Privacy Policy

January 27, 2025

INTRODUCTION

This privacy policy for Reroom ("we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), such as when you:

  • Visit our website at reroom.art, or any website of ours that links to this privacy policy
  • Download and use our mobile application Reroom ('App')
  • Engage with us in other related ways, including any sales, marketing, or events

By using our Services, you confirm that you are at least 18 years old, or the minimum age required by applicable laws, or have verified parental/guardian consent. If we discover any personal information collected from a minor without proper consent, we will promptly delete it from our databases. If you believe we have collected personal information from a minor, please contact us at support@reroom.art.

1. WHAT INFORMATION DO WE COLLECT?

We collect and process personal data based on how you interact with our App and Services, the features you use, and the information you choose to provide. This may include data you submit directly or data collected through service providers acting on our behalf. All information is processed solely to provide and improve our services in accordance with this policy. We may also receive limited data from third-party sources such as marketing partners or social media platforms, as permitted by their privacy policies.

We do not process sensitive personal data and we do not sell, trade, or rent your personal data to third parties.

1.1 Information You Provide to Us

a. Account Information: When you create an account, we collect your name, email address, username, and password to verify your identity and manage your account. If you sign in via a third-party service (e.g., Apple ID), we may receive limited information such as your name and email in accordance with that service's privacy settings. You are responsible for keeping your login credentials secure. This information is used for authentication, account management, personalized app experiences, and to send important updates related to our Services.

b. Payment Information: We do not collect or store payment details directly. All payments are securely processed by third-party providers who may collect your name, billing address, email, and payment method information. We do not access or control this data.

c. Photos: The App requires access to your device's camera or photo library to enable photo uploads for core features and to generate outputs. By granting permission and uploading photos, you consent to our processing of these photos as outlined in our Privacy Policy.

d. Communications: If you contact us, we collect and retain records of your correspondence and any contact details you provide, such as your name and email, to respond to your inquiries.

1.2. Information automatically collected

a. We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services and for our internal analytics and reporting purposes.

b. When you access or use our App and Services, our servers automatically collect service-related, diagnostic, usage, and performance information, which we record in log files. This data may vary depending on how you interact with us. It may include your IP address, device details, browser type, and settings, as well as information about your activities within the Services (such as pages and files viewed, searches conducted, and other actions you take, such as which features you use). Additionally, device event information, such as system activity, error reports (commonly referred to as "crash dumps"), and hardware settings, may also be included in this log data.

c. Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Policy.

2. WHY AND HOW WE PROCESS YOUR INFORMATION

We process your personal data in compliance with applicable data protection laws to provide, operate, and enhance our Services, as well as to satisfy our legal and regulatory obligations. Your information may be disclosed to trusted third-party service providers solely for these purposes and is stored securely for no longer than necessary.

Our processing activities include, but are not limited to:

  • Account management and authentication
  • Delivery of Services and customer support
  • Communication of administrative notices and important updates
  • Processing transactions, orders, and payments
  • Gathering user feedback and analytics for service improvement
  • Sending marketing communications in accordance with your preferences
  • Ensuring the security and integrity of our Services, including fraud detection and prevention

3. LEGAL BASES FOR PROCESSING YOUR INFORMATION

3.1. Overview

We process your personal information only when necessary, and in compliance with applicable laws. Our legal bases for processing your data include your consent, the performance of contractual obligations, legal requirements, the protection of your rights, and our legitimate business interests.

3.2. Legal Bases Under the GDPR

Under the General Data Protection Regulation (GDPR) and other relevant laws, we may rely on the following legal bases to process your data:

  • Consent (Article 6(1)(a) GDPR): We may process your data based on your explicit consent. You can withdraw your consent at any time.
  • Performance of a Contract (Article 6(1)(b) GDPR): We process your data when necessary to fulfill our contractual obligations to you, or in response to pre-contractual requests (e.g., providing the services you have requested).
  • Legitimate Interests (Article 6(1)(f) GDPR): We may process your data when necessary for our legitimate business interests, such as improving our services, marketing, diagnosing issues, or preventing fraud, provided that your rights and freedoms are not overridden.
  • Legal Obligations (Article 6(1)(c) GDPR): We may process your data to comply with legal requirements, cooperate with law enforcement, protect our legal rights, or in connection with legal proceedings.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

4.1. Third-Party Service Providers:

We may share your data with trusted vendors, contractors, and service providers who need access to perform services on our behalf. These third parties are contractually obligated to protect your information and use it only as directed by us.

4.2. We may also share your personal information in the following situations:

  • Business Transfers: In the event of a merger, sale, or acquisition, your information may be shared or transferred as part of the transaction.
  • Affiliates: We may share your information with affiliates (e.g., parent company, subsidiaries, joint venture partners, or other companies that we control or that are under common control with us) who are bound by this privacy policy.
  • Business Partners: We may share information with business partners to offer products, services, or promotions.
  • Other Users: If you post personal information publicly within the App and Services, it may be visible to all users and may remain accessible outside the App and Services.

5. THIRD-PARTY WEBSITES AND SERVICES

The App and Services may include links to third-party websites, services, or apps, as well as third-party advertisements. We do not guarantee these third parties and are not liable for any loss or damage resulting from their use. Links to third-party sites do not imply endorsement by us. We are not responsible for the content, privacy practices, or policies of third parties. Please review their policies and contact them directly with any questions.

6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

Due to our global operations, your data may be processed and shared internationally with our subcontractors and partners as described in this policy. This may involve transferring your information to computers located outside of your jurisdiction, including our servers in the United States, where data protection laws may differ. We implement appropriate safeguards for these transfers, including standard contractual clauses adopted by the European Commission, and other necessary measures to comply with applicable laws. By consenting to this privacy policy and submitting your information, you agree to these international transfers. We are committed to safeguarding your personal information per this policy and relevant data protection laws.

7. HOW LONG DO WE KEEP YOUR INFORMATION?

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including providing our Services, meeting legal, regulatory, tax, or accounting requirements, resolving disputes, and enforcing our agreements.

When we no longer need to process your information for these purposes, we will either delete or anonymize it. If deletion is not immediately possible (e.g., data stored in backups), we will securely store your information and isolate it from further processing until deletion is feasible.

The exact retention period may vary depending on the type of information and the applicable legal requirements.

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement appropriate technical and organizational measures to safeguard your personal information against unauthorized access, disclosure, alteration, or destruction. These measures include secure servers, encryption, access controls, and internal policies designed to protect data integrity and confidentiality.

Despite our efforts, no method of transmission over the Internet or method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.

9. WHAT ARE YOUR PRIVACY RIGHTS?

9.1. What are your rights?

Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. These rights may include: the right to access, right to rectification, right to erasure, right to withdraw consent, etc. The easiest way to exercise your rights is by contacting us at support@reroom.art. We will consider and act upon any request following applicable data protection laws.

9.2. Withdrawing your consent.

If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. However, please note that this will not affect the lawfulness of the processing before its withdrawal, nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

9.3. Opting out of marketing and promotional communications.

You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us. You will then be removed from the marketing lists; however, we may still communicate with you, for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

9.4. Account Information.

If you would at any time like to review or change the information in your account, you can contact us using the contact information provided. If you would like to terminate your account, you can log in to your account settings and terminate your account or contact our support department. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and policies, and comply with applicable legal requirements.

10. ADDITIONAL INFORMATION FOR USERS IN THE UNITED STATES

This section of the policy applies to you if you are located in the United States. In certain U.S. states, you have additional rights afforded to them under applicable state privacy laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Utah Consumer Privacy Act, the Virginia Consumer Data Protection Act, etc.

a. Rights in respect of your personal information:

These state privacy laws give resident users various rights with respect to the personal information we collect, including the right to (subject to applicable law and certain limitations):

  • To know what personal information is being collected about you and how it's processed;
  • To know whether your personal information is sold, shared, or disclosed;
  • To request that we correct the personal information we have about you that is incorrect;
  • To say 'no' to the sale or sharing of your personal information (right to opt-out);
  • To request deletion of your personal information; information will be deleted if no exception applies (including our right to defend our lawful interests);
  • To access your personal information; specific information shall be provided in a portable and, to the extent technically feasible, in a readily usable format but not more than twice in 12 months; etc.

b. Exercising your rights:

To exercise your rights under applicable privacy laws, please contact us at support@reroom.art. We will authenticate your request using the email address associated with your account. In some cases, we may require proof of residency to process your request.

Depending on the applicable state law and the nature of your request, we will take the necessary steps to fulfill your request, which may include providing access to, correction of, or deletion of your personal data, or opting you out of the sale or sharing of your personal information.

Please note that we are not responsible for any notices that are not properly labeled, sent, or lack complete information. Additionally, this opt-out request does not apply to disclosures of personal data for purposes other than direct marketing, such as those required for legal obligations or other lawful purposes.

11. CHILDREN'S PRIVACY

We do not knowingly collect or solicit personal information from children under the age of 13 in the United States or under the age of 16 in the European Union. If we become aware that we have unintentionally collected such information, we will take steps to delete it as soon as possible. If you are a parent or guardian and believe we have collected personal information from a child under the age of 13 (US), 16 (EU), or the minimum age required by applicable data privacy laws in your country, please contact us to request its removal.

12. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy. For more information about DNT, please visit All About DNT.

13. DO WE MAKE UPDATES TO THIS POLICY?

We may update this privacy policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently.

14. HOW CAN YOU CONTACT US?

If you have any inquiries or feedback regarding this policy, or if you wish to exercise your privacy rights, please feel free to reach out to us via email at support@reroom.art.