Privacy Policy
At If We Were Roommates (“we,” “us,” or “our”), accessible via ifwewereroommates.com, we are committed to safeguarding your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, store, and protect your data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant data protection laws. We believe in transparency and user control and are dedicated to upholding the highest standards of data privacy.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of ifwewereroommates.com and associated services, features, and communications. If We Were Roommates, operating as the data controller, determines the purposes and means of processing your personal data. This policy does not extend to third-party websites or services which may be accessible via our platform.
2. Categories of Data We Process
We collect and process the following categories of personal data:
– Usage Data: This includes information about how you use our website, such as your IP address, browser type, access times, pages viewed, referring website addresses, and clickstream behavior.
– Account Data: When you register or submit information through our platform, we may collect your full name, postal address, email address, phone number, and login credentials.
– Profile Data: Data relating to your preferences, choices, user-generated content, purchase history, survey responses, and behavioral data, such as recommendations and bookmarking activity.
– Communication Data: Records of support tickets, contact messages, email conversations, chat interactions, and related customer service communications.
– Technical Data: Device information such as operating system, browser version, screen resolution, local time zone, device identifiers, and system configurations.
– Transaction Data: Information about purchases or bookings made via ifwewereroommates.com, including billing address, payment methods, and delivery/logistics details.
– Preference Data: Data obtained from consent records relating to marketing communications and your interests regarding products, features, services, and engagement preferences.
3. Legal Bases for Processing
We process your personal data based on one or more of the following legal grounds:
– Consent: You have explicitly consented to the processing of your data for specific purposes, such as receiving newsletters or participating in surveys.
– Contractual Necessity: Data necessary for the performance of a contract with you, including account creation, billing, and transactional communications.
– Legitimate Interest: Pursuant to our legitimate interests in operating, improving, and securing ifwewereroommates.com, provided those interests do not override your rights and freedoms.
– Legal Obligation: Where processing is required for compliance with legal or regulatory obligations.
4. Your Rights Under GDPR and CCPA
As a data subject, you have the following rights:
– Right of Access: Request confirmation and access to personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request the deletion of your personal data where no legal basis exists to retain it.
– Right to Restriction: Request limitations on how we process your data under specific circumstances.
– Right to Data Portability: Receive a copy of the data in a structured, commonly used and machine-readable format, and transmit it to another data controller.
Under the CCPA, California residents also have the right to:
– Know what personal information is collected and how it is used.
– Request deletion of personal information.
– Opt out of the sale of personal information.
– Not be discriminated against for exercising these rights.
5. Security Measures
We implement robust technical and organizational security measures to protect your data from unauthorized access, disclosure, loss, or alteration. These include:
– Industry-standard encryption in transit and at rest
– Multi-level access controls based on role and necessity
– Regular security audits and vulnerability assessments
– Data backup and disaster recovery protocols
– Employee training in data security and compliance best practices
6. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA) or California, we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Data Processing Agreements with third-party processors
– Regional compliance protocols, such as UK GDPR for United Kingdom users
By using our services, you acknowledge and consent to such transfers in accordance with this policy.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy unless a longer retention period is required or permitted by law. Retention periods include:
– Account Data and Profile Data: Retained for as long as your account remains active, and for a period of 12 months after closure or inactivity.
– Communication Data: Kept for up to 24 months to support ongoing customer service needs.
– Transaction Data: Retained for at least 7 years for financial records and compliance obligations.
– Technical and Usage Data: Retained for up to 12 months for analytics and performance monitoring.
– Cookie and Preference Data: Retained according to cookie lifespan (see Section 9).
8. Cookie Policy
We use cookies and similar tracking technologies on ifwewereroommates.com for several purposes:
– Essential Cookies: Required for the functioning of the site, such as remembering login credentials or enabling shopping cart functionality.
– Functional Cookies: Enhance user experience by remembering preferences, language settings, and customization options.
– Analytics Cookies: Collect pseudo-anonymized data on user behavior, exit pages, time spent, and navigation flows for the purpose of performance optimization.
– Performance Cookies: Monitor system performance and load times to ensure service reliability.
Third-party tools such as Google Analytics or similar providers may also place cookies, subject to their respective privacy policies.
9. Cookie Management and Compliance
In accordance with GDPR and the CCPA, users are given granular control over which cookies are used. When accessing ifwewereroommates.com, you will be presented with a consent banner enabling you to opt in or out of various cookie categories. Users may modify their preferences at any time by accessing the cookie settings on our site or configuring their browser privacy options.
You have the right to withdraw your consent for cookie-based tracking at any time without affecting the lawfulness of prior processing. We do not sell your personal information as defined under the CCPA.
10. Special Protections for Children Under 13
If We Were Roommates does not knowingly collect or solicit personal information from children under the age of 13. Users under 13 are not permitted to use ifwewereroommates.com or provide any personal data. If we learn that we have collected personal data from a child under 13 without verifiable parental consent, we will delete such data promptly. Parents or legal guardians who believe their child has submitted data may contact us at [email protected].
11. Policy Updates and Notifications
We reserve the right to update or amend this Privacy Policy at our discretion to reflect changes in legal obligations, technological improvements, or our internal practices. Any material changes will be communicated to users via the website, email, or other appropriate means. Continued use of ifwewereroommates.com after such updates constitutes your acceptance of the revised policy.
12. Contact Us
If you have any questions, concerns, or wish to exercise your privacy rights under applicable laws, please reach out to us via:
Email: [email protected]
We are committed to promptly and transparently resolving any issues or inquiries relating to the use and protection of your personal data.
This Privacy Policy is designed to reflect our commitment to full compliance with the GDPR, CCPA, and other data protection laws. For any privacy-related matters or to exercise your rights, please do not hesitate to contact us at the email address provided.