Privacy Policy
Thanks for visiting LogRocket. This privacy policy explains the “what,” “how,” and “why” of the personally identifying Information we collect when you visit the website located at www.logrocket.com (the “Site”) and when you use the LogRocket SaaS analytics software and services (“Services”) and includes Personal Information collected via email, SMS, telephone, WAP or other means. It also explains the specific ways we use and disclose that information. By using or accessing the Site or Services, you are accepting the practices described in this Privacy Policy, and you are consenting to our processing of your information as described below.
About LogRocket
LogRocket is a new type of developer tool. It’s like a DVR for web apps, recording literally everything that happens on your site. Instead of guessing why problems happen, you can replay sessions with bugs or user issues to quickly understand the root cause.
LogRocket instruments the DOM to record the HTML and CSS on the page, recreating pixel-perfect videos of even the most complex single page apps.
In addition, LogRocket records console logs, JavaScript errors, stacktraces, network requests/responses with headers + bodies, browser metadata, and custom logs. It also has deep integrations with libraries like React, Redux, and Angular to log actions and application state.
Definitions
Getting a few definitions out of the way should help you better understand this policy. When we say we, us, our or LogRocket, we're referring to LogRocket, a Delaware corporation. When we say Site, we are referring to the LogRocket website, located at https://logrocket.com/. LogRocket Customer refers to any customer that has entered into an agreement with LogRocket to use the LogRocket Services on its Site. Personal Information means all information relating to a person that identifies such person or could reasonably be used to identify such person, including but not limited to, as first and last name, home address, billing address, or other physical address, email address, telephone number and Sensitive Data, if any. User refers to a visitor to a website that uses the LogRocket Services or a client of a LogRocket Customer. Visitor refers to anyone accessing the LogRocket Site.
Information Collected
Information Collected from LogRocket Visitors
If you are a Visitor, LogRocket collects information on your use of our Site, such as pages visited, links clicked, non-sensitive text entered, and mouse movements, as well as information more commonly collected such as the referring URL, browser, operating system, cookie information, and Internet Service Provider (“Usage Data”). LogRocket’s purpose in collecting Usage Information is to better understand how LogRocket’s Visitors use the Site. LogRocket does not use the Usage Information to identify its Visitors and does not disclose the Usage Information other than under the circumstances described in this Privacy Policy.
As a Visitor, LogRocket collects potentially personally identifying information like Internet Protocol (or “IP”) addresses (“Potential PII”). Also, you may choose to interact with the Site that results in your providing Personal Information to LogRocket, such as giving us your name, email address, user name and password when signing up for a free trial of the Services or creating an account to post comments to the LogRocket blog or social media sites, etc. You should be aware that any information you provide in the LogRocket blog or social media areas may be read, collected, and used by others who access them.
We only collect Personal Information that is reasonable or necessary to accomplish the purpose of your interaction with LogRocket as a Visitor. You may choose not to provide this information but you need to understand that as a result, you may not be able to engage in certain activities on the Site. Any Personal Information provided by you as a Visitor to the Site will be used only as described in this Privacy Policy and LogRocket’s Acceptable Use Policy.
Information Collected from LogRocket Customers
If you are a Customer of LogRocket, when you signed up for the Services, you entered into an agreement with LogRocket to accept LogRocket’s terms of use of the Services, which includes the obligations in this Privacy Policy and our Acceptable Use Policy (“Agreement”). As part of your use of the Services, we collect the same information as that of a Visitor above and may ask you for additional information such as payment information, usage data in relation to the Services and other information we deem relevant for the purpose of providing the Services. LogRocket may use your information and data as agreed to in the Agreement and to:
- Process transactions between you and LogRocket.
- Communicate with you about our Services, including sending you e-mail newsletters.
- Let you know about changes to our policies and terms.
- Provide support for the LogRocket Services.
- Enhance or improve user experience, our Site, or LogRocket Services.
- Monitor data to ensure that it complies with your contractual obligations to us.
- Perform any other function that we believe in good faith is necessary to protect the security or proper functioning of our Site or the LogRocket Services.
- With your prior consent, we may post your personal testimonials along with those of other satisfied customers on our Site in addition to other endorsements.
The information we collect from a Customer is disclosed only in accordance with the Agreement and this Privacy Policy and the Acceptable Use Policy.
Information Collected from Visits to Websites that use LogRocket Services
For Users of a LogRocket Customer, LogRocket is acting as a service provider (or processor) to the Customer for the LogRocket Services. LogRocket collects information on a User under the direction of its Customer and has no direct relationship with the User whose information it processes. It is important to understand that when a User visits other websites that use the LogRocket Services, the LogRocket Customer’s privacy policy applies to that information collected. LogRocket may use your information as permitted by the LogRocket Customer in accordance with its privacy policies and this policy.
Use of Your Personal Information
In the course of business, we may hire third party individuals and organizations to help us make the LogRocket Services better. These third parties include our web host provider, other SaaS providers, such as an email hosting service, payment processors or outside contractors we hire to perform maintenance or assist us in securing our website. We may also hire third parties to operate, maintain, repair, or otherwise improve or preserve our website or its underlying files or systems.
LogRocket may disclose Personal Information and Potential PII only to those of its employees and third party organizations that (1) need to know such information in order to process it on LogRocket’s behalf or to provide services as described above and (2) have agreed not to disclose it to any other parties without LogRocket’s consent. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using the Site and/or the Service, you consent to the transfer of information to such individuals and organizations in order to accomplish these purposes.
We may access or release Personal Information about you when required to do so in order to comply with any applicable, laws, regulations, subpoena or enforceable governmental or public authority request, including, to meet national security or law enforcement requirements. We may also access or release Personal Information when we have a good faith believe that such access or release is reasonably necessary to (i) enforce applicable terms of service, including investigation of potential violations, (ii) detect, prevent, or otherwise address fraud, security or technical issues, (iii) respond to user support requests, or (iv) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
Before using or sharing your information with non-agent third parties in ways not discussed here or previously authorized by you, we will provide you Notice and an opportunity to control the further use or disclosure of your personal information.
LogRocket has potential liability in cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the Data Privacy Framework Principles (DPF Principles).
If you are a registered user of the Service and have supplied your email address, LogRocket may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with LogRocket and our products. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. LogRocket takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of Personal Information and Potential PII.
In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. If we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information and Potential PII as set forth in this policy. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Information and Potential IP, as well as any choices you may have regarding your Personal Information and Potential IP.
Our Legal Bases for Processing Your Personal Information
When we process Personal Information that we receive from LogRocket Customers, we do so as a processor under applicable privacy laws and pursuant to the direction of our Customers. When we process Personal Information as a data controller, we do so based on the following legal bases: 1) our legitimate interest in running and maintaining our business; 2) performance and fulfillment of our contracts; 3) your consent; and 4) compliance with our legal obligations. In many instances, more than one of these legal bases apply to the processing of your personal information.
Data Subject Rights
You may access, rectify, or delete any of the Personal Information we process about you in our role as a data controller.
If you are a resident of the European Economic Area, United Kingdom, or the state of California, you may have additional data subject rights that apply to you, including the following:
- The right to be informed about our data collection practices;
- The right to access and rectify your data;
- The right to erase or delete your data;
- The right to data portability;
- The right to restrict and object to the processing of your data (including for direct marketing purposes);
- The right to opt out of the sale of your information;
- The right to opt out of marketing emails and text messages;
- The right to limit our use of any automated decision-making processes;
- The right to lodge a complaint to your local data protection authority or supervisory authority; and
- The right to withdraw consent (to the extent applicable).
To exercise any of your rights, please contact us at [email protected]. We will respond to all requests as soon as reasonably possible. You have the right to lodge a complaint regarding our data processing with a supervisory authority. The EU Commission provides a list of supervisory authorities here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
When exercising your rights, we may ask you to verify your identity before fulfilling your request. Users designate an authorized agent to submit a request on their behalf, but they may still be required to verify the identity of the User to whom the request pertains to.
If a User interacts with one of our Customers and the User seeks to access, or correct, amend, or delete inaccurate data or no longer wants to be contacted by one of our Customers, the User should direct its inquiry to the Customer because the Customer is the data controller.
How LogRocket Collects Cookies
Cookies are small data files placed on your computer by the websites you visit and the emails you read and can be used to help recognize you when you return to a website, or when you visit other sites. We, or third party service providers, may use cookies to, among other things, measure activity, personalize your experience, remember your viewing preferences, or track your status or progress when accessing our site. For some of these purposes, our cookies may be tied to Personal Information and/or Potential PII. In particular, the LogRocket Services use first-party cookies to maintain a coherent scope for a user session across multiple pages on a single website. These cookies do not track the same user across unrelated domains and, as described above, attempts to infer identity across domains is strictly prohibited.
This information may in the aggregate identify a User. However, we will not identify a User as they browse the web if the User turns off cookies, as explained below.
LogRocket does not and will not ever attempt to identify the same person across disparate, unrelated domains. It is a violation of our Acceptable Use Policy for our customers to attempt to build multi-site user profiles for the intent of selling or exchanging lists of users or demographic information.
Analytics and Interest-Based Advertising
We use cookies and other tracking technologies on our Site for analytics and interest-based advertising purposes, as described below.
Analytics. We partner with certain third parties to obtain the automatically collected information discussed above and to engage in analysis, auditing, research, and reporting. These third parties may use web logs or web beacons, and they may set and access cookies on your computer or other device.
Interest-based advertising. The Site also enables third-party tracking mechanisms to collect information about you and your computing devices for use in online interest-based advertising. For example, third parties may use the fact that you visited our Site to target online ads to you. In addition, our third-party advertising networks might use information about your use of our Site to help target advertisements based on your online activity in general. For information about interest-based advertising practices, including privacy and confidentiality, visit the Network Advertising Initiative website or the Digital Advertising Alliance website.
The use of online tracking mechanisms by third parties is subject to those third parties’ own privacy policies, and not this privacy policy. If you prefer to prevent third parties from setting and accessing cookies on your computer or other device, you may set your browser to block cookies. Additionally, you may remove yourself from the targeted advertising of companies within the Network Advertising Initiative by opting out here, or of companies participating in the Digital Advertising Alliance by opting out here. Although our Site currently does not respond to “do not track” browser headers, you can limit tracking through these third-party programs and by taking the other steps discussed above.
International Transfers
The information that we collect through or in connection with the Services is transferred to and processed in the United States for the purposes described above. We also may subcontract the processing of your data to, or otherwise share your data with, affiliates or third parties in the United States or countries other than your country of residence. The data-protection laws in these countries may be different from, and less stringent than, those in your country of residence. By using the Services or by providing any personal or other information to us, you expressly consent to such transfer and processing.
EU-U.S. Data Privacy Framework
LogRocket complies with both the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland to the United States. LogRocket has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. LogRocket has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. [WH1] If there is any conflict between the terms in this privacy policy and the Principles, the Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles , LogRocket commits to resolve DPF Principles-related complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF should first contact LogRocket at: [email protected].
In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, LogRocket commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF to an independent dispute resolution mechanism, the BBB Data Privacy Framework Program, operated by BBB National Programs. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided at no cost to you.
Under certain limited conditions, if your complaint is not resolved through these channels, it may be possible for individuals to invoke binding arbitration before the EU-U.S. DPF Panel to be created by the U.S. Department of Commerce and the European Commission. For additional information, please visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
The Federal Trade Commission (FTC) has jurisdiction over LogRocket’s compliance with the EU-U.S. DPF and the Swiss-U.S. DPF.
Advisory: For UK and Swiss individuals, please note that we may continue to rely on alternative valid data transfer mechanisms deemed appropriate by the relevant authorities to transfer data collected from Switzerland and the UK to the U.S., such as standard contractual clauses and the UK International Data Transfer Agreement or Addendum as appropriate.
Data Retention
We retain personal information about you necessary to fulfill the purpose for which that information was collected or as required or permitted by law. We do not retain Personal Information longer than is necessary for us to achieve the purposes for which we collected it. When we destroy your Personal Information, we do so in a way that prevents that information from being restored or reconstructed.
Security Measures
We take measures to enhance the security of our Site and the LogRocket Service. These measures include using SSL Certificates and two-factor authentication. It is important for you to protect against unauthorized access to your password and to your computer. No security measures are perfect, and we cannot promise that the information about you will remain secure in all circumstances.
Children
Our site is intended for a general audience, and we do not knowingly collect Personal Information from anyone under the age of 13.
Changes
We may amend this Privacy Policy from time to time. When there are changes to this Privacy Policy, we will update this page. The date on the bottom will always indicate when we last made changes. If you are a visitor to this Site and disagree with the Privacy Policy, you should leave the Site and/or cancel your agreement with LogRocket.
What If I Have Questions or Concerns?
If you have any questions or concerns regarding privacy when using LogRocket, please send us a detailed message to [email protected]. We will make every effort to address your concerns.
Last Updated: October 10, 2023.
[WH1]While some of the language below may seem verbose or redundant, we have made amendments to align with the recommended language from the Department of Commerce (see https://www.dataprivacyframework.gov/s/article/FAQs-Privacy-Policy-1-5-dpf). In most cases below, we've replicated their recommended language here verbatim.