Roost.ai Privacy Policy

 

Last Updated: Nov 14, 2023

Welcome to the website (the “Site”) of Zettabytes, Inc. dba Roost (“Zettabytes,” “we,” “us,” or “our”). Pioneering in generative AI and Large Language Models (LLMs), we at Roost.ai are dedicated to redefining software engineering with RoostGPT, our flagship product. RoostGPT, along with our other AI-powered solutions, offers an end-to-end testing platform and a community forum for software developers, collectively enhancing productivity and innovation in software development (together with the Site, the “Service”)

This Privacy Policy explains what Personal Data (defined below) we collect, how we use and share that data, and your choices concerning our data practices. This Privacy Policy is incorporated into and forms part of our Terms of Service.

Before using the Service or submitting any Personal Data to Zettabytes, please review this Privacy Policy carefully and contact us if you have any questions. By using the Service, you agree to the practices described in this Privacy Policy. If you disagree with this Privacy Policy, please do not access the Site or otherwise use the Service.

1. PERSONAL DATA WE COLLECT

We collect information that alone or in combination with other information in our possession could be used to identify you (“Personal Data”) as follows:

Personal Data You Provide: When you register for an account or otherwise use our Service, we collect basic personal information, which typically includes your name, company name, email address, and phone number.

AI-Driven User Interaction Data: Additionally, in the course of your interactions with our AI-powered tools like RoostGPT, we collect data pertaining to your queries, the responses generated by the AI, and any feedback you provide on these interactions. This information is instrumental in customizing and enhancing our AI services and in the ongoing training and improvement of our AI models, aligning with our commitment to AI ethics and data privacy.

Data Usage and Locality in RoostGPT: RoostGPT is committed to maintaining the privacy and security of customer data. While RoostGPT utilizes customer data to enhance user experience and provide more accurate results, it is crucial to emphasize that all data processing occurs within the customer's private network or secure environment. We do not extract, collect, or use customer data from these interactions to improve our platform or for any other external purpose. This ensures that the data remains exclusively under the customer's control, and our role is confined to facilitating improved results within this secure boundary. This practice upholds our stringent standards for data privacy, ensuring that customer data confidentiality is never compromised.

Third-Party Integrations and Data Locality: RoostGPT integrates with various third-party services to enhance user functionality and experience. Regardless of the specific service—be it source code management tools, project management platforms, or others—we strictly adhere to a policy where all data processed through these integrations remains within the customer's private network or secure environment. This approach ensures that while we utilize data from these services to optimize RoostGPT's performance for our customers, the data never leaves their control. Our integrations are crafted to be secure, upholding our steadfast commitment to data privacy and the respective third-party service's privacy policies. We ensure no data is used to improve RoostGPT's external capabilities or shared with other parties outside the customer's domain.

User Data Ownership and Control: At Roost.ai, we respect and uphold the ownership rights of our users over their data. This includes data from interactions with RoostGPT, and information users provide when registering for our community portal or other services on our website.

  1. For RoostGPT Users: Users retain full ownership of the data they input into RoostGPT and the outputs they receive. RoostGPT processes this data solely within the user's environment. We do not claim ownership of this data nor use it beyond the scope of providing specific services to the user.

  2. For Community Portal and Website Users: When users register on our community portal or other sections of our website, we collect standard personal information such as name, email address, and other contact details. Users have full control over their personal information and can access, update, or request the deletion of their data at anytime.

We ensure users can easily exercise their data rights, including accessing their data, requesting corrections, or opting for data deletion. Our policies are designed to comply with applicable data protection laws, providing users with the autonomy and assurance they need regarding their data.

User Access and Control: In our commitment to data security and user privacy, we provide differentiated access controls within our platform:

  1. End-User Access: Individual users have access to their own data, including the ability to view, edit, or delete information they have entered into the platform. End-users can manage their personal data and preferences directly through their account settings.

  2. Administrator Access: Administrators of enterprise accounts have oversight over their respective workspaces. They can manage user access, control settings, and view aggregate data analytics. However, they do not have access to the personal data of individual end-users without explicit consent, except as required for regulatory compliance or operational necessities.

These access controls are designed to ensure that data is accessible only to authorized individuals within an organization, maintaining privacy and security. Our platform's access management is in compliance with industry best practices and relevant data protection regulations.

Manual Review and Data Privacy: As part of our commitment to delivering high-quality AI services, there may be instances where manual reviews of AI-generated results are conducted, particularly during the initial phases of model training and domain-specific adaptation. These reviews are crucial for ensuring the accuracy and relevance of our AI models. However, we are equally committed to upholding user privacy in these processes:

  1. Internal Reviews: If our team conducts manual reviews, these are performed under strict confidentiality and data protection protocols. Reviews are limited to aggregate data or anonymized content, ensuring individual user data remains private.

  2. Customer-Led Reviews: Sometimes, customer leads may undertake manual reviews to provide domain-specific feedback. These reviews are governed by our data processing agreements with customers, ensuring they adhere to the same high data privacy and security standards.

We take every precaution to ensure these reviews do not compromise user privacy or data security. Our policies and procedures for manual reviews are designed to comply with relevant data protection laws and industry best practices.

Social Media Data: We have pages on social media sites like Twitter and LinkedIn (“Social Media Pages”). When you interact with our Social Media Pages, we will collect Personal Data that you elect to provide to us, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding using our Social Media Pages.

Internet Activity Data: When you visit, use, and interact with the Service, we may receive certain information about your visit, use, or interactions. For example, we may monitor the number of people that visit the Service, peak hours of visits, which page(s) are visited, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access the Service (e.g., Chrome, Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and navigation pattern. In particular, the following information is created and automatically logged into our systems:

  • Log Data: Information your browser automatically sends whenever you visit the Site. Log Data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interacted with the Site.
  • Cookies Data: Please see the “Cookies” section below to learn more about how we use cookies.
  • Device Data: Includes the device's name, operating system, and browser you are using. Information collected may depend on your device type and its settings.
  • Usage Data: We collect information about how you use our Service, such as the types of content you view or engage with, the features you use, the actions you take, and the time, frequency, and duration of your activities.
  • Location Data: We estimate your location roughly from your IP address.
  • Email Open/Click Data: We use pixels in our email campaigns that allow us to collect your email and IP address and the date and time you open an email or click on any links in the email.

Personal Data We Process on Behalf of Our Business Customers: To provide the Service, we may collect end-user information from accounts registered under enterprise licenses. Through those licenses, we may receive Personal Data about employees of our business customers, such as name, company name, email address, and phone number. We process that information pursuant to our Terms of Service and other agreements with our business customers. We have no direct relationship with the individuals whose Personal Data we process on behalf of our business customers. If you are such an individual and would no longer like your data to be used by one of our business customers that use our Service, or you would like to access, correct, or request deletion of your data, please contact the business customer you interact with directly.

Cookies: We use cookies to operate and administer our Site, gather usage data on our Site, and improve your experience on it. A “cookie” is a piece of information sent to your browser by a website you visit. Cookies can be stored on your computer for different periods of time. Some cookies expire after a certain amount of time or upon logging out (session cookies); others survive after your browser is closed until a defined expiration date is set in the cookie (as determined by the third party placing it) and help recognize your computer when you open your browser and browse the Internet again (persistent cookies). For more details on cookies, please visit All About Cookies.

You will find a “help” section on most web browsers on the toolbar. Please refer to this section for information on receiving a notification when you receive a new cookie and how to turn cookies off. Please see the links below for guidance on how to modify your web browser’s settings on the most popular browsers:

  • Internet Explorer
  • Mozilla Firefox
  • Google Chrome
  • Apple Safari

Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Site, and you may not be able to benefit from the full functionality of the Site.

Advertising networks may use cookies to collect Personal Data. Most advertising networks offer you a way to opt out of targeted advertising. If you want more information, please visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org and follow the opt-out instructions there.

If you access the Site on your mobile device, you may be unable to control tracking technologies through the settings.

Online Tracking and Do Not Track Signals: We and our third-party service providers may use cookies or other tracking technologies to collect information about your browsing activities over time and across different websites following your Site use. Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so.

Analytics: We use Google Analytics, a web analytics service that Google, Inc. (“Google”) provides. Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use the Site. For more information on how Google uses this data, go to www.google.com/policies/privacy/partners/.

2. HOW WE USE PERSONAL DATA

We may use Personal Data for the following purposes:

  • To provide the Service, including to improve programming productivity;
  • To administer our community forum;
  • To respond to your inquiries, comments, feedback, or questions;
  • To send administrative information to you, for example, information regarding the Service and changes to our terms, conditions, and policies;
  • To analyze how you interact with our Service;
  • To maintain and improve the Service;
  • To develop new products and services;
  • To prevent fraud, criminal activity, or misuse of our Service and to ensure the security of our IT systems, architecture, and networks; and
  • To comply with legal obligations and process and protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

Aggregated Information. We may aggregate Personal Data and use the aggregated information to analyze our Service's effectiveness, improve and add features to our Service, and for other similar purposes. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Service and share aggregated information like general user statistics with prospective business partners. We may collect aggregated information through the Service, through cookies, and through other means described in this Privacy Policy.

Marketing. We may use your Personal Data to contact you to tell you about products or services we believe may interest you. For instance, if you elect to provide your email or telephone number, we may use that information to send you special offers. You may opt out of receiving emails by following the instructions contained in each promotional email we send you. You can also control the marketing emails and/or text messages you receive by updating your settings through your account. In addition, if at any time you do not wish to receive future marketing communications, you may contact us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications but we will continue to contact you regarding management of your account and other administrative matters and to respond to your requests.

3. SHARING AND DISCLOSURE OF PERSONAL DATA

Zettabytes does not sell your Personal Data. In certain circumstances, we may share the categories of Personal Data described above with the following categories of third parties without further notice to you, unless required by the law, as set forth below:

  • Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with vendors and service providers, including providers of hosting services, cloud services, and other information technology services providers, event management services, email communication software and email newsletter services, advertising and marketing services, payment processors, customer relationship management and customer support services, and web analytics services. Per our instructions, these parties may access, process, or store Personal Data while performing their duties to us.
  • Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider (collectively a “Transaction”), your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate as part of that transaction along with other assets.
  • Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Service, or the public, or (v) protect against legal liability.
  • Affiliates: We may share Personal Data with our current and future affiliates, meaning an entity that controls, is controlled by, or is under common control with Zettabytes. Our affiliates may use the Personal Data we share in a manner consistent with this Privacy Policy.
  • Other Users: certain actions you take may be visible to other Service users. For example, when you post content to our community forum, such content may be viewed by third parties or otherwise posted to the internet and made publicly available to website visitors.

4. UPDATE YOUR INFORMATION

Please log in to your account or contact us if you need to change or correct your Personal Data.

5. CHILDREN

Our Service is not directed to children who are under the age of 16. Zettabytes does not knowingly collect Personal Data from children under the age of 16. If you have reason to believe that a child under the age of 16 has provided Personal Data to Zettabytes through the Service, please contact us, and we will endeavor to delete that information from our databases.

6. LINKS TO OTHER WEBSITES

The Service may contain links to other websites not operated or controlled by Zettabytes, including social media services (“Third Party Sites”). The information you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links, we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

7. SECURITY

Our approach to security is comprehensive and proactive. We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. While no Internet or e-mail transmission is ever fully secure or error-free, we take special care to protect the information you provide to us.

We are proud to announce that we have achieved SOC-2 Type 1 and Type 2 compliance, affirming that our systems and processes have been rigorously audited and meet the high standards set by the American Institute of Certified Public Accountants (AICPA) for security, availability, processing integrity, confidentiality, and privacy.

Additionally, we are in the final stages of acquiring our HIPAA certification, demonstrating our commitment to protecting sensitive health information and our adherence to the Health Insurance Portability and Accountability Act standards.

These certifications underline our dedication to maintaining robust security measures and protecting user data. We continuously monitor and update our practices to align with evolving industry standards and regulations.

Please be aware that we are not responsible for circumventing any privacy settings or security measures on the Service or third-party websites. We encourage you to exercise caution when disclosing Personal Data via the Internet.

GDPR Compliance: In addition to our commitment to security, we are dedicated to complying with the General Data Protection Regulation (GDPR) for our users in the European Union. Our GDPR compliance involves:

  • Data Subject Rights: We recognize and facilitate the GDPR rights of our users, including the right to access, correct, delete, and restrict the processing of their personal data. Users can exercise these rights anytime through their account settings or by contacting us directly.

  • Lawful Basis for Processing: We process personal data based on lawful grounds in accordance with GDPR, including consent from our users, the necessity of fulfilling our contractual obligations, and our legitimate business interests.

  • Data Protection Measures: We implement strong data protection measures to ensure the security and confidentiality of personal data in line with GDPR requirements.

  • Data Transfers: For data transfers outside the European Economic Area, we employ appropriate safeguards to ensure adequate data protection.

We are committed to upholding the principles of GDPR and ensuring that our user's data is handled with the utmost care and security.

8. INTERNATIONAL USERS

By using our Service, you understand and acknowledge that your Personal Data will be transferred from your location to our facilities and servers in the United States.

9. YOUR CHOICES

In certain circumstances, providing Personal Data is optional. However, if you choose not to provide Personal Data that is needed to use some features of our Service, you may be unable to use those features. You can also contact us to ask us to update or correct your Personal Data.

10. CHANGES TO THE PRIVACY POLICY

The Service and our business may change from time to time. As a result, we may change this Privacy Policy at any time. When we do, we will post an updated version on this page unless another type of notice is required by the applicable law. By continuing to use our Service or providing us with Personal Data after we have posted an updated Privacy Policy or notified you by other means, if applicable, you consent to the revised Privacy Policy and practices described in it.

11. CONTACT US

If you have any questions about our Privacy Policy or information practices, please feel free to contact us at our designated request address:

Company name: Zettabytes, Inc. dba Roost
Address: 4950 Hamilton Ave. #108, San Jose, CA 95130
Phone: +1 408-641-3600
Email: info@roost.ai