diff --git a/apps/web-roo-code/src/app/privacy/page.tsx b/apps/web-roo-code/src/app/privacy/page.tsx
index ea12094ebb..235c7f9315 100644
--- a/apps/web-roo-code/src/app/privacy/page.tsx
+++ b/apps/web-roo-code/src/app/privacy/page.tsx
@@ -14,7 +14,7 @@ export default function Privacy() {
Roo Code Cloud Privacy Policy
- Last Updated: June 19, 2025
+ Last Updated: January 30, 2025
This Privacy Policy explains how Roo Code, Inc. ("Roo Code," "we,"
@@ -63,6 +63,11 @@ export default function Privacy() {
We collect only the data needed to operate Roo Code Cloud, do not sell
customer data, and do not use your content to train models.
+
+ We use cookies and similar technologies for{" "}
+ analytics and interest‑based advertising (aka “retargeting”);
+ you can opt‑out at any time (see Section 6).
+
1. Information We Collect
@@ -127,6 +132,19 @@ export default function Privacy() {
Marketing Site automatically / You
+
+ |
+ Marketing & Advertising Data
+ |
+
+ Online identifiers (IP, cookie ID, device ID), pages or screens viewed, referral
+ source, marketing pixel events (e.g., Google Ads remarketing, Meta Pixel,
+ LinkedIn Insight)
+ |
+
+ Marketing Site automatically / Pixels
+ |
+
@@ -238,22 +256,71 @@ export default function Privacy() {
Delete your Cloud account at any time from{" "}
Security Settings inside Roo Code Cloud.
+
+ Opt‑out of targeted advertising via the footer links described in Section 6
+ or by sending a GPC signal.
+
- 6. Security Practices
+
+ 6. Targeted Advertising, “Sale or Share,” and How to Opt Out
+
+
+ We use Google Ads, Meta (Facebook) Pixel and LinkedIn Insight Tag to show ads to visitors who
+ have previously interacted with Roo Code (“retargeting” or “cross‑context
+ behavioral advertising”). Under the California Consumer Privacy Act as amended by the
+ CPRA—and similar laws in CO, CT, VA, UT, OR, TX and others—disclosing personal information (like
+ a cookie ID) to an ad network for this purpose may be considered a{" "}
+ “sale” or “share.”
+
+
+ Your Options
+
+ -
+ Site links. Every page now displays a
+
+ -
+
+ “Do Not Sell or Share My Personal Information / Opt Out of Targeted
+ Advertising”
+ {" "}
+ link that lets you disable all non‑essential advertising cookies; and
+
+ -
+ “Your Privacy Choices” link that provides the same
+ opt‑out for other states.
+
+
+
+ -
+ Global Privacy Control (GPC). We automatically honor the browser‑level{" "}
+ GPC signal. When received, we block marketing pixels and treat the request as a
+ valid opt‑out of sale/share.
+
+ -
+ Ad platform tools. You may also set ad‑preferences directly with Google
+ Ads, Meta, or LinkedIn; those choices are respected across sites.
+
+
+
+ We do not knowingly sell/share data of consumers under 16, and we prohibit our
+ ad partners from creating interest‑based profiles of such users.
+
+
+ 7. Security Practices
We use TLS for all data in transit, AES‑256 encryption at rest, least‑privilege IAM, continuous
monitoring, routine penetration testing, and maintain a SOC 2 program.
- 7. Updates to This Policy
+ 8. Updates to This Policy
If our privacy practices change, we will update this policy and note the new{" "}
Last Updated date at the top. For material changes that affect Cloud
workspaces, we will also email registered workspace owners before the changes take effect.
- 8. Contact Us
+ 9. Contact Us
Questions or concerns? Email{" "}
@@ -261,6 +328,21 @@ export default function Privacy() {
.
+
+ 10. State‑Specific Privacy Rights
+
+ Residents of California, Colorado, Connecticut, Utah, Virginia, Oregon, Texas and other states
+ with comprehensive privacy statutes have additional rights, including to access, correct,
+ delete, and{" "}
+
+ opt‑out of the sale or sharing of personal information and of targeted advertising
+
+ . You may exercise these rights through the mechanisms in Sections 5–6 or by emailing{" "}
+
+ privacy@roocode.com
+
+ . We will respond within the timeframe required by your state law (usually 45 days).
+