Privacy Policy — Roomies
Roomies (“we”, “us”, or the “App”) helps roommates manage shared living — expenses, cleaning rotations, and shopping lists — with real-time sync across devices. We respect your privacy and aim to be transparent about what we collect, why we collect it, and how you can control it.
Contact: yonatan.cs23@gmail.com
Quick Summary
- We use Firebase (Auth, Firestore, Cloud Functions, FCM) to run the app in real time.
- We use Google AdMob for in-app ads (with consent prompts where required).
- We don’t sell your personal information.
- You can request access, correction, or deletion via email.
Who we are
Roomies is developed and operated by Yonatan Rotem (Jerusalem, Israel). For any privacy question or request, email yonatan.cs23@gmail.com.
What data we collect
Account & Profile
- Name or nickname
- Email address
- Preferred language (e.g., English/Hebrew)
In-App Content
- Expenses, balances, settlements
- Cleaning rotation tasks & completion status
- Shopping list items and notes
- Apartment membership & roles
Device & Usage
- Device model, OS version, app version
- Approximate IP (for security & fraud prevention)
- Push token (FCM) for notifications
- Crash/performance diagnostics & basic analytics events
Advertising (AdMob)
- Advertising ID (where available)
- Ad impressions, clicks, performance data
- Consent/ATT status where legally required
How we use data
- Provide core features: real-time sync, invite/join apartment, role-based access, notifications.
- Improve the App: diagnostics, performance, understanding feature usage.
- Monetize: show ads via Google AdMob to help fund development.
- Safety: prevent abuse, security incidents, and unauthorized access.
Legal bases (EEA/UK)
- Contract: to provide the App and requested features.
- Legitimate interests: app safety, fraud prevention, service improvement.
- Consent: personalized ads/trackers where required (e.g., ATT on iOS, GDPR in EEA).
- Legal obligation: comply with applicable laws and requests by authorities.
Sharing and processors
- Google Firebase (Auth, Firestore, Cloud Functions, FCM) — backend, storage, notifications.
- Google AdMob — ad delivery and measurement.
- Platform providers (Apple App Store / Google Play) — distribution, payments, and device services.
We do not sell personal data. We may disclose information if required by law or to protect our rights, users, or the public.
Advertising (Google AdMob)
The App integrates banners/native ads via Google AdMob. AdMob may collect device identifiers and usage signals to deliver and measure ads. Where required, we present consent dialogs (GDPR) and Apple’s App Tracking Transparency prompt (ATT). You can manage ad personalization in device settings or via consent prompts.
Learn more: Google Ads Policies · Google User Consent Policy
International transfers
Firebase and AdMob may process data on servers outside your country (including the US). We rely on appropriate safeguards (such as standard contractual clauses) provided by our processors where required by law.
Data retention
- Account: retained while your account is active. Deleted upon verified request or account deletion, subject to legal holds.
- In-app content: retained for your apartment’s shared history; removed when you delete it or upon account deletion (unless required for legitimate interests or legal obligations).
- Analytics/ads logs: retained according to Firebase/AdMob standard retention windows.
Your choices & controls
- Access/Rectify/Delete: email yonatan.cs23@gmail.com.
- Notifications: disable in-app or via system settings (iOS Settings → Notifications / Android Settings → Apps & notifications).
- Ads personalization: reset/limit your device’s Advertising ID in system settings; respond to consent/ATT prompts.
- Data portability & restriction (where applicable by law): contact us by email.
- Withdraw consent (EEA/UK where relevant): adjust your consent choices in the App or contact us.
Security
- Transport security via HTTPS; data at rest protected by Firebase-managed encryption.
- Access controls enforced by Firebase Security Rules and application-level checks.
- No method is 100% secure; we continuously improve safeguards.
Children
The App is not directed to children under 13 (or the age of digital consent in your region). If we learn we collected data from such a child without proper consent, we will delete it.
Region-specific disclosures
- EEA/UK: you may lodge a complaint with your data protection authority.
- California: we do not sell personal information as defined by CCPA/CPRA; you may request access or deletion via email.
- Israel: processing is performed in accordance with applicable Israeli privacy law and, when relevant, other jurisdictions’ laws.
Changes to this Policy
We may update this Policy from time to time. We will post updates on this page and adjust the “Last updated” date above. Material changes will be highlighted in-app or via notice where required by law.
Contact
Questions or requests: yonatan.cs23@gmail.com