Plan Roam Logo Plan Roam

Legal

Transparency is key. Read about how we handle your data and the rules of using Plan Roam.

Privacy Policy Terms of Use

Privacy Policy

Last Updated: February 4, 2026

Plan Roam (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the “App”, “Licensed Application”) and related services.

Plan Roam is a social media-based real-time AI-powered travel planning application. Users can create travel plans and invite friends, other users can request to join plans. Plan creators can grant admin privileges to participants to collaboratively add, edit, and reorder locations on routes in real-time. Plan Roam allows users to create plans from start to finish with a single AI prompt, add locations to their plans, or optimize their plans using AI credits.

By using the App, you agree to the collection and use of information in accordance with this policy.

1. Who We Are (Data Controller)

Plan Roam is operated by an individual developer who acts as the Data Controller for your personal data.

Contact: support@planroam.com

2. Information We Collect

We collect information to provide and improve our services.

2.1 Information You Provide

  • Account Information: Name, email address, profile picture, and password (if applicable).
  • User Content: Travel plans, routes, locations, notes, photos, and comments you create or upload.
  • Social Feature Data: Friend invitations, plan sharing, collaboration data, and user interactions.
  • Communications: Feedback, support requests, and interactions with other users (invitations, join requests, etc.).
  • Payment Information: Subscription and in-app purchase records (processed through Apple App Store; we do not store payment card details).

2.2 Information Collected Automatically

  • Location Data: Precise or approximate location (GPS) if you grant permission. This is used for mapping, route creation, location-based features, and AI-powered location suggestions.
  • Device Information: Device model, operating system, unique device identifiers, and mobile network information.
  • Usage Data: App launch times, features used, AI credit usage, and interaction logs.
  • Technical Data: IP address, crash logs, and performance metrics.

2.3 Information from Third-Party Services

  • Authentication Providers: If you sign in with Google Sign-In or Apple Sign-In, we receive basic profile information (name, email) from these services.
  • AI Services: We may process your travel preferences and plan data through AI services to provide intelligent recommendations.

3. How We Use Your Information

We use your data for the following purposes:

3.1 Service Delivery

  • Create and manage your account
  • Create, store, and sync travel plans across devices
  • Enable real-time collaboration features between users
  • Process plan invitations and join requests
  • Manage subscriptions and AI credit systems

3.2 AI-Powered Features

  • Generate travel plans using artificial intelligence
  • Provide AI-powered location suggestions
  • Optimize routes and travel plans
  • Deliver personalized travel recommendations based on your preferences

3.3 Social Features

  • Facilitate friend connections and plan sharing
  • Enable real-time collaborative editing of plans
  • Manage participant permissions and admin privileges
  • Display user profiles to other plan participants

3.4 Location Services

  • Display your location on maps
  • Suggest nearby places and points of interest
  • Save and display travel routes
  • Provide location-based AI recommendations

3.5 Communications

  • Send service updates and security alerts
  • Respond to support requests
  • Notify you about plan updates and collaboration activities

3.6 Improvement and Security

  • Analyze usage trends and fix bugs
  • Improve app performance and user experience
  • Detect and prevent fraud, abuse, and unauthorized access

4. Data Sharing and Disclosure

4.1 With Other Users

When you use Plan Roam’s social features:

  • Your profile information (name, profile picture) is visible to users you interact with
  • Travel plans you share are visible to invited participants
  • Collaborative edits sync in real-time with all plan participants

4.2 With Service Providers

We share data with third-party service providers that help us operate our services:

  • Server Hosting: Hetzner Online GmbH (Servers located in Germany and Finland)
  • Database: MongoDB Atlas (Cloud database services)
  • Object Storage: Cloudflare R2 (For photo and media storage)
  • AI Services: For AI-powered plan generation and optimization processing

4.3 With Third-Party SDKs

  • Maps and Location: Apple Maps (for map display and geocoding)
  • Authentication: Google Sign-In, Apple Sign-In (for secure login)

We may disclose your information if required by law or in response to valid requests by public authorities.

4.5 What We Don’t Do

  • We do not sell your personal data
  • We do not share your data for third-party advertising purposes
  • We do not use your data for cross-context behavioral advertising

5. Apple App Store Privacy Compliance

5.1 App Tracking Transparency

Plan Roam does not track users across other companies’ apps and websites for advertising purposes. We do not participate in Apple Advertising Identifier (IDFA) tracking.

5.2 Data Used to Track You

We do not use any data to track you across apps and websites owned by other companies.

5.3 Data Linked to You

The following data may be collected and linked to your identity:

  • Contact Info: Email address, name
  • User Content: Photos, travel plans, routes, locations, comments
  • Identifiers: User ID, device ID
  • Usage Data: Product interaction, app usage statistics
  • Location: Precise location (with permission), coarse location
  • Purchases: Purchase history, subscription status

5.4 Data Not Linked to You

The following data may be collected but is not linked to your identity:

  • Diagnostics: Crash data, performance data
  • Usage Data: Aggregated analytics

5.5 Data Collection Purposes

Data TypePurpose
Contact InfoAccount creation, customer support
User ContentApp functionality, personalization
LocationApp functionality, AI recommendations
IdentifiersApp functionality, security
Usage DataAnalytics, product improvement
PurchasesSubscription management
DiagnosticsApp stability, bug fixing

6. Subscriptions and In-App Purchases

6.1 Payment Processing

All payments for subscriptions and AI credits are processed through the Apple App Store. We do not collect, store, or have access to your payment card information.

6.2 Subscription Data

We maintain records of:

  • Your subscription status and plan type
  • AI credit balance and usage history
  • Purchase timestamps (for support purposes)

6.3 Refunds

Refund requests are handled by Apple. Please contact Apple Support for refund inquiries.

7. AI Data Processing

7.1 How AI Uses Your Data

When you use AI-powered features:

  • Your travel preferences and location interests are processed to generate personalized plans
  • Your existing plan data may be analyzed to provide optimization suggestions
  • AI prompts and generated content are processed to fulfill your requests

7.2 AI Data Retention

  • AI-generated plans are stored as part of your user content
  • AI prompts may be temporarily processed but are not permanently stored for training purposes
  • We do not use your personal data to train third-party AI models

7.3 AI Accuracy

AI-generated recommendations are for informational purposes only. We do not guarantee the accuracy of AI-generated content. Please verify all travel information independently.

8. Infrastructure and Data Storage

We use industry-leading providers to securely store and process your data.

  • Server Hosting: Hetzner Online GmbH (Servers located in Germany and Finland)
  • Database: MongoDB Atlas (Cloud database services)
  • Object Storage: Cloudflare R2 (For photo and media storage)

Note on International Data Transfers: While our primary servers are in Europe (Hetzner), we use global services (such as Cloudflare and MongoDB) that may replicate or process data in other jurisdictions. We ensure appropriate safeguards (such as Standard Contractual Clauses) are in place for cross-border transfers.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit (TLS/SSL)
  • Encryption of data at rest
  • Secure authentication mechanisms
  • Regular security assessments
  • Access controls and monitoring

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

10. Children’s Privacy

Strict 13+ Policy: Plan Roam is not intended for children under 13 (or higher age thresholds depending on your country, e.g., 16 in some parts of the EU). We do not knowingly collect data from children. If we learn that we have collected data from a child without verified parental consent, we will promptly delete that information.

11. Data Retention

We retain your personal data only as long as:

  • Your account is active
  • Needed to provide services to you
  • Required by applicable laws

When you delete your account:

  • Your profile information is deleted
  • Your travel plans and content are deleted
  • Some data may be retained for legal compliance or fraud prevention

You may request deletion of your account at any time through the App settings or by contacting support.

12. Your Rights (Global)

Regardless of your location, we provide you with the following rights:

  • Access: Request a copy of the data we hold about you
  • Rectification: Update or correct your information
  • Erasure: Request deletion of your account and data
  • Portability: Receive your data in a structured, commonly used format
  • Object: Object to certain processing of your data
  • Restriction: Request restriction of processing in certain circumstances

To exercise these rights, contact us at support@planroam.com.

Regional Addenda

Please refer to the section relevant to your location.

Turkey - KVKK (Law No. 6698)

Data Controller: Plan Roam.

Legal Bases: Your data is processed based on “Performance of a contract” (Art. 5/2-c), “Legitimate interest” (Art. 5/2-f), and “Explicit Consent” (Art. 5/1) for location/marketing purposes.

Your Rights (Art. 11): You have the right to learn whether your personal data is processed, request information, learn the purpose, know domestic/abroad recipients, request correction of incomplete/incorrect data, request deletion/destruction, object, and claim compensation for damages.

International Transfer: By using the App, you acknowledge that your data may be hosted on servers outside Turkey (e.g., Germany) based on service necessity and adequate protection (or explicit consent).

European Union (EU) / United Kingdom - GDPR

Legal Basis for Processing:

  • Contract: To provide App services (Art. 6(1)(b))
  • Consent: For location data and optional analytics (Art. 6(1)(a))
  • Legitimate Interest: For security, improvement, and AI features (Art. 6(1)(f))

Your Rights: Under the GDPR, you have the rights of access, rectification, erasure, restriction of processing, objection, and data portability. You also have the right to lodge a complaint with a supervisory authority.

International Transfers: Data transferred outside the EEA is protected by Standard Contractual Clauses (SCCs) or adequacy decisions.

United States - State Privacy Laws (CCPA/CPRA/VCDPA)

Categories of Data Collected: Identifiers (name, email), Commercial information (purchase history), Internet activity (usage logs), Geolocation data.

Sale or Sharing of Personal Information: We do not sell your personal data. We do not share your personal data with third parties for cross-context behavioral advertising.

Your Rights: California, Virginia, Colorado, Connecticut, and Utah residents have specific rights to know, delete, and correct their personal data. You may designate an authorized agent to make a request on your behalf.

Brazil - LGPD

Legal Bases: We process data based on contract performance, compliance with legal obligations, and legitimate interests.

Your Rights: You have the right to confirmation of processing, access, correction, anonymization/blocking/deletion, portability, and information about public and private entities with which we share data.

Canada - PIPEDA

Consent: By using the App, you consent to the collection and use of your information as described. You may withdraw your consent at any time, subject to legal or contractual restrictions.

International Storage: Your personal information may be stored and processed in Germany, Finland, or the United States, where it may be subject to the laws of those jurisdictions.

Australia - Privacy Act

Anonymity: Where lawful and practical, you have the option of not identifying yourself or using a pseudonym. However, account creation requires a valid email.

Overseas Disclosure: We may disclose personal information to overseas recipients (server hosts in Europe/US). We take reasonable steps to ensure these recipients do not breach the Australian Privacy Principles.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of changes by:

  • Posting the new Privacy Policy in the App
  • Updating the “Last Updated” date
  • Sending notifications for significant changes

Your continued use of the App after changes take effect constitutes your acceptance of the revised policy.

14. Contact Us

If you have questions about this Privacy Policy, please contact us:

Email: support@planroam.com