Roost Privacy Policy

Last Updated: February 1, 2019

1. Introduction

Roost, Inc. (“Roost”) offers the smart devices and services described in this Privacy Policy and is committed to protecting your privacy. This Privacy Policy applies to all the product solutions, services, websites, mobile apps and co-branded mobile apps offered or powered by Roost, Inc. (“Roost”), except where otherwise noted. We refer to those product solutions, services, websites and mobile apps collectively as the “Services” in this policy.

References to “data” in this Privacy Policy will refer to whatever data you provide to Roost when creating a Roost account or purchasing a Roost device or installing a Roost device if it was provided to you by Roost or by a third party.

Data also refers to the information captured by your Roost device, most of which is reported to you. Your specific information depends on the Roost device you have installed, and may include data such as temperature, humidity, garage door status, battery levels, wireless connectivity, and our core alerts (i.e., smoke alarm and water leak). Reference to personal information, means information about you personally that you provide to us, for which we act as custodian.

2. Information we collect

2.1  Who are “you”?

We refer to “you” a lot in this Privacy Policy. To better understand what information is most relevant to you, please see the following definitions.

Account Holders

You opened an account using the Roost Mobile App or using an Insurance company’s mobile app, which you downloaded on your smartphone.  But you have not installed a Roost device yet. 

Roost Registered User

You opened an account using the Roost Mobile App or using an Insurance company’s mobile app, which you downloaded on your smartphone.  You have also installed one or more Roost devices using your smartphone and a Wi-Fi network you own or control.

Monitors

You were requested by someone that you know to be a Monitor for their active Roost devices.  You agreed, and then opened an account using the Roost or Insurance co-branded mobile App you downloaded on your smartphone. You may or may not have installed your own Roost devices using your smartphone.

Website Visitor

You are visiting one of our websites because you are curious about Roost.

Referral User

A Roost Registered User has referred you to Roost to use the Roost Services.

2.2  Information we collect about you

“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, mobile number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing d  ata. “Anonymous Data” means data that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data and Anonymous Data, as described below.

We collect the following Personal Data and Anonymous Data from users of Roost Services:

Information to Set up a Roost Account

You need a Roost account before you can use Roost services. When you register for an account, we collect your smartphone number, email address, your name and then provide you with an SMS access number during set up.

If you were referred to Roost by a friend, your friend has provided Roost with your name and mobile number. Roost will automatically send you an invitation SMS text, and will store your information for the sole purpose of sending these invitation texts and tracking the success of our referral program.

Information to Purchase a Roost Device

If you purchase a Roost device on our website, we require you to provide your billing details, name, address, email address and financial information corresponding to your selected method of payment (e.g. a credit card number and expiration date). This information is provided to a Roost third-party named Shopify, who processes your payment. Roost does not view or retain any of your personal financial information. We do retain your name, address and smartphone number.

Device and smartphone data

We collect information from the Roost device and smartphone you used to install your Roost device. Device data mainly means the device location and name (which you provide), and the data generated by the device such as temperature, humidity, battery level and alerts.  Our servers keep log files that record data each time your device accesses those servers and updates this information. Information we collect about your smartphone includes its make and model (which you provide), its operating system version, and a Unique User ID (i.e., UUID).

Wireless network data

When you install a Roost device, you connect the device to your wireless network.  We store your wireless network name and password in your smartphone so you can easily set up another Roost device. This information is not stored by Roost in the Cloud or in and Roost device.

Customer support data

If you contact us for support regarding the Roost Services, we may collect your name, e-mail address, phone number, as well as your operating system and version, and any communications or correspondence that you send us.

Website referral information

If you arrive at a Roost website from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.

Website usage information

We collect usage information about you whenever you interact with our websites and services. This includes which Roost webpages you visit, what you click on, when you perform those actions, and so on.

Third Party Websites

Our Sites or App may contain links to third party websites. When you click on a link to any other website or location, you will leave our Sites or App and go to another site, and another entity may collect Personal Data or Anonymous Data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content.

Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of your Personal Data after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

3. How we use the information we collect

We process personal data about you either with your consent or in order to fulfill our contractual responsibility to deliver the Roost Services to you. We may also process your data under the rare circumstances when we are legally compelled to do so.

3.1  Personal data we process with your consent

Contact Information

We use your name and address information, so we can ship you Roost Devices.  We may use your email address or smartphone number to send you reminders, product or mobile App updates, provide customer support, and to respond to your inquiries.  We might also send you user surveys and marketing information now and then.

More details: We use your email address to send you marketing (newsletters), and for general updates on your account. You can opt out of marketing communications at any time by clicking on the “unsubscribe” link in them or changing your account settings in the Roost App on your smartphone.

Home Wi-Fi information

We store the home Wi-Fi name and password you use in the flash memory of your smartphone. This allows you to easily add new Roost devices to the same Wi-Fi network.

Device set up information

We store the device’s name, type, and location so you can identify the devices data during use. We ask if we can geolocate your smartphone during set up so we know where the device is physically located and may provide emergency weather alerts.

More details: During set up, we ask you to identify the type of device (such as a Water Leak and FreezeDetector), a name for it (such as, Sink 1), and location (such as, Kitchen).  You can change the device information anytime in the Roost App.

Sharing information with third parties

If Roost devices are provided to you directly from your Insurer, they will provide a specific consent request to you that allows us to share your data with them.

Your insurer will also provide your contact information to Roost so we can ship the Roost device to you, as long as you give permission to share this information with us.

More details: It is very common for Roost to provide its products, services, and co-branded mobile App to an insurance company, and for the insurance company to provide the Roost products and services to its policyholders.  If you have received a Roost device through your insurance company, Roost will process your personal information only if you have provided consent to the insurance company that provided you the Roost device and services.

3.2  Personal data we process to fulfill our responsibilities

Contact information

We collect the device MAC ID and your smartphone number to send you alerts.  We collect the names and phone numbers of each of your invited Monitors. We collect the name and phone number of your designated emergency contact.

More details: We use your smartphone number as your unique user ID in our system.  You use this number to set up Roost devices, and we use it to send device information to you. The Roost services do not work without matching the device MAC ID with your smartphone number. We retain the Monitor and Emergency Contact information you provide us.

Device information

We record the battery level and Wi-Fi strength of each device. If your device records other data (such as temp or humidity) we record that as well.  This data is sent from the Roost cloud to your smartphone.

We also record the day and date (do you mean “time”?) your device alerts, and when it stops.

More Details: The Roost 9V Smart Smoke Alarm Monitor sends an alert when your smoke alarm sounds.  The Roost Water Leak and Freeze Detector sends an alert when a water leak is detected, or the temperature or humidity thresholds are exceeded. The Roost Garage Door Monitor alerts when the Garage Door moves. 

Data Analysis

As part of Roost’s efforts to improve our products and services and to better protect homeowners from risks, we will consolidate and analyze device data on an aggregated basis. We constantly look for alerts our devices might mistakenly send, or for instances when our sensors were too sensitive. We look for patterns in location, temperature, and humidity to find better ways of predicting leaks or freezing pipes.

Because these analyses are performed with aggregated, anonymous data, Roost cannot identify you or any other specific Roost user.

3.3  Legal uses of personal data

To respond to legal requests, we may need to use and disclose information or data we hold about you. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

Corporate Restructuring

We may share some or all of your Personal Data in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset. If another company acquires the Roost business or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy.

Information We Share

We do not share your information or data with third parties outside Roost except in the following limited circumstances:

You were provided a Roost product through an insurance company:

Roost will share some or all of your information with your insurance company as long as you have provided them with consent for Roost to do so.

You have identified a monitor:

As part of Roost’s services, you have the ability to identify a third party and allow them to monitor your Roost devices.  These monitors are provided the same device alerts that you receive as part of Roost services.

Your data is used during data analysis:

From time-to-time, Roost may contract with a third party to help analyze data.  However, prior to analysis, Roost aggregates and anonymizes the data so it cannot be used to identify any individual.

We enter into confidentiality and data processing terms with partners to ensure they comply with high levels of confidentiality and best practice in privacy and security standards and we regularly review these standards and practices.

Your data was requested by an enforceable governmental request:

We also have to share information or data in order to meet any applicable law, regulation, legal process, or governmental request.  We will also share your data to detect, prevent, or otherwise address fraud or security issues. And lastly, we may have to share your data to protect against harm to the rights, property or safety of our users, the public, or to Roost and/or as required or permitted by law.

4. Cookies

We use cookies and similar technologies on our websites. Cookies are small bits of data we store on the device you use to access our website so we can recognize you as a repeat user. Each cookie expires after a certain period of time, depending on what we use it for.

We use certain cookies that you agree to when you use our websites and, in the case of some cookies, for legitimate interests of delivering and optimizing our services when the cookie delivers essential functionality. We use cookies to make our site easier to use, for security reasons, to improve our services.

You can choose to remove or disable cookies via your browser setting.

5. Data Retention

As long as you have an account with Roost we do not delete the data in your account.  You are responsible for the data in your account and how long you retain it. There are controls in your account where you can delete data at the account level (all data in your account) and at the data element level.

And, as long as you have a Roost device set up in your account, we do not delete the data from the device. A Roost device can be deleted any time using the Roost App. When a device is deleted, it no longer provides data to Roost or to your smartphone.  Roost will keep historical data from the device for analysis purposes.

6. Safety of Minors

Our services are not intended for and may not be used by minors who we define as individuals under the age of 13.  Roost does not knowingly collect personal data from Minors or allow them to open Roost accounts. If it comes to our attention that we have collected personal data from a Minor, we will delete this information without notice. If you have reason to believe that this has occurred, please contact Roost customer support.

7. Changes to our privacy policy

We can make changes to this Privacy Policy from time to time. We will identify the changes we have made on this page. In circumstances where a change will materially change the way in which we collect or use your personal information or data, we will send a notice of this change to all of our account holders.

8. Contact us with questions or concerns

If you have any questions, concerns, or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us using the following contact information: support@getroost.com.  Or mail us at Roost Inc., c/o Data Protection Officer, 1250 Borregas Ave., Sunnyvale, CA 94089. We will reply to your complaint as soon as we can and, in any event, within 30 days.

9. Privacy Shield and GDPR (for our EU users)

Roost participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield. Roost is committed to subjecting all personal information and data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. https://www.privacyshield.gov/.

If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall take precedence. Roost is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and data it subsequently transfers to third parties acting as agents on its behalf. Roost complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions. Roost further complies with the EU’s General Data Protection Regulation (“GDPR”), maintaining our EU data center in Ireland, with Ireland as Roost’s GDPR lead authority.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Roost is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Roost may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

9.1  Resolving complaints

In compliance with the Privacy Shield Principles, Roost commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Roost at:

Data Protection Officer
Roost
1250 Borregas Ave.
Sunnyvale, CA 94089 USA

Roost has further committed to refer unresolved Privacy Shield complaints to JAMS an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/eu-us-privacy-shieldfor more information or to file a complaint. The services of JAMS are provided at no cost to you.

Under certain conditions, more fully described on the Privacy Shield website; https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

If you are resident in the European Union and you are dissatisfied with how we have managed a complaint you have submitted to us, you are also entitled to contact your local data protection supervisory authority. Roost maintains its EU servers in Ireland, and therefore operates under the remit of the Irish Office of the Data Protection Commissioner (see: ODPC Website).

9.2  Who is my data controller?

Most of the time, Roost is the data processor.  We take data provided to us by you and/or by your insurance company or other third party and process it to deliver the Roost services.  The insurance company or other third-party is the data controller.

When you purchase a product directly from Roost using the Roost website, Roost is also the data controller.

In most other instances, Roost is the data processor, only.

9.3  Your GDPR rights

European users have certain legal rights to obtain information about whether we hold personal information about you, to access personal information we hold about you, and to obtain its correction, update, amendment or deletion. Some of these rights may be subject to some exceptions or limitations. We will respond to your request to exercise these rights within a reasonable time, and in all cases within 30 days of receiving a request.

Under the EU’s General Data Protection Regulation (GDPR) the rights which you are entitled to are:

Data access rights

Right to restrict processing

Right of rectification

Right to erasure (Right to be Forgotten)

Right to object to processing

Right to withdraw consent; and

Data portability rights

When you open and maintain an account with Roost, you are entitled to a copy of all personal data, which we hold in relation to you. You are also entitled to request that we restrict how we use your data or object to some aspect of our treatment of your data. You can access a lot of your data in your own account using the Roost App. However, if you want to obtain a full copy of all your data or to request a restriction / limitation in how we use your data, please contact us at the address provided in Section 9.1 above.

Contact Us

If you have any questions about this Privacy Policy, please contact us at support@getroost.com