← Back to ROAM BLK

Privacy Policy

Last updated: May 30, 2026

ROAM BLK ("we," "us," or "our") is operated by Olang Global LLC and powers the ROAM BLK mobile application. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights over it.

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, profile photo, and travel preferences.

Profile Information: Travel style, home city, destinations visited, bio, social links, and other optional details you choose to share.

Location Data: With your permission, we collect your general location to show nearby travelers and events. Your precise GPS location is never stored or shared with other users.

Usage & Analytics Data: We collect information about how you interact with the app — screens visited, features used, session length — to improve the experience and fix issues.

Payment Data: Payments are processed securely by Stripe and subscriptions by RevenueCat. We do not store your full credit card number or bank account details.

Photos & Media: Photos you upload (profile, trips, posts, passport stamps) are stored securely in Firebase Storage.

Communications: Messages you send through the in-app messaging feature are stored to deliver them to recipients. We may review messages to investigate safety reports.

Trip Survey Responses & Ratings: When you complete an optional post-trip survey, we collect your numeric ratings (1–5 scale) on safety dimensions, optional written comments, and contextual metadata about your trip (such as time of day of primary activity, whether you traveled solo or in a group, and season). Each response is linked to the corresponding Trip and Destination, and to your account for the purpose of preventing duplicate submissions.

Nova AI Interactions: Prompts you submit to Nova and the responses generated are processed to deliver the feature. We may use aggregated, de-identified query data to improve Nova over time.

Device & Push Notification Tokens: We collect your device push token (via Expo) to send you booking confirmations, connection requests, and other notifications you have opted into.

2. How We Use Your Information

3. Information Sharing

We do not sell your personal data. We share information only in these limited circumstances:

Mobile Information & SMS: No mobile information (including phone numbers and SMS consent) will be shared with third parties or affiliates for marketing or promotional purposes. Information shared with subprocessors solely to deliver the messages you've opted into (such as our SMS gateway) is excluded from this sharing prohibition. All other categories of personal data may be shared as described above.

3a. SMS Messaging Program

If you opt in to receive text messages from ROAM BLK (for example, by checking the consent box on our waitlist and providing your mobile number), you may receive occasional marketing, product update, and launch announcement messages.

4. Data Storage & Security

Your data is stored using Google Firebase infrastructure with encryption in transit (TLS 1.2+) and at rest (AES-256). We implement Firestore security rules, rate limiting, server-side access controls, secrets management for third-party API keys, and least-privilege access for internal contributors to protect your data. No method of transmission or storage is 100% secure; we work to protect your information but cannot guarantee absolute security.

Data Breach Notification. In the event of a security incident affecting your personal information, we will notify affected users without undue delay and consistent with applicable law (including state breach-notification statutes and, where applicable, GDPR Article 33/34 timelines). Notifications will describe the nature of the incident, the data potentially affected, and the steps we are taking in response.

4a. Cookies, Tracking & Analytics

Our website (roamblk.com) uses a minimal set of first-party cookies and similar technologies for essential site functionality (such as remembering form state and waitlist signup) and aggregate analytics. We do not currently use third-party advertising or cross-site tracking cookies. Our mobile app uses on-device identifiers provided by Apple and Google (such as the IDFV on iOS and the Android Advertising ID on devices where it is exposed) only for crash reporting, attribution of installs to marketing campaigns, and aggregate product analytics — not for personalized advertising. You can reset or limit these identifiers in your device settings ("Allow Apps to Request to Track" on iOS, "Reset advertising ID" on Android).

Do Not Track / Global Privacy Control. We honor recognized opt-out preference signals, including the Global Privacy Control (GPC) browser signal, as a request to opt out of any "sale" or "share" of personal information as defined under the CCPA and analogous state laws. As a baseline we do not sell or share personal information for cross-context behavioral advertising.

5. Your Privacy Controls

In the app's Privacy Settings, you can control:

6. Data Retention & Deletion

We retain your data while your account is active and for a reasonable period thereafter for legal and operational purposes. You can request full account deletion at any time through Settings > Delete Account. Upon deletion, your profile, trips, posts, connections, messages, individual trip-survey responses, written comments, and all associated personal data are permanently removed within 30 days.

Specific retention windows we apply:

Anonymized, aggregated analytics and metrics data may be retained indefinitely. Specifically, your numeric safety ratings, once incorporated into a destination's aggregate score, remain part of that aggregate in fully de-identified form (with your user identifier stripped) after account deletion. Written quoted comments displayed publicly are removed from public display upon deletion.

7. Children's Privacy

ROAM BLK is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a minor, we will delete it promptly.

8. California & Other US State Privacy Rights

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or another US state that grants comprehensive consumer privacy rights, you have the following rights with respect to your personal information, subject to the exceptions and procedures of the applicable statute:

To exercise any of these rights, email privacy@weareroam.app from the address associated with your account, or use the in-app data-request and delete-account tools. We will verify your identity before processing a request and will respond within the timeframe required by applicable law (generally 45 days, extendable by an additional 45 days where permitted). You may designate an authorized agent to make a request on your behalf in accordance with applicable law.

Shine the Light (California Civil Code § 1798.83). California residents may request information about our disclosure of personal information to third parties for those third parties' direct marketing purposes. We do not disclose personal information for third-party direct marketing.

8a. European Economic Area, United Kingdom & Switzerland

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR), the UK GDPR, or the Swiss Federal Act on Data Protection (FADP) may apply to our processing of your personal data.

9. International Users & Cross-Border Transfers

ROAM BLK is operated from the United States. If you access the Service from outside the US, your information will be transferred to and processed in the US, where data protection laws may differ from those in your country. By using ROAM BLK, you consent to that transfer, subject to the safeguards described above for users in jurisdictions whose laws require them.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes through the app or by email. Continued use of ROAM BLK after changes constitutes acceptance of the updated policy.

11. Subprocessors & Vendors

The following categories of subprocessors and vendors process personal data on our behalf under written data-processing terms. The most up-to-date list is available on request:

Each subprocessor is bound by contractual obligations to use personal data only to provide the contracted service, apply appropriate security measures, and assist us with data-subject requests.

12. Children's Privacy — Additional Notice

ROAM BLK is not directed to children under 18 and we do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, please email privacy@weareroam.app and we will investigate and, if confirmed, delete the data and terminate the account.

13. Contact Us

If you have questions about this Privacy Policy or your data, contact us at privacy@weareroam.app or write to Olang Global LLC at the address available on request.

ROAM BLK is operated by Olang Global LLC.