Effective Date: August 1, 2025 Roamate, Limited (“Roamate,” “we,” “our,” or “us”) Roamate respects your privacy. This Privacy Policy explains what we collect, how we use and share it, how long we keep it, and your rights. By using our mobile apps, website(s), and related services (the “Services”), you agree to this Policy.

1) Who We Are & How to Contact Us

Data Controller: Roamate, Limited / Attn: Privacy Address: 714 Sassafras St., Erie, PA 16501, USA Email: privacy@roamateapp.com

2) Scope

This Policy applies globally to your use of Roamate’s iOS and Android apps (distributed via the Apple App Store and Google Play) and our websites and support channels that link to it.

3) The Data We Collect

A. Information You Provide

  • Account & Profile: name, display name, email, phone, date of birth, location (city/country), profile photos, travel preferences, compatibility quiz responses.
  • User Content: messages/chats, RoamList trip posts, RoamBoard posts/comments (Q&A, recommendations, micro-blogs), My RoamPlanner saves (links, notes, lists), likes, reports, and other interactions.
  • Support & Comms: help requests, feedback, and any info you send to us.
  • Payments: Roamate does not collect card/bank data. Purchases/subscriptions are processed by Apple or Google. We receive only purchase status/entitlements (e.g., active subscription).

B. Information Collected Automatically

  • Device/Usage: device model, OS, app version, language, time zone, IP address (which can reveal approximate location), session events, interactions, and crash/diagnostic logs.
  • Approximate Location: derived from IP for safety, fraud prevention, and regional features.

C. Information from Third Parties (Optional Background Checks)

If you opt into Cleared to Roam™ verification, our provider (currently Certn) collects identity and public-records data to run checks. Outside the EEA, and in the UK with your explicit consent, Roamate personnel may view limited underlying public-records details inside the provider’s secure portal solely to confirm that the provider’s decision aligns with our published criteria. Roamate does not download, copy, or store those underlying records or biometrics. Roamate keeps only your pass/fail status and a verification timestamp. In the EEA, criminal-records processing by private companies is restricted by law; In the UK, a criminal-records component may be offered on the basis of your explicit, freely-given consent, which you may withdraw at any time in Settings. Roamate is not a consumer reporting agency; checks are not for employment, housing, or insurance decisions. Checks do not guarantee anyone’s safety.

4) How We Use Your Data (Purposes)

  • Core functionality: create/manage your account; show profiles; compatibility matching; messaging; RoamList, RoamBoard, and My RoamPlanner features; cost-split calculator.
  • Safety & moderation: community reporting/blocking, abuse detection, fraud prevention, platform integrity, and enforcing our Terms.
  • Comms & support: respond to messages, send service notices (e.g., feature updates, policy changes).
  • Analytics & improvement: diagnose crashes, measure usage, and improve performance/features.
  • Legal compliance: meet legal obligations and respond to lawful requests.
Legal bases (EEA/UK/CH): Contract (to provide the Services you request); Legitimate interests (safety, fraud prevention, analytics, improvement—balanced against your rights); Consent (background checks; certain marketing; any uses where we ask for it); Legal obligation (laws, court orders, regulator requests).

5) How We Share Information

We do not sell personal information and do not share it for cross-context behavioral advertising. We share only as follows:
  • With other users: content you choose to make public (profile info, RoamList posts, RoamBoard posts/comments, display name/photo, compatibility tags).
  • Service providers/Processors: hosting, analytics, crash reporting, customer support tools, and verification providers (e.g., Certn for Cleared to Roam™), acting under our instructions.
  • Legal/safety: to comply with law, enforce our Terms, or protect rights, property, or safety.
  • Corporate events: as part of a merger, acquisition, or asset transfer, with appropriate safeguards.

6) International Transfers

We operate in the U.S. and may transfer data internationally. Where required, we use EU Standard Contractual Clauses (SCCs), the UK IDTA/Addendum, and comparable mechanisms to protect data during transfers.

7) Your Privacy Choices & Rights

A. In-App Account Deletion (Apple & Google requirement)

Delete your account at Profile → Settings → Account → Delete Account. You can also submit a request by contacting privacy@roamateapp.com. What deletion means: we promptly deactivate your account and begin deletion. We delete or de-identify personal data not required for security, fraud prevention, or legal obligations. Backups/logs are purged within 90 days unless retained longer for legal reasons.

B. Global rights (what you can ask us to do)

Subject to local law, you may request: access, correction, deletion, portability, restriction/objection to certain processing, and to withdraw consent. How: email privacy@roamateapp.com (or use in-app Settings if available). We will verify your identity and respond within applicable time limits.

C. Region-specific notes

EEA/UK/Switzerland (GDPR/UK GDPR): you may contact your local authority or the UK ICO. If we rely on legitimate interests, you can object; if we rely on consent, you can withdraw it at any time. California (CCPA/CPRA): rights to know, access, delete, correct, opt-out of sale/share (we do not sell or share), and limit use/disclosure of sensitive personal information (we only use optional sensitive fields like gender identity to provide features and do not use them to infer characteristics). You may use an authorized agent; we’ll require proof of authority. Brazil (LGPD): rights to confirm, access, correct, anonymize, block, delete, and portability; contact us via privacy@roamateapp.com. Australia/Canada/Singapore/India DPDP: you may request access/correction/deletion and contact your local authority if unresolved. For India, you may contact our grievance officer at privacy@roamateapp.com.

D. Appeals

If we deny a request, you may appeal by replying to our decision or emailing privacy@roamateapp.com with subject “Privacy Request Appeal.”

8) Children

The Services are for users 18+ only. We do not knowingly collect data from minors. If you believe a minor used the Service, contact us and we will delete the account.

9) Data Retention (How long we keep things)

  • Account & profile data, messages, RoamBoard posts/comments, RoamList posts, My RoamPlanner saves: deleted or de-identified within 90 days after account deletion.
  • Security/fraud logs and cost-split records: up to 12 months, then deleted or de-identified.
  • Background-check pass/fail flag: retained only while your badge is active; removed within 30 days after you withdraw consent or the badge expires.
  • Cleared to Roam verification badges automatically expire after 12 months and require repurchase to remain active. Roamate may, but is not obligated to, notify you before badge expiry to remind you of the option to renew.
  • Legal holds: if required by law, we retain only what’s necessary for the required period.

10) Security

We use industry-standard technical and organizational measures (encryption in transit, access controls, monitoring). No system is 100% secure; please use strong credentials and report suspected issues to privacy@roamateapp.com.

10.1 Data Minimization & Access Controls (Background Checks)

Roamate personnel may view limited underlying public-records details inside the provider’s secure portal solely to confirm that the provider’s decision aligns with our published criteria. Screenshots, exports, or local copies are prohibited. Access is logged and periodically reviewed. We retain only pass/fail status and a timestamp, and remove the Cleared to Roam badge within 30 days of withdrawal or expiry, subject to legal obligations.

11) Cookies, SDKs & Similar Technologies

We use cookies/SDKs for core functionality, analytics, diagnostics, and security. You can manage browser cookies and device permissions; disabling some may impact features. We do not use data for cross-context behavioral advertising. For users in the EEA/UK, we obtain consent for non-essential analytics/measurement and you can change your choice anytime in Settings or via our website cookie controls. If our practices change, we will update this Policy and in-app controls before enabling such processing.

12) Background Checks (Cleared to Roam™) — Details

  • Voluntary: enabled only with your explicit consent
  • Provider-handled: identity verification and any public-records checks are handled by our provider (currently Certn) under their privacy policy.
  • Roamate-stored data: pass/fail status and verification date; we do not store underlying records or biometrics.
  • Jurisdiction limits: in the EEA, checks are limited; in the UK, a criminal-records component may be offered on explicit consent; elsewhere availability varies by law.
  • No guarantees: checks reduce—but cannot eliminate—risk. Always exercise judgment and follow in-app safety guidance. Please also review our Terms and Cleared to Roam safety disclaimers.

13) User-Generated Content & Safety

You can report or block users or content within the app. We review reports and may remove content, restrict features, or suspend accounts that violate our Terms or safety rules. We may retain limited data to prevent abuse and comply with law.

14) International Users

By using the Services, you understand your data may be processed in countries with different laws. When required, we use SCCs (EU), the UK IDTA/Addendum, and other approved tools to protect your data during transfers.

15) Third-Party Links

Our Services may link to third-party sites or services. Their privacy practices are governed by their own policies.

16) Changes to this Policy

We may update this Policy from time to time. Material changes will be posted in-app and on our website, with the “Effective Date” updated. If required by law, we will seek your consent to changes. Any dispute arising from or relating to this Privacy Policy, including data processing or Cleared to Roam™ verification, will be resolved in accordance with the binding arbitration and dispute resolution provisions set forth in Section 18 of the Roamate Master Terms of Service. By using our Services, you agree to those procedures.

17) Contact

Questions, requests, or complaints: privacy@roamateapp.com Mail: Roamate, Limited — Attn: Privacy, 714 Sassafras St., Erie, PA 16501, USA