Privacy Policy

1. Information We Collect

Account. Name, email, and Google Sign-in data (if you use Google to sign up).

Trip Data. Travel preferences, destinations, dates, itineraries, and family-specific details you choose to store.

Family Members. Names, birth dates, interests, dietary restrictions, allergies, mobility notes, nap times, bedtimes, and stroller/car-seat needs for adults and children in your travel group.

Emergency Contacts. Names, phone numbers, and relationships of emergency contacts you designate.

Sensitive Health-Related Information. When you provide dietary restrictions, food allergies, sensory sensitivities, mobility accommodations, or other health-related needs for yourself or your family members, this information may constitute sensitive personal data under applicable laws (including GDPR Article 9). We process this data solely to provide personalized, safe travel recommendations based on your explicit consent. You can remove this data at any time from your Family Profile.

Chat Messages. Messages you send to the AI travel planner, including conversation history and context used to generate recommendations.

Trip Ratings & Feedback. Ratings and comments you provide about completed trips.

Learned Preferences. Our summarizer may derive short notes about how your family likes to travel (for example, “prefers restaurants with kids menus”) from your edits and ratings. These notes are injected into future AI planning turns to personalize suggestions. They are editable and deletable from your Settings → Memory page.

Booking References. Confirmation numbers, flight details, and hotel reservations you store for trip organization.

Technical & Security. IP address, browser type, and system logs of account activity for security and operational purposes. Email delivery status for transactional emails (such as whether a verification email was delivered).

2. Cookies and Tracking

Session Cookies. We use session cookies to keep you logged in and to remember your active trip context while you use the app. These expire when you close your browser or after a period of inactivity.

Preference Cookies. We may use preference cookies to remember settings such as your display options. These persist across sessions to improve your experience.

Analytics. We use PostHog (a privacy-first product analytics platform) to understand feature engagement and improve the app. PostHog is configured to respect Do Not Track signals and supports opt-out via browser settings. We do not use third-party advertising trackers or cross-site behavioral tracking.

Managing Cookies. You can manage or delete cookies through your browser settings. Disabling session cookies will require you to sign in again each visit and may affect core app functionality.

Cookie types we use:

• Authentication cookies (session tokens): Essential for keeping you signed in. First-party only.
• Preference storage: Your display settings and cookie consent choice. Stored in local storage.
• Product analytics: PostHog cookie that identifies your anonymous session for usage insights.

3. Data Sharing

We do not sell your personal information. We share data with the following categories of service providers solely as needed to operate the app. Each provider is contractually prohibited from using your data for their own marketing.

• AI Processing: Anthropic (for the Claude large language model) processes your trip context, family profile, learned preferences, and chat messages to generate itineraries, activity suggestions, and chat responses. Anthropic's API terms prohibit using your inputs to train their foundation models.
• Backend and Collaboration: Convex stores app data, powers live collaboration, and coordinates asynchronous itinerary and AI workflows.
• Maps and Location: Google Maps Platform (Places API, Distance Matrix, Geocoding) for destination search, route planning, and venue details. We pass destination queries, not your personal profile.
• Weather: Open-Meteo for destination weather forecasts. We pass coordinates and date ranges; no personal identifiers.
• Affiliate Attribution: Travelpayouts (the affiliate network behind many of our partner links). When you click an affiliate link, a tracking parameter containing your anonymous Travelpayouts sub_id is forwarded so commissions can be attributed. We receive booking confirmations (without personal identifiers beyond the sub_id) via Travelpayouts' Booking Statistics API.
• Hosting and Authentication: Clerk for account creation, sign-in, sessions, and account management. Vercel hosts the application and edge middleware.
• Payments: Stripe for billing if and when we offer paid features. Stripe is PCI-compliant; we never store your full card number.
• Email: Resend for transactional emails such as account verification and trip sharing invitations.
• Analytics: PostHog for product usage analytics and feature flag delivery.
• Error Monitoring: Sentry for error tracking and performance monitoring. Error reports include browser/device context and redacted stack traces; we configure Sentry to scrub personal identifiers where possible.

Each provider processes only the minimum data necessary to perform its function. We maintain Data Processing Agreements with each provider where required by applicable law. We encourage you to review their respective privacy policies for details.

4. Data Storage and International Transfers

Your account identity is stored in Clerk. Trip data, family workspace data, collaboration history, and entitlement state are stored in Convex cloud infrastructure. Approved media and uploaded files may be stored in Vercel Blob or another configured media store.

When you use AI-powered planning features, relevant trip context (destinations, dates, preferences, family profile, chat history) is sent to Anthropic for processing. Weather data requests are sent to Open-Meteo, location data to Google Maps Platform, and affiliate tracking to Travelpayouts. Each provider processes data according to its own privacy policy.

For users in the European Economic Area, United Kingdom, or Switzerland, data transfers to the United States are protected by Standard Contractual Clauses (SCCs) and adequacy decisions maintained by our key processors, including Anthropic, Google, Clerk, Convex, Vercel, and Stripe.

By using the Service, you consent to the transfer and processing of your information in the United States and by the third-party providers described in Section 3.

5. Children's Privacy & Parental Consent

Roam Together is not directed to children under 13. Children do not directly interact with or access the Service. We do not knowingly collect personal information directly from children. Only adult account holders (age 18+) may enter information about children in their care. No separate accounts, profiles, or persistent identifiers are created for children apart from the parent's account.

Parental Consent. If you enter information regarding your children, you represent that you are their parent or legal guardian and explicitly consent to our processing of that data to provide travel planning services. This includes names, birth dates, ages, dietary restrictions, food allergies, sensory sensitivities, nap schedules, bedtimes, stroller/car-seat needs, and passport expiration dates.

How We Use Children's Data. Children's information you provide is sent to our AI service provider (Anthropic) solely to generate age-appropriate, family-friendly travel recommendations. Children's data is not stored separately by our AI provider, is not used to build profiles of children, and is not used for marketing or any purpose beyond trip planning. By entering your children's information, you consent to this processing on their behalf as their parent or legal guardian.

Deletion. You can remove your children's information at any time from your Family Profile, or request full deletion by contacting privacy@roamtogether.com.

6. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal data.

• Access and Update: View and update your profile through your account settings.
• Deletion: Delete your account directly from settings or by emailing privacy@roamtogether.com.
• Data Portability: Export your data from settings or request a copy by contacting privacy@roamtogether.com.

For additional rights specific to your jurisdiction, see Section 7 (California) and Section 8 (European).

7. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act and California Privacy Rights Act provide you with additional rights regarding your personal information.

We do not sell or share your personal information as those terms are defined under the CCPA/CPRA.

As a California resident, you have the right to:

• Know what personal information we collect, use, and disclose
• Request deletion of your personal information
• Request correction of inaccurate personal information
• Opt out of the sale or sharing of personal information (though we do not engage in these activities)
• Non-discrimination for exercising your privacy rights

To exercise these rights, use the data management tools in your account settings or email privacy@roamtogether.com. We will respond to verifiable requests within 45 days.

8. European Privacy Rights (GDPR)

If you access the Service from the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and related laws provide you with specific rights.

Data Controller. Roam Together is the data controller for your personal data. Reach us at privacy@roamtogether.com.

Legal Basis for Processing. We process your personal data based on:

• Consent: Provided when you create an account and use AI-powered features.
• Contractual Necessity: To provide the travel planning service you requested.
• Legitimate Interest: For service improvement, security, and fraud prevention.

Automated Processing. When you use the AI travel planner, your trip details, family preferences, and conversation messages are processed by automated AI systems (Anthropic Claude) to generate personalized recommendations. No solely automated decisions with legal or similarly significant effects are made about you — all AI outputs are informational suggestions that you choose whether to act upon. Under GDPR Article 22, you have the right to request human review of any AI-generated recommendation by contacting privacy@roamtogether.com.

International Transfers. Your data is transferred to and processed in the United States. These transfers are protected by Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs) maintained by our key processors. A current list is in Section 3.

Your Rights under GDPR. You have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data (“right to be forgotten”)
• Restrict processing of your data
• Data portability (receive your data in a structured format)
• Object to processing based on legitimate interest
• Withdraw consent at any time, without affecting the lawfulness of prior processing

Special Category Data. We may process health-related data (dietary restrictions, allergies, sensory sensitivities, mobility accommodations) that you voluntarily provide. Our legal basis for this processing is your explicit consent under Article 9(2)(a) GDPR. You may withdraw this consent at any time by deleting the relevant information from your Family Profile or by contacting us.

Right to Complain. You have the right to lodge a complaint with your local data protection supervisory authority.

For data retention details, see Section 11.

9. Right to Opt Out of AI Processing

Roam Together's core functionality depends on AI processing to generate personalized travel plans. Opting out of AI processing entirely would mean discontinuing use of the Service.

We do not use your private trip data to train third-party foundation AI models. See Section 8 of our Terms of Service for more detail on our training policy. If we begin using anonymized data for internal analytics or algorithm improvement in the future, you may opt out by emailing privacy@roamtogether.com with the subject line “Opt Out of AI Analytics.”

For users in the EEA or UK, you also have the right to object to automated decision-making under GDPR Article 22.

Withdrawing Consent. If you wish to withdraw consent for core data processing, you may delete your account from your account settings or contact privacy@roamtogether.com. Withdrawing consent for core processing will result in account termination, as the Service cannot function without processing your data. Withdrawal does not affect the lawfulness of processing performed before withdrawal.

10. Data Breach Notification

In the event of a data breach that compromises your personal information, we are committed to notifying affected users within 72 hours of confirming the breach, consistent with applicable law including GDPR Article 33 and the CCPA.

Notification will be provided via the email address associated with your account and, where feasible, through an in-app notice. The notification will describe the nature of the breach, the types of information involved, and the steps we are taking in response.

11. Data Retention & Deletion Realities

While Your Account Is Active:

• Account, trip, family, and emergency-contact data is retained for the life of your account.
• Chat messages and conversation history are retained for the life of your account.
• Trip ratings and feedback are retained for the life of your account.
• Learned Preferences are retained until you delete them from Settings → Memory.
• Administrative and security logs are retained for up to 2 years.
• AI edit telemetry (which items you changed vs. accepted) is retained indefinitely for product improvement; you can request deletion.

You may delete a trip's chat conversation by removing the associated trip from your account. Full data deletion is available through account deletion in Settings. We do not currently support deletion of individual messages within a conversation.

After Account Deletion:

• Your personal data is permanently removed from our active databases within 30 days of your deletion request.
• Backups: Residual copies may remain in encrypted backup systems for up to 90 days before being overwritten.
• Legal/Security: We may retain certain information where necessary to comply with legal obligations or prevent fraud.
• De-identification: We may permanently de-identify your data to help improve our internal analytics.

12. Contact Us

Questions about this Privacy Policy? privacy@roamtogether.com.