This Privacy Policy explains what information Roomies collects, why we collect it, who we share it with, and the choices and rights you have over your data.
1. Introduction & Scope
Roomies ("Roomies," "we," "us," or "our") is a mobile-first application that helps people find compatible roommates. We do this by letting you build a lifestyle profile, complete a compatibility questionnaire, set location preferences, optionally verify your identity, get matched with potential roommates, and chat safely in-app.
This Policy applies to the Roomies mobile application and the backend services that power it. It describes how we handle personal information for everyone who creates a Roomies account, regardless of where they live, and it includes specific disclosures for individuals protected by the EU/UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act as amended by the CPRA (collectively, "CCPA").
The data controller responsible for your personal information is Devron Watts, located at 2264 Mackenzie Way, Yuba City, California 95991. By creating an account or using Roomies, you acknowledge the practices described here. If you do not agree, please do not use the app.
2. Information We Collect
We collect the categories of information below. Most of it is information you provide directly; some comes from your device or from the third-party services we rely on to operate the app.
Identity & account information
When you sign up, authentication is handled by Firebase Authentication (email and password, Google Sign-In, or Apple Sign-In). We receive and store your email address, an authentication provider identifier, and, where you provide them, your name and profile picture. We also store account metadata such as your account status, role, when you were last active, and timestamps for when your account was created and updated.
Profile information
The profile you build for matching, including your first name, age, gender, a free-text bio (up to 1,000 characters), occupation, school, budget range, desired move-in date, lease term, your city, and whether you are willing to relocate.
Location information (approximate / city-level)
To match you with roommates in the right place, we store the city or target area you select by typing a place name. We do not access your device's GPS or precise location, and the app requests no location permission. The place you choose is geocoded on our servers to the approximate geographic center (centroid) of that city or area — an approximate, city-level (coarse) location, not your device's position. We also store your search preferences such as search radius, preferred city, acceptable genders, age range, and budget range. Location lookups (city and neighborhood autocomplete and geocoding) are performed through Google Maps Platform via our backend.
Photos
The photos you upload to your profile. Image files are uploaded directly to our object storage provider (Cloudflare R2) using time-limited upload links; our database stores the object key and the public URL, along with attributes such as sort order, which photo is primary, dimensions, and file size.
Lifestyle questionnaire
Your answers to the compatibility questionnaire, including cleanliness, sleep schedule, noise tolerance, attitudes toward guests, smoking, drinking, and pets, work-from-home habits, hobbies and interests, communication and conflict styles, social level, cooking habits, and shared-space preferences. We also store your "deal breakers" and preference flags (for example, whether pets or smoking are acceptable, or whether a match must be verified).
Chat messages & social-graph data
When you match and chat with another user, we store the messages you send (message body, type, sender, timestamps, and read status), the conversations they belong to, and your matches. We also store your swipe actions (like, pass, super-like), blocks you create, and any reports you file or that are filed about you. Please note that chat messages are stored in plaintext on our servers and are not end-to-end encrypted.
Verification status
If you choose to verify your identity, the document and selfie capture happens inside Stripe Identity's own interface. We do not receive or store your raw ID document or selfie image; we store only the verification provider, the resulting status (for example, pending, verified, rejected, or expired), the time of verification, your badge level, and limited session metadata (such as the Stripe session identifier and any error code). Stripe retains the underlying documents under its own policies.
Payments & billing information
Paid subscriptions and one-time features are not available in the current iOS version (1.0); the billing practices described in this section apply once in-app purchases become available in a future update. If you purchase a subscription or a one-time feature (such as a profile boost), Stripe processes the payment through its hosted checkout. We do not receive or store your full payment card details. We store billing references such as a Stripe customer identifier, subscription and purchase identifiers, the price/product purchased, amount and currency, and subscription/purchase status.
Usage & analytics information
We collect product-analytics events to understand how the app is used and to improve it — for example, sign-in, account-deletion, and verification-flow events, identified by your account identifier — using PostHog and Firebase Analytics. We also keep usage counters such as your last-active time and daily like usage for rate limiting, and our backend keeps operational logs (with request identifiers) to run and debug the service.
Device & push-notification tokens
The app is built to support push notifications and will request a notification token from your device.
Crash & error diagnostics
When the app or our backend encounters an error, we use Sentry to capture diagnostic information such as exception details, stack traces, breadcrumbs, and a sampled set of performance traces, to help us find and fix problems.
3. How We Use Your Information
- To provide the core service — create and manage your account, build your profile, run the compatibility questionnaire, generate matches, and enable in-app chat between matched users.
- To run matching — apply hard filters (location, budget, move-in window, deal breakers) and compute compatibility scores using your questionnaire answers and preferences.
- To handle location features — resolve the cities and neighborhoods you select and find nearby candidates.
- For identity verification — let you complete optional ID verification and display a verified badge.
- For payments — process subscriptions and one-time purchases and manage your billing.
- For safety and moderation — operate blocking and reporting, review reports, and enforce our rules.
- To communicate with you — send service-related and notification messages (such as new matches or messages).
- To improve and secure the app — understand usage, debug, monitor for crashes and errors, prevent abuse, and protect our users.
- To comply with the law — meet legal obligations and respond to lawful requests.
4. Legal Bases for Processing (GDPR)
If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR:
| Purpose | Legal basis |
|---|---|
| Creating your account and providing matching, profiles, and chat | Performance of a contract (Art. 6(1)(b)) |
| Processing payments for subscriptions and purchases | Performance of a contract (Art. 6(1)(b)) |
| Approximate (city-level) location for matching | Performance of a contract (Art. 6(1)(b)) |
| Optional identity verification | Consent (Art. 6(1)(a)) |
| Special-category data you choose to share (e.g. information you reveal in your profile, questionnaire, or chats) | Your explicit consent (Art. 9(2)(a)) |
| Analytics, crash/error monitoring, product improvement | Legitimate interests (Art. 6(1)(f)) in operating and improving a secure service |
| Safety, abuse prevention, blocking and reporting | Legitimate interests (Art. 6(1)(f)) in keeping users safe |
| Complying with legal obligations and responding to lawful requests | Legal obligation (Art. 6(1)(c)) |
Where we rely on consent, you can withdraw it at any time without affecting processing that already took place. Where we rely on legitimate interests, you have the right to object (see Your Privacy Rights).
5. Third-Party Processors & Sub-processors
We share personal information with the service providers below strictly to operate Roomies. Each acts as our processor/sub-processor (or, for payments and verification, as an independent controller for its own regulated functions). We do not sell your personal information to any of them.
| Processor | Purpose | Data it receives |
|---|---|---|
| Firebase Authentication (Google) | Account authentication (email/password, Google, Apple); verifying sign-in on every request | Email, name, profile picture, and auth provider identifier; a sign-in token accompanies authenticated requests |
| Firebase Cloud Messaging (Google) | Push-notification delivery infrastructure (e.g. new match, new message) | Integrated in the app, but as of the effective date no device token is transmitted to or stored by our backend and no server-side push is dispatched, so FCM does not yet receive a device token from us (see the note in §2). When server-side delivery is enabled, FCM will receive a device notification token plus notification metadata such as sender name, conversation, and match name — never message bodies. |
| Firebase Analytics (Google) | Mobile product analytics | An app user identifier and event names/properties and user traits |
| Stripe (Identity) | Optional government-ID and selfie identity verification | Your ID document and selfie, captured directly in Stripe's interface (we do not receive them); we receive only the verification result. A user identifier is attached to the session. |
| Stripe (Payments) | Subscriptions, billing, and one-time purchases via hosted checkout | Email, a user identifier, Stripe customer/subscription/price identifiers, amounts and currency, and subscription state. Card details are handled entirely by Stripe. |
| Cloudflare R2 | Profile-photo and object storage | Your uploaded profile photos (image files), stored under keys scoped to your account |
| Google Maps Platform (Places & Geocoding) | City/neighborhood autocomplete and geocoding for location and target-area selection | The place/city text you type and the resolved place identifiers and coordinates (no other personal identifiers) |
| PostHog | Product analytics across the app and backend | A user/distinct identifier and event names/properties and user traits (e.g. purchase and verification-flow events) |
| Sentry | Crash, error, and performance monitoring | Exception details, stack traces, error context, breadcrumbs, and sampled performance traces |
Analytics and monitoring providers (PostHog, Firebase Analytics, and Sentry) are enabled by configuration and do not receive data when disabled. We may engage additional processors over time and will update this list accordingly.
6. International Data Transfers
Roomies relies on service providers that operate globally, and your information — including for users in the EEA and UK — may be processed in the United States and other countries that may not provide the same level of data protection as your home country. Where we transfer personal data out of the EEA or UK, we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses (and the UK Addendum) and the data-transfer frameworks and contractual commitments offered by our providers (for example, Google, Stripe, and Cloudflare). You may request more information about these safeguards using the contact details below.
7. Data Retention
We keep your personal information for as long as your account is active and as needed to provide the service. Specific practices:
- Account data is retained until you delete your account (see Account & Data Deletion), after which it is removed from our database as described below.
- Individual photos you remove are marked deleted in our database and the underlying file is queued for removal from object storage on a best-effort background basis.
- Analytics events sent to our analytics providers are retained under those providers' settings and are not automatically deleted by an in-app account deletion. If you want analytics data associated with you erased, contact us.
- Verification and billing records held by Stripe (including ID documents you submitted to Stripe Identity and Stripe's billing records) are retained by Stripe under its own policies, independent of your Roomies account deletion.
- We do not currently operate fixed, time-based automatic purges beyond the deletion flows described here. We may introduce retention windows in the future and will update this Policy if we do.
8. Security
We take reasonable technical and organizational measures to protect your information. Authentication is delegated to Firebase, every API request is authenticated, file uploads go directly to storage through short-lived, time-limited links, payment card data never touches our servers, and we monitor for errors and abuse. Photos are stored under per-account keys, and access to data is limited to what is needed to run the service.
You should be aware of two important limitations: chat messages are stored in plaintext and are not end-to-end encrypted, and no method of transmission or storage is completely secure. We cannot guarantee absolute security, and you share information at your own risk. Please use caution about what you reveal in your profile, questionnaire, and chats.
9. Your Privacy Rights
For everyone
You can access and update much of your profile and preference information directly in the app, and you can delete your account at any time (see below).
GDPR rights (EEA/UK)
If you are in the EEA or UK, you have the right to: access your personal data; correct inaccurate data; request erasure; restrict or object to certain processing; data portability (receive your data in a portable format); and withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local data protection authority.
California rights (CCPA/CPRA)
If you are a California resident, you have the right to know what personal information we collect and how we use and disclose it; the right to request access to and deletion of your personal information; the right to correct inaccurate information; the right to data portability; and the right to opt out of the "sale" or "sharing" of your personal information. You will not be discriminated against for exercising these rights.
We do not sell your data
Roomies does not sell your personal information, and we do not "share" it for cross-context behavioral advertising, as those terms are defined under California law. The disclosures we make are to the service providers listed in §5 solely to operate the app. Because we do not sell or share your personal information, there is no opt-out of sale/share to perform; if our practices ever change, we will provide a clear opt-out mechanism and update this Policy.
Our analytics and monitoring providers are contractually restricted to processing data to provide services to Roomies and are not permitted to use it for their own cross-context behavioral advertising.
Sensitive personal information (CPRA)
California residents have the right to limit the use and disclosure of sensitive personal information. Roomies does not collect precise geolocation, and identity-verification documents are collected and held by Stripe rather than retained by Roomies. We therefore do not use or disclose sensitive personal information in a way that would require us to offer a separate limit option.
To exercise any of these rights, use the in-app account deletion for deletion, or contact us at privacy@roomiesapp.app. We will verify your request (typically by reference to your account) and respond within the timeframes required by applicable law. You may use an authorized agent where permitted.
10. Account & Data Deletion
You can delete your Roomies account at any time directly inside the app: go to Settings > Account > Delete Account and confirm. You do not need to email us to delete your account.
When you delete your account, we permanently delete your user record from our database. Because related data is linked to your account, this also removes your profile, profile photos, questionnaire answers, preference filters, swipes, matches, conversations, messages, reports you filed or received, blocks, your verification status records, and your stored billing references (customer, subscription, and purchase records held in our app database). We also delete your Firebase authentication identity, and we queue removal of your stored profile photos from object storage.
Please note the following:
- Photo removal from object storage runs as a background, best-effort process and may not be instantaneous.
- Documents you submitted to Stripe Identity, and Stripe's own billing records, are retained by Stripe under its policies and are not erased by this in-app flow; contact Stripe or us if you need those addressed.
- Analytics events previously sent to our analytics providers are not automatically erased by in-app deletion. Contact us if you want those removed.
- If a deletion does not complete in the app, you can contact us for help.
For deletion help, or to exercise any GDPR or CCPA right, contact us at privacy@roomiesapp.app.
11. Children's Privacy
Roomies is intended only for adults aged 18 and over. We do not knowingly collect personal information from anyone under 18. If you are under 18, do not use Roomies. If we learn that we have collected information from a person under 18, we will delete it. If you believe a minor has provided us information, contact us at privacy@roomiesapp.app.
12. Push Notifications
Roomies is designed to send push notifications about events such as new matches, new messages, and completed identity verification. We intentionally do not include message bodies or other sensitive content in push payloads. You can grant or deny notification permission when prompted, and you can turn notifications off at any time in your device settings. As noted in §2, server-side push dispatch is not yet active and device push tokens are not currently stored; this section will be updated when that changes.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will revise the "last updated" date above and, where appropriate, provide additional notice in the app. Your continued use of Roomies after an update means you accept the revised Policy.
14. Contact Us
If you have questions about this Policy or your personal information, or to exercise your rights, contact us:
- Email: privacy@roomiesapp.app
- Data controller: Devron Watts, 2264 Mackenzie Way, Yuba City, California 95991