1. Introduction

Entmoot Solutions, LLC ("Entmoot Solutions," "we," "us," or "our") operates the RoomForMe mobile application (the "App") and website at roomforme.app (the "Website"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App and services (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use our Services.

Age Requirement: RoomForMe is intended for use by adults 18 years or older. By creating an account, you represent that you are at least 18 years old and have the legal capacity to enter into binding contracts.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

• Create an Account: Name, email address, password (encrypted), profile information
• Use Our Services:
  • Event and activity details (types, locations, times, descriptions)
  • Personal goals and aspirations
  • Calendar events and scheduling preferences
  • Free-form text entries, notes, and reflections
  • Weekly review responses and self-assessments
  • Event tags and categorizations (e.g., "work", "personal", "family")
• Contact Us: Name, email address, and any information contained in your communications
• Payment Information: Processed through third-party payment processors (we do not store complete credit card information)

2.2 Information Collected Automatically

When you use our Services, we automatically collect certain information:

• Device Information: Mobile device type, operating system, unique device identifiers, IP address, mobile network information
• Usage Data: App features accessed, time and duration of use, interaction patterns, crash reports, performance data
• Analytics Data: Aggregated and anonymized usage statistics and patterns

2.3 Information from Third-Party Services

We collect information from third-party services you choose to connect:

• Email Services: Email content, metadata, sender/recipient information, timestamps (only with your explicit authorization)
• Calendar Services: Calendar events, schedules, attendees, event details (only with your explicit authorization)
• School and Organization Calendars: Academic calendars, organizational schedules, and event information when you provide access or upload files (PDF, CSV, etc.)
• Authentication Providers: Name, email address, profile information from OAuth providers (e.g., Google, Apple)

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Core Service Delivery

• Provide, maintain, and improve our scheduling and AI assistance features
• Process and optimize your personal schedules and goals
• Generate AI-powered insights, recommendations, and scheduling suggestions
• Facilitate calendar integrations and email processing
• Enable the "Ruby" AI assistant features and Weekly Review functionality
• Synchronize data across your devices

3.2 AI Processing

• AI Model Training: We use third-party AI services (Google Gemini, OpenAI ChatGPT) to process your inputs and generate responses. Your conversational data may be processed by these services according to their respective privacy policies
• Pattern Recognition: Analyze scheduling patterns, goal progress, and behavioral trends to provide personalized recommendations
• Content Generation: Generate summaries, insights, and suggestions based on your data
• Note: We implement contractual safeguards with AI providers to limit use of your data for their own model training purposes

3.3 Communication

• Send transactional emails (account confirmations, password resets, service updates)
• Deliver Weekly Review notifications and goal reminders
• Respond to your inquiries and customer support requests
• Send optional marketing communications (with your consent; you may opt out at any time)

3.4 Analytics and Improvement

• Monitor and analyze usage trends and user engagement
• Diagnose technical issues and improve App performance
• Conduct A/B testing and feature experimentation
• Generate anonymized, aggregated statistics

3.5 Legal and Security

• Comply with legal obligations and enforce our Terms of Service
• Detect, prevent, and address fraud, security issues, or technical problems
• Protect the rights, property, and safety of RoomForMe, our users, and the public

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Third-Party Service Providers

We share information with vendors who perform services on our behalf:

• AI Processing Services: Google (Gemini 2.5 Flash-Lite), OpenAI (ChatGPT-4o-mini) for AI-powered features
• Cloud Infrastructure: Supabase for database and backend services
• Email Services: Zoho Mail for business communications
• Payment Processing: Stripe for subscription billing
• Analytics Providers: For usage analysis and app performance monitoring
• Customer Support Tools: For providing technical support

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental request, or if we believe disclosure is necessary to:

• Comply with legal process or obligations
• Enforce our Terms of Service or other agreements
• Protect the rights, property, or safety of RoomForMe, our users, or others
• Prevent fraud or security threats

4.3 Business Transfers

If RoomForMe is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and your options regarding your information.

4.4 With Your Consent

We may share information with third parties when you explicitly authorize us to do so.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot reasonably be used to identify you for research, marketing, or analytics purposes.

5. Data Retention

5.1 Active Accounts

We retain your personal information for as long as your account is active and as necessary to provide Services.

5.2 Account Deletion

When you delete your account:

• Personal information is deleted within 30 days
• Some information may be retained in anonymized form for analytics
• Legal, regulatory, or security purposes may require longer retention
• Backup systems may retain data for up to 90 days before permanent deletion

5.3 Specific Data Categories

• AI Conversation History: Retained for your Weekly Review history and pattern analysis; deleted with account deletion
• Email and Calendar Data: Retained only while integrations are active; deleted when you disconnect services
• Payment Records: Retained as required by tax and accounting regulations (typically 7 years)

6. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your information:

• Encryption: Data in transit is encrypted using TLS/SSL; sensitive data at rest is encrypted
• Access Controls: Limited employee access based on role and necessity
• Authentication: Secure password requirements and optional multi-factor authentication
• Regular Security Assessments: Periodic security reviews and vulnerability testing
• Vendor Security: Third-party providers must meet our security standards

However, no method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

7. Your Privacy Rights and Choices

7.1 Access and Portability

You have the right to:

• Access the personal information we hold about you
• Request a copy of your data in a portable format (JSON or CSV)
• Request this through your account settings or by contacting us

7.2 Correction and Update

You can update your information directly through the App settings or by contacting us to correct inaccuracies.

7.3 Deletion

You may request deletion of your account and personal information at any time through:

• In-app account deletion feature
• Emailing us at legal@roomforme.app

7.4 Opt-Out Rights

You may opt out of:

• Marketing Communications: Via unsubscribe links in emails or account settings
• Push Notifications: Through your device settings or app preferences
• Analytics Tracking: Through limited in-app settings (may affect functionality)

7.5 Connected Services

You can disconnect third-party integrations (email, calendar) at any time through the App settings.

7.6 AI Processing Preferences

You can limit certain AI processing features, though this may reduce functionality. Core AI features cannot be completely disabled as they are essential to the Service.

8. State-Specific Privacy Rights

8.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act:

• Right to Know: Request details about personal information collected, used, disclosed, or sold in the preceding 12 months
• Right to Delete: Request deletion of personal information (subject to certain exceptions)
• Right to Opt-Out of Sale: We do not sell personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights
• Shine the Light: Request information about disclosure of personal information to third parties for their direct marketing purposes (we do not engage in this practice)

To exercise these rights, contact us at legal@roomforme.app. We will verify your identity and respond within 45 days.

8.2 European Union Residents (GDPR)

If you are in the EU/EEA, you have additional rights:

Legal Basis for Processing:

• Contract performance (providing Services)
• Legitimate interests (improving Services, analytics)
• Consent (marketing, certain data processing)
• Legal compliance

Your Rights:

• Access, rectification, erasure, restriction, portability, objection
• Withdraw consent at any time
• Lodge complaints with supervisory authorities

International Transfers: We transfer data from the EU to the United States. We use appropriate safeguards such as Standard Contractual Clauses.

8.3 Other U.S. States

Residents of Virginia, Colorado, Connecticut, Utah, and other states with privacy laws have similar rights to those described above. Contact us to exercise your rights.

9. International Users

RoomForMe is based in Pennsylvania, United States. If you access our Services from outside the United States, your information will be transferred to, stored, and processed in the United States. U.S. data protection laws may differ from those in your country.

By using our Services, you consent to the transfer of your information to the United States and processing as described in this Privacy Policy.

10. Third-Party Services and Links

Our Services may contain links to third-party websites or integrate with third-party services (e.g., Google Calendar, email providers). This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you interact with.

Key Third-Party Services:

• Google (OAuth, Gemini AI): https://policies.google.com/privacy
• OpenAI (ChatGPT): https://openai.com/privacy
• Supabase: https://supabase.com/privacy
• Stripe: https://stripe.com/privacy

11. Do Not Track Signals

Our App does not currently respond to "Do Not Track" signals from browsers, as there is no consistent industry standard for compliance.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated Privacy Policy on our Website and in the App
• Sending an email notification to your registered email address
• Displaying an in-app notification

The "Last Updated" date at the top indicates when changes were last made. Your continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Entmoot Solutions, LLC
Email: legal@roomforme.app
Website: https://roomforme.app

Response Time: We will respond to your privacy inquiries within 30 days (or as required by applicable law).

14. Consent

By using RoomForMe's Services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy.