RoShield
 Back
Legal

Privacy Policy

Last updated: May 2026

What We Collect

We collect only what's necessary to provide the service:

  • Email address — used for login and account identification
  • Password — stored as a bcrypt hash. We never store or see your plaintext password.
  • API key — cryptographically generated on registration, used to authenticate plugin requests
  • Scan results — risk score, vulnerability descriptions, severity levels, and scan timestamps. These are stored in your account so you can access your history.
  • Game snapshots — see Section 2 for full details on how these are handled.

Your Game Code — Exactly What Happens To It

This is the most important section for Roblox developers. Here is precisely what happens to your game's code when you run a scan:

Quick Scan

Your game snapshot (scripts, remotes, service structure) is sent to our servers, analyzed by an AI model entirely in memory, and never written to a database or disk. Once the analysis is complete, the data is gone.

Deep Scan (Studio plan)

Because deep scans run in multiple stages over several minutes, your snapshot is temporarily stored in our database so each stage can access it. The moment your scan finishes — or if it fails at any point — your game data is automatically and permanently deleted from our servers. What remains is only the result: the risk score and vulnerability descriptions.

In both cases, we guarantee:

  • Your game code is never sold, shared, or transferred to any third party
  • Your game code is never used to train AI models
  • We do not claim any ownership over your game or its content
  • Scan results (not code) are retained in your account until you delete them or delete your account

How We Use Your Data

  • To perform security scans you request
  • To display your scan history in your dashboard
  • To authenticate your account and API key

We do not use your data for advertising. We do not sell your data. Ever.

Data Deletion

You have full control:

  • Delete individual scans — from your scan history at any time
  • Delete your account — go to Settings → Danger Zone → Delete Account. This permanently and immediately deletes your account, all scan results, and any remaining data. This action is irreversible.

Security

  • All data is transmitted over HTTPS/TLS
  • Passwords are hashed with bcrypt (cost factor 12)
  • API keys use cryptographically secure random generation
  • Game snapshots for deep scans are automatically purged on scan completion

Contact

Questions about privacy? Contact us at support@roshield.dev

Also read our Terms of Service

© 2026 RoShield · Terms · Privacy · support@roshield.dev