Privacy Policy
Date: February 2, 2026
INTRODUCTION
This privacy policy for Roomera (“we,” “us,” or “our“) describes how and why we might collect, store, and use (“process“) your information when you use our services (“Services“), including:
- Visit our website at roomera.io, or any website of ours that links to this privacy policy;
- Download and use our mobile application Roomera (‘App’);
- Engage with us in other related ways ― including any sales, marketing, or events.
By using our Services, you agree to this Privacy Policy. If you are under 18, you must have parental consent. We will delete any personal information collected from minors without proper consent. Contact us if you believe we have collected data from a minor.
1. INFORMATION WE COLLECT
When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use.
We do not process sensitive personal information.
We collect personal information that you voluntarily provide to us when you register an account, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
1.1. Information you provide
Account info. When you create an account, we collect certain information from you. This information may include your name, email address, username, and password. The information collected during account creation is used for purposes such as user authentication, account management, and providing personalized experiences within the App. We may also use this information to communicate with you about your account and to send you important updates and notifications related to our Services. By creating an account, you consent to the collection and use of this information as described in this Privacy Policy.
Payment Information. We do not directly collect or store any payment information, such as credit card numbers or bank account details. When you make a purchase, your payment is processed by third-party payment providers. These providers may collect and store certain information necessary to process your payments, such as your name, billing address, email address, and the last four digits of your credit card or other payment method.
Photos that you upload to the App. Our App requires access to your device's photo library to enable you to upload photos for the core functionalities of the App and to generate desired outcomes. If you grant us permission to access your camera or photo library, we will process the photos you select to upload to provide the features you choose to use within the App. By using the App and uploading photos, you consent to our access and processing of your photos as described in this privacy policy.
Other requests. If you contact us or communicate with us, we will collect and receive records and copies of your correspondence with us and contact details that you have provided us while making your inquiries (such as your name, email addresses, or any other identifier by which you may be contacted).
1.2. Information Automatically Collected
When you visit, use, or navigate our Services, we may automatically collect certain information about your device and usage activities. This information does not reveal your specific identity (such as your name or contact details) but may include technical and analytical data necessary for operating, securing, and improving our Services.
The types of information we may collect include:
Log and Usage Data: Information related to the operation, diagnostics, and performance of the Services. This may include your IP address, browser type and settings, device characteristics, operating system, language preferences, referring URLs, date and time of access, pages and files viewed, searches performed, features used, system activity, error reports (“crash dumps”), and other related technical information.
Device Data: Information about the computer, mobile device, tablet, or other device you use to access the Services. Depending on the device, this may include details such as your IP address (or proxy server), device and application identifiers, hardware model, Internet service provider and/or mobile network, operating system, system configuration, and browser type.
Location Data: Information about your device’s location, which may be precise or approximate. The accuracy of this data depends on your device settings and the technologies used (such as IP-based geolocation or GPS). You can restrict the collection of location information by adjusting your device or browser settings. However, doing so may limit certain functionalities of the Services. Like many organizations, we use cookies and similar technologies to collect some of this information. For more details, please refer to our Cookie Policy.
2. HOW DO WE PROCESS YOUR INFORMATION?
The Company processes personal data collected through the App for the purposes of providing, maintaining, and improving the Services, which include generating customized interior design concepts based on user input.
Specifically, we process your information for the following purposes:
Service Provision and Functionality: To operate the App and enable the creation of interior design outputs based on information, preferences, and materials you provide (for example, room dimensions, furniture preferences, style selections, or uploaded images).
Personalization: To tailor the experience and design recommendations to your indicated aesthetic, functional, or spatial preferences.
Account Management: To administer user registrations, authenticate logins, and provide access to user profiles or saved design projects.
Improvement and Analytics: To analyze usage trends, diagnose technical issues, optimize performance, and enhance user experience. Data processed for these purposes may include anonymized or pseudonymized usage statistics.
Customer Communication: To respond to inquiries, provide technical support, and communicate updates or changes to the Services.
Compliance and Security: To maintain the security and integrity of the Services, prevent fraud or misuse, and ensure compliance with legal obligations.
3. LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA
If you are located in the EU or UK, this section applies to you.
We process your personal data only where we have a lawful basis to do so, as required under applicable data protection legislation, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the UK GDPR. This means that we process personal data only when the processing is necessary and supported by at least one of the legal grounds set out below.
The legal bases on which we may rely include:
Consent (Article 6(1)(a) GDPR): Where you have provided clear and explicit consent for us to process your personal data for a specific purpose. You may withdraw your consent at any time, although this will not affect the lawfulness of any processing carried out prior to withdrawal.
Performance of a Contract (Article 6(1)(b) GDPR): Where processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request before entering into such a contract. This includes the provision of our Services and related functionalities.
Legitimate Interests (Article 6(1)(f) GDPR): Where processing is necessary for the purposes of our legitimate business interests, provided that such interests are not overridden by your rights and freedoms. These interests may include, for example, analyzing the use of our Services to enhance user experience, preventing fraud or misuse, improving service functionality, and supporting marketing or operational activities.
Legal Obligations (Article 6(1)(c) GDPR): Where processing is required for compliance with a legal obligation to which we are subject. This may include obligations to cooperate with regulatory authorities, respond to lawful requests, exercise or defend legal claims, or comply with statutory record-keeping requirements.
We assess each processing activity to ensure that an appropriate legal basis applies and that your personal data are processed fairly, lawfully, and transparently.
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
Vendors, Contractors and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, or contractors (“third parties”) who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it.
We also may need to share your personal information in the following situations:
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company;
Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this privacy policy. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us;
Business Partners. We may share your information with our business partners to offer you certain products, services, or promotions;
Other Users. When you share personal information by posting comments, contributions, or other content to the Services or otherwise interact with public areas of the Services, such personal information may be viewed by all users and may be publicly made available outside the Services in perpetuity.
5. THIRD-PARTY WEBSITES AND SERVICES
The Services may include links to third-party websites, services, or apps, as well as third-party advertisements. We do not guarantee these third parties and are not liable for any loss or damage resulting from their use. Links to third-party sites do not imply endorsement by us. We are not responsible for the content, privacy practices, or policies of third parties. Please review their policies and contact them directly with any questions.
6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
Due to our global operations, your data may be processed and shared internationally with partners as described in this policy. It means that this information may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. Our servers are located in the United States. For transfers from the EU/EEA or UK, we rely on Standard Contractual Clauses (SCCs) or other legal safeguards. We implement encryption, pseudonymization, and other security measures to protect your data. Your consent to this privacy policy followed by your submission of such information, represents your agreement to that transfer.
7. HOW LONG DO WE KEEP YOUR INFORMATION?
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information.
8. HOW DO WE KEEP YOUR INFORMATION SAFE?
We are committed to ensuring the security of your information and have implemented appropriate technical and organizational measures to safeguard it. These measures are designed to prevent unauthorized access, disclosure, alteration, or destruction of your personal data. However, it's important to note that no method of transmission over the internet or electronic storage is entirely foolproof, and therefore, we cannot guarantee absolute security. By using our Services, you acknowledge and accept that the security of your information is subject to inherent risks.
9. WHAT ARE YOUR PRIVACY RIGHTS?
Depending on your state of residence in the US or in some regions, such as the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, you have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your account at any time, depending on your country, province, or state of residence.
In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us by using the contact details provided in the section “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” below.
We will consider and act upon any request in accordance with applicable data protection laws.
Withdrawing your consent. If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. However, please note that this will not affect the lawfulness of the processing before its withdrawal, nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communications (if any). You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us by email. You will then be removed from the marketing lists; however, we may still communicate with you, for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
10. CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems and applications include a Do-Not-Track (“DNT”) setting that you can activate to signal your preference not to be tracked online. At present, there is no generally accepted industry standard for recognizing and responding to DNT or similar browser signals. As a result, our Services do not currently respond to DNT signals or comparable browser-based preference signals. If applicable laws in the future require us to recognize a specific browser or device signal, we will update this privacy notice to explain how we comply with that requirement.
11. US RESIDENTS’ PRIVACY RIGHTS
If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you and how we have processed it, correct inaccuracies, get a copy of, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.
How to Exercise Your Rights? To exercise your rights, submit a request to support@roomera.io with the subject line “Privacy Rights Request” and include your full name, email address, and state of residence. We will respond in accordance with applicable law.
Under certain US state data protection laws, you can designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with applicable laws.
Request Verification. Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes.
If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request and the agent will need to provide a written and signed permission from you to submit such a request on your behalf.
Note: Your state-specific privacy rights may vary. Exercising these rights will not affect your ability to use our Services, except to the extent required to comply with your request.
12. DO WE MAKE UPDATES TO THIS POLICY?
We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently.
13. HOW CAN YOU CONTACT US?
If you have any inquiries or feedback regarding this policy, or if you wish to exercise your privacy rights, please feel free to reach out to us via email at support@roomera.io.