feat: update privacy policy with targeted advertising disclosures #6451
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -14,7 +14,7 @@ export default function Privacy() { | |
| <h1 className="text-3xl font-bold tracking-tight sm:text-4xl md:text-5xl"> | ||
| Roo Code Cloud Privacy Policy | ||
| </h1> | ||
| <p className="text-muted-foreground">Last Updated: January 30, 2025</p> | ||
|
|
||
| <p className="lead"> | ||
| This Privacy Policy explains how Roo Code, Inc. ("Roo Code," "we," | ||
|
|
@@ -63,6 +63,11 @@ export default function Privacy() { | |
| We collect only the data needed to operate Roo Code Cloud, do <strong>not</strong> sell | ||
| customer data, and do <strong>not</strong> use your content to train models. | ||
| </li> | ||
| <li> | ||
| We use cookies and similar technologies for{" "} | ||
| <strong>analytics and interest‑based advertising</strong> (aka “retargeting”); | ||
| you can opt‑out at any time (see Section 6). | ||
| </li> | ||
| </ul> | ||
|
|
||
| <h2 className="mt-12 text-2xl font-bold">1. Information We Collect</h2> | ||
|
|
@@ -127,6 +132,19 @@ export default function Privacy() { | |
| Marketing Site automatically / You | ||
| </td> | ||
| </tr> | ||
| <tr> | ||
| <td className="border border-border px-4 py-2 font-medium"> | ||
| Marketing & Advertising Data | ||
| </td> | ||
| <td className="border border-border px-4 py-2"> | ||
| Online identifiers (IP, cookie ID, device ID), pages or screens viewed, referral | ||
| source, marketing pixel events (e.g., Google Ads remarketing, Meta Pixel, | ||
| LinkedIn Insight) | ||
| </td> | ||
| <td className="border border-border px-4 py-2"> | ||
| Marketing Site automatically / Pixels | ||
| </td> | ||
| </tr> | ||
| </tbody> | ||
| </table> | ||
| </div> | ||
|
|
@@ -238,29 +256,93 @@ export default function Privacy() { | |
| <strong>Delete your Cloud account</strong> at any time from{" "} | ||
| <strong>Security Settings</strong> inside Roo Code Cloud. | ||
| </li> | ||
| <li> | ||
| <strong>Opt‑out of targeted advertising</strong> via the footer links described in Section 6 | ||
| or by sending a GPC signal. | ||
| </li> | ||
| </ul> | ||
|
|
||
| <h2 className="mt-12 text-2xl font-bold"> | ||
| 6. Targeted Advertising, “Sale or Share,” and How to Opt Out | ||
| </h2> | ||
| <p> | ||
| We use Google Ads, Meta (Facebook) Pixel and LinkedIn Insight Tag to show ads to visitors who | ||
| have previously interacted with Roo Code (“retargeting” or “cross‑context | ||
|
Contributor
Author
There was a problem hiding this comment. For consistency, could we standardize the terminology? The policy uses both "interest‑based advertising" (line 68) and "cross‑context behavioral advertising" (line 270). Would it be clearer to pick one primary term? |
||
| behavioral advertising”). Under the California Consumer Privacy Act as amended by the | ||
| CPRA—and similar laws in CO, CT, VA, UT, OR, TX and others—disclosing personal information (like | ||
| a cookie ID) to an ad network for this purpose may be considered a{" "} | ||
| <strong>“sale” or “share.”</strong> | ||
| </p> | ||
|
|
||
| <h3 className="mt-8 text-xl font-bold">Your Options</h3> | ||
| <ol> | ||
| <li> | ||
| <strong>Site links.</strong> Every page now displays a | ||
| <ul> | ||
| <li> | ||
| <strong> | ||
| “Do Not Sell or Share My Personal Information / Opt Out of Targeted | ||
|
Contributor
Author
There was a problem hiding this comment. The policy references footer links that don't exist yet. While the PR description mentions these as "Next Steps," the policy text implies they're already available ("Every page now displays"). Should we update the language to indicate these are coming soon, or implement the links first? |
||
| Advertising” | ||
| </strong>{" "} | ||
| link that lets you disable all non‑essential advertising cookies; and | ||
| </li> | ||
| <li> | ||
| <strong>“Your Privacy Choices”</strong> link that provides the same | ||
| opt‑out for other states. | ||
| </li> | ||
| </ul> | ||
| </li> | ||
| <li> | ||
| <strong>Global Privacy Control (GPC).</strong> We automatically honor the browser‑level{" "} | ||
| <em>GPC</em> signal. When received, we block marketing pixels and treat the request as a | ||
| valid opt‑out of sale/share. | ||
| </li> | ||
| <li> | ||
| <strong>Ad platform tools.</strong> You may also set ad‑preferences directly with Google | ||
| Ads, Meta, or LinkedIn; those choices are respected across sites. | ||
| </li> | ||
| </ol> | ||
| <p> | ||
| We do <strong>not</strong> knowingly sell/share data of consumers under 16, and we prohibit our | ||
| ad partners from creating interest‑based profiles of such users. | ||
| </p> | ||
|
|
||
| <h2 className="mt-12 text-2xl font-bold">7. Security Practices</h2> | ||
| <p> | ||
| We use TLS for all data in transit, AES‑256 encryption at rest, least‑privilege IAM, continuous | ||
| monitoring, routine penetration testing, and maintain a SOC 2 program. | ||
| </p> | ||
|
|
||
| <h2 className="mt-12 text-2xl font-bold">8. Updates to This Policy</h2> | ||
| <p> | ||
| If our privacy practices change, we will update this policy and note the new{" "} | ||
| <strong>Last Updated</strong> date at the top. For material changes that affect Cloud | ||
| workspaces, we will also email registered workspace owners before the changes take effect. | ||
| </p> | ||
|
|
||
| <h2 className="mt-12 text-2xl font-bold">9. Contact Us</h2> | ||
| <p> | ||
| Questions or concerns? Email{" "} | ||
| <a href="mailto:[email protected]" className="text-primary hover:underline"> | ||
| [email protected] | ||
| </a> | ||
| . | ||
| </p> | ||
|
|
||
| <h2 className="mt-12 text-2xl font-bold">10. State‑Specific Privacy Rights</h2> | ||
| <p> | ||
| Residents of California, Colorado, Connecticut, Utah, Virginia, Oregon, Texas and other states | ||
| with comprehensive privacy statutes have additional rights, including to access, correct, | ||
| delete, and{" "} | ||
| <strong> | ||
| opt‑out of the sale or sharing of personal information and of targeted advertising | ||
| </strong> | ||
| . You may exercise these rights through the mechanisms in Sections 5–6 or by emailing{" "} | ||
| <a href="mailto:[email protected]" className="text-primary hover:underline"> | ||
| [email protected] | ||
| </a> | ||
| . We will respond within the timeframe required by your state law (usually 45 days). | ||
| </p> | ||
| </div> | ||
| </div> | ||
| </> | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this date intentional? January 30, 2025 appears to be a future date. Should this be January 30, 2024 or today's date instead?