Privacy Policy

Roam Recall (“Roam Recall,” “we,” “us,” or “our”) provides a personal place memory service at roamrecall.com and related applications. This Privacy Policy explains what information we collect, how we use it, when it is shared, and the choices available to you.

By creating an account or using the service, you agree to this policy. If you do not agree, please do not use Roam Recall.

Our privacy approach

Roam Recall is designed to be private by default. Your personal library, visits, ratings, notes, and verdicts are visible to you unless you take an explicit sharing action — such as inviting a collaborator, tagging a friend on a visit, or turning on a public list link.

Information we collect

Account information

When you sign up, we collect information needed to authenticate you and operate your account, such as your email address and profile details. Authentication is handled through Clerk, our identity provider.

Content you provide

We store the information you choose to save in the app, which may include:

• Places (names, types, addresses, coordinates, tags, and related metadata)
• Visits (dates, star ratings, notes, and verdicts)
• Lists and trips you create, including descriptions and member places
• Friend connections, invitations, and collaboration settings
• Messages and metadata associated with sharing features you use

Location information

Some features — such as “I'm here now,” map views, pin-on-map entry, or nearby Explore searches — may request your device location. Location is used only when you invoke those features and grant permission. We do not continuously track your location in the background.

Device and usage information

We may collect technical information needed to run and improve the service, such as browser type, device type, installed-app status, push notification subscription data (when you opt in on a specific device), service worker events, and standard server or application logs (for example, error reports and request metadata).

Information from third-party place services

When you search for or add places using integrated providers, we may receive and store place details returned by those services — such as business names, addresses, coordinates, hours, ratings, and business status — to power search, maps, and place cards in your library.

How we use information

We use the information we collect to:

• Provide, maintain, and personalize the service
• Sync your library, visits, lists, trips, and collaborations
• Send transactional communications you request or that relate to sharing (such as invites and visit-tag notifications)
• Generate optional Explore suggestions when you use that feature
• Operate push notifications on devices where you have enabled them
• Monitor performance, debug issues, prevent abuse, and protect security
• Develop new features and improve existing ones
• Comply with law and enforce our policies

We may also create aggregated or de-identified information that cannot reasonably be used to identify you, and we may use that information for analytics, research, and service improvement.

When information is shared

Private by default

Other users cannot browse your full place library or complete visit history. Friends do not see your verdicts through the app today.

Sharing you control

Information may be visible to others only when you choose to share it, including:

• Visit tags — when you tag a friend on a visit, they receive an invitation showing relevant visit and place details until they accept or decline
• Trips and lists — when you invite collaborators as collaborators or viewers, according to the role you assign
• Co-attendance — when visit tags are accepted, mutual friend connections may show who attended a shared visit
• Public list links — when a list owner enables a read-only public link, anyone with the URL may view the list name, description, and member place names, types, and locations without signing in. Visit counts, personal ratings, notes, and verdicts are not included on public list pages.

Service providers

We use trusted third parties to help us operate Roam Recall. They process data on our behalf and only as needed to provide their services. Our current providers include, or may include:

• Clerk — authentication and account management
• Supabase — database hosting (PostgreSQL)
• Google — maps, place search, geocoding, and related place data
• OpenAI — Explore suggestion generation when you use Explore
• Resend (or similar providers) — transactional email, when configured
• Vercel — application hosting and infrastructure

We may add, replace, or remove providers over time. When we do, we will update this policy or our subprocessor disclosures as appropriate.

Legal and safety

We may disclose information if we believe in good faith that disclosure is reasonably necessary to comply with law, respond to lawful requests, protect the rights and safety of Roam Recall, our users, or others, or investigate fraud or security issues.

Business transfers

If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality obligations.

Your content and data rights

You retain ownership of the content you submit to Roam Recall, including the places, visits, notes, lists, and other materials you create.

To operate the service, you grant Roam Recall a worldwide, non-exclusive, royalty-free license to host, store, back up, reproduce, process, adapt, display, and distribute your content solely as necessary to provide, maintain, improve, secure, and promote the service — including making it available to people you explicitly authorize through sharing features.

That license continues for as long as your content remains in our systems and for a reasonable period afterward for backups, legal compliance, and dispute resolution, unless a longer retention period is required or permitted by law.

We do not claim ownership of your personal place journal. We do not sell your personal content. We may use aggregated or de-identified data that does not identify you for lawful business purposes.

Your choices

• Edit or delete individual places, visits, lists, and trips you control
• Decline visit tags, leave collaborations, or disable public list sharing
• Enable or disable push notifications per device from your Account settings
• Revoke browser location permission at any time in your device or browser settings
• Block or remove friends through in-app controls

Data retention

We retain information for as long as your account is active or as needed to provide the service, resolve disputes, enforce agreements, comply with legal obligations, and maintain backups and security logs. Retention periods may vary depending on the type of data and how it is used.

When you delete content in the app, we remove it from active systems within a reasonable time, though residual copies may persist in backups for a limited period before being overwritten.

Account deletion and data export

You can permanently delete your account at any time from your Account settings. Deleting your account removes your personal data from our active systems — including your places, visits, ratings, notes, lists, trips, friend connections, and content you created — and deletes your sign-in identity with our authentication provider.

A limited amount of de-identified information may be retained where we are permitted or required to keep it — for example, aggregated service-usage and third-party API cost logs that are no longer linked to you, and message-delivery audit records. Residual copies may also persist in backups for a limited period before being overwritten.

Bulk data export is not yet available as a self-service feature. To request a copy of your data, contact us at hello@roamrecall.com. We will respond as required by applicable law and our operational capacity.

Your privacy rights

Depending on where you live, you may have rights to access, correct, delete, restrict, or port certain personal information, or to object to or withdraw consent for certain processing. To exercise these rights, contact hello@roamrecall.com. We may need to verify your identity before fulfilling a request.

We will honor applicable legal requirements but reserve reasonable limits where permitted — for example, when a request is excessive, repetitive, or would impair the rights of others.

Cookies and similar technologies

We and our service providers use cookies, local storage, and similar technologies to keep you signed in, remember preferences, support progressive web app features, and understand how the service is used. You can control cookies through your browser settings, though some features may not work properly if cookies are disabled.

Security

We use reasonable administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, or misuse. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Children

Roam Recall is not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.

International users

Roam Recall is operated from the United States. If you access the service from other regions, your information may be processed in the United States and other countries where we or our service providers operate, which may have different data protection laws than your home country.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and, where appropriate, provide additional notice (such as in-app notification or email). Your continued use of Roam Recall after changes become effective constitutes acceptance of the updated policy, except where applicable law requires otherwise.

Contact us

Questions about this policy or our privacy practices? Email hello@roamrecall.com.