Back to home

Privacy Policy

Last updated: August 2025

1. Information We Collect

We collect information you provide directly:

  • Profile information (name, email, bio, headline)
  • LinkedIn profile data for verification
  • GitHub profile data (optional)
  • Listing details, photos, and availability dates
  • Messages between users
  • Location data (obfuscated by 200m for privacy)
  • City Intel contributions (for premium users)
  • Feedback and support messages
  • Payment information (processed by Stripe)

Information from Google OAuth: When you sign in with Google, we only receive your email address and basic profile information (name and profile picture if available). We do not access your Google Drive, Gmail, contacts, or any other Google services.

2. How We Use Information

  • To provide and improve our services
  • To verify user identities through LinkedIn
  • To facilitate home swaps between developers
  • To enable messaging between members
  • To process premium subscriptions
  • To send service-related communications
  • To notify you about inquiries to your listing
  • To ensure platform safety and security
  • To improve our services based on feedback

3. Email Communications

We use your email address for:

  • Account verification and security updates
  • Notifications when someone inquires about your listing
  • New messages in your inbox
  • Subscription and billing notifications
  • Important service updates and changes
  • Optional: Newsletter and community updates (with consent)

We will never share your email address with other members or third parties for marketing purposes. You can manage your email preferences in your account settings.

4. Messaging Privacy

We store messages securely and restrict access to the two participants. Roundtrip does not monitor private conversations; limited access may occur to fulfill legal obligations or address abuse reports.

5. Location Privacy

Your exact address is never stored. All coordinates are automatically obfuscated by 200 meters to protect your privacy. Exact locations can be shared through the chat feature after mutual agreement.

6. Information Sharing

We do not sell your personal information. We share information only:

  • With other users as part of the service
  • With service providers (hosting, payments)
  • When required by law
  • To protect rights and safety

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for all data transmission
  • Encrypted database storage
  • Regular security audits and updates
  • Limited access to personal data (need-to-know basis)
  • Secure OAuth 2.0 authentication flows

However, no method of transmission over the internet is 100% secure.

8. Your Rights

You have the following rights regarding your personal data:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data (right to be forgotten)
  • Export your data (data portability)
  • Opt-out of marketing communications
  • Revoke OAuth permissions at any time
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@roundtrip.it.com. You can revoke Google OAuth access anytime in your Google Account settings.

9. Data Retention

We retain your personal data only as long as necessary:

  • Account data: Until account deletion
  • Messages: 2 years after last activity
  • Payment records: As required by tax law (7 years)
  • Feedback: Until no longer useful for service improvement

10. Cookies

We use essential cookies for authentication and functionality. We do not use tracking or advertising cookies. Essential cookies include:

  • Session cookies for authentication
  • Security cookies to prevent fraud
  • Preference cookies to remember your settings

11. Third-Party Services

We integrate with the following services:

  • LinkedIn (identity verification)
  • GitHub (optional developer profile enhancement)
  • Stripe (payment processing)
  • Mapbox (map visualization)
  • Supabase (database and authentication)
  • Vercel (hosting and analytics)

These services have their own privacy policies.

12. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

13. Children's Privacy

Our service is not intended for users under 18. We do not knowingly collect data from children.

14. Legal Basis for Processing

We process your personal data based on:

  • Your consent (for OAuth authentication)
  • Contract performance (to provide our services)
  • Legal obligations (tax and regulatory requirements)
  • Legitimate interests (platform security and improvement)

15. Changes to Policy

We may update this policy. Significant changes will be notified via email or platform notification.

16. Contact

For privacy concerns, contact us through the feedback button in the app or email privacy@roundtrip.it.com