Privacy Policy
Effective: October 2, 2024
This Privacy Policy describes how and when Rollbar collects, uses and shares your information when you use our Services. Rollbar receives your information through our various websites, APIs, email notifications, integrations, and applications (the "Services") and from our partners and other third parties. When using any of our Services you consent to the collection, transfer, manipulation, storage, disclosure and other uses of your information as described in this Privacy Policy. Irrespective of which country you reside in or supply information from, you authorize Rollbar to use your information in the United States and any other country where Rollbar operates.
All capitalized terms that are not defined herein have the meanings given them in the Rollbar Terms of Service at https://docs.rollbar.com/docs/terms-of-service. If your access to the Services is granted subject to a Master Services Agreement or other agreement entered into by you and Rollbar (in either case, an “Alternative Agreement”), that Alternative Agreement may have modified the Privacy Policy below. Please contact for details.
If you have any questions or comments about this Privacy Policy, please contact us at [email protected].
INFORMATION COLLECTION AND USE
We collect and use the following information to provide, improve, and protect our Services:
- Information You Provide:
- Basic Account Information. We ask you to log in and provide certain personal information (such as your email address, username, and password) in order to be able to save your profile and the accounts, projects, and other data associated with it.
- Payment and Billing Information. We also collect credit card or payment information for paid subscriptions. This information will be securely stored with a third party specialized in the handling of such information, such as a credit card payment gateway or other payment vendors.
- Messages. If you correspond with us, you may also provide us information when you respond to surveys, communicate with our engineering, sales, or support teams about a question regarding the Services, or post a question about your application or our Services in our public forums.
- Telephone Information. If we telephone you, or you telephone us, to discuss our Services, we may collect personal information from you, including your name, company name, business address, phone number, job title, email address, whether you use the Services, information about your business needs, the number of users of our Services you require, and, if you telephoned us, how you heard about us, and any other information you choose to share with us by telephone.
- Information We Collect Automatically:
- Device Information. Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. Your devices (depending on their settings) may also transmit location information to the Services. We collect log information when you use our Services–for example, when you create or make changes to your account on the Services.
- Usage Information. We collect information related to how you use the Services, including actions you take in your account (like sharing, viewing, and moving files or folders). We use this information to improve our Services, develop new services and features, and protect our Users.
- Location Information. We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
- Cookies and Similar Technologies. We use technologies like cookies and pixel tags to provide, improve, protect, and promote our Services. A cookie is a small text file containing a string of alphanumeric characters that may uniquely identify your browser that lets us help you log in faster and enhance your navigation through the Services. A cookie may also convey information to us about how you use the Services (e.g., the pages you view, the links you click, how frequently you access the Services, and other actions you take on the Services), and allow us to track your usage of the Services over time. You can set your browser to not accept cookies, but this may limit your ability to use the Services. Similarly, we may employ clear gifs (also known as web beacons) which are used to anonymously track your usage patterns on the Services, or place clear gifs in HTML-based emails we send you to track which emails are opened and which links you click. This information allows for more accurate reporting and improvement of the Services.
- Information We Collect from Other Sources:
- Authentication Services. We allow Users with certain third-party accounts (currently Users who have GitHub, Google, Heroku, Okta, OneLogin, or Bitium accounts) to authenticate on the Services using those third-party accounts (each, an “Identity Provider”). If you authenticate on the Services using an Identity Provider, the Identity Provider may send us your registration or basic profile information on that service and other information that you authorize. This information enables us to authenticate you and improve the Services, and is deleted from Rollbar within 30 days of your disconnecting your Identity Provider account from the Services.
- Third Party Analytics Services. We may also receive information from third party services to help us better understand you and how you use our Services.
- End Users. We also process information about end users of our Users’ Products, on behalf of our Users and in accordance with our user agreements. Typically, the information we receive from an end user may include the end user’s name, email address, and device information, such as a description of the error or bug the end user experienced while using a Product provided by one of our Users, as well as any other information the User elects to share with us in the context of reporting or tracking the error experienced by an end user in a User’s Product. Please note that our processing of that information on behalf of our Users for their Products isn’t covered by this Privacy Policy. We encourage our Users to post a privacy policy that accurately describes their practices on data collection, use, and sharing of personal information.
- Information Collected by Third Parties:
- As noted above, sometimes we receive information about you from third party analytics service providers, such as Google, Intercom, Wootric, and other third party service providers. In order to gain useful insights, these analytics providers may set tracking technologies (like cookies) to collect information about your use of our Services and across other websites and online services. These technologies allow these third parties to recognize your device to compile information about you or others who use your device. This information allows us and other companies to, among other things, analyze and track usage, determine the popularity of certain features, and deliver features or content that may be more targeted to your needs. Please note this Privacy Policy only covers the collection of information by Rollbar and does not cover the collection of information by any third party advertisers or analytics providers. We cannot be responsible for how these third party cookies are used, and you should consult the privacy policies of these third parties for more information about how they use cookies.
- Purposes for Collection:
- We use information about you as mentioned above and for the purposes listed below:
- To provide you the Services, including for example, reporting errors and bugs in your Products and billing you for the Services;
- To maintain, monitor, and improve the Services by adding new features, sharing new use cases, or making the Services easier to use;
- To monitor and analyze trends and better understand how you interact with our Services;
- For our own internal benchmarking, for example, to measure, and gauge the effectiveness of the Services, our advertising of the Services, and to better understand user retention and attrition–for example, we may analyze how many individuals purchased a plan after receiving a marketing message or the features used by those who continue to use our Services after a certain length of time;
- To prevent problems with our Services, protect the security of our Services, detect fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Rollbar and others, which may result in us declining a transaction or the use of our Services;
- To personalize your experience using our Services, remember your preferences on the Services so that you will not have to re-enter it during your visit or the next time you use the Services, target our marketing messages to groups of our Users (for example, those who have a particular plan with us or have been our user for a certain length of time), to serve relevant advertisements; and
- To communicate with you, for example through an email, about offers and promotions offered by Rollbar and others we think will be of interest to you, solicit your feedback, or keep you up to date on what we’re up to and our products. We give users the option to use some of our Services free of charge. These free Services are made possible by the fact that some users upgrade to one of our paid Services. If you register for our free Services, we will, from time to time, send you information about upgrades when permissible. For further information on your choices regarding your choices with regard to the use of your information for marketing purposes, see "Your Choices Regarding Your Information" below.
LEGAL BASIS FOR COLLECTING AND USING INFORMATION
We collect and use the personal data described above based on the following grounds:
- The use is necessary in order to fulfill our commitments to you under our Terms of Service at https://docs.rollbar.com/docs/terms-of-service or other agreements with you or is necessary to administer your account–for example, in order to enable access to our Services on your device or charge you for a paid subscription; or
- Compliance with a legal obligation necessitates the use; or
- The protection of your vital interests or those of another person require the use; or
- We have a legitimate interest in using your information–for example, to provide and update our Services, to improve our Services so that we can offer you an even better user experience, to safeguard our Services, to communicate with you, to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition, to monitor and prevent any problems with our Services, and to personalize your experience; or
- You have given us your consent.
INFORMATION SHARING AND DISCLOSURE
We collect and use the personal data described above based on the following grounds:
- Others Working with Rollbar. We may share information about you within the United States and abroad, with third party vendors who need to know information about you in order to provide their services to us, or to provide their services to you. This group includes vendors that help us provide our Services to you, such as payment providers that process your credit and debit card information, fraud prevention services that allow us to analyze fraudulent payment transactions, postal and email delivery services that help us stay in touch with you, customer chat and email support services that help us communicate with you, those that assist us with our marketing efforts (e.g. by providing tools for identifying a specific marketing target group or improving our marketing campaigns), those that help us understand and enhance our Services (like analytics providers), and those that help us deliver our Services (like hosting and content delivery providers). We may share your private personal information with such service providers subject to confidentiality obligations consistent with this Privacy Policy, and on the condition that the third parties use your private personal data only on our behalf and pursuant to our instructions. Rollbar ensures that such recipients of your private personal data will offer an adequate level of protection, for instance by entering into an agreement with standard contractual clauses for the transfer of data as approved by the European Commission or, to the extent valid and available, by requiring that the recipients subscribe to the Data Privacy Framework Principles.
- Other Users. Our Services display information like your name, profile picture, and email address to other users in places like your user profile and sharing notifications. You can also share aspects of your Product with other users in certain forums and features of the Services intended to be public if you choose. When you register your Rollbar account with an email address on a domain owned by your employer, educational institution, or organization, we may help collaborators and administrators find you and your team by making some of your basic information—like your name, team name, profile picture, and email address—visible to other users on the same organization. This helps you sync up with teams you can join and helps other users share files and folders with you.
- Account Administrators. If your use of the Services is pursuant to an agreement entered into by your employer or other organization to which you belong, your administrator may have the ability to access and control your Rollbar team account. Please refer to your organization’s internal policies if you have questions about this.
- Your Consent. Certain features let you make additional information available to others.
- Other Applications. You can also give third-party providers access to your information and account—for example, via Rollbar APIs at https://docs.rollbar.com/reference/getting-started-1. Just remember that their use of your information will be governed by their privacy policies and terms.
Law & Order and the Public Interest. Third parties as required to (a) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (b) enforce our Terms of Service, including the investigation of potential violations thereof, (c) investigate and defend ourselves against any third party claims or allegations, (d) protect against harm to the rights, property or safety of Rollbar, its users or the public as required or permitted by law and (e) detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues. - Business Transfers and Affiliates. In the event that Rollbar is involved in a bankruptcy, merger, acquisition, reorganization or sale of assets, your information may be sold or transferred as part of that transaction. This Privacy Policy will apply to your information as transferred to the new entity. We may also disclose information about you to our corporate affiliates in order to help provide, understand, and improve our Services and our affiliates’ services.
- Aggregated and De-Identified Information. We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
- No Other Disclosures or Uses. We will not (i) disclose your personal information to any third party that is not acting as an agent, under contract with us, to perform tasks on our behalf and under our instructions, or (ii) use your personal information for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by you.
YOUR CHOICES REGARDING YOUR INFORMATION
- Account Data. All Rollbar account holders may review, update, correct or delete the personal information in their registration profile by logging into their account. Rollbar account holders may also contact us at [email protected] to accomplish the foregoing or if you have additional requests or questions.
- Access to Data Controlled by Our Users. Rollbar has no direct relationship with the end users of our Users’ Products whose personal information is contained within the personal data processed by our Services. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our Users should direct their request the specific User. You may also contact us at [email protected] if you have additional questions or concerns.
- Marketing Communications. If you do not wish to receive promotional emails, you can click the "unsubscribe" button on promotional email communications. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices. We sometimes contact people who do not have a Rollbar account. For recipients in the EU, we or a third party will obtain consent before contacting you. If you receive an email and no longer wish to be contacted by Rollbar, you can unsubscribe and remove yourself from our contact list via the message itself.
- Analytics Services. As noted above, analytics providers may set tracking technologies (like cookies) to collect information about your use of the Services, and potentially your use of other websites and online services. For more information about how to manage and delete cookies, visit aboutcookies.org. For further information on what information is collected by analytics service providers and why, see "What We Collect and Why."
- Set Your Browser to Reject Cookies. At this time, Rollbar does not respond to “do not track” signals across all of our Services. However, you can usually choose to set your browser to remove or reject browser cookies before using the Services, with the drawback that certain features of the Services may not function properly without the aid of cookies.
- Close Your Account. Of course, while it’s hard to say goodbye, we understand that sometimes you just need to move on. You can delete your information from within your account or close your account and keep in mind that we may continue to retain your information after closing your account, as described in How Store Your Information below–for example, when that information is reasonably needed to comply with (or demonstrate our compliance with) legal obligations such as law enforcement requests, or reasonably needed for our legitimate business interests.
- Access and Take Your Data. You can download a copy of your content in a machine readable format as outlined in your account settings. If the export option is ever unavailable for any reason, you can also request a copy of the personal data you provided to us by sending a request to [email protected].
HOW WE STORE YOUR INFORMATION
- Security. We use commercially reasonable physical, electronic, and administrative safeguards to protect the information we collect from loss, misuse and unauthorized access, disclosure, alteration, destruction, and to ensure that the information we process is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the information. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. Please contact us immediately if you have reason to believe that your interaction with us is no longer secure. Our Security and Compliance page at https://docs.rollbar.com/docs/security describes the measures we take to secure the Services and your data.
- Location of Storage. To provide you with the Services, we may store, process, and transmit information in the United States and locations around the world—including those outside your country. Information may also be stored locally on the devices you use to access the Services.
- Retention. When you sign up for an account with us, we’ll retain information you store on our Services for as long as your account is in existence or as long as we need it to provide you the Services. If you delete your account, we will immediately initiate deletion of your information. Deletion of your information, including deletion of your information from our backup storage, will be completed within 30 days of your request. But please note we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.
Your Rights
Depending on your location, you may have the following data protection rights.
For personal information we have about you, you can:
- Access your personal information or request a copy.
- You have the right to be notified of what personal information we collect about you and how we use it, disclose it and protect it.
- Change or correct your personal information.
- Delete or erase your personal information.
- Object to the processing of your personal information.
- Ask us to restrict the processing of your personal information.
- Export your personal data.
- You also have the right to lodge a complaint with the local organizations in charge of enforcing the privacy legislation applicable in your territory.
You have the right to request that we export to you in a machine-readable format all of the personal information we have about you.
If you would like to exercise any of the rights described above, please contact us at [email protected].
TRANSFERRING YOUR DATA
Because the Services are offered worldwide, the information about you that we process when you use the Services in the EU may be used, stored, and/or accessed by individuals operating outside the European Economic Area (EEA) who work for us, other members of our group of companies, or third party data processors. This is required for the purposes listed in the What We Collect and Why section above. When providing information about you to entities outside the EEA, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this Privacy Policy as required by applicable law. These measures include, for instance, entering into European Commission approved standard contractual arrangements with them or, to the extent valid and available, ensuring they have signed up to the EU-US DPF or Swiss-US DPF.
Rollbar complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Rollbar has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Rollbar has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. You can find Rollbar’s Data Privacy Framework certification at https://www.dataprivacyframework.gov/list. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In cases of onward transfers of personal data to third parties, Rollbar is potentially liable for the acts or omissions of such third parties that are in violation of the DPF Principles.
Rollbar is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Data Privacy Framework compliance—free of charge to you. We ask that you first submit any such complaints directly to us via [email protected]. If you aren’t satisfied with our response, please contact JAMS at https://www.jamsadr.com/DPF-Dispute-Resolution. In the event your concern still isn’t addressed by JAMS, you may be entitled to a binding arbitration under Data Privacy Framework and its principles.
CHILDREN'S PRIVACY
Our application and services are intended for business use, and we do not expect them to be of any interest to minors. We do not intentionally collect any personal information of consumers below the age of 16.
CCPA
Rollbar values your privacy and we have implemented the steps to be in compliance with the California Online Privacy Protection Act. To learn more please visit https://docs.rollbar.com/docs/ccpa-rollbar
GDPR
Rollbar is compliant with GDPR. To learn more about the measures in place please visit https://docs.rollbar.com/docs/gdpr-rollbar
CHANGES
We may revise this Privacy Policy from time to time, and will post the most current version on our website. If a revision meaningfully reduces your rights, we will notify you.
CONTACT
Your personal information is controlled by Rollbar, Inc. Have questions or concerns about the Services or your privacy? Contact our Data Protection Officer at [email protected]. If they can’t answer your question, you have the right to contact your local data protection supervisory authority.
Updated about 2 months ago