Privacy policy

Depending on how you use the Services, you may provide:

When you use the Services, we automatically collect certain information to operate and secure our systems. This includes:

• Usage and diagnostics data: interactions with features (such as page views, clicks, search queries), timestamps, error reports, and performance metrics. We use this data to operate the Services, enforce quotas and rate limits, prevent abuse, and improve reliability.
• Device and connection data: IP address, approximate geolocation inferred from IP (city/region), browser type, operating system, language settings and device identifiers. We use this data for security (e.g., fraud detection), localization and analytics.
• Log files and analytics: details about how you interact with our apps (e.g., session duration and frequency) and diagnostic logs for troubleshooting.

Certain features (for example, "use my current location" to pick a starting point) require your device’s precise geolocation. We will only collect and process precise geolocation data after you affirmatively opt in and expressly grant location permissions via your browser or device settings to enable location-based features and services.

You may revoke these permissions at any time through your device or browser settings. If you decline or disable location permissions, location-based features may not function, but the rest of the Services remains available. We do not collect or track your precise geolocation in the background or when you are not actively using location-based features.

We use cookies, local storage and similar technologies to:

• Authenticate you and maintain secure sessions.
• Remember your preferences (such as language, theme and display settings).
• Understand how features are used and measure performance.
• Prevent fraud and abuse.

Cookies are categorized into Essential, Analytics, Personalization and Optional cookies. Essential cookies are necessary for the Services to function (e.g., sign-in) and similar operational purposes. Analytics cookies help us understand usage in aggregated form; Personalization cookies tailor content; Optional cookies may support marketing or other features.

We deploy cookies based on applicable legal bases, including legitimate interests and consent where required by law. You can manage cookie preferences through our Cookie Banner (displayed on your first visit and accessible through our website footer) and your browser settings. If you disable certain cookies, some features may not work correctly.

We recognize and honor legally recognized universal opt-out mechanisms, including the Global Privacy Control (GPC), as an opt-out of the sale or sharing of personal information where required by applicable law. When we detect a GPC signal from your browser, we will treat it as a valid request to opt out of the sale and sharing of your personal information. We will process this opt-out request promptly and apply it on a going-forward basis from the time we detect the signal.

GPC signals are processed as opt-out requests and do not constitute requests to delete previously collected information. We do not sell personal information as defined by applicable privacy laws. We do not share personal information with third parties for cross-context behavioral advertising purposes. We may share personal information with service providers and vendors who perform services on our behalf under contractual obligations to protect such information, which does not constitute a "sale" or "sharing" under applicable privacy laws.

We receive limited information from third-party services that integrate with Roamify AI, such as:

• Authentication providers (e.g., Firebase/Google): to enable sign-in and facilitate account creation.
• Maps and places providers (e.g., Google Maps Platform, Mapbox): to support routing and point-of-interest search. We transmit necessary location queries to these providers and abide by their privacy policies.
• AI/Narration providers: to generate suggested routes, narration text and text-to-speech audio. We use reputable artificial intelligence ("AI") providers who are contractually prohibited from using your prompts, inputs, or tour content to train their general models or for any purpose other than providing the requested service to you. We will not share your content with AI providers for model training purposes without obtaining your separate, explicit, informed written consent. We pass only the minimum information needed to deliver the feature (e.g., tour itinerary or narration text) and require providers through written data processing agreements to not store, retain, or reuse it for purposes unrelated to providing the requested service. These data processing agreements (or business associate agreements, as applicable) include confidentiality obligations, appropriate technical and organizational security measures, restrictions on further processing or disclosure, data retention and deletion requirements, and the right to audit compliance with these obligations. See Section 3.3 for more details.
• Payment processors (e.g., Stripe): to manage credits and subscriptions. These processors handle payment card details and comply with PCI DSS requirements. Roamify AI only receives limited transaction information to confirm and administer payments.

These third parties process information under their own terms and privacy policies; we encourage you to review those policies.

• Generate and save tours, routes, stops, narration and offline downloads.
• Manage subscriptions, payments and invoicing.
• Enable collaboration and sharing of tours. You control whether a tour is private, shareable via link, embedded, or publicly discoverable.

• Monitor performance, diagnose bugs and troubleshoot issues.
• Develop and test new features.
• Enforce usage limits and subscription entitlements, prevent abuse (such as spam or denial-of-service attacks), and protect against fraud and security incidents.
• Create aggregated and de-identified metrics to understand feature usage and improve reliability and user experience. These metrics do not identify individual users and may be retained for longer periods for analytical purposes.

Roamify AI leverages AI tools to enhance your experience, for example, to suggest routes based on your inputs, generate narration text or convert text to speech. We may send content (such as tour descriptions, route details or prompts) to our own models or to third-party providers solely to generate the requested output.

We require providers through written agreements to maintain confidentiality and not use your inputs to train models without your explicit consent. Some providers may allow opt-out or enterprise-grade settings that disable training; we configure these privacy controls whenever available and choose vendors who commit not to train on your data by default.

We do not use your creator content or personal information to develop, train, or improve our own AI models or algorithms except as reasonably necessary to provide and improve the Services you use or may use, which may include using aggregated insights to enhance service quality, reliability, and user experience across our service ecosystem. We will not use your data to train models for commercial purposes that are materially unrelated to enhancing your experience with the Services.

We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you, except where (i) necessary to perform our contract with you, (ii) authorized by applicable law with suitable safeguards for your rights, or (iii) you have provided explicit consent.

We use your contact information to send:

• Service messages such as account notifications, security alerts, or policy updates.
• Responses to your support requests or feedback.
• If you subscribe to marketing updates, we may send optional promotional messages. You can opt out of nonessential communications at any time through the unsubscribe link or your account settings.

We may process and disclose personal information as necessary to: (a) comply with applicable law; (b) respond to valid legal requests (such as subpoenas, court orders, or government demands); (c) enforce our Terms of Service (available at https://www.roamifyai.com/terms); (d) investigate potential violations of our policies; (e) protect our rights, property, and safety and that of our users and others; and (f) facilitate a merger, acquisition, or sale of assets.

If we are involved in a corporate transaction, your information may be transferred to the acquiring or successor entity as part of that transaction, subject to confidentiality protections and the requirement that the recipient honor the commitments made in this Privacy Policy. We will provide you with notice of any such transfer as required by applicable law.

Depending on your location, you may have certain rights to access, correct, delete, or export your personal data, subject to verification of your identity and applicable legal requirements and exceptions. We respond to verified requests to exercise rights within the timelines required by law. To submit a request, log into your account and visit the Privacy Settings section or contact us as described in Section 10.

We may ask you to verify your identity. If your request relates to data we process on behalf of an organization (where we act as processor), we will forward your request to the appropriate data controller within five business days of receipt and notify you that we have done so.

You can manage cookie preferences and other consent settings through our cookie banner and account privacy settings. For example, you may:

• Opt in or out of analytics or personalization cookies.
• Choose whether your anonymized interaction data is used to improve our AI models. Where technically feasible, this option is off by default and requires affirmative consent.
• Opt out of marketing communications via the unsubscribe link or account settings.

You can enable or disable location permissions at any time through your device or browser settings. Without location permissions, features that rely on precise location (such as "find nearby stops") will not function. We do not collect precise location data unless you have provided permission in accordance with applicable law.

You choose whether tours are private, shared via link, embedded or public. You can change a tour’s visibility at any time. If you share a tour publicly, other users may view and use it as inspiration, subject to our Terms of Service and applicable intellectual property rights. You may anonymize or revoke shared content by adjusting the visibility settings or deleting the content.

Our AI features do not make decisions that produce legal or similarly significant effects. However, if you believe automated processing affects you in a way that materially impacts your rights, you may object or request review. We will provide a meaningful explanation of how the AI feature works and evaluate your request within thirty (30) business days.