1. Introduction

RoomForMe ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

2. Information We Collect

2.1 Account Information

• Email address
• Name
• Password (encrypted)

2.2 Family and Schedule Data

• Children's names, ages, and school information
• Activity schedules and calendar events
• Personal goals and time blocks
• Family member relationships (for shared calendar features)

2.3 Gmail Data (Optional - With Your Explicit Consent)

If you choose to connect your Gmail account, we access:

• What we access: Email messages in your Gmail inbox
• Why we access it: To scan for school-related emails (newsletters, activity schedules, field trip notices) and automatically extract calendar events
• What we do NOT access: We do not read non-school-related emails, store your entire inbox, or share your emails with third parties (except OpenAI for AI classification)
• How long we keep it: Email metadata is stored for 30 days maximum, then automatically deleted
• How to revoke access: You can disconnect Gmail at any time in Settings → Email Connections

Gmail API Scope Used: https://www.googleapis.com/auth/gmail.readonly (read-only access to Gmail messages)

Data Minimization: We only extract specific event information (date, time, location, title) and do not store full email content.

3. How We Use Your Information

• Provide Core Services: Create and manage your family schedule, track personal goals, coordinate with family members
• Email Automation (Optional): Scan Gmail for school-related emails and extract calendar events to save you time
• AI Optimization: Use AI to suggest optimal time blocks for your personal goals based on your schedule patterns
• Improve Services: Analyze usage patterns (anonymized) to improve app features
• Communication: Send you important updates about your account and schedule

4. How We Share Your Information

4.1 Service Providers

We share data with the following trusted service providers:

• Supabase: Database and authentication (encrypted at rest and in transit)
• OpenAI: AI classification of emails to identify school-related content (email subject/snippet only, not full content)
• Google: Gmail API for optional email scanning feature

4.2 Family Members

If you add family members (e.g., spouse/partner) to your account, they can view:

• Shared children's schedules and activities
• Shared family calendar events
• Their own personal goals (not yours)

4.3 We DO NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. Ever.

5. Data Security

We implement industry-standard security measures:

• Encryption: All data encrypted at rest and in transit (TLS/SSL)
• OAuth 2.0: Secure authentication for Gmail and Outlook integrations
• Secure Storage: OAuth tokens stored encrypted using expo-secure-store
• Access Controls: Row-level security (RLS) ensures users can only access their own data
• Regular Audits: Ongoing security reviews and updates

6. Data Retention

• Active Account Data: Retained while your account is active
• Email Metadata: Automatically deleted after 30 days
• Deleted Account Data: Permanently deleted within 30 days of account deletion request
• Backups: Removed from backups within 90 days

7. Your Rights and Choices

You have the right to:

• Access Your Data: Request a copy of your personal information
• Correct Your Data: Update inaccurate information
• Delete Your Data: Request account deletion (Settings → Account → Delete Account)
• Revoke Email Access: Disconnect Gmail/Outlook at any time
• Export Your Data: Download your schedule and goal data
• Opt Out: Disable optional features like email scanning

8. Children's Privacy

RoomForMe is designed for parents (18+) to manage their family schedules. We do not knowingly collect information directly from children under 13. Parents enter their children's information (names, ages, activities) to use the app's scheduling features.

9. International Data Transfers

Your data is stored on servers located in the United States. By using RoomForMe, you consent to the transfer of your data to the U.S.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or app notification. Continued use after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or your data:

Email: privacy@roomforme.app

Website: https://roomforme.app

12. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA):

• Consent: Gmail email scanning (you explicitly opt-in)
• Contract: Core app features necessary to provide the service
• Legitimate Interest: App improvements and analytics (anonymized)