Roost’s Privacy Policy

Effective Date: May 1, 2023

1. About Roost’s privacy policy

This Privacy Policy (the “Policy”) describes the information Roost collects about you, how we use and share that information, and the privacy choices we offer. This Policy applies to information we collect when you register for Roost, access or use our website, mobile applications, products, and services (collectively, the “Services”), or when you otherwise interact with us. This includes information we collect when you access or use the application operated by Roost to view, manage, or conduct transactions for you. Please refer to the Roost Terms of Use and for information concerning those products.

The terms “Roost,” “we,” “us,” or “our” mean JoinRoost, Inc. and Henelee, LLC “You” or “your” means an individual who visits or uses our Services. The term “Site” includes (1) all websites and all devices or mobile applications operated by Roost that collect personal information from you and that link to this Privacy Policy; (2) pages within each such website, device, or mobile application, any equivalent, mirror, replacement, substitute, or backup website, device, or mobile application; and (3) all pages that within each such website, device, or mobile application.

2. Information You May Choose to Provide to Us

Roost collects personal information about you for a variety of purposes. During the past 12 months, we have collected the following categories of personal information from individuals:

• Personal Identifiers, such as a full name, postal address, email address, online usernames and passwords for third-party sites and internet services, social security number, driver’s license number, or other similar identifiers.
• Internet or other network activity information, such as information regarding how individuals interact with the Site, emails, or marketing materials.
• Lease-related information.
• Commercial information, such as products or services purchased, obtained, used, or transactional data.
• Inferences based on information about an individual to create a summary about, for example, an individual’s preferences and characteristics.
• Bank account and debit card information, such as account numbers, card numbers, and transaction histories.

During the past 12 months, we have also disclosed the categories of personal information listed above for our business purposes. We have not, however, sold personal information to third parties. We may also collect information about you from mailing list providers, publicly available sources, identification verification services and other third parties.

2.1 Third Party Credentials, Account Numbers and Other Account Information

When you use certain Services, we may collect from you usernames, passwords, account numbers, and other account information for third-party websites and Internet banking services (“Third-Party Sites”). We also collect account information from you when your Property management company uses Roost to manage your deposits and/or you pay your security deposit to Roost. This information is used to obtain your account, transaction, and other banking information from the relevant financial institution on your behalf in order to display the information to you or to fulfill your requests for certain products, services, or transactions through a Service. We use third-party service providers, such as Plaid Inc. (“Plaid”) and Sila Money (“Sila”) to obtain this information.

By using our Services, you grant Roost, Plaid, Evolve Bank & Trust and Sila the right, power, and authority to act on your behalf to access and transmit this information from the relevant financial institution, including from Evolve for the Roost Account. With respect to Plaid, Evolve Bank & Trust, and Sila, you agree to your personal and financial information being transferred, stored, and processed by Plaid in accordance with Plaid’s privacy policy and in accordance with Evolve, in accordance with Evolve’s Privacy Policy, and Sila, in accordance with Sila’s privacy policy. 

If you are a Roost Member, notwithstanding anything to the contrary in the Terms or Policy, Roost will use transaction information solely as follows:

• Use transaction data to confirm a Qualifying Purchase or return to match transactions to confirm whether you qualify for a statement credit or an Offer;
• Share transaction data with the participating merchant where a transaction occurred as needed for the merchant to confirm a specific transaction occurred or points should be awarded; for example, the date and amount of your purchase and the last 4 digits of your card number so the merchant can verify your purchase with its records if there is a missing or disputed transaction;
• Provide participating merchants aggregated and anonymized information relating specifically to registered card activity solely to allow participating merchants to assess the results of their campaign;
• Create a record of the transaction data and thereafter maintain and use data in connection with operating the Program;
• Conduct analysis for the improvement and optimization of the Program, and Provide information in order to respond to a request from government authority or a payment organization involved in a transaction with you or a merchant.
• You authorize the sharing, exchange and use of transaction data described above and herein by and among Roost, Henelee, applicable Payment Card Networks and applicable Merchants.

2.2 Information Collected by Cookies and Web Beacons

We use various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files that are stored on your hard drive or in device memory by a website. Among other things, cookies support the integrity of our registration process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about user activity. We may also collect information using web beacons. Web beacons are electronic images that may be used in our Services or emails. We may use web beacons to deliver cookies, count visits, understand usage, and determine whether an email has been opened and acted upon.

2.3 Technical and Navigational Information

We may collect your computer browser type, Internet protocol address, pages visited, and average time spent on our Site. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve our web design and functionality.

2.4 Device ID

When you use our mobile applications or the mobile versions of our Site, we may collect the unique device identifier assigned to that device by phone makers, carriers, or makers of the operating system (the “Device ID”). Device IDs allow app developers, and others to uniquely identify your device for purposes of storing application preferences and other data.

3. How We Use Your Information

We may use the information you provide about yourself and about your Roost Account, to fulfill your requests for our products, programs, and Services, to respond to your inquiries about our Services, and to offer you other products, programs, or services that we believe may be of interest to you.  We may use your information to complete transactions you request, to verify the existence and condition of your accounts, or to assist with a transaction. For example, we may use the account information you provide or that we collect from Third-Party Sites to confirm your accounts are valid and to access funds from your accounts in connection with the fulfillment of the Services.

We may use your information to improve and personalize the Services. For example, we may use your information to pre-fill form fields on the Sites for your convenience.

4. How We Share Your Information

We may share personal information about you as follows:

• With third parties to provide, maintain, service and improve our Services.
• To process transactions that you authorize or to fulfill your requests.
• In connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, divestiture, or dissolution of all or a portion of our business.
• To respond to subpoenas, court orders, or legal process.
• In order to investigate, prevent, defend against, or take other action regarding violations of our Terms of Use, illegal activities, suspected fraud, or situations involving potential threats to the legal rights or physical safety of any person or the security of our network, Sites or Services.
• the legal rights or physical safety of any person or the security of our network, Sites or Services.
• To respond to claims that any posting or other content violates the rights of third parties.
• In an emergency, to protect the health and safety of our Sites’ users or the general public.
• As otherwise required by law.

5. How We Secure Your Information

We take your privacy and the security of your information very seriously and have an information security program that includes administrative, technical, and physical measures to protect your information. We hold ourselves responsible for the security of cardholder data we possess or otherwise store process or transmit on your behalf, or to the extent that we could impact the security of your cardholder data environment. 

Roost will maintain all applicable PCI DSS requirements to the extent we handle, have access to, or otherwise store, process, or transmit the customer’s cardholder data or sensitive authentication data, or manage the customer’s cardholder data environment on behalf of a customer. Examples of measures we have taken to protect your information include, but are not limited to:

• The use of industry standard encryption while transmitting and storing information.
• Mobile application session timeouts to ensure your information is protected when you put down your device without logging out.
• Passwords are only known by you. No employee, contractor or Third-Party Site has access to your Roost password. We will never ask for your password through our customer service teams.
• Two-factor authentication is provided to ensure your account can only be accessed by the device you register with.
• Our systems are periodically audited for security flaws.

6. Note on Communication

We may provide you with information and summaries of your accounts and Services through email, SMS and mobile notifications. We may also allow you to subscribe to email newsletters and from time to time may transmit emails to you promoting Roost or third-party goods or services.

Subscribers have the ability to opt-out of receiving our promotional emails and to terminate their newsletter subscriptions by following the instructions in the emails. Opting out in this manner will not end transmission of service-related emails, such as information and summaries of your accounts and Services.

7. How to Update Your Information

If you wish to access personal information that you have submitted to us or to request the correction of any inaccurate information you have submitted to us, you may correct certain information through our Site. Alternatively, you can send an email that includes your contact information to support@joinroost.com to request any corrections to your personal information.

You may also email us if you wish to deactivate your Services per the Terms of Use policy, but even after you deactivate your Services, we may retain archived copies of information about you for a period of time that is consistent with applicable law.

8. California Privacy Rights

The California Consumer Privacy Act (“CCPA”) allows California residents, upon a verifiable consumer request and subject to applicable exemptions, to request that we give you access, in a portable and (if technically feasible) readily usable form, to the specific pieces and categories of personal information that we have collected about you, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Roost will not discriminate against you for exercising your rights, such as by denying you services, charging you different prices for services, or providing you a different level or quality of services. Please note that you must verify your identity and request before further action will be taken. As part of this process, we may require you to provide government identification. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government-issued identification.

We do not sell your personal information to third parties. We do, however, share personal information with third parties for the business purposes described in this Policy.  California law also permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year.

If you are a California resident and would like to exercise your data protection rights, where applicable, you can contact us through Support@joinroost.com.

We will consider all requests and provide our response within a reasonable period of time (and within any time period required by applicable law). Please note, however, that certain information may be exempt from such requests, for example, if we need to keep the information to comply with our own legal obligations or to establish, exercise, or defend legal claims.

Here is a summary of the CCPA-related categories of Personal Information we may have collected about you over the past 12 months as well as how we may use it and with whom we may have shared it.

Categories of Personal Information we may collect:	How we may use Personal Information:	Parties with whom your information may be shared:
– Personal identifiers – Financial information – Contact information – Transaction information – Geolocation information – Device information – Internet or other electronic network activity information – Professional or employment-related information – Bank account, credit card, digital wallet, and debit card information – Commercial information, such as products or services purchased, obtained, or used	– Identity verification – Compliance, risk, and fraud detection – Providing, personalizing and improving our products – To fulfill your requests for certain products, services, or transactions – Contacting you to resolve disputes and help with our Services – Conducting investigations, complying with and enforcing any applicable laws, regulations, legal requirements, and industry standards – Responding to lawful requests for information to perform other business purposes	– Affiliate partners you’ve signed up for through Roost – Issuing financial institutions – Payment networks – Service providers to facilitate: Bank account aggregation – Fraud detection – Identity verification – Payment processing – Law enforcement or other third parties in response to a legal request

9. How We Update Our Privacy Policy

We reserve the right, at our discretion, to make changes to this Policy from time to time, so please review it frequently. You may review updates to our Terms of Use and Privacy Policy at any time via links on joinroost.com. You agree to accept electronic communications and/or postings of revised versions of this Policy on joinroost.com and agree that such electronic communications or postings constitute notice to you of the revised version of this Policy. Changes take effect immediately upon posting.

10. If you have questions

If you have questions or concerns regarding this Policy, or if you have any questions or suggestions, please contact support@joinroost.com.

Federal Privacy Notice

FACTS	WHAT DOES JoinRoost, Inc. (“Roost”) DO WITH YOUR PERSONAL INFORMATION?
Why?	Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What?	The types of personal information we collect and share depend on the product or service you have with us. This information can include: – Name and Address – Phone number and Email – Lease information – Interests and preferences your salary or wage payment frequency – Account balances – Your repayment information if you borrow from your deposit
How?	All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reason Roost chooses to share; and whether you can limit this sharing.

Reasons we can share your personal information	Does Roost share?	Can you limit this sharing?
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, furnish data to local or federal governing bodies where it is required by laws and regulations.	Yes	No
For our marketing purposes– to offer our products and services to you	Yes	No
For joint marketing with other financial companies	Yes	No
For our affiliates’ everyday business purposes –information about your transactions and experiences	Yes	No
For our affiliates to market to you	Yes	Yes
For nonaffiliates to market to you	No	Yes

To limit our sharing	Email us at Support@joinroost.com. Please note: If you are a new customer, we can begin sharing your information 30 days from the date you sent this notice. When you are no longer our customer, we continue to share your information as described in this notice. However, you can contact us at any time to limit our sharing.
Questions?	Email us at Support@joinroost.com

Who we are
Who is providing this notice?	Roost and its wholly-owned subsidiary, Henelle, LLC is providing this privacy policy and it applies to all products and services offered in connection with you.

What we do
How does Roost protect my personal information?	To protect your personal information from unauthorized access and use, we use security measures that comply with industry standards. These measures include computer safeguards and secured files.
How does Roost collect my personal information?	We collect your personal information, for example, when you: – Enroll for services and accounts – Confirm your lease – Tell us where to send money – Provide account information
Why can’t I limit all sharing?	Federal law gives you the right to limit sharing only for: – affiliates from using your information to market to you – sharing for non-affiliates to market to you – for joint marketing with other financial companies State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.

Definitions
Affiliates	Companies related by common ownership or control. They can be financial and nonfinancial companies. – JoinRoost, Inc. – Henelee, LLC.
Nonaffiliates	Companies not related by common ownership or control. They can be financial and nonfinancial companies. Non Affiliates we share with can include consumer loan brokers, lenders, and direct marketing companies.
Joint marketing	A formal agreement between non-affiliated financial companies that together market financial products or services to you. – Our joint marketing partners can include institutions such as consumer lenders or marketers.

Other important information

FOR VERMONT RESIDENTS: We will not share information we collect about you with nonaffiliated third parties, except as permitted by Vermont law, such as to process your transactions or to maintain your account. FOR CALIFORNIA RESIDENTS: We will not share information we collect about you with nonaffiliated third parties, except as permitted by California law, such as to process your transactions or to maintain your account. We will limit sharing among our companies to the extent required by California law. FOR NEVADA RESIDENTS: We are providing this notice to you pursuant to Nevada law. If you prefer not to receive marketing calls from us, you may be placed on our internal Do Not Call List by writing to us at JoinRoost, Inc 15640 NE Fourth Plain Blvd, Suite 106, Vancouver, WA 98682. Nevada law requires that we also provide you with the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington Street, Suite 3900, Las Vegas, NV 89101, phone number (702) 486-3132, email BCPINFO@ag.state.nv.us. State laws may also provide you with specific privacy protections. We will comply with applicable state laws with respect to our use of your information. FOR INTERNATIONAL VISITORS: The Service is hosted in the United States and is intended solely for visitors located within the United States. The information we provide and the third-party products and services featured are tailored for the United States market only. You agree that if you choose to use the Services from outside the United States, you will be transferring your information outside of those regions to the United States for storage and processing.

© 2023 JoinRoost, LLC. All Rights Reserved