Privacy Policy

Roomio: Privacy Policy
Last updated: 18 May 2026

This Privacy Policy explains how Phoria Pty Ltd (ACN 169 885 796) and its related entities (collectively, we, us, or our) collect, use, disclose, and store your personal information when you use Roomio — our mobile application that allows you to scan properties and generate digital content such as floor plans, photos, videos, virtual tours, and reports (Roomio or App).

By using Roomio you agree to this Privacy Policy. Where we rely on consent (for example, advertising and conversion-measurement technologies for EEA/UK users), we obtain that consent separately as described below.

1. What personal information do we collect?

We collect the following types of personal information:

a. Information you provide directly

  • When you sign up for a Roomio account or communicate with us, we collect your name and email address.
  • If you make a purchase through the App, we collect your billing details including your credit card information, all done securely via Stripe.

b. Content you generate through the App

  • When you scan properties using Roomio, the content you upload or generate (including floor plans, photos, videos, and reports) may include personal information, either directly or indirectly.

c. Information from third-party services

  • We use Stripe for payment processing.
  • We use Freshdesk for customer support.
  • We use Mixpanel, Google Analytics, Apple, and HubSpot for analytics, support, and marketing. These services may share data with us that you provide to them while using Roomio.

d. Device and usage information
We automatically collect certain information through cookies and tracking technologies, including:

  • IP address
  • Device type and operating system
  • App usage statistics
  • Time zone
  • Referral sources
  • User interactions within the App

2. How do we use your personal information?

We use your personal information to:

  • Provide and improve the Roomio App, features, and customer experience
  • Facilitate account creation and secure login
  • Generate and deliver digital property content
  • Process payments via Stripe
  • Respond to support queries and technical issues
  • Analyze usage trends and improve product performance
  • Send updates, marketing communications, and promotional offers (if you opt in)
  • Screen for fraud and security risks
  • Comply with legal obligations or enforce our terms of use

We may also aggregate and de-identify your information for internal reporting or product development purposes.

3. Legal basis for processing (GDPR customers)

If you are located in the European Economic Area (EEA), we process your personal information on the following legal bases:

  • Consent for advertising, conversion measurement and non-essential analytics SDKs (e.g. Meta SDK, AppsFlyer), and for marketing communications
  • Performance of a contract to provide the App, your account, and to process payments
  • Legitimate interests for product analytics, security, fraud prevention and service improvement, where not overridden by your rights
  • Compliance with legal obligations

4. Who do we share your information with?

We may share your personal information with:

  • Our third-party service providers (e.g., Stripe, Freshdesk, Google, HubSpot, Mixpanel, Apple)
  • Regulatory or law enforcement authorities if required by law
  • A third party that acquires us or our assets (in which case users will be notified)
  • Other third parties, where you have given your explicit consent

All third parties must meet our privacy and data security standards.

5. International data transfers

As we use global cloud infrastructure and third-party service providers, your data may be transferred and stored outside Australia — including in the United States, Europe, and other jurisdictions.

Where your data is transferred internationally, we will take reasonable steps to ensure appropriate safeguards are in place to protect it (e.g., standard contractual clauses, encryption).

6. Cookies and tracking technologies

We use cookies and similar technologies (such as device identifiers, local storage, pixels, and tags) to:

  • Track user behavior in the App
  • Monitor performance and stability
  • Enable targeted advertising via platforms like Google Ads and Meta

Where you are located in the EEA or UK, we will obtain your consent before using advertising and conversion-tracking technologies, as described in Section 7.

You can manage or block cookies through your device settings. Please note that disabling cookies may affect your experience using Roomio.

7. Advertising and analytics

When you sign in to the Roomio iOS app, the app sends a persistent identifier — an internal account ID that we generate (not your name or email) — to the following third-party services. This identifier allows these services to attribute activity to an account.

Meta (Facebook) SDK

  • Purpose: measuring advertising conversions and optimising our paid advertising campaigns
  • Data shared: internal account ID, app event data (e.g. sign-up, purchase)
  • Legal basis (EEA/UK users): consent
  • Privacy policy: https://www.facebook.com/privacy/policy/

AppsFlyer

  • Purpose: measuring which marketing channels drive app installs, and attributing in-app events such as sign-up, checkout and purchase
  • Data shared: internal account ID, in-app event data, device and install attribution data
  • Legal basis (EEA/UK users): consent
  • Privacy policy: https://www.appsflyer.com/legal/privacy-policy/

Google Firebase Analytics (GA4)

  • Purpose: understanding how users interact with the app, including feature usage, conversion funnels and retention
  • Data shared: internal account ID, app interaction events
  • Legal basis (EEA/UK users): legitimate interests, or consent where required by local law
  • Privacy policy: https://policies.google.com/privacy

For users in the European Economic Area and the United Kingdom, we will request your consent before activating advertising and conversion-measurement SDKs (including the Meta SDK and AppsFlyer). You may withdraw this consent at any time through the app’s privacy settings or by contacting us.

You may request access to, or deletion of, data held about you by these services. We will action such requests using the data-deletion mechanisms each provider makes available (including Google’s GA4 User Deletion API and the equivalent Meta and AppsFlyer mechanisms). To make a request, contact us using the details in the “Contact us” section.

8. Your rights and choices

You have the right to:

  • Access, update, or correct your personal information
  • Delete your Roomio account or request deletion of your data
  • Withdraw consent for marketing or other purposes
  • Request a copy of your personal information in a portable format (for EEA residents)
  • Lodge a complaint with a local data protection authority (EEA residents)

These requests can be made via the Roomio App or by contacting us (see Section 12).

9. Data retention

We retain your personal information for as long as:

  • You maintain an active Roomio account
  • It is necessary to provide you with our services
  • Required by legal or regulatory obligations

Upon account deletion, we will securely destroy or de-identify personal data unless we are required to retain it for legal, audit, or compliance reasons.

10. Data security

We use industry-standard security measures (including encryption, secure servers, and access controls) to protect your personal information. However, no method of electronic storage or transmission is completely secure, so we cannot guarantee absolute security.

11. Children and minors

Roomio is not intended for children under 18 years of age. We do not knowingly collect or store personal information from children. If we become aware that personal data has been collected from a minor without parental consent, we will delete it immediately.

12. Contact us

For questions, concerns, or requests about your privacy or this Privacy Policy, contact us at:
Email: support@roomio.io
Mail: Phoria Pty Ltd, 297 Napier Street, Fitzroy VIC 3065, Australia

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for legal reasons. The updated version will be posted in the App and on our website, with a revised “Last updated” date.

We encourage you to review it periodically. Your continued use of Roomio after any updates constitutes your acceptance of those changes.

14. Sub-processors

We engage third-party service providers (Sub-processors) to help us deliver, monitor and maintain the Roomio App. These Sub-processors process limited data on our behalf under contractual obligations consistent with this clause and our Privacy Policy.

Stripe (Stripe Payments Australia Pty Ltd / Stripe, Inc.)

  • Purpose: Payment processing
  • Data processed: Name, email, billing address, payment card details, transaction history
  • Location: United States (EU–US Data Privacy Framework compliant)
  • Privacy policy: https://stripe.com/privacy

Sentry (Functional Software, Inc.)

  • Purpose: Error monitoring and diagnostics
  • Data processed: Error stack traces, user ID, email (if set in scope), IP address, browser/device metadata, request URLs
  • Location: United States (EU–US Data Privacy Framework compliant)
  • Privacy policy: https://sentry.io/privacy/

Elastic Cloud (Elasticsearch B.V.)

  • Purpose: Application log storage and search
  • Data processed: Server-side application logs which may include user ID, IP address, request paths, and timestamps
  • Location: AWS ap-southeast-2 (Sydney)
  • Privacy policy: https://www.elastic.co/legal/privacy-statement

Mixpanel (Mixpanel, Inc.)

  • Purpose: Product analytics and user behaviour tracking
  • Data processed: User ID, device identifiers, IP address, app usage events, screen views, session metadata
  • Location: United States
  • Privacy policy: https://mixpanel.com/legal/privacy-policy/

Google Analytics (Google LLC)

  • Purpose: Website and app usage analytics
  • Data processed: IP address (truncated where applicable), device identifiers, browser/device metadata, referral sources, app usage statistics
  • Location: United States
  • Privacy policy: https://policies.google.com/privacy

HubSpot (HubSpot, Inc.)

  • Purpose: Marketing communications, CRM and email delivery
  • Data processed: Name, email address, marketing preferences, engagement data
  • Location: United States (EU–US Data Privacy Framework compliant)
  • Privacy policy: https://legal.hubspot.com/privacy-policy

Apple (Apple Inc.)

  • Purpose: App distribution, sign-in services and in-app analytics
  • Data processed: Apple ID identifiers, device identifiers, app usage and crash data
  • Location: United States
  • Privacy policy: https://www.apple.com/legal/privacy/

Freshdesk (Freshworks Inc.)

  • Purpose: Customer support ticketing and communications
  • Data processed: Name, email address, support queries and correspondence
  • Location: United States (with regional data centres available)
  • Privacy policy: https://www.freshworks.com/privacy/

Meta Platforms, Inc.

  • Purpose: Advertising conversion measurement and campaign optimisation
  • Data processed: Internal account ID, app event data
  • Location: United States (EU–US Data Privacy Framework compliant)
  • Privacy policy: https://www.facebook.com/privacy/policy/

AppsFlyer Ltd.

  • Purpose: Mobile attribution and marketing analytics
  • Data processed: Internal account ID, in-app event data, device and install attribution data
  • Location: United States / Israel (Israel holds an EU adequacy decision)
  • Privacy policy: https://www.appsflyer.com/legal/privacy-policy/

Google Firebase (Google LLC)

  • Purpose: Mobile app analytics (feature usage, funnels, retention)
  • Data processed: Internal account ID, app interaction events, device metadata
  • Location: United States
  • Privacy policy: https://policies.google.com/privacy

We may update our Sub-processors from time to time. Material changes will be communicated in line with clause 13 (Changes to this Privacy Policy).