Onroom – Where emotions connect conversations

We respect your privacy and are committed to protecting it. This Privacy Policy explains how Onroom ("we", "us") collects, uses, and shares your personal information when you interact with our website (https://on-room.com), applications, and related services (collectively, the "Service").

1. Information We Collect

Category	Examples	Source	Purpose
Contact data	E‑mail address entered in wait‑list form	You	Wait‑list confirmation, product updates
Auth data	Google UID, display name, avatar	Google (if you sign in)	Account creation, personalisation
Usage data	Pages visited, links clicked, referral URL	Automatically via GA4 / Plausible	Analytics & product improvement
Device data	IP address, browser type, OS	Automatic	Security & fraud prevention
Communications	Welcome e‑mail, beta invite	Resend (transactional e‑mail)	Service messages & compliance
Account Data	Wallet balance, ChatPass balance, Emotion score inference	Service Usage	Core service delivery, Personalization
Verification Data (Verified Users)	Legal name, address, Gov. ID photo, selfie	You (via Stripe)	Identity Verification (KYC), Fraud Prevention
Monetary Data (Verified Users)	Tax forms, bank details (via Stripe)	You (via Stripe)	Cash Payout Processing

We do not knowingly collect data from children under 13 (or 16 in EEA).

2. Legal Bases (GDPR)

We process personal data under the following bases:

Consent – e.g. when you join the wait\u2011list, agree to emotion scoring analysis (explicit consent needed).
Contract – to provide the Service you request (chat, profile, wallet/ChatPass balances).
Legitimate interest – improving Service, preventing fraud, basic analytics.
Legal obligation – record\u2011keeping, compliance (incl. KYC/AML via verification).

3. How We Use Data

Deliver and improve the Service.
Send transactional messages, such as welcome or beta invites.
Analytics (aggregate, non‑identifiable).
Legal compliance and protection of our rights.

We do not sell your personal data.

4. Sharing of Data

We share data only with trusted subprocessors necessary to operate the Service:

Sub‑processor	Purpose	Location	Safeguards
Google Cloud / Firebase	Hosting, database, authentication	USA	SCCs / GDPR Business Addendum
Resend	Transactional e‑mail	USA/EU	DPA & SCCs
Google Analytics 4	Site analytics (IP anonymised)	Global	IP‑anonymisation, consent banner
Plausible.io	Privacy‑friendly analytics	EU	No cookies
Stripe	Payment Processing, Identity Verification (KYC)	Global (USA HQ)	PCI-DSS, DPA & SCCs

We may disclose information if required by law or to protect the Service.

5. International Transfers

Data may be stored and processed in the United States or other countries. When transferring personal data from the EU/UK we rely on Standard Contractual Clauses.

6. Data Retention

Wait\u2011list data: until invitation is sent or you request deletion.
Account data: while your account is active + 30 days.
Wallet/ChatPass balances: while account active.
Analytics logs: 26 months (GA4 default).
E\u2011mail logs: 30 days (Resend).
Verification Data (selfies, ID photos): Deleted within 30 days post-review (processed by Stripe).

7. Your Rights

Region	Rights
EEA/UK GDPR	Access, rectification, erasure, restriction, data portability, object, lodge complaint with DPA
California (CCPA/CPRA)	Know, delete, opt‑out of "sale" (we don't sell), non‑discrimination
All users	Unsubscribe from e‑mails via link in footer

California residents may have additional rights, including the right to opt-out of the "sale" or "sharing" of personal information. We do not sell your data, but you can exercise your rights via the contact info below.

Submit requests at privacy@on-room.com.

8. Security

We use industry\u2011standard measures (TLS 1.3, Firestore security rules, least\u2011privilege IAM). Sensitive data like payment details submitted for verification are processed directly by Stripe and stored encrypted. No method is 100% secure.

9. Cookies & Similar Tech

Required cookies – maintain session, CSRF protection.
Analytics – GA4 uses first‑party cookies; Plausible is cookieless.
Toggle via cookie banner (coming soon).

10. Changes to This Policy

We may update this Privacy Policy. Material changes will be posted on this page and notified by e‑mail to wait‑list members.

11. Contact

Questions about privacy? E‑mail support@on-room.com

Back to Home

Onroom – Privacy Policy