Legal

Developer terms

By becoming a Roku Developer, you are subject to and agree to comply with all applicable Developer Terms, and any other terms, rules, and policies applicable to the Developer Program that Roku makes available to you.

• Certification Requirements
• Claimed Copyright Infringement Procedures
• Roku’s Address for Notices
• Roku Advertising Guidelines
• Roku Data Processing Policy for Channel and Content Providers
• Roku Trademark Guidelines

Developer agreements

• Roku Distribution Agreement
• Developer tools license agreement

Compliance

All app developers must comply with the laws and legislation for the countries their content is available in. The following overview covers the most common factors to consider for apps on the Roku Platform in addition to Roku OS features designed to assist in your legal compliance.

CVAA

For information on accessibility laws that may be applicable to your app such as the 21st Century Communications and Video Accessibility Act, see Accessibility Requirements for Channel Partners.

COPPA

The Children's Online Privacy Protection Rule (COPPA), imposes certain requirements for online streaming content directed to children under 13 years of age or services in addition to restrictions for knowingly collecting personal information from a child under 13 years of age.

Advertisers and COPPA - On July 1, 2013 - FTC expanded the COPPA requirements to ad networks and online plugin services. It's important for all ads streamed and tracked to be COPPA compliant. Please refer to the FTC's site for full details: FTC's site for Children's Privacy

GDPR

The General Data Protection Regulation (GDPR) is the primary law governing how the personal data of European Union (EU) residents should be collected and processed. The regulation applies to processing of personal data by all businesses within the EU. It also applies to businesses outside the EU that offer goods or services to individuals in the EU, or monitor the behavior of such EU individuals.

You are responsible for your own compliance with the GDPR, just as you are responsible for compliance with other existing laws today, like the ePrivacy Directive. Every app on our platform that collects or processes personal data of individuals in the EU, regardless of the company’s location, should prepare for GDPR to go into effect on May 25, 2018.

Here are some things to consider:

• If using a third-party ad server, are you respecting the "Limit ad tracking" parameter set by the user, as determined by the IsRIDADisabled() API?
• Are you transparent in how you collect and handle user data (e.g., data collected about the use of your app or any Roku device)?
• If your app collects or processes personal data, do you provide a privacy notice to explain how you collect, use, and share this data, including the types of parties with whom data is shared?
• Do you limit use of the data to the description in your privacy notice?
• Does your app engage in automatic collection and transmission of data from any Roku device for purposes that are not necessary to provide the service the user has requested? If so, did you obtain user’s affirmative consent before you collect and transmit this data?
• EU data protection regulators have published guidance on the requirements of a valid consent (see Consent Guidance). Do the consents you have obtained meet these guidelines?
• Can users opt out of having data collected from their Roku device for uses that are not essential to the services provided by your app?

To learn more about the GDPR and how you can prepare your business for it, click here.  Other regulatory resources include:

• Directive 2009/136/EC (ePrivacy Directive)
• Regulation (EU) 2016/679 (General Data Protection Regulation)

Specific country legal requirements

Apps must adhere to legislation in countries their content is available in. For Roku related documents, please review each country at roku.com/legal.