This is placeholder text, not legal advice. It must be reviewed by qualified counsel before launch. Nothing here is binding.
Legal
Privacy Policy
How RoomSwap collects, uses, and protects your personal data.
Last updated: 23 June 2026
1. Who is responsible
RoomSwap is the controller for the personal data described here. We process data in line with the EU General Data Protection Regulation (GDPR) and the Dutch implementation (AVG). The legal-entity details and data-protection contact will be completed before launch.
2. What we collect
- Account data: name, email address, and password (stored hashed).
- Profile and listing data: your room description, city, dates, and photos.
- Location data: the city or area of your room, to enable matching.
- Communications: messages you send to other members through chat.
- Payment data (placeholder): if a real escrow launches, payment details will be handled by a licensed provider, not stored by us directly.
- Technical data: a session cookie and basic security logs.
3. Why we use it (legal bases)
- To provide the service — performance of our agreement with you (matching, chat, swaps).
- To keep the platform safe — our legitimate interest in preventing abuse and fraud.
- To comply with the law — where we have a legal obligation.
- With your consent — for any optional features that require it.
4. Sharing your data
Other members see the parts of your profile and listing you choose to make visible, and any messages you send them. We use trusted service providers (for example hosting and, in future, payments) who process data on our behalf under contract. We do not sell your personal data.
5. How long we keep it
We keep your data for as long as your account is active and for a reasonable period afterwards where needed for legal, security, or accounting reasons. When data is no longer needed it is deleted or anonymised.
6. Your rights
Under the GDPR/AVG you can ask us to:
- access a copy of your personal data;
- correct data that is wrong or incomplete;
- delete your data ("right to be forgotten");
- restrict or object to certain processing;
- receive your data in a portable format;
- withdraw consent at any time, without affecting prior processing.
You also have the right to complain to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
7. Cookies
We use a strictly necessary session cookie to keep you logged in. We do not run advertising or third-party tracking cookies. See our Cookie Policy for details.
8. Security
We take reasonable technical and organisational measures to protect your data, including hashing passwords and limiting access. No system is perfectly secure, so we cannot guarantee absolute security.
9. Changes and contact
We may update this policy; the "last updated" date will change. For any privacy request, email privacy@roomswap.example.