Effective: March 29, 2019
We collect and use the following information to provide, improve, and protect our Services:
- Basic Account Information. We ask you to log in and provide certain personal information (such as your email address, username, and password) in order to be able to save your profile and the accounts, projects, and other data associated with it.
- Payment and Billing Information. We also collect credit card or payment information for paid subscriptions. This information will be securely stored with a third party specialized in the handling of such information, such as a credit card payment gateway or other payment vendors.
- Messages. If you correspond with us, you may also provide us information when you respond to surveys, communicate with our engineering, sales, or support teams about a question regarding the Services, or post a question about your application or our Services in our public forums.
- Telephone Information. If we telephone you, or you telephone us, to discuss our Services, we may collect personal information from you, including your name, company name, business address, phone number, job title, email address, whether you use the Services, information about your business needs, the number of users of our Services you require, and, if you telephoned us, how you heard about us, and any other information you choose to share with us by telephone.
- Device Information. Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. Your devices (depending on their settings) may also transmit location information to the Services. We collect log information when you use our Services–for example, when you create or make changes to your account on the Services.
- Usage Information. We collect information related to how you use the Services, including actions you take in your account (like sharing, viewing, and moving files or folders). We use this information to improve our Services, develop new services and features, and protect our Users.
- Location Information. We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
- Cookies and Similar Technologies. We use technologies like cookies and pixel tags to provide, improve, protect, and promote our Services. A cookie is a small text file containing a string of alphanumeric characters that may uniquely identify your browser that lets us help you log in faster and enhance your navigation through the Services. A cookie may also convey information to us about how you use the Services (e.g., the pages you view, the links you click, how frequently you access the Services, and other actions you take on the Services), and allow us to track your usage of the Services over time. You can set your browser to not accept cookies, but this may limit your ability to use the Services. Similarly, we may employ clear gifs (also known as web beacons) which are used to anonymously track your usage patterns on the Services, or place clear gifs in HTML-based emails we send you to track which emails are opened and which links you click. This information allows for more accurate reporting and improvement of the Services.
- Authentication Services. We allow Users with certain third-party accounts (currently Users who have GitHub, Google, Heroku, Okta, OneLogin, or Bitium accounts) to authenticate on the Services using those third-party accounts (each, an “Identity Provider”). If you authenticate on the Services using an Identity Provider, the Identity Provider may send us your registration or basic profile information on that service and other information that you authorize. This information enables us to authenticate you and improve the Services, and is deleted from Rollbar within 30 days of your disconnecting your Identity Provider account from the Services.
- Third Party Analytics Services. We may also receive information from third party services to help us better understand you and how you use our Services.
We use information about you as mentioned above and for the purposes listed below:
- To provide you the Services, including for example, reporting errors and bugs in your Products and billing you for the Services;
- To maintain, monitor, and improve the Services by adding new features, sharing new use cases, or making the Services easier to use;
- To monitor and analyze trends and better understand how you interact with our Services;
- For our own internal benchmarking, for example, to measure, and gauge the effectiveness of the Services, our advertising of the Services, and to better understand user retention and attrition–for example, we may analyze how many individuals purchased a plan after receiving a marketing message or the features used by those who continue to use our Services after a certain length of time;
- To prevent problems with our Services, protect the security of our Services, detect fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Rollbar and others, which may result in us declining a transaction or the use of our Services;
- To personalize your experience using our Services, remember your preferences on the Services so that you will not have to re-enter it during your visit or the next time you use the Services, target our marketing messages to groups of our Users (for example, those who have a particular plan with us or have been our user for a certain length of time), to serve relevant advertisements; and
- To communicate with you, for example through an email, about offers and promotions offered by Rollbar and others we think will be of interest to you, solicit your feedback, or keep you up to date on what we’re up to and our products. We give users the option to use some of our Services free of charge. These free Services are made possible by the fact that some users upgrade to one of our paid Services. If you register for our free Services, we will, from time to time, send you information about upgrades when permissible. For further information on your choices regarding your choices with regard to the use of your information for marketing purposes, see "Your Choices Regarding Your Information" below.
We collect and use the personal data described above based on the following grounds:
- The use is necessary in order to fulfill our commitments to you under our Terms of Service or other agreements with you or is necessary to administer your account–for example, in order to enable access to our Services on your device or charge you for a paid subscription; or
- Compliance with a legal obligation necessitates the use; or
- The protection of your vital interests or those of another person require the use; or
- We have a legitimate interest in using your information–for example, to provide and update our Services, to improve our Services so that we can offer you an even better user experience, to safeguard our Services, to communicate with you, to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition, to monitor and prevent any problems with our Services, and to personalize your experience; or
- You have given us your consent.
We collect and use the personal data described above based on the following grounds:
- Other Users. Our Services display information like your name, profile picture, and email address to other users in places like your user profile and sharing notifications. You can also share aspects of your Product with other users in certain forums and features of the Services intended to be public if you choose. When you register your Rollbar account with an email address on a domain owned by your employer, educational institution, or organization, we may help collaborators and administrators find you and your team by making some of your basic information—like your name, team name, profile picture, and email address—visible to other users on the same organization. This helps you sync up with teams you can join and helps other users share files and folders with you.
- Account Administrators. If your use of the Services is pursuant to an agreement entered into by your employer or other organization to which you belong, your administrator may have the ability to access and control your Rollbar team account. Please refer to your organization’s internal policies if you have questions about this.
- Your Consent. Certain features let you make additional information available to others.
- Other Applications. You can also give third-party providers access to your information and account—for example, via Rollbar APIs. Just remember that their use of your information will be governed by their privacy policies and terms.
- Law & Order and the Public Interest. Third parties as required to (a) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (b) enforce our Terms of Service, including the investigation of potential violations thereof, (c) investigate and defend ourselves against any third party claims or allegations, (d) protect against harm to the rights, property or safety of Rollbar, its users or the public as required or permitted by law and (e) detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.
- Aggregated and De-Identified Information. We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
- Account Data. All Rollbar account holders may review, update, correct or delete the personal information in their registration profile by logging into their account. Rollbar account holders may also contact us at firstname.lastname@example.org to accomplish the foregoing or if you have additional requests or questions.
- Access to Data Controlled by Our Users. Rollbar has no direct relationship with the end users of our Users’ Products whose personal information is contained within the personal data processed by our Services. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our Users should direct their request the specific User. You may also contact us at email@example.com if you have additional questions or concerns.
- Marketing Communications. If you do not wish to receive promotional emails, you can click the "unsubscribe" button on promotional email communications. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices. We sometimes contact people who do not have a Rollbar account. For recipients in the EU, we or a third party will obtain consent before contacting you. If you receive an email and no longer wish to be contacted by Rollbar, you can unsubscribe and remove yourself from our contact list via the message itself.
- Analytics Services. As noted above, analytics providers may set tracking technologies (like cookies) to collect information about your use of the Services, and potentially your use of other websites and online services. For more information about how to manage and delete cookies, visit aboutcookies.org. For further information on what information is collected by analytics service providers and why, see "What We Collect and Why."
- Set Your Browser to Reject Cookies. At this time, Rollbar does not respond to “do not track” signals across all of our Services. However, you can usually choose to set your browser to remove or reject browser cookies before using the Services, with the drawback that certain features of the Services may not function properly without the aid of cookies.
- Close Your Account. Of course, while it’s hard to say goodbye, we understand that sometimes you just need to move on. You can delete your information from within your account or close your account and keep in mind that we may continue to retain your information after closing your account, as described in How Store Your Information below–for example, when that information is reasonably needed to comply with (or demonstrate our compliance with) legal obligations such as law enforcement requests, or reasonably needed for our legitimate business interests.
- Access and Take Your Data. You can download a copy of your content in a machine readable format as outlined in your account settings. If the export option is ever unavailable for any reason, you can also request a copy of the personal data you provided to us by sending a request to firstname.lastname@example.org.
- Security. We use commercially reasonable physical, electronic, and administrative safeguards to protect the information we collect from loss, misuse and unauthorized access, disclosure, alteration, destruction, and to ensure that the information we process is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the information. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. Please contact us immediately if you have reason to believe that your interaction with us is no longer secure. Our Security and Compliance page describes the measures we take to secure the Services and your data.
- Location of Storage. To provide you with the Services, we may store, process, and transmit information in the United States and locations around the world—including those outside your country. Information may also be stored locally on the devices you use to access the Services.
- Retention. When you sign up for an account with us, we’ll retain information you store on our Services for as long as your account is in existence or as long as we need it to provide you the Services. If you delete your account, we will immediately initiate deletion of your information. Deletion of your information, including deletion of your information from our backup storage, will be completed within 30 days of your request. But please note we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.
- In the case of US based entities, entering into European Commission approved standard contractual arrangements with them, or ensuring they have signed up to the EU-US Privacy Shield or Swiss-US Privacy Shield, as applicable; or
- In the case of entities based in other countries outside the EEA, entering into European Commission approved standard contractual arrangements with them. Rollbar complies with the EU-U.S. and Swiss–U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, the European Economic Area, and Switzerland to the United States. You can find Rollbar’s Privacy Shield certification here. You can also learn more about Privacy Shield at https://www.privacyshield.gov.
Rollbar is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance—free of charge to you. We ask that you first submit any such complaints directly to us via email@example.com. If you aren’t satisfied with our response, please contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event your concern still isn’t addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles.
You can ask us for more information about the steps we take to protect your personal information when transferring it from the EU.
Your personal information is controlled by Rollbar, Inc. Have questions or concerns about the Services or your privacy? Contact our Data Protection Officer at firstname.lastname@example.org. If they can’t answer your question, you have the right to contact your local data protection supervisory authority.