1) Introduction

At Roomigro, we respect your privacy and are committed to protecting your personal data. This policy explains how we collect, use, store, and share your data, including our use of third-party services such as Meta and the WhatsApp Cloud API.

By using the website/application, you agree to the practices described in this policy.

2) Data We Collect

We may collect the following types of data:

  • Account data: name, email address, phone number, password (encrypted/hashed).
  • Profile and content data: photos, personal bio, preferences, in-platform messages, ratings, and comments.
  • Verification and security data: OTP codes, email/phone verification status, login records, IP address, browser/device type.
  • Usage and analytics data: pages visited, usage duration, traffic sources, interaction events.
  • Technical data: cookies, session identifiers, error logs.

3) How We Use Data

We use your data for the following purposes:

  • Creating, managing, and authenticating accounts.
  • Identity verification and phone/email confirmation.
  • Operating core platform services (such as user communication).
  • Account recovery (forgot password).
  • Improving performance and user experience.
  • Preventing fraud, abuse, and protecting platform security.
  • Complying with legal and regulatory obligations.

4) Use of WhatsApp Cloud API and Meta Services

We may use Meta services (including the WhatsApp Cloud API) to send OTP verification messages and service messages related to account security.

When using this service, certain data may be processed, such as:

  • Phone number
  • Verification message content (such as OTP code)
  • Sending time and delivery status

This processing is carried out in accordance with Meta’s policies, including:

  • Meta Privacy Policy
  • WhatsApp Privacy Policy

We do not use OTP messages for marketing purposes without your explicit consent.

5) Legal Basis for Data Processing

We process your data based on one or more of the following legal bases:

  • Performance of a service/contract between you and us.
  • Explicit consent (where required).
  • Legal obligation.
  • Legitimate interest (such as platform security and fraud prevention).

6) Sharing Data with Third Parties

We may share limited data with:

  • Infrastructure and hosting providers.
  • Verification and communication providers (such as Meta/WhatsApp Cloud API).
  • Analytics and performance monitoring providers.
  • Legal/regulatory authorities when legally required.

We do not sell your personal data to third parties.

7) Data Retention

We retain your data only for as long as necessary to provide the service and fulfill the purposes described above, or to comply with legal obligations.
Retention periods may vary depending on the data type (for example: security logs, financial operations, and compliance records).

8) Data Protection

We implement technical and organizational security measures, such as:

  • HTTPS encrypted communication.
  • Storing passwords in hashed format.
  • Access control and permission management.
  • Security monitoring and audit logging.
  • OTP attempt limiting and abuse prevention (rate limiting).

9) Your Rights

Depending on applicable laws, you may have the right to:

  • Access your data.
  • Correct your data.
  • Delete your data.
  • Restrict or object to processing.
  • Withdraw consent (when processing is based on consent).
  • Data portability (where applicable).

To submit a request, contact us via: [Privacy Email].

10) Account and Data Deletion

You may request deletion of your account and data through:

  • Contacting us via Contact Us page and request your account delete.

We may retain minimal data where legally required or for legitimate security purposes.

11) Cookies

We use cookies to improve performance, remember your preferences, and analyze usage.
You can manage cookies through your browser settings, but disabling them may affect certain service features.

12) Children’s Privacy

The service is not intended for children under [13/16] years of age (depending on local regulations).
We do not knowingly collect children’s data, and if we become aware of such collection, we will delete it.

13) International Data Transfers

Data may be processed in different countries through trusted service providers.
We are committed to implementing appropriate safeguards to protect data during cross-border transfers.

14) Changes to This Privacy Policy

We may update this policy from time to time.
Any updates will be posted on this page along with an updated “Last Updated” date.

15) Contact

For any privacy or data-related inquiries:

Email: info@roomigro.com