1. Who we are
Roamly is operated by Dimitri Jordens, entrepreneur individuel (micro-entreprise) registered in France under SIREN 839 079 258, acting as the data controller for personal data collected through the service. Contact: support@roamlytrips.app.
2. Data we collect
- Account data: name, email, password hash, profile picture (if provided).
- Trip content: destinations, dates, notes, collaborators, photos, and other content you add.
- Support messages: what you send us when contacting support.
- Usage & device data: pages viewed, actions taken, device type, browser, IP address, approximate location, timestamps.
- Cookies & similar: essential cookies for sign-in and security; optional analytics cookies (see §8).
Payment card data is handled directly by Paddle; we do not store it.
3. Purposes and legal basis
- Provide the service (create your account, save and sync trips, run AI suggestions) — performance of contract.
- Security & fraud prevention — legitimate interests and legal obligation.
- Customer support — performance of contract and legitimate interests.
- Product improvement & analytics — legitimate interests, or consent where required.
- Marketing emails — consent (you can withdraw at any time).
- Compliance (tax, accounting, legal requests) — legal obligation.
4. Who we share data with
- Merchant of Record: Paddle.com — payments, subscription management, invoicing, tax compliance.
- Infrastructure & hosting: our cloud backend and hosting providers.
- AI providers: to generate itinerary suggestions from your prompts and trip context.
- Maps & places providers: to render maps and place details.
- Analytics & error monitoring: to keep the app stable and improve it.
- Professional advisers: legal, accounting, when necessary.
- Authorities: where required by law.
We never sell your personal data.
5. International transfers
Some of our providers are based outside the EEA. When personal data is transferred outside the EEA/UK, we rely on adequacy decisions or Standard Contractual Clauses to protect it.
6. Retention
We keep your data while your account is active and for as long as necessary to provide the service, comply with legal obligations (e.g. accounting records for up to 10 years for invoices), resolve disputes, and enforce our agreements. Deleting your account triggers deletion or anonymization of personal data, except where retention is legally required.
7. Your rights (GDPR)
You have the right to: access, rectify, erase, restrict, port your data, object to processing, and withdraw consent at any time. You can also lodge a complaint with the French supervisory authority (CNIL, cnil.fr) or your local authority. To exercise your rights, contact support@roamlytrips.app. We respond within one month.
8. Cookies
We use essential cookies to keep you signed in and secure the service. We may use analytics cookies to understand usage; where required, these are set only after your consent, and you can change your choice at any time.
9. Security
We implement appropriate technical and organisational measures: encryption in transit (HTTPS), encrypted storage, role-based access, and least-privilege server access. No system is 100% secure — please use a strong password.
10. Children
Roamly is not directed to children under 16. Please do not use the service if you are under this age.
11. Changes
We may update this notice; material changes will be announced in-app or by email.