svg

Menu

svg svg svg svg

Privacy Policy

underline

Last updated: February 2024

1. Introduction

At Roomio, we take the privacy of our users very seriously. This Privacy Policy explains how we collect, use, share, and protect your personal information in accordance with the EU General Data Protection Regulation (GDPR).

2. Data Controller

The data controller for your personal data is Roomio, based in Barcelona, Spain.

3. Data We Collect

We collect different types of information:

Information You Provide Directly

  • Name and surname
  • Email address
  • Phone number (optional)
  • Date of birth
  • Profile photos
  • Information about your housing preferences
  • Personal description and biography
  • Verification documents (if you opt to verify your identity)

Automatically Collected Information

  • IP address
  • Browser and device type
  • Pages visited and browsing time
  • Cookies and similar technologies
  • Approximate location (based on IP)

Third-Party Information

  • Social media data if you link your account
  • Information from identity verification services

4. Legal Basis for Processing

We process your personal data based on:

  • Consent: You have given explicit consent
  • Contract execution: Necessary to provide our services
  • Legal obligation: When required by law
  • Legitimate interest: To improve our services and prevent fraud

5. How We Use Your Data

We use your personal information to:

  • Create and manage your account
  • Connect you with potential roommates
  • Process payments and subscriptions
  • Send service notifications
  • Improve our platform and services
  • Prevent fraud and illegal activities
  • Comply with legal obligations
  • Send marketing communications (with your consent)
  • Analyze service usage through aggregated statistics

6. Sharing Your Information

We do NOT sell your personal information to third parties. We share your data only when:

With Other Users

  • Your public profile is visible to other registered users
  • Information you share in messages is visible to the recipient

With Service Providers

  • Payment processors (under strict security measures)
  • Hosting and cloud storage services
  • Analytics and statistics services
  • Identity verification services

By Legal Obligation

  • When required by court order
  • To protect rights, property, or safety of Roomio or third parties
  • In case of fraud or illegal activity investigations

Business Transfers

  • In case of merger, acquisition, or asset sale, your data may be transferred

7. Data Retention

We retain your personal information while:

  • You maintain an active account
  • It's necessary to provide our services
  • Required by legal obligations

When you delete your account, we will delete or anonymize your information within 30 days, except when law requires us to retain certain data.

8. Your Rights under GDPR

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Restrict processing of your data
  • Portability: Receive your data in structured format
  • Object: Object to processing of your data
  • Withdraw consent: Withdraw consent at any time
  • Complaint: File a complaint with the Spanish Data Protection Agency (AEPD)

To exercise these rights, contact us at privacy@roomio.com

9. Data Security

We implement technical and organizational security measures to protect your data:

  • SSL/TLS encryption for data transmission
  • Encryption of sensitive data at rest
  • Strict access controls
  • Regular security audits
  • Privacy training for employees
  • Optional two-factor authentication

However, no system is 100% secure. We recommend using strong and unique passwords.

10. Cookies and Tracking Technologies

We use cookies for:

  • Essential: Necessary for site functionality
  • Functional: Remember your preferences
  • Analytics: Understand how you use the service
  • Marketing: Personalize ads (with your consent)

You can manage your cookie preferences in your browser settings. Rejecting non-essential cookies won't affect basic service functionality.

11. International Transfers

Your data is primarily stored on servers within the European Union. If we transfer data outside the EU, we ensure adequate protections through:

  • Standard contractual clauses approved by the European Commission
  • EU adequacy decisions
  • Certification frameworks such as Privacy Shield (when applicable)

12. Minors

Roomio is not directed to persons under 18. We do not intentionally collect information from minors. If we discover we have collected data from a minor, we will delete it immediately.

13. Marketing and Communications

With your consent, we may send you:

  • Newsletters with tips and news
  • Special offers and promotions
  • Satisfaction surveys

You can unsubscribe anytime by clicking "Unsubscribe" in our emails or from your account settings.

14. Third-Party Links

Our platform may contain links to third-party websites. We are not responsible for their privacy practices. We recommend reading their privacy policies.

15. Changes to This Policy

We may update this Privacy Policy occasionally. We will notify you of significant changes by email or through a prominent notice in the service. The "last updated" date at the top indicates when it was last revised.

16. Contact

For questions about this Privacy Policy or to exercise your rights, contact us:

17. Supervisory Authority

If you're not satisfied with our response, you have the right to file a complaint with:

  • Spanish Data Protection Agency (AEPD)
  • Website: www.aepd.es
  • Phone: 901 100 099 / 91 266 35 17