RootRecord logoRootRecord

Privacy

Privacy Policy.

Last updated: 2026-05-18

RootRecord ("we", "our") provides RootRecord-branded mobile and web apps (including Business Manager, Weather Manager, Kilauea Alerts, Token Manager, Account Hub, and Roots Idle Farmer), plus rootrecord.info account, billing, Discord linking, and Roots. This policy describes what we collect for online services, how optional app features interact with our servers, and your choices.

Overview

Data on your devices and our servers: Signed-in products may store workspace, weather, alerts, token, farms progress, or earn/Roots data on our servers when you use online features. Other data may stay on your device until you enable sync, notifications, backup, or similar options.

Web and account services: When you use rootrecord.info or our product web apps (for example business.rootrecord.info, weather.rootrecord.info, kilauea.rootrecord.info, farms.rootrecord.info), we collect and process data as described below.

Data we collect

  • Account data: You can create an account via our signup page (e.g. email, social login, or username and password). We store identifiers and a hashed version of your password where applicable; session cookies keep you signed in. If you choose a key-storage method in Settings, we store that preference.
  • Payment and billing data: Supporter payments are processed by our payment provider. We do not store your full card number or card verification details. We store your subscription status and billing references from the provider so we can grant access, show your plan on the Billing page, and let you use "Manage subscription." Subscription data for lapsed accounts is retained for one year after the cycle end, then removed. Our provider's privacy policy applies to payment data they collect and process.
  • Monitoring data (web services): Data from devices and services you connect (e.g. solar or power statistics, weather via Open-Meteo, system metrics). This is stored in our database and shown in dashboards and reports. If you enable a public Power Statistics dashboard, the data you choose to share there is visible to anyone with the link.
  • Apps and our servers: When you sign in, check subscription status, use sync, earn Roots, play Root Farms, or use optional secure online backup, a RootRecord app contacts our services over a secure connection. We process the minimum data needed (account identity, subscription state, app usage signals, farms progress, earn ledgers, encrypted backup copies where enabled). We do not use your on-device database contents for advertising.
  • Discord linking: If you connect Discord, we store your Discord user id and username/display name, link them to your rootrecord.info account, and may assign roles in the RootRecord Discord server (for example @Verified). OAuth is handled through Discord; we do not receive your Discord password. You can unlink from Account or Discord verification.
  • Roots and My Apps: We record per-app usage signals (for example earn totals, last activity, saved locations, push registration, or business workspace rows) to show which products have used your account on My Apps and to operate the Roots program on Root Units.
  • Photo submissions (volcano photos): If you choose to submit photography through an app feature, we collect the image you upload and associated metadata you provide (for example caption, upload time, and your account identifier). Photos are reviewed before publication. We may remove, reject, or restrict content that violates our Terms or community safety guidelines.
  • Page view and analytics: We log page views: path, referrer, IP address, user agent, and (when logged in) your account identifier. We use a persistent cookie to assign a unique visitor ID for traffic analysis. This cookie is HttpOnly, expires in one year, and is first-party only. We also capture UTM parameters for campaign attribution.
  • Affiliate redirect pages: When you visit our Amazon affiliate redirect pages, we log: visitor ID, IP, account identifier if logged in, referring page, destination link, and whether you completed the redirect. The destination (Amazon) has its own privacy policy.
  • Operation logs: Standard server logs (IP, path, timestamp) for operation and security.

How we use it

We use data to provide dashboards, reports, alerts, and automation; to maintain security and availability; and to improve our services. We do not sell your data.

For content you upload to online Services, our Terms of Service describe platform access for moderation, AI report generation, support, and compliance. Your privacy controls determine who else (other users, the public) can see your content where those controls exist.

AI report data and our own models

When you or the platform generates AI reports on online services, we send relevant inputs to an AI provider to produce the report. We save input/output pairs on our systems. We use this data to create, train, and improve our own AI models. We do not use it to sell your data or to train third-party commercial models. See our Terms of Service for contractual permission.

Sharing

We do not sell your data. We share data only as needed: with hosting and database providers; our payment provider for payments; identity providers when you use those sign-in options; and service providers for features you use. Each third party's privacy policy applies. We may disclose data when required by law.

Affiliate links

Some links (e.g. to Amazon) are affiliate links. Clicks may pass through our redirect pages before opening the external site. We log those visits as described above. If you make a qualifying purchase, we may earn a commission. See our Terms for more.

Cookies

  • Session cookie: Keeps you signed in on the website. Expires when you close the browser or after inactivity.
  • visitor ID: One-year identifier for traffic analysis. HttpOnly, first-party, not used for advertising. Clear cookies to reset.

Retention

We retain monitoring and log data as needed for the service and operational or legal purposes. Subscription data for lapsed accounts is stored for one year after the billing cycle ends, then purged. You may permanently delete your account from your profile where offered. See Terms of Service for billing rules. Files stored on your devices remain under your control until you delete them.

Photo submissions: Approved photos may be retained and displayed until you delete your account, request deletion, or we remove the content. Rejected submissions may be retained for a limited period to support abuse prevention and moderation audit trails.

Security and infrastructure

We use industry-standard measures (hashed passwords, secure connections, access control) for services we host. Our infrastructure may be off-grid or power-managed; scheduled unavailability (e.g. 12:00 a.m.–5:00 a.m. HST) is described in our Terms of Service.

Your choices

  • Account: Manage your account and dashboards from your profile.
  • Download your data: Download a copy of your account data (ZIP) from your profile before deleting, where available.
  • Request data deletion (without deleting your account): Use our data deletion request page.
  • Permanent deletion: Delete your account and associated online data from your profile where offered. May require password confirmation. Irreversible. Some data may remain in backups for a limited period.
  • Apps: Disable optional online features, sign out, or uninstall the application. Export or back up your database before removal if you need copies.
  • Cookies: Clear or block cookies in your browser. Blocking the session cookie prevents staying signed in.

Changes

We may update this policy. The "Last updated" date will change. Continued use after changes means you accept the updated policy.

Contact

For privacy questions, see our home page or Contact page.