RoAnalytica ("we", "us", or "our") is a Roblox game analytics platform that helps developers optimize their games using data-driven AI insights. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
By using RoAnalytica — including connecting your Roblox account via Roblox OAuth 2.0 — you agree to the practices described in this policy.
1. Information We Collect
1.1 Information You Provide Directly
- Email address and display name (when creating a RoAnalytica account)
- Game performance metrics you manually enter: Daily Active Users (DAU), D1 retention rate, average session length, and monthly revenue
- Optional context notes about your game (e.g., recent updates, events)
- Genre, last update date, and other game metadata you provide
1.2 Information Collected via Roblox OAuth 2.0
When you choose to connect your Roblox account using the "Connect with Roblox" button, RoAnalytica uses Roblox's OAuth 2.0 authorization flow to request limited, read-only access to your Roblox developer data. Specifically, we access:
- Your Roblox username and user ID (for account identification)
- A list of experiences (games) associated with your account, including group-owned games where you have developer access
- Gamepass names and prices for your experiences
- Developer product names and prices for your experiences
- Publicly available game statistics: total visits, concurrent players, and like/dislike ratio
We do NOT access or store:
- Your Roblox password or authentication credentials
- Revenue or transaction data from Roblox (not available via the Roblox API)
- Player account information, player identities, or player personal data
- Any data beyond the scopes explicitly requested and approved during OAuth authorization
1.3 OAuth Tokens
When you authorize RoAnalytica via Roblox OAuth 2.0:
- Access tokens and refresh tokens are issued by Roblox and processed by our secure Cloudflare Worker backend
- Tokens are used solely to make authorized API requests on your behalf during your session
- Access tokens are stored only in your browser's session storage — never in our database
- Refresh tokens are handled exclusively server-side via our Cloudflare Worker and never logged or stored
1.4 Automatically Collected Information
- Browser type, operating system, and general device information
- Pages visited within RoAnalytica and feature usage patterns
- IP address (processed by Cloudflare infrastructure, not stored by us)
2. How We Use Your Information
We use the information collected to:
- Provide, operate, and improve the RoAnalytica platform
- Generate AI-powered insights and recommendations specific to your game
- Display your game data, gamepasses, and developer products within your dashboard
- Authenticate your identity and maintain your account session
- Associate your connected Roblox games with your RoAnalytica account
- Improve our AI models and benchmarking data in aggregate, anonymized form
We do NOT use your data to serve advertisements, sell your information to third parties, or train AI models on individually identifiable data without consent.
3. How We Share Your Information
We share your information only with the following service providers that operate RoAnalytica:
- Firebase (Google) — user authentication and secure database storage
- Cloudflare Workers — secure server-side processing of Roblox OAuth tokens. Your client secret is never exposed to the browser
- Groq — AI inference to generate game insights. Only anonymized game metric data is sent, never personal identifiers
- Roblox Open Cloud APIs — to retrieve your game and product data using your authorized OAuth token
We may also disclose information if required by law or to protect the rights and safety of RoAnalytica or our users.
4. Data Retention
- Account data is retained as long as your account is active
- Game submission history is retained until you delete individual entries or your account
- OAuth tokens are session-only and never persisted beyond your active browser session
- You may request deletion of all your data at any time by contacting us
5. Your Rights
Depending on your location, you may have the right to access, correct, delete, or export your personal data, or to restrict or object to our processing of it. To exercise these rights, contact us at [email protected].
6. Roblox OAuth 2.0 — Specific Disclosures
RoAnalytica uses Roblox's OAuth 2.0 protocol to connect your Roblox developer account. The following additional disclosures apply:
- Authorization is voluntary. You may use RoAnalytica without connecting your Roblox account by entering data manually.
- You can revoke access at any time by visiting create.roblox.com/dashboard/oauth2 and removing RoAnalytica from your authorized applications.
- Revoking OAuth access will prevent RoAnalytica from fetching new data from Roblox but will not delete data already saved to your RoAnalytica account.
- RoAnalytica is an independent third-party tool and is not affiliated with, endorsed by, or sponsored by Roblox Corporation.
- Your use of Roblox's services remains governed by Roblox's own Terms of Use and Privacy Policy.
- We request only the minimum OAuth scopes necessary:
openid and profile. We do not request write access to any Roblox resource.
7. Security
- OAuth client secrets are stored exclusively as encrypted environment variables in Cloudflare Workers — never in client-side code or our database
- All data transmission uses TLS/HTTPS encryption
- Firebase security rules restrict each user's data to their own authenticated account
- OAuth flows use PKCE (Proof Key for Code Exchange) to prevent authorization code interception attacks
- We do not store OAuth access tokens or refresh tokens in our database
8. Children's Privacy
RoAnalytica is intended for use by game developers and is not directed at children under 13. If you are under 13, please do not use RoAnalytica. If we become aware that we have collected personal data from a child under 13, we will delete it promptly.
9. International Data Transfers
RoAnalytica is operated from the United States. If you access our service from outside the United States, your information may be transferred to and processed in the US. We rely on Cloudflare's global infrastructure for data processing, which complies with applicable international data transfer frameworks.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this document and notify you via email or an in-app notice where appropriate.
11. Contact Us
For Roblox OAuth-related concerns, you may also contact Roblox directly at roblox.com/support.