Privacy Policy

Last updated: March 17, 2026

RoostKeeper ("we," "us," or "our") operates this asset and property management platform. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

1. Information We Collect

Account Information

When you register, we collect your name, email address, and password (stored as a secure hash). You may also provide a phone number and organization details.

Asset and Property Data

We store the asset records, maintenance logs, service schedules, contracts, reminders, vendor information, and any other data you enter into the platform. This data belongs to you and your organization.

Uploaded Files

Photos, documents, and other files you upload are stored securely in Azure Blob Storage. Access to these files is controlled by time-limited, cryptographically signed tokens that expire after one hour.

Usage and Audit Data

We automatically log actions performed within your organization (such as creating, editing, or deleting records, and sign-in events) for audit and security purposes. These logs include the user's email address, the action taken, the affected record, and a timestamp.

Technical Data

We may collect your IP address, browser type, and device information when you authenticate, for security monitoring purposes.

2. How We Use Your Information

• To provide and operate the RoostKeeper platform and its features.
• To authenticate users and enforce organization-level access controls.
• To send reminder notifications and alerts related to your assets and schedules.
• To maintain audit logs for compliance, accountability, and dispute resolution.
• To detect, prevent, and investigate security incidents or unauthorized access.
• To improve the reliability and functionality of the platform.

We do not sell, rent, or share your data with third parties for marketing or advertising purposes.

3. Data Isolation and Multi-Tenancy

RoostKeeper is a multi-organization platform. Each organization's data is logically isolated. Users can only access records belonging to their own organization. Access controls are enforced at the database query level on every request.

4. Data Retention

We retain your data for as long as your account is active. If you close your account or request deletion, we will remove your personal information and organization data within 30 days, except where retention is required by law or for legitimate audit purposes.

5. Data Security

We use industry-standard security practices including:

• Encrypted data transmission (HTTPS/TLS).
• Passwords stored using one-way cryptographic hashing (ASP.NET Core Identity).
• File access via short-lived, signed SAS tokens — direct public access to uploaded files is disabled.
• Authentication session tokens with sliding expiration and secure cookie settings.

No method of electronic transmission or storage is 100% secure. We strive to use commercially acceptable means to protect your data but cannot guarantee absolute security.

6. Third-Party Services

RoostKeeper uses the following third-party infrastructure providers:

• Microsoft Azure — for hosting, database, and file storage. Microsoft's data processing terms apply to data stored on Azure infrastructure.

We do not integrate with advertising networks, social media tracking pixels, or analytics platforms that collect personal data.

7. Your Rights

Depending on your jurisdiction, you may have rights including:

• Access — request a copy of the personal data we hold about you.
• Correction — request correction of inaccurate personal data.
• Deletion — request deletion of your account and personal data.
• Portability — request your data in a machine-readable format.

To exercise these rights, contact us at the email address below.

8. Cookies

RoostKeeper uses a single authentication cookie to maintain your login session. This cookie is strictly necessary for the platform to function and does not track you across other websites. No third-party cookies are used.

9. Children's Privacy

RoostKeeper is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by posting a notice within the application. Continued use of the platform after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or how your data is handled, please contact us at:
privacy@roostkeeper.com