Privacy Policy
Last updated: 2026-05-19
This Privacy Policy explains what personal data collects, why we collect it, how we use it, who we share it with, and the rights you have under the Swiss Federal Act on Data Protection (FADP / nFADP), the EU General Data Protection Regulation (GDPR), and similar laws.
Who is responsible (data controller)
is operated from Switzerland and is the data controller for personal data processed through the Service. Contact: privacy@roomie.wtf.
Where your data lives
Personal data is processed and stored on infrastructure located inside the European Union (EU/EEA). Some processors are based outside the EU (notably Stripe in the US); transfers in those cases rely on EU Standard Contractual Clauses or equivalent safeguards. We do not transfer personal data outside the EU/EEA without an applicable safeguard.
What data we collect
We collect data you give us, data generated by your use, and a limited set of technical data:
- Account: email, date of birth, password-less sign-in codes.
- Profile: name, age, photos, bio, prompts, hobbies, languages, lifestyle preferences, mode (seeker / poster), location (city / drawn area), budget, move-in date.
- Room listings (posters): address (approximate at display time), rent, photos, amenities.
- Activity: likes, passes, matches, conversations, reports you submit.
- Payments: handled by Stripe; we receive the subscription status and invoice ID, never your card number.
- Technical: device type, OS, app version, IP address (hashed at rest for the support form), crash logs.
Why we use it (purposes and legal bases)
- Provide the Service — contract (Art. 6(1)(b) GDPR / Art. 31 FADP). Without this data the app cannot match you with anyone.
- Safety, moderation, fraud prevention — legitimate interests (Art. 6(1)(f)). We process reports and abuse signals to keep users safe.
- Communicate — contract / legitimate interests. Transactional emails are required to run the Service.
- Marketing emails — only if you opt in (Art. 6(1)(a) consent). You can withdraw consent any time.
- Legal compliance — to respond to lawful requests and meet record-keeping obligations.
What other users can see
Your profile (name, photos, age, prompts, bio, lifestyle, approximate location) is visible to other users when you are active in the feed. Your contact details (email, phone numbers) are never shared with other users.
How long we keep data
- Account and profile data: while your account is active. After deletion, data is removed within 30 days from primary systems and within 90 days from backups, except where law requires longer retention.
- Abuse reports and related evidence: up to 24 months after resolution.
- Billing records: as required by tax law (typically 10 years).
- Anonymous analytics: indefinitely; cannot be linked back to you.
Your rights
Under the GDPR and the Swiss FADP you have the right to:
- Access the personal data we hold about you and obtain a copy.
- Have inaccurate data corrected.
- Have your data deleted (the “right to be forgotten”).
- Restrict or object to certain processing.
- Receive your data in a portable, machine-readable format.
- Withdraw consent at any time, where processing is based on consent.
- Lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC), or with your local EU supervisory authority.
You can exercise most of these rights from Settings → Privacy. For everything else, write to privacy@roomie.wtf — we respond within 30 days.
Security
We use industry-standard measures: TLS everywhere, encryption at rest for sensitive fields, separation of duties for administrative access, audit logs, and prompt patching. No system is perfectly secure; if we discover a breach affecting you, we will notify you and the supervisory authority as required by law.
Minors
is for people aged 16 and over. We do not knowingly collect data from anyone under 16. If you believe a minor has registered, please report it from Settings → Help.
Changes to this policy
We will update this Policy from time to time. Material changes will be announced in-app and by email at least 14 days before they take effect.
Contact
Privacy questions can be sent to privacy@roomie.wtf or via the Support page.