Skip to main content
Roomspo
Legal

Privacy Policy

Last Updated: January 19, 2025

At Roomspo, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered room design service.

1. Information We Collect

1.1 Information You Provide

  • Email Address: Required for account creation, trial access, and subscription management
  • Payment Information: Processed securely through Stripe (we do not store credit card details)
  • Room Images: Photos you upload for AI redesign processing
  • Design Preferences: Style selections, room types, and customization notes

1.2 Automatically Collected Information

  • IP Address: Used for fraud prevention, rate limiting, and trial eligibility (stored as hashed value)
  • User Agent: Browser and device information for compatibility and abuse prevention
  • Usage Data: Credit usage, generation timestamps, and feature interactions
  • Cookies: Essential cookies for session management and authentication

2. How We Use Your Information

We use your information to:

  • Provide and improve our AI room design service
  • Process your images through Google Gemini AI to generate redesigns
  • Manage your subscription and billing through Stripe
  • Track credit usage and enforce usage limits
  • Prevent fraud and abuse (trial system, rate limiting)
  • Send transactional emails (receipts, account updates)
  • Comply with legal obligations
  • Improve our AI models and service quality

3. Image Processing & Storage

🔒 Your Images Are Private

  • Ephemeral Processing: Uploaded images are processed in real-time and not permanently stored on our servers
  • AI Processing: Images are sent to Google Gemini API for AI generation, subject to Google's privacy policy
  • Temporary Storage: Images may be temporarily cached during processing (typically <5 minutes)
  • No Training Data: Your images are not used to train our AI models without explicit consent

4. Third-Party Services

We use the following third-party services that may collect your data:

Stripe (Payment Processing)

Handles all payment transactions and subscription management. View Stripe's Privacy Policy.

Supabase (Database & Authentication)

Stores user accounts, subscription data, and credit ledger. View Supabase's Privacy Policy.

Google Gemini AI (Image Generation)

Processes your room images to generate AI redesigns. View Google's Privacy Policy.

Netlify (Hosting & CDN)

Hosts our application and processes requests. View Netlify's Privacy Policy.

5. Data Retention

  • Account Data: Retained while your account is active and for 90 days after cancellation
  • Uploaded Images: Deleted immediately after processing (not stored)
  • Generated Images: Temporarily available in your browser session only
  • Transaction Records: Retained for 7 years for tax and legal compliance
  • Trial Records: IP/user agent hashes retained for 24 hours to prevent abuse

6. Your Privacy Rights

Depending on your location, you may have the following rights:

GDPR Rights (EU/UK)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Limit how we use your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to certain data processing activities

CCPA Rights (California)

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell data)
  • Right to Non-Discrimination: Equal service regardless of privacy choices

To exercise your rights, email us at legal@roomspo.com

7. Data Security

We implement industry-standard security measures:

  • HTTPS encryption for all data transmission
  • Secure authentication via Supabase
  • PCI-DSS compliant payment processing via Stripe
  • IP address hashing for privacy protection
  • Rate limiting and abuse prevention systems
  • Regular security audits and updates

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Cookies & Tracking

We use the following types of cookies:

  • Essential Cookies: Required for authentication and session management
  • Functional Cookies: Remember your preferences (e.g., "Don't show tour again")
  • Analytics Cookies: Help us understand how users interact with our service (if enabled)

You can control cookies through your browser settings, but disabling essential cookies may affect functionality.

9. International Data Transfers

Roomspo is based in the United States. If you access our service from outside the US, your data may be transferred to and processed in the US or other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs) for EU data transfers
  • Compliance with GDPR and CCPA requirements
  • Data processing agreements with third-party providers

10. Children's Privacy

Roomspo is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately at legal@roomspo.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of our service after changes constitutes acceptance of the updated policy. For material changes, we will notify you via email.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

Email: legal@roomspo.com

Subject Line: Privacy Inquiry

Website: https://roomspo.com

← Back to Home