Privacy Policy

Last updated: March 14, 2026

1. Data Controller

• ROSUITE, LLC
• 131 Continental Dr Suite 305, Newark, DE 19713, US
• Email: [email protected]

2. Personal Data We Collect

• Email address
• Firebase authentication ID (Google auth provider)
• IP address
• Usage data (chats, IDs of experiences Ropilot was used on)
• Project structures and metadata (e.g., game hierarchy)
• Telemetry

We do not store full payment card details.

3. Purposes of Processing

Personal data is processed to:

• provide and operate the Service
• manage subscriptions and action allocations
• prevent abuse and fraud
• product improvement, including training ML models with anonymized usage data.
• comply with legal obligations

You may opt out of having your data used for ML training via your Ropilot Dashboard Settings, the Ropilot plugin in Roblox Studio, or by emailing [email protected]. Dashboard and plugin opt-outs take effect immediately; email requests will be fulfilled within 30 days.

4. Legal Bases (GDPR)

Processing is based on:

• performance of a contract
• legal obligations
• legitimate interests
• user consent (where applicable)

5. Recipients & Roles

We use trusted third parties, including:

• Stripe – payment processing (independent controller)
• Firebase / Google Cloud – authentication and infrastructure
• Cloudflare – hosting, edge computing, and data storage
• Anthropic – AI code generation

All providers except Stripe act as processors on our behalf and are subject to contractual data protection obligations.

6. International Data Transfers

Personal data may be transferred outside the EU/EEA, including to providers located in the United States. Where required, such transfers are safeguarded using Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.

7. Data Retention

• Account data: retained while the account is active
• Billing records: retained as required by tax and accounting law
• Session data (prompts, game structure): retained while the account is active and deleted within 30 days after account termination, unless retention is required by law.

8. User Rights

You have the right to:

• access your personal data
• rectification
• deletion
• restriction of processing
• data portability
• objection
• withdraw consent at any time

Requests may be sent to [email protected].

9. Supervisory Authority

You may lodge a complaint with the relevant data protection authority in your jurisdiction. For EU residents, this is your local data protection authority.

10. Cookies & Tracking

The Service uses cookies or similar technologies for authentication and session management. Non-essential cookies are used only with user consent where required by law.

11. Children's Data

The Service is not intended for children under 13. If such use is discovered, the account will be terminated and data deleted where required.

12. Security

We apply appropriate technical and organizational measures to protect personal data, including encrypted connections (TLS), secure API key management, and access controls.

13. Governing Law

This Privacy Policy is governed by the laws of the State of Delaware, United States.

14. Changes to This Policy

This Privacy Policy may be updated periodically. Material changes will be communicated where required by law.