Try RoostGPT
CUSTOMER LOGIN  |  Watch Demo

 

Last Updated: June 6 2025

Zettabytes, Inc. d/b/a Roost.ai ("Roost.ai," "we," "us," or "our") licenses the RoostGPT automated test-generation software (the "Product"). This document explains how the Product processes data within your network and outlines key licensing terms. It does not govern the public Roost.ai website or any Roost.ai-hosted SaaS applications.

Deployment Model & Data Flow

Self-Hosted, Single-Tenant. You deploy the Product on-premises, or in a cloud account you control. All compute, storage, and networking stays within your environment.

Source Integration. The Product connects—via read-write credentials you supply—to code repositories, API specifications, documentation, logs, CI/CD metadata, and similar artifacts to generate test cases. Write access is required so Roost can commit the generated test cases back to your repository.

LLM Invocation (Customer-Choice). When Large-Language-Model functionality is required, the Product calls only the LLM endpoints you configure (e.g., Azure OpenAI, Amazon Bedrock). Prompts and completions never traverse Roost.ai infrastructure — they never leave your LLM tenant and your infrastructure.

License Verification (Optional). The only default outbound request made by the product is a periodic HTTPS call to Roost.ai to verify subscription status. Administrators can disable this check via configuration or use a local license file to avoid the call altogether. When disabled, the product makes zero outbound calls to Roost.ai.

No Other Telemetry. The Product does not "phone home" or transmit usage data unless you expressly enable a temporary support integration.

Data Residency, Retention, & Prompt Handling

Local Storage. All source code, prompts, test artifacts, logs, and coverage reports remain under your existing backup and retention policies.

Customer = Controller. You act as the data controller; Roost.ai never receives or processes your data and therefore is not a processor under data protection laws.

Prompts & Feedback. User prompts, test prompts, and any feedback text are stored only within your environment or your configured LLM logs. Roost.ai neither collects nor analyzes this content.

Data Masking. By default, the Product processes data "as-is" and applies no masking or redaction. If masking is required (e.g., for PII or PHI), Roost.ai will collaborate with your security team to implement namespace-level filters, dynamic scrubbing rules, or pre-prompt redaction scripts that run inside your environment.

Support Access (Opt-In). Roost.ai personnel may access your environment only when you grant time-bound credentials for troubleshooting, and you revoke them afterward.

Security Commitments

  • Signed container images with Software Bills of Materials (SBOMs) and supply-chain attestations (SLSA Level 2+).
  • Support for customer-side secrets managers (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault) and enterprise SSO (OIDC/SAML).
  • Corporate and support systems audited to SOC 2 Type 2 and HIPAA Type 2 standards; audit reports available under NDA.
  • Hardened-deployment guide covering network segmentation, RBAC, audit logging, and TLS 1.2+ encryption for all configurable outbound endpoints (e.g., your LLM API).

License Grant

Roost.ai grants you a non-exclusive, non-transferable license to install and use the Product within the Authorized Sites and for the Subscription Term specified on your order. The Product is licensed, not sold.

Restrictions

  • No reverse engineering, de-compilation, or derivative works.

  • No redistribution or offering of the Product as-a-service to third parties.

  • Use is limited to your internal business purposes.

Ownership of Outputs

You retain all intellectual property rights to source code, prompts, generated tests, logs, and any other content processed by the Product. Roost.ai retains all rights in the Product codebase and documentation.

Support & Updates

Coverage. Active subscriptions include security patches, minor upgrades, and technical support via email or portal.

Update Window. For continued support, apply critical patches within 90 days of release.

Warranty & Disclaimers

Roost.ai warrants that the unmodified Product will materially conform to its documentation for 30 days after delivery. EXCEPT AS EXPRESSLY PROVIDED, THE PRODUCT IS PROVIDED “AS IS,” AND WE DISCLAIM ALL OTHER WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

Limitation of Liability

Roost.ai’s aggregate liability arising out of or related to the Product shall not exceed the fees paid during the 12-month period preceding the claim, except where limitation is prohibited by law. Neither party shall be liable for indirect, incidental, special, or consequential damages.

Compliance & Export

The Product is “Commercial Computer Software” under FAR 2.101. You agree to comply with applicable export-control and sanctions regulations. 

Changes to These Terms

We may modify this document by providing at least 30 days’ notice to your designated notice contact. Changes apply to renewals and new orders; existing subscriptions continue under the previously agreed terms until renewal.

Contact

Roost.ai (Zettabytes, Inc.)

4950 Hamilton Ave. #202, San Jose, CA 95130 USA

Phone: +1 408-641-3600

Email: privacy@roost.ai

If any provision herein conflicts with a master subscription agreement or custom order form executed between Roost.ai and your organization, the executed agreement shall control.