Privacy Policy
Effective date: 23 May 2026 | Last updated: 23 May 2026
The short version: Roamr is privacy-first by default. You can use the entire app as a guest, with all data on your device and your personal iCloud account — the same as before. Optionally, you can create an account to follow friends, plan shared trips, and collaborate on inspo folders. Account data is stored on our servers only if you choose to sign in. No ads, no trackers, no selling your data — ever.
This Privacy Policy describes how Roamr ("we", "us", "our") handles information when you use the Roamr mobile application (the "App"). This policy is provided in accordance with Apple's App Store Review Guidelines and applicable privacy laws.
1. Data We Collect
Guest mode (the default)
You can use Roamr without an account. In guest mode, we do not collect any personal data. The following data is created and stored locally on your device only:
- Countries and cities you mark as visited
- Trip records and travel plans you create
- Bucket list destinations
- Photos you attach to places or trips
- Notes and journal entries
- App preferences and settings
- Badge and achievement progress
This data never leaves your device except through iCloud sync to your own Apple account (see Section 3) or when you explicitly choose to share content (see Section 9).
If you create an account (optional)
If you choose to sign in to use friends features (following, shared trips, shared inspo folders), we store a minimal account profile on our servers. See Section 2 — Account, Authentication & Social Features for the full breakdown of what's stored, why, and how to delete it.
2. Account, Authentication & Social Features
The friends feature in Roamr is entirely optional. You only ever share data with our servers if you actively choose to sign in.
Sign-in providers
You can create an account using one of three sign-in providers:
- Sign in with Apple — managed by Apple. Apple may optionally share a private relay email; your real email is never shared with us unless you choose to use it. See Apple's Privacy Policy.
- Sign in with Google — managed by Google. We receive your basic profile (email, display name) only after you grant consent. See Google's Privacy Policy.
- Email & password — handled by Supabase Auth (see Section 8). Passwords are hashed; we never see them in plaintext.
What we store on our servers
If you sign in, the following is stored on Supabase Cloud (our hosting provider, see Section 8):
- Account record: auth provider identifier, account creation date, sign-in timestamps. (For email accounts only: hashed password.)
- Profile: your chosen username, display name, optional bio, optional home country, profile visibility (public or private).
- Social graph: who you follow and who follows you (or pending follow requests if your profile is private).
- Shared trips and folders you create or are invited to: the trip/folder name, stops, places, and the list of collaborators. Only the contents you explicitly share with collaborators — never your private trips or visited places.
What we do NOT store on our servers
- Your personal visited countries, cities, photos, notes, or trip history (still device + iCloud only).
- Your location.
- Your Apple ID, Google account, or email password (we only see the provider's signed identity token).
- Analytics, telemetry, or usage data of any kind.
Who can see your account data
- Public profile (default): your username, display name, follower / following count, and any content you explicitly mark public are visible to other Roamr users.
- Private profile: only people you've approved as followers can see your social content. Your username remains discoverable so people can request to follow you.
- Shared trips and folders: visible only to collaborators you've invited and who've accepted. Pending invitees see only the invite, not the contents, until they accept.
You can change your profile to private at any time from Friends tab → Edit profile.
Account deletion
You can delete your friends account from Friends tab → Settings → Delete account (coming in a near-term update). Deleting your account permanently removes your profile, social graph, and any shared trips / folders where you are the sole owner. Shared trips / folders with other collaborators are preserved for them; your contributions are anonymised. Your on-device data (visited places, personal trips, photos) is untouched by account deletion.
In the meantime, you can request manual account deletion by emailing roamrsupport@gmail.com from the email tied to your account.
3. iCloud Sync
If you have iCloud enabled on your device, Roamr uses Apple's CloudKit framework to sync your travel data across your personal devices. This means:
- Your data is stored in your personal iCloud account, not on our servers
- Only you can access this data through your Apple ID
- We have no ability to read, access, or retrieve your iCloud data
- Sync is governed by Apple's Privacy Policy and your iCloud storage terms
You can disable iCloud sync for Roamr at any time via iOS Settings → [Your Name] → iCloud.
4. App Store Privacy Labels
In accordance with Apple's App Store requirements, the following table summarises our data practices as declared in App Store Connect. The "Account only" column reflects data collected only if you choose to create an account — guest use collects nothing.
| Category | Collected? | Details |
|---|---|---|
| Contact Info | Account only | Email address (only if you sign up with email; not collected for Apple/Google) |
| Name | Account only | Display name + username you choose |
| Health & Fitness | No | — |
| Financial Info | No | No payments or purchases |
| Location | No* | Used on-device only; never collected or transmitted |
| Sensitive Info | No | — |
| Contacts | No | — |
| User Content | Account only | Trips / inspo folders you explicitly choose to share with collaborators. Personal trips, photos, notes & visited places stay on-device. |
| Browsing History | No | — |
| Search History | No | — |
| Identifiers | Account only | Auth provider identifier (Apple sub / Google sub / Supabase user ID). Not used for tracking or ads. |
| Purchases | No | — |
| Usage Data | No | No analytics or crash reporting |
| Diagnostics | No | — |
* Location data is processed on-device only when you use location features. It is never sent to us or any third party.
All data marked "Account only" is collected solely to provide the friends feature you opted into; it is never used for tracking, advertising, or sold to third parties.
5. Location Data
Roamr may request access to your device's location services to:
- Help you identify your current location on the map
- Suggest nearby places you may want to pin
Location data is:
- Processed entirely on your device
- Never transmitted to any external server, including ours
- Never stored persistently — it is used only in the moment you interact with location features
- Only accessed when you explicitly grant permission
You can revoke location access at any time via iOS Settings → Privacy & Security → Location Services → Roamr. The app functions fully without location access.
6. Photos & Camera
Roamr may request access to your photo library or camera to let you attach photos to places and trips. Photos are:
- Stored locally on your device only
- Never uploaded to any external server
- Only accessed when you explicitly choose to add a photo
You can manage photo and camera permissions in iOS Settings → Privacy & Security → Photos / Camera.
7. Analytics, Tracking & Advertising
Roamr contains no third-party tracking or advertising of any kind.
- No analytics SDKs (no Firebase, Mixpanel, Amplitude, etc.)
- No crash reporting tools
- No advertising frameworks or ad networks
- No tracking pixels or fingerprinting
- No use of Apple's IDFA (Identifier for Advertisers)
- No App Tracking Transparency prompt — because we do not track you
We do not know who you are, how you use the app, where you've been, or what content you've created.
8. Third-Party Services
Roamr uses the following services. Apple frameworks are used by everyone; the remainder are used only when you opt into account / friends features.
Apple frameworks (used by all users)
- Apple MapKit — to display maps. Map tile requests are handled directly by Apple. See Apple Maps Terms of Use.
- Apple CloudKit — for iCloud data sync to your personal account. See Apple's Privacy Policy.
- Sign in with Apple (only if you choose to sign in with Apple) — identity provider managed by Apple. See Apple's Sign-In privacy notice.
Account-only services (used only if you sign in)
- Supabase — our database and authentication backend. Hosts your account profile, social graph, and shared trips / folders. Data is encrypted in transit (TLS) and at rest. See Supabase's Privacy Policy.
- Google Sign-In (only if you choose to sign in with Google) — identity provider managed by Google. We receive your basic profile (email, display name) only with your consent. See Google's Privacy Policy.
- Google Places API — used to resolve places when you save a TikTok / Instagram link or search for a place. Queries are sent to Google as plain place-name strings; no personal identifiers are attached. See Google's Privacy Policy.
No analytics SDKs, crash reporters, or advertising networks are used by any user.
9. Data Sharing
We do not sell, rent, or trade your data — ever.
- On-device data: never seen or shared by us. When you use in-app sharing (travel posters, trip playback videos, stats cards), content is shared directly from your device using Apple's share sheet.
- Account data (if you signed in): stored on Supabase Cloud only. Visible only to other Roamr users you've explicitly chosen to make it visible to — via your public profile, follow relationships, or shared-trip / shared-folder collaborations.
- Shared trips / folders: visible only to collaborators you invited. Invitees must accept the invite before they can see contents. You can leave or be removed from any shared trip or folder at any time.
10. Data Retention & Deletion
On-device data (everyone)
- Retention: Data persists on your device until you delete it.
- Deletion: You can delete individual places, trips, or other content at any time within the app. To delete all on-device data, use Settings → Reset Everything.
- Uninstalling: Deleting the app removes all locally stored data. iCloud data can be removed via iOS Settings → [Your Name] → iCloud → Manage Storage.
Account data (if you signed in)
- Retention: Account profile, social graph, and shared trips / folders are retained for as long as your account exists.
- Sign-out: Signing out from the Friends tab removes the session from your device but does not delete your account data.
- Account deletion: An in-app "Delete account" flow is coming in a near-term update. In the meantime, email roamrsupport@gmail.com from the email tied to your account — we'll permanently delete your profile, social graph, and any shared content you solely own within 30 days. Shared trips / folders with other collaborators are preserved for them; your contributions are anonymised.
11. Children's Privacy
Roamr is not directed to children under 13 (or the applicable minimum age in your jurisdiction). Guest use of the app collects no personal information. Account creation requires you to be at least 13 years old in line with Apple's minimum age. If you believe a child has somehow provided personal information through the app, please contact us and we will address it promptly.
12. International Users
European Economic Area (GDPR)
For guest use, Roamr does not collect or process personal data as defined by the General Data Protection Regulation (GDPR) — all data stays on your device or in your personal iCloud account.
If you create an account, the data we store on Supabase (see Section 2) is processed on the lawful basis of your consent, which you grant by tapping a sign-in button. Under GDPR you have the right to access, correct, port, or erase your data — contact us at roamrsupport@gmail.com and we'll respond within 30 days. You can withdraw consent at any time by deleting your account.
California (CCPA/CPRA)
We do not sell or share personal information for cross-context behavioural advertising. If you sign in, the limited personal information we hold (see Section 2) is collected solely to provide the friends feature you opted into. California residents have the right to know, delete, correct, and opt out — exercise any of these by contacting roamrsupport@gmail.com.
Australia (Privacy Act 1988)
Roamr complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988. For guest users, we collect no personal information. For account holders, personal information is collected, used, and disclosed only as described in this policy.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated effective date. If we make material changes, we will also update the "Last updated" date and surface a notice in the app on next launch. We encourage you to review this policy periodically. Continued use of the app after changes constitutes acceptance of the updated policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us at:
Email: roamrsupport@gmail.com
This Privacy Policy applies to the Roamr iOS application distributed via the Apple App Store.