Back to Home

Privacy Policy

Last updated: April 2026

Roamer ("we," "us," or "our") operates the website at roamer.travel and the Roamer self-guided audio tour platform. This Privacy Policy explains what information we collect, how we use it, and what choices you have.

1. Information We Collect

Account Information

When you create an account, we collect your email address and, if you choose to provide it, your name. If you sign in through Google or Apple, we receive your basic profile information (name and email) from those services.

Payment Information

When you purchase a premium tour, payment is processed by Stripe. We do not store your credit card number or full payment details on our servers. We receive a transaction ID and confirmation of payment from Stripe.

Location Data

During an active tour, we use your device's GPS to trigger audio playback at points of interest. Location data is processed locally on your device in real time and is not stored on our servers or transmitted to us.

Device Information

We may generate and store a device identifier to manage tour access and prevent misuse. This identifier does not contain personal information about you or your device.

Preferences and Local Storage

We use your browser's localStorage to save your preferences, including theme (light/dark), selected language, country, and tour progress. This data stays on your device and is not sent to our servers.

Usage and Analytics Data

We use a privacy-focused analytics service (PostHog) to understand how the platform is used and to improve it. When you use Roamer, the following is collected automatically: pages and tours you view, audio playback events (start, pause, complete, skip), search queries you run, paywall and checkout interactions, the language you've selected, your approximate location derived from your IP address (country, region, and city — not precise GPS), your browser type, operating system, screen size, and the website that referred you, if any.

What we do NOT collect

We do not record your screen, mouse movements, scrolling, or keystrokes. Session replay is disabled. We do not automatically capture every click — only the specific events listed above. Your real-time GPS coordinates during a tour are processed locally on your device and never sent to our servers or analytics.

2. How We Use Your Information

  • Tour delivery: Providing access to free and purchased audio tours, including GPS-triggered playback.
  • Payments: Processing premium tour purchases and managing access to paid content.
  • Personalization: Remembering your language, theme, and tour progress so you can pick up where you left off.
  • Account management: Authenticating your identity and managing your account.
  • Communication: Sending verification codes or magic links when you sign in or register.

3. Third-Party Services

We use the following third-party services to operate our platform. Each has its own privacy policy governing how it handles data:

  • Stripe Payment processing for premium tour purchases.
  • Mapbox Interactive maps and routing for tour navigation.
  • Vercel Website hosting and serverless infrastructure.
  • Google OAuth / Apple OAuth Optional third-party sign-in.
  • Resend Email delivery for verification codes and magic links.
  • PostHog Product analytics — understanding how the platform is used so we can improve it. Configured for privacy: cookieless mode, no session replay, no autocapture. Analytics requests are routed through our own domain so they're not blocked by ad blockers, but the data still goes to PostHog.

We do not sell your personal information to any third party. We do not use your data for advertising.

4. Cookies and Local Storage

We use the minimum cookies needed to run the service, and never for advertising. Specifically: a session cookie for authentication when you sign in; a `roamer-lang` cookie to remember your language preference across page loads (set for 1 year); and short-lived cookies set by Stripe during checkout. We use localStorage in your browser for theme, country, tour progress, and saved sessions. Our analytics service (PostHog) is configured in cookieless mode — analytics state is held in browser memory only and is cleared when you close the tab.

5. Data Retention

We retain your account information for as long as your account is active. Payment records are retained as needed for legal and financial compliance. Preferences stored in localStorage persist until you clear your browser data. If you delete your account, we will remove your personal information from our systems within 30 days, except where retention is required by law.

6. Your Rights

You have the right to:

  • Access the personal information we hold about you.
  • Delete your account and associated personal data.
  • Export your data in a portable format.
  • Correct inaccurate information in your account.

To exercise any of these rights, contact us at hello@roamer.travel. We will respond within 30 days.

7. Data Security

We use industry-standard measures to protect your information, including encrypted connections (HTTPS), secure authentication (bcrypt password hashing, JWT tokens), and trusted infrastructure providers. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Children's Privacy

Roamer is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at hello@roamer.travel and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the platform after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at:

Roamer
Email: hello@roamer.travel
Website: roamer.travel