Sign in Subscribe

Privacy Policy

Effective Date: June 18, 2026

1. Introduction

Welcome to RocketRide. RocketRide Inc. (“RocketRide,” “we,” “our,” or “us”) operates a cloud compute platform that lets users build and run data and AI processing pipelines, including pipelines that connect to third-party large language model (LLM) and other service providers. This Privacy Policy explains how we collect, use, share, and protect personal information in connection with our website at rocketride.ai and the RocketRide cloud platform and related services (together, the “Services”).

RocketRide Inc. is a separate company from the RocketRide.org Foundation, which stewards the open-source extension project. The Foundation’s website and open-source activities are governed by the Foundation’s own separate privacy policy and are not covered by this Policy. This Policy applies only to the RocketRide Inc. commercial Services.

By creating an account or using the Services, you agree to the practices described in this Policy.

2. Scope of This Policy — Account Data vs. Customer Content

The Services involve two distinct categories of data, and our role differs for each:

  • Account and operational data (we act as controller). Information we collect to provide the Services to you such as: your account details, billing information, and usage data - is data for which RocketRide determines the purposes and means of processing. This Policy governs that data.
  • Customer content processed through your pipelines (we act as processor). Data, inputs, prompts, files, and outputs that you submit to or generate through your pipelines are processed by RocketRide on your behalf and under your instructions. For this customer content, you are the controller and RocketRide is a processor (or service provider). Our handling of customer content is governed by the agreement under which you access the Services (for example, our Terms of Service and any Data Processing Addendum), not solely by this Policy. Where this Policy and that agreement conflict as to customer content, that agreement controls.

If you use the Services to process personal information about other individuals, you are responsible for having a lawful basis to do so and for providing any required notices to those individuals.

3. Information We Collect

3.1 Information You Provide

  • Account information: name, email address, password (stored in hashed form), and, where applicable, company or organization name and role.
  • Billing information: when you purchase a paid plan, payment is processed by our payment processor, Stripe, Inc. (“Stripe”). We do not collect or store full payment card numbers on our systems. We receive limited billing metadata from Stripe (such as your billing name, the last four digits and brand of your card, billing country, and transaction status) to manage your subscription. Stripe processes your payment data as an independent controller under its own privacy policy.
  • Communications: information you provide when you contact support, submit a form, or otherwise communicate with us.

3.2 Third-Party Credentials and API Keys You Configure

To build a pipeline that connects to an external tool or service — such as an LLM provider, a database, an email service (for example, Outlook), a voice or media service (for example, ElevenLabs), or any other tool you add to your pipeline — you currently need to supply API keys or similar credentials for your own third-party accounts. We treat these credentials with particular care:

  • We store the credentials you enter in encrypted form and use them solely to execute the pipeline you have configured, on your instruction.
  • We do not use your credentials to access, read, modify, create, or delete anything in your connected third-party accounts beyond making the connections your pipeline itself performs. We have no ability to alter the contents of your connected accounts.
  • You may remove or rotate the credentials you have stored at any time through your account. You remain responsible for the security and terms of your own third-party accounts.

When your pipeline runs and sends data to a connected third-party tool or service, that tool or service processes the data under its own terms and privacy policy. RocketRide is not responsible for the data practices of the third-party tools and services you choose to connect. We encourage you to review the terms and privacy policies of any tool or service you connect.

3.3 Information Collected Automatically

When you use the Services, we automatically collect certain technical and usage information, including:

  • IP address and approximate geographic location
  • Browser type and version, device, and operating system
  • Pages or screens viewed, features used, and actions taken within the Services
  • Log and diagnostic data, including timestamps, request metadata, and error reports
  • Referring website and, on our marketing site, cookie and analytics identifiers

4. How We Use Your Information

We use the information described above to:

  • Provide, operate, maintain, and secure the Services, including executing the pipelines you configure
  • Create and manage your account and authenticate you
  • Process payments and manage subscriptions through Stripe
  • Provide customer support and respond to your requests
  • Monitor, troubleshoot, and improve the performance, reliability, and security of the Services
  • Detect, prevent, and respond to fraud, abuse, security incidents, and violations of our terms
  • Send you service-related communications (such as security, billing, and account notices)
  • Comply with legal obligations and enforce our agreements

We do not sell your personal information for monetary consideration. We may, however, “sell” or “share” personal information as those terms are broadly defined under California law — for example, where cookies or analytics tools allow third parties to collect information for cross-context behavioral advertising. California residents have the right to opt out of this activity; see Section 10.2.

5. AI Features and Model Training

5.1 AI-Assisted Pipeline Builder

The Services include a natural-language app builder. When you describe, in your own words, the pipeline you want to create, your instructions and related context are sent to a third-party large language model (LLM) provider that generates the corresponding pipeline configuration. This provider acts as our sub-processor and processes your inputs solely to generate your pipeline for you, under a data processing agreement. Because our builder LLM provider may process data in the United States, the international-transfer safeguards described in Section 7 apply. We will identify our current builder LLM provider on request (see Section 6).

Our builder LLM provider is contractually restricted from using your builder inputs to train or improve its own models. To protect your information, do not include passwords, API keys, or other secrets in your natural-language instructions; enter credentials only in the dedicated credential fields described in Section 3.2.

5.2 Use of Customer Content for Model Training

We do not currently use your customer content — including pipeline inputs, prompts, files, builder instructions, or outputs — to train, fine-tune, or otherwise develop or improve any machine-learning or AI model, whether our own or a third party’s.

If we ever decide to use customer content for model training or a materially similar new purpose, we will provide advance notice and a meaningful opportunity to object to, or to delete the relevant data before, that new use takes effect. We will not apply such a new use to your customer content without first giving you that notice and opportunity.

6. How We Share Your Information

We do not sell your personal information for monetary consideration. We share information only as described below (for how California law’s broader definitions of “sell” and “share” apply, and how to opt out, see Section 10.2):

  • Service providers / sub-processors. We use third-party vendors to operate the Services. They may process information on our behalf, under contracts requiring appropriate confidentiality and security. Our current categories of sub-processors are:
  • Cloud hosting and infrastructure: Google Cloud Platform (Google LLC) and Latitude.sh.
  • Storage and data analytics: Amazon Web Services, Inc. (AWS).
  • AI / LLM provider for the in-product app builder: a third-party LLM provider, identified on the sub-processor list available on request.
  • Payment processing: Stripe, Inc.
  • Legal and safety. We may disclose information where required by law, subpoena, court order, or other legal process, or where we believe disclosure is necessary to protect the rights, property, or safety of RocketRide, our users, or others.
  • Business transfers. If RocketRide is involved in a merger, acquisition, financing, reorganization, or sale of all or part of its assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information, and of any resulting choices you may have.

A current list of sub-processors is available on request at privacy@rocketride.ai.

7. International Data Transfers

RocketRide is a company based in the United States, and we process information in the United States. In addition, members of our team and contractors located in India may access personal information in order to operate, support, and improve the Services. As a result, your information may be transferred to, accessed from, stored, and processed in the United States, India, and other countries whose data-protection laws may differ from those of your own country.

Where we transfer personal information out of the European Economic Area (EEA), the United Kingdom, or Switzerland, we rely on appropriate safeguards recognized under applicable law — such as the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Addendum, and, where our providers are certified, the EU-US Data Privacy Framework — or another lawful transfer mechanism. You may request more information about these safeguards using the contact details below.

8. Data Retention

We retain personal information only for as long as necessary for the purposes described in this Policy, or as required by law. In general:

  • Account information: for the life of your account, and for a reasonable period afterward as needed for legal, tax, security, or dispute-resolution purposes.
  • Stored third-party credentials / API keys: until you remove them or close your account, after which they are deleted from active systems within a commercially reasonable period.
  • Billing records: retained as required for accounting, tax, and legal obligations.
  • Logs and diagnostic data: up to 90 days, unless retained longer for security investigations.
  • Customer content: retained and deleted in accordance with your account configuration and the agreement governing the Services.

9. Data Security

We implement technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, encryption of stored third-party credentials, access controls and the principle of least privilege, and logging and monitoring. We review our security practices over time. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Your Privacy Rights

Depending on where you live, you may have some or all of the rights described below. To exercise any of these rights, contact us using the details in Section 14. We will respond within the timeframe required by applicable law and may need to verify your identity first. We will not discriminate against you for exercising your rights.

10.1 EEA, UK, and Switzerland (GDPR / UK GDPR)

If you are located in the EEA, the UK, or Switzerland, you have the rights to access, rectify, erase, restrict, and object to processing of your personal data, and to data portability. Where we rely on consent, you may withdraw it at any time. Our lawful bases for processing are: performance of a contract (to provide the Services you request); legitimate interests (to operate, secure, and improve the Services); consent (for optional cookies and analytics, and certain communications); and compliance with legal obligations.

10.2 United States — California (CCPA/CPRA) and Other States

This section serves as our “Do Not Sell or Share My Personal Information” notice for California residents. We do not sell your personal information for monetary consideration. We may “sell” or “share” personal information as those terms are broadly defined under the CCPA/CPRA — for example, when cookies or analytics tools allow third parties to collect information for cross-context behavioral advertising.

California residents, and residents of other U.S. states with comparable laws, have the right to: opt out of the sale or sharing of personal information; know what personal information we collect, use, and disclose; request deletion of personal information; correct inaccurate personal information; and not be discriminated against for exercising these rights.

How to opt out of sale or sharing. You can submit an opt-out request by:

  • Emailing us at privacy@rocketride.ai with the subject line “Do Not Sell or Share My Info” along with your account information for us to flag; or
  • Adjusting your cookie preferences in your browser, or enabling a Global Privacy Control (GPC) signal, which we honor as a valid opt-out request.

We will process requests within the timeframes required by law and may need to verify your identity first. We do not require you to create an account to submit a request.

10.3 India (Digital Personal Data Protection Act, 2023)

If you are located in India, you may request access to and correction, completion, updating, or erasure of your personal data, withdraw consent where processing is based on consent, and nominate another individual to exercise your rights in the event of death or incapacity. You may raise any grievance regarding our handling of your personal data using the contact details in Section 15, and you may escalate to the Data Protection Board of India where permitted by law.

11. Cookies and Analytics

Our website and Services use cookies and similar technologies to operate, remember your preferences, and understand usage. Usage data collected through the Services is stored and analyzed using our infrastructure providers, including Amazon Web Services (AWS). We may also use cookies or analytics tools that allow third parties to collect information for cross-context behavioral advertising; under California law this may constitute “sharing” or “selling,” and you can opt out as described in Section 10.2. You can control cookies through your browser settings and, where required, through our cookie banner or consent tool; where supported, we enable IP anonymization and other data-minimizing settings.

12. Children’s Privacy

The Services are intended for business and professional use and are not directed to individuals under 18. We do not knowingly collect personal information from anyone under 18. If you are under 18, please do not use the Services or provide any information to us. If we learn that we have collected personal information from a person under 18, we will take steps to delete it.

The Services may link to or interoperate with third-party websites and services, including providers you choose to connect to your pipelines. This Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review their policies.

14. Changes to This Policy

We may update this Policy from time to time. When we do, we will revise the effective date above and, for material changes, provide additional notice (for example, by email or an in-product notice). Your continued use of the Services after an update takes effect constitutes acceptance of the revised Policy.

15. Contact Us

If you have questions or requests regarding this Policy or your personal information, contact us at:

RocketRide Inc.

41 Grant Ave, Floor 2, San Francisco, CA 94108, USA

Privacy contact: privacy@rocketride.ai

Effective Date: June 18, 2026