This Roon Software Privacy Policy (“Software Privacy Policy” or “Policy”) explains how Roon Labs LLC, a New York limited liability company (“Company” ,”Roon Labs”, “Roon”, “We” , “Us” or “Our”) may gather, collect, record, hold, distribute, share, disclose, or otherwise use any information or data about any user (“User” or “You” or “Your”) of the Company’s audio and music management software presently named “Roon”(“Roon Software”).
THIS SOFTWARE PRIVACY POLICY INCORPORATES BY REFERENCE ALL OF THE OTHER DISCLOSURES AND NOTIFICATIONS AND PROVISIONS REGARDING YOUR PERSONAL INFORMATION AS MORE FULLY SET FORTH IN THE COMPANY’S STANDARD PRIVACY POLICY (“STANDARD PRIVACY POLICY”), A COPY OF WHICH IS AVAILABLE AT THIS LINK ON THE COMPANY’S WEBSITE AT https://roon.app/privacypolicy. TO THE EXTENT THAT THERE ARE ANY INCONSISTENCIES OR AMBIGUITIES BETWEEN THE PROVISIONS OF THIS SOFTWARE PRIVACY POLICY AND THE COMPANY’S STANDARD PRIVACY POLICY (COLLECTIVELY, THE “PRIVACY POLICIES”), THE TERMS AND CONDITIONS OF THE STANDARD PRIVACY POLICY WILL GOVERN TO THE EXTENT NECESSARY TO ELIMINATE ANY SUCH INCONSISTENCY OR AMBIGUITY.
BY CONTINUING TO USE THE ROON SOFTWARE, OR BY CHECKING THE “I AGREE” BOX, EACH USER HEREBY AGREES TO BE BOUND, AND HEREBY CONSENT TO, ALL OF THE TERMS AND CONDITIONS OF THIS SOFTWARE PRIVACY POLICY (INCLUDING WITHOUT LIMITATION, ALL OF THE TERMS AND CONDITIONS OF THE COMPANY’S STANDARD PRIVACY POLICY THAT HAS BEEN INCORPORATED BY REFERENCE INTO THIS SOFTWARE PRIVACY POLICY AS SET FORTH ABOVE), AS THEY ARE PRESENTED TO YOU AS OF THE DATE OF YOUR FIRST USE OF THE ROON SOFTWARE.
NO CHANGES (ADDITIONS OR DELETIONS) BY YOU TO THIS SOFTWARE PRIVACY POLICY WILL BE ACCEPTED BY THE COMPANY. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS OF THIS SOFTWARE PRIVACY POLICY, OR YOU DO NOT WISH YOUR PERSONAL INFORMATION TO BE USED PURSUANT TO THIS SOFTWARE PRIVACY POLICY OR THE STANDARD PRIVACY POLICY, THEN YOU SHOULD NOT USE THE ROON SOFTWARE, AND YOU SHOULD NOT PROVIDE ANY OF YOUR PERSONAL INFORMATION TO THE COMPANY.
THIS IS A BINDING CONTRACT BETWEEN YOU AND THE COMPANY, AND YOU SHOULD DOWNLOAD AND PRINT THIS SOFTWARE PRIVACY POLICY AND THE STANDARD PRIVACY POLICY FOR YOUR RECORDS.
INFORMED CONSENT BY EUROPEAN UNION (“EU”) DATA SUBJECTS UNDER THE EU’S GENERAL DATA PROTECTION REGULATION (“GDPR”).
THE GDPR PROVIDES EACH EU “DATA SUBJECT” (AS SUCH TERM IS DEFINED IN THE GDPR) WITH SPECIFIC RIGHTS, INCLUDING THE RIGHT TO RECEIVE SPECIFIC NOTICES, REGARDING THEIR “PERSONAL DATA” (AS SUCH TERM IS DEFINED IN THE GDPR). THIS SOFTWARE PRIVACY POLICY HEREBY PROVIDES SUCH GDPR-REQUIRED NOTICES AND DISCLOSURES TO EACH USER THAT IS AN EU DATA SUBJECT AS FOLLOWS:
At Roon Labs, Our mission is to connect people with music. To do that, We make software and provide information services used by that software. Unlike many other music players, Roon doesn’t just display your music and let You play it, but instead creates rich context about Your music using information about the music.
This metadata includes editorial information (like genre, rating, and review) as well as factual information (like which label released a recording, who performed on it, and who composed, produced, and conducted the performance). Roon uses all that information to make it easy to access the music You want to listen to, to display the most relevant possible music in a given context, to provide insight into relationships between pieces of music, and to give You a healthy dose of serendipity.
What that means in practice is that Roon has to identify the music You have so it can be cross-referenced by our metadata service, and to achieve this We send information about Your music collection to Our servers. We also have mechanisms for authenticating Our users, collecting payments, and communicating with them.
Each of these systems has been designed with Our Users’ privacy in mind. We understand that by allowing Roon to do what We designed it to do, You place a great deal of trust in us. It’s Our aim to continue to earn that trust every day.
We take Your privacy very seriously. We’re nerds and privacy freaks ourselves. Thus, the provisions of Section 2 and Section 3 of this Software Privacy Policy, and the additional notices and disclosures set forth in Sections 1, 2 and 3 of Our Standard Privacy Policy (a copy of which is available at this link to the Company’s website: https://roon.app/privacypolicy-site), provides Roon’s explanation, notice and disclosure to all Users of the Roon Software regarding what personal information may be collected about You, how We and Our third parties use that personal information, and how and to whom We share Your information. We encourage You to closely read all of these provisions closely.
The following provisions demonstrate Our commitment to privacy:
Your personal information (name, email address, password) is collected and stored in Our account database to facilitate Your access to Our software.
Your payment information (credit card details) is transmitted to our payment processor when You enter it and is held in Our systems only as long as necessary to facilitate that payment process.
Your location information is used to determine which content (for example, lyrics and streaming music) We are allowed to display to You.
Information about Your music collection is used to provide You with rich metadata, and is stored in Roon’s database on Your computer. This metadata may also be stored on Roon’s servers, including any servers of Roon’s third party cloud providers..
Information about how one particular User utilizes Roon is generally stored separately from information about another User.
No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, We cannot guarantee its absolute security. However, we make efforts to protect Your personal information from improper or unauthorized loss, misuse, access, disclosure, alteration, or destruction. If You have questions about the security of Your personal information, contact the Company at the email or regular mailing address specified in the Contact Us section below.
We will retain Your personal information for as long as necessary to fulfill the purposes for which We collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, We consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of Your personal information, the purposes for which We process Your personal information, whether We can achieve those purposes through other means, and the applicable legal requirements.
The information We gather falls into three categories, each of which serves a specific purpose: personal information, profile information, and analytics data.
IN ADDITION TO THE NOTICES AND DISCLOSURES SET FORTH IN SECTION 2 AND BELOW THIS SECTION 3 OF THE SOFTWARE PRIVACY POLICY, WE MAY ALSO COLLECT, USE AND SHARE YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THE TERMS AND CONDITIONS SET FORTH IN THE COMPANY’S STANDARD PRIVACY POLICY, A COPY OF WHICH IS AVAILABLE AT THIS LINK TO THE COMPANY’S WEBSITE: https://roon.app/privacypolicy-site) AND ALL SUCH NOTICES AND DISCLOSURES IN THE COMPANY’S STANDARD PRIVACY POLICY ARE HEREBY INCORPORATED BY THIS REFERENCE INTO THIS SOFTWARE PRIVACY POLICY.
Personal information you must provide
In order to create Your Roon account and accept payment for your membership, We must collect certain personal information about You.
We think it’s nice to address our users accurately and appropriately, so we ask for your first and last name. We use Your name when we create your default in-app user user profile, when we send Your email messages, and it may be used for other purposes described in the Company’s Standard Privacy Policy.
Roon is a service, so We need to be able to contact You. Your email address is used to send You messages about Your membership and about Roon, and it may be used for other purposes described in the Company’s Standard Privacy Policy.
See Section 4 below regarding communication with Our Users below for more details.
Your password is stored in an encrypted form on your computer or Roon core appliance as well as on Our servers and possibly on those of our third party cloud providers. Your Roon password is used to authenticate You when You use Roon software, so We can be sure that people using the service are real members and not baddies. We can’t decrypt your password, so if You forget it, You will have to reset it by using the Roon or Roon remote app.
Passwords are reset by sending an email to Your email address for verification. Roon isn’t free, and for now, we only accept payment by credit card. Your credit card information (which includes cardholder name, card number, expiration date, and CVV code) is transmitted directly to Our payment processor using secure socket layer (SSL) technology. We keep a record of the cardholder name, expiration date, zip code and the last four digits of the card number so We can display that information to You on Your account page.
Profile information you may optionally give us
We introduced User profiles to make Roon more useful in multi-user households, so different Users can have their own favorites, play history, and playlists. Having access to profile information enhances Roon’s functionality, but isn’t required for it to operate properly.
We use Your birth date (but most importantly, Your birth year) to look for insights into Your music taste. It’s stored on Your computer or Roon core appliance as well as on Our servers, and it’s never shared with any third party.
If you want to scrobble your plays, we need your Last.fm login credentials. Your Last.fm credentials are stored in Roon’s database on Your computer or Roon core appliance and possibly on those of our third party cloud providers.
To access the streaming content You’ve favorited and to authorize Roon to playback streams, We need Your login credentials. Your credentials for streaming services are stored in Roon’s database on Your computer or Roon core appliance and possibly on those of our third party cloud providers.
Analytics data gathered by Roon Labs software
Roon captures information about how and where You use the software, and statistical reports about this information are stored on our servers for analysis and possibly also stored on servers of our third party cloud providers. The data is generally transmitted and stored without any reference to Your personal information. The purpose of the analytics data is to help us understand Our users and how they utilize Roon.
Your geographic location. We are contractually obligated by some of our data providers and service partners to filter the content You see based on where You’re located. Yes, this feels very “21stcentury” to Us, too, but draconian laws are draconian laws.
Information about Your music collection. Roon transmits some summary information about the files in Your music collection to our servers and possibly using those of our third party cloud providers.
Information about what music You play. For the development of radio and other features, Roon builds musical taste profiles based on Your play history.
Information about how You use Roon. In order to understand our members and their needs better, We capture data about how You use Roon, including, but not limited to: the features You use, how often You use Roon, statistics about Your music library, geographic location, and the audio devices You stream to.
We send email messages to our Uusers when specific actions or feedback are required of them (password reset, credit card expiration, renewal notification). Receiving these messages is not optional since the actions or feedback being solicited are necessary for the software to work properly.
We also send messages of an informational or promotional nature to our Users. Users have the option to opt-out of receiving these informational or promotional messages either: (i)pursuant to the Roon and Roon Remote apps; or (ii) by clicking the Unsubscribe link in the email message itself; or (iii) by following the other steps set forth in the Company’s Standard Privacy Policy, a copy of which is available at this link to the Company’s website: https://roon.app/privacypolicy-site).
Our software contains links to other web sites, including Wikipedia, Facebook, Instagram, Twitter, Songkick, and various artists’ web sites (collectively, “Third Party Sites”). Please be aware that Our Privacy Policies (as defined above) do not apply to these other Third Party Sites. Although we use great care when selecting content for Our software (including links to Third Party Sites of third parties) We disclaim any responsibility for the content that found on those other Third Party Sites.
We encourage You to review the privacy statements of the other Third Party Sites to understand their information practices. IN PARTICULAR, EACH USER SHOULD REVIEW THE PRIVACY STATEMENTS OF SUCH THIRD PARTY SITES TO DETERMINE THAT PARTICULAR THIRD PARTY SITES’ PRACTICES WITH REGARD TO THE COLLECTION AND USE OF YOUR PERSONALLY IDENTIFIABLE INFORMATION.
THIS SOFTWARE PRIVACY POLICY ONLY APPLIES TO THE ROON SOFTWARE. THEREFORE, THIS SOFTWARE PRIVACY POLICY: (A) DOES NOT DESCRIBE THE PRIVACY POLICIES OF ANY OF THESE THIRD PARTY SITES; AND (B) DOES NOT GOVERN THE COLLECTION OR USE OF YOUR PERSONAL INFORMATION BY THE THIRD PARTY SITES. THE COMPANY IS NOT RESPONSIBLE FOR THE PRIVACY PRACTICES OF ANY OF THESE THIRD PARTY SITES.
WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, EACH USER AGREES THAT IF THE USER USES ANY THIRD PARTY SITES IN ANY WAY, THE USER IS AWARE THAT ANY OF THE USER’S PERSONAL INFORMATION THAT THE USER PROVIDES TO THAT THIRD PARTY SITE MIGHT BE READ, COLLECTED, SHARED, DISTRIBUTED, OR OTHERWISE USED BY OTHER USERS OF THAT THIRD PARTY SITE OR BY ANY OTHER THIRD PARTIES, AND COULD BE USED TO SEND THE USER UNSOLICITED MESSAGES. THE COMPANY IS NOT RESPONSIBLE FOR ANY PERSONAL INFORMATION THAT THE USER ELECTS TO SUBMIT IN, OR OTHERWISE MAKE AVAILABLE TO, THESE THIRD PARTY SITES.
We send email messages to Our Users when specific actions or feedback are required of them (password reset, credit card expiration, renewal notification).
Receiving these messages is not optional since the actions or feedback being solicited are necessary for the software to work properly.
Users can correct or update their personal and payment information by signing in to Your account page on the Roon web site.
Users are solely responsible for correcting, updating, or modifying any and all of the User’s personal information. Without in any way limiting the foregoing, You acknowledge and agree that the Company does not have an independent obligation to maintain the accuracy or completeness of any of personal information You provide to the Company.
Each User confirms and agrees that by the User’s act of using the Roon Software, including, without limitation, uploading any personal information or any other content, the User: (a) unconditionally agrees to all of the terms and conditions of this Software Privacy Policy and the Company’s Standard Privacy Policy; and (b) further agrees that no provision of this Software Privacy Policy or the Company’s Standard Privacy Policy shall limit, condition, alter, or amend, in any way whatsoever, any rights that User may have separately granted to the Company pursuant to any other agreement that the user may have separately entered into with the Company.
We reserve the right to change, modify or clarify this Software Privacy Policy at any time (“Changes”), so please review it frequently. All such Changes to this Software Privacy Policy will take effect immediately upon their posting on the Company Website or upon delivery to the User via any other commercially reasonable means of notification. The Company reserves the right to make any and all Changes to this Software Privacy Policy without providing individualized notice to a User. YOU HEREBY AGREE THAT YOU ARE BOUND BY ALL CHANGES TO, AND ANY UPDATED VERSION OF, THIS SOFTWARE PRIVACY POLICY THAT ARE IN EFFECT EACH TIME YOU USE THE ROON SOFTWARE. THUS, THE TERMS OF THIS SOFTWARE PRIVACY POLICY MAY BE DIFFERENT THE NEXT TIME YOU USE THE ROON SOFTWARE. ANY USE OF THE ROON SOFTWARE BY YOU AFTER SUCH CHANGES SHALL BE DEEMED TO CONSTITUTE ACCEPTANCE BY THE USER OF ALL SUCH CHANGES WITH REGARD TO THE ROON SOFTWARE. EACH USER SHOULD REGULARLY REVIEW AND PRINT THIS SOFTWARE PRIVACY POLICY FOR THE USER’S RECORD. If the Company is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products or services to You.
The European Union’s (“EU”) General Data Protection Regulations (“GDPR”) provides EU “Data Subjects” (as such term is defined in the GDPR) with specific rights, including the right to receive notices, regarding their “Personal Data” (as such term is contemplated by the GDPR). This Software Privacy Policy hereby provides such GDPR-required notices and disclosures to each User that is an EU Data Subject as follows:
EACH USER THAT IS AN EU DATA SUBJECT (AS SUCH TERM IS DEFINED IN THE GDPR) HEREBY REAFFIRMS THAT BY CHECKING THE "I AGREE" BOX, EACH SUCH USER HEREBY: (1) ACKNOWLEDGES AND AGREES THAT THEY HAVE BEEN GIVEN A COPY OF THIS SOFTWARE PRIVACY POLICY AND THE COMPANY’S STANDARD PRIVACY POLICY , HAVE HAD AN OPPORTUNITY TO READ THIS SOFTWARE PRIVACY POLICY AND THE COMPANY’S STANDARD PRIVACY POLICY, AND FULLY UNDERSTAND ALL OF THE NOTICES AND DISCLOSURES PROVIDED IN THIS SOFTWARE PRIVACY POLICY AND THE COMPANY’S STANDARD PRIVACY POLICY; AND (2) PROVIDES THEIR INFORMED CONSENT TO, AND HEREBY AGREES TO ALL OF THE PROVISIONS OF, THIS SOFTWARE PRIVACY POLICY AND THE COMPANY’S STANDARD PRIVACY POLICY, INCLUDING WITHOUT LIMITATION, CONSENTING AND AGREEING TO ALL OF THE WAYS THAT THEIR PERSONAL DATA (AS SUCH TERM IS DEFINED IN THE GDPR) WILL BE COLLECTED, USED, AND SHARED AS DISCLOSED IN THIS SOFTWARE PRIVACY POLICY AND THE COMPANY’S STANDARD PRIVACY POLICY.
Data Subjects (as such term is defined in the GDPR) are hereby notified that they have the following additional rights pursuant to the GDPR:
Pursuant to GDPR Article 15 (Right of Access by the Data Subject), to obtain from Us confirmation as to whether Personal Data (as such term is defined in the GDPR) has been Processed (as such term is defined in the GDPR) and, if that is the case, access to that Personal Data and additional information about how it has been Processed, including without limitation: (i) the purpose of the Processing; (ii) the category of Personal Data concerned; (iii) the categories of recipients to whom the Data Subject’s Personal Data has been disclosed; (iv) the planned retention period; (v) the existence of Your right of rectification, deletion, limitation of processing, or opposition; (vi) the existence of a right to complain; (vii) the source of the collection of Personal Data if not collected from Us; (viii) and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
Pursuant to GDPR Article 16 (Right to Rectification), to request the correction (modification) of incorrect Personal Data or any completed Personal Data stored by Us;
Pursuant to GDPR Article 17 (Right to Erasure; “Right to be Forgotten”), to request the deletion of the Data Subject’s Personal Data stored by Us, except for the allowed continued uses permitted by the GDPR, including without limitation as far as the Processing is needed to exercise the right to freedom of expression and information, for the fulfillment of a legal obligations, for reasons of the public interest, or for the assertion, exercise, or defense of legal claims, if required;
Pursuant to GDPR Article 18 (Right to Restriction of Processing), to demand the restriction of the Processing of the Data Subject’s Personal Data where one of the following applies: (i) as far as the accuracy of the Personal Data is disputed by the Data Subject; (ii) the Processing of the Personal Data is unlawful, but the Data Subject rejects its deletion; (iii) We no longer need the Personal Data, but the Data Subject requires it to exercise or defend legal claims; or (iv) the Data Subject has objected to the Processing of the Personal Data in accordance with GDPR Article 21;
Pursuant to GDPR Article 20 (Right to Data Portability), the right of the Data Subject to receive his/her Personal Data as provided to Us, in a structured, common, and machine-readable format or to request the transfer to another person responsible;
Pursuant to GDPR Article 7(3) (Conditions of Consent), the Data Subject’s right to withdraw, at any time, the Data Subject’s once granted consent. As a result, We are no longer allowed to continue the Processing of Personal Data based on that consent for the future, but such withdrawal does not affect the lawfulness of the Processing of Personal Data based on such consent before such withdrawal; and
Pursuant to GDPR Article 77 (right to Lodge a Complaint with a Supervisory Authority), the right of the Data Subject to complain to a Supervisory Authority, as such term is defined in the GDPR. As a general rule, the Data Subject can contact the Supervisory Authority of the Data Subject’s usual place of residence or work or place of the alleged infringement.
The Company may process Your Personal Data (as such term is defined under the GDPR) under the following conditions:
Consent: You have given Your consent for processing Personal Data for one or more specific purposes, including without limitation the Informed Consent You have given to the Company by consenting and agreeing to this Software Privacy Policy or the Company’s Standard Privacy Policy COMPANY’S STANDARD PRIVACY POLICY by Your act of clicking the “I AGREE” Box.
Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.
In any case, the Company will gladly help to clarify the specific legal basis that applies to the Processing of Your Personal Data, and, in particular, whether the provision of Personal Data (as defined under the GDPR) is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
If a User believes that the Company is not complying with the policies outlined in this Software Privacy Policy, or if the User has any questions relating to this Software Privacy Policy, then the User should write to the Company at this email address: contact@roonlabs.com.