LogRocket is a new type of developer tool. It’s like a DVR for web apps, recording literally everything that happens on your site. Instead of guessing why problems happen, you can replay sessions with bugs or user issues to quickly understand the root cause.
LogRocket instruments the DOM to record the HTML and CSS on the page, recreating pixel-perfect videos of even the most complex single page apps.
Getting a few definitions out of the way should help you better understand this policy. When we say we, us, our or LogRocket, we're referring to LogRocket, a Delaware corporation. When we say Site, we are referring to the LogRocket website, located at https://logrocket.com/. LogRocket Customer refers to any customer that has entered into an agreement with LogRocket to use the LogRocket Services on its Site. Personal Information means all information relating to a person that identifies such person or could reasonably be used to identify such person, including but not limited to, as first and last name, home address, billing address, or other physical address, email address, telephone number and Sensitive Data, if any. User refers to a visitor to a website that uses the LogRocket Services or a client of a LogRocket Customer. Visitor refers to anyone accessing the LogRocket Site.
Information Collected from LogRocket Visitors
As a Visitor, LogRocket collects potentially personally identifying information like Internet Protocol (or “IP”) addresses (“Potential PII”). Also, you may choose to interact with the Site that results in your providing Personal Information to LogRocket, such as giving us your name, email address, user name and password when signing up for a free trial of the Services or creating an account to post comments to the LogRocket blog or social media sites, etc. You should be aware that any information you provide in the LogRocket blog or social media areas may be read, collected, and used by others who access them.
Information Collected from LogRocket Customers
- Process transactions between you and LogRocket.
- Communicate with you about our Services, including sending you e-mail newsletters.
- Let you know about changes to our policies and terms.
- Provide support for the LogRocket Services.
- Enhance or improve user experience, our Site, or LogRocket Services.
- Monitor data to ensure that it complies with your contractual obligations to us.
- Perform any other function that we believe in good faith is necessary to protect the security or proper functioning of our Site or the LogRocket Services.
- With your prior consent, we may post your personal testimonials along with those of other satisfied customers on our Site in addition to other endorsements.
Information Collected from Visits to Websites that use LogRocket Services
Use of Your Personal Information
In the course of business, we may hire third party individuals and organizations to help us make the LogRocket Services better. These third parties include our web host provider, other SaaS providers, such as an email hosting service, payment processors or outside contractors we hire to perform maintenance or assist us in securing our website. We may also hire third parties to operate, maintain, repair, or otherwise improve or preserve our website or its underlying files or systems.
LogRocket may disclose Personal Information and Potential PII only to those of its employees and third party organizations that (1) need to know such information in order to process it on LogRocket’s behalf or to provide services as described above and (2) have agreed not to disclose it to any other parties without LogRocket’s consent. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using the Site and/or the Service, you consent to the transfer of information to such individuals and organizations in order to accomplish these purposes.
We may access or release Personal Information about you when required to do so in order to comply with any applicable, laws, regulations, subpoena or enforceable governmental or public authority request, including, to meet national security or law enforcement requirements. We may also access or release Personal Information when we have a good faith believe that such access or release is reasonably necessary to (i) enforce applicable terms of service, including investigation of potential violations, (ii) detect, prevent, or otherwise address fraud, security or technical issues, (iii) respond to user support requests, or (iv) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
Before using or sharing your information with non-agent third parties in ways not discussed here or previously authorized by you, we will provide you Notice and an opportunity to control the further use or disclosure of your personal information.
LogRocket has potential liability in cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the Data Privacy Framework Principles (DPF Principles).
If you are a registered user of the Service and have supplied your email address, LogRocket may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with LogRocket and our products. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. LogRocket takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of Personal Information and Potential PII.
In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. If we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information and Potential PII as set forth in this policy. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Information and Potential IP, as well as any choices you may have regarding your Personal Information and Potential IP.
Our Legal Bases for Processing Your Personal Information
When we process Personal Information that we receive from LogRocket Customers, we do so as a processor under applicable privacy laws and pursuant to the direction of our Customers. When we process Personal Information as a data controller, we do so based on the following legal bases: 1) our legitimate interest in running and maintaining our business; 2) performance and fulfillment of our contracts; 3) your consent; and 4) compliance with our legal obligations. In many instances, more than one of these legal bases apply to the processing of your personal information.
Data Subject Rights
You may access, rectify, or delete any of the Personal Information we process about you in our role as a data controller.
If you are a resident of the European Economic Area, United Kingdom, or the state of California, you may have additional data subject rights that apply to you, including the following:
- The right to be informed about our data collection practices;
- The right to access and rectify your data;
- The right to erase or delete your data;
- The right to data portability;
- The right to restrict and object to the processing of your data (including for direct marketing purposes);
- The right to opt out of the sale of your information;
- The right to opt out of marketing emails and text messages;
- The right to limit our use of any automated decision-making processes;
- The right to lodge a complaint to your local data protection authority or supervisory authority; and
- The right to withdraw consent (to the extent applicable).
To exercise any of your rights, please contact us at [email protected]. We will respond to all requests as soon as reasonably possible. You have the right to lodge a complaint regarding our data processing with a supervisory authority. The EU Commission provides a list of supervisory authorities here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
When exercising your rights, we may ask you to verify your identity before fulfilling your request. Users designate an authorized agent to submit a request on their behalf, but they may still be required to verify the identity of the User to whom the request pertains to.
If a User interacts with one of our Customers and the User seeks to access, or correct, amend, or delete inaccurate data or no longer wants to be contacted by one of our Customers, the User should direct its inquiry to the Customer because the Customer is the data controller.
How LogRocket Collects Cookies
This information may in the aggregate identify a User. However, we will not identify a User as they browse the web if the User turns off cookies, as explained below.
LogRocket does not and will not ever attempt to identify the same person across disparate, unrelated domains. It is a violation of our Acceptable Use Policy for our customers to attempt to build multi-site user profiles for the intent of selling or exchanging lists of users or demographic information.
Analytics and Interest-Based Advertising
Analytics. We partner with certain third parties to obtain the automatically collected information discussed above and to engage in analysis, auditing, research, and reporting. These third parties may use web logs or web beacons, and they may set and access cookies on your computer or other device.
Interest-based advertising. The Site also enables third-party tracking mechanisms to collect information about you and your computing devices for use in online interest-based advertising. For example, third parties may use the fact that you visited our Site to target online ads to you. In addition, our third-party advertising networks might use information about your use of our Site to help target advertisements based on your online activity in general. For information about interest-based advertising practices, including privacy and confidentiality, visit the Network Advertising Initiative website or the Digital Advertising Alliance website.
The information that we collect through or in connection with the Services is transferred to and processed in the United States for the purposes described above. We also may subcontract the processing of your data to, or otherwise share your data with, affiliates or third parties in the United States or countries other than your country of residence. The data-protection laws in these countries may be different from, and less stringent than, those in your country of residence. By using the Services or by providing any personal or other information to us, you expressly consent to such transfer and processing.
EU-U.S. Data Privacy Framework
In compliance with the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles , LogRocket commits to resolve DPF Principles-related complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF should first contact LogRocket at: [email protected].
In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, LogRocket commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF to an independent dispute resolution mechanism, the BBB Data Privacy Framework Program, operated by BBB National Programs. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided at no cost to you.
Under certain limited conditions, if your complaint is not resolved through these channels, it may be possible for individuals to invoke binding arbitration before the EU-U.S. DPF Panel to be created by the U.S. Department of Commerce and the European Commission. For additional information, please visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
The Federal Trade Commission (FTC) has jurisdiction over LogRocket’s compliance with the EU-U.S. DPF and the Swiss-U.S. DPF.
Advisory: For UK and Swiss individuals, please note that we may continue to rely on alternative valid data transfer mechanisms deemed appropriate by the relevant authorities to transfer data collected from Switzerland and the UK to the U.S., such as standard contractual clauses and the UK International Data Transfer Agreement or Addendum as appropriate.
We retain personal information about you necessary to fulfill the purpose for which that information was collected or as required or permitted by law. We do not retain Personal Information longer than is necessary for us to achieve the purposes for which we collected it. When we destroy your Personal Information, we do so in a way that prevents that information from being restored or reconstructed.
We take measures to enhance the security of our Site and the LogRocket Service. These measures include using SSL Certificates and two-factor authentication. It is important for you to protect against unauthorized access to your password and to your computer. No security measures are perfect, and we cannot promise that the information about you will remain secure in all circumstances.
Our site is intended for a general audience, and we do not knowingly collect Personal Information from anyone under the age of 13.
What If I Have Questions or Concerns?
If you have any questions or concerns regarding privacy when using LogRocket, please send us a detailed message to [email protected]. We will make every effort to address your concerns.
Last Updated: October 10, 2023.
[WH1]While some of the language below may seem verbose or redundant, we have made amendments to align with the recommended language from the Department of Commerce (see https://www.dataprivacyframework.gov/s/article/FAQs-Privacy-Policy-1-5-dpf). In most cases below, we've replicated their recommended language here verbatim.