Privacy Policy

Roost is designed around SSH access rather than a traditional username and password account. We collect the data needed to provide the service, operate infrastructure, prevent abuse, and support billing.

SSH keys and fingerprints: used to identify your account and authorize access.

Box metadata: box names, states, size or profile information, lifecycle events, timestamps, worker placement, and operational errors.

Usage and billing records: running time, suspended time, charges, balance changes, promo code redemptions, and billing actions such as automatic suspension or deletion queues.

Network and security logs: IP addresses, connection metadata, rate-limit events, and operational logs used to secure and operate Roost.

Box contents: files, configuration, and data you place inside a Roost box while that box exists.

Support communications: messages and contact information you provide when you email us.

Roost does not require a password account to use the SSH service.

Roost does not store payment card numbers directly when payments are handled by a payment processor.

Roost does not intentionally inspect your SSH session contents or files except as needed for operations, security, abuse investigation, support you request, or legal obligations.

We use data to authenticate SSH access, create and route boxes, keep state across suspend and wake, calculate usage charges, prevent abuse, debug failures, improve reliability, and respond to support requests.

We do not sell personal data. We may share data with infrastructure providers, payment processors, and other service providers needed to operate Roost.

We may also disclose data when required by law, to protect Roost or other users, to investigate abuse, or to respond to security incidents.

Box contents remain while the box exists and may be deleted when the box is removed by you or by Roost under the Terms of Service.

Usage and billing records may be retained as needed for accounting, abuse prevention, dispute handling, and legal compliance.

Operational and security logs are retained for as long as needed to operate and secure the service.

Roost uses SSH for box access and HTTPS for web-facing routes. Access is controlled through SSH keys associated with your account.

No internet service can be made perfectly secure. You are responsible for securing software, credentials, and data inside your boxes.

You can remove boxes with the Roost SSH command surface. You can manage linked SSH keys with key add, key list, and key rm.

For account or data requests, contact support@getroost.dev from an address where we can follow up.

Privacy questions can be sent to support@getroost.dev.