Privacy

Privacy Policy

Last updated: April 29, 2026
Effective date: April 29, 2026

In short: Roovr uses your GPS location only when you launch the app, to generate a running loop. No user account, no personal data collected. Location not stored. Anonymous usage stats to improve the product.

1. Data controller

Yann Curdy
Geneva, Switzerland
Email: hello@roovr.app

2. Scope

This policy applies to the Roovr mobile app (iOS and Android) and to the website roovr.app. It complies with the Swiss Federal Act on Data Protection (FADP, in its revised version effective September 1, 2023) and the European General Data Protection Regulation (GDPR).

3. Data processed

3.1 Geolocation

Roovr accesses your GPS location only while the app is in active use (iOS / Android “while using the app” permission). Location is never collected in the background, and never stored on our servers or those of our subcontractors beyond the duration of the routing computation.

3.2 Anonymous technical data

To improve Roovr, we collect anonymous usage events:

device type (model, OS, version)
app version
aggregated UI interactions (buttons clicked, features used)
pseudonymous identifier generated on-device, not tied to your identity

This identifier is generated locally on first app launch and stored in your device's keychain (iOS) or keystore (Android). It is reset whenever the app is uninstalled / reinstalled and is in no way tied to your Apple or Google identity, or to your phone number.

3.3 Crash reports

If the app crashes, a technical report is sent to allow the bug to be fixed: error trace, app memory state at the time of the crash, OS version, and app version.

3.4 Data we do NOT collect

No user account, no email address, no name
No contacts, no photos, no files from your phone
No advertising identifier (IDFA / GAID)
No background location
No personal route history
No cross-app tracking (App Tracking Transparency) — we don't request the ATT permission because we don't track your activity across other apps or sites.

3.5 Permissions requested by the app

The app requests your authorization for the following permissions:

Location (while using the app): required to generate a loop from your position. Refusing this permission prevents the app from working.
Internet / Network access: required to communicate with our routing servers.

No other permission is requested (no contacts, no photos, no microphone, no notifications).

4. Purposes and legal bases

Purpose	Data used	Legal basis
Generate a running loop adapted to your location and chosen distance	GPS location	Consent (iOS / Android permission)
Understand app usage and prioritize improvements	Anonymous events	Legitimate interest (GDPR art. 6.1.f)
Identify and fix bugs	Crash reports	Legitimate interest (GDPR art. 6.1.f)

5. Subcontractors and recipients

To operate, Roovr relies on the following subcontractors. No data is sold or shared with third parties for commercial purposes.

Subcontractor	Role	Location	Safeguards
GraphHopper GmbH	Routing computation	Karlsruhe, Germany	EU — adequate level
PostHog Inc.	Product analytics	Frankfurt, Germany (EU Cloud)	EU — adequate level
Sentry (Functional Software Inc.)	Error tracking	San Francisco, USA	Standard contractual clauses (SCC)
Cloudflare Inc.	Website and API hosting	USA / global network	Standard contractual clauses (SCC)

For subcontractors located in the United States (Sentry, Cloudflare), data transfer is covered either by Standard Contractual Clauses (SCC) approved by the European Commission, or by their certification under the EU-US Data Privacy Framework (DPF) where applicable.

6. Retention period

GPS location: not stored. Used in memory to compute the loop, then erased.
Analytics events: 90 days, then automatic deletion.
Crash reports: 30 days, then automatic deletion.

7. Your rights

Under the FADP and the GDPR, you have the following rights:

right of access to your data
right to rectification
right to erasure
right to restriction of processing
right to portability
right to object to processing based on legitimate interest
right to withdraw consent at any time (by revoking the location permission in your iOS / Android settings)

To exercise these rights, write to hello@roovr.app. We respond within 30 days at most.

You also have the right to lodge a complaint:

in Switzerland, with the Federal Data Protection and Information Commissioner (FDPIC)
in the European Union, with your country's supervisory authority (e.g. the CNIL in France)

Important note: because Roovr collects no personal data (no account, no email, no name), we cannot identify a specific user for most of the rights above. Rights of access, rectification or erasure only apply in practice to the technical data you can communicate to us (for example, your pseudonymous identifier visible in the app settings). You can withdraw consent at any time by disabling the location permission in your iOS / Android settings, or uninstall the app to stop all processing.

8. Security

All communication between the app and our servers is encrypted with HTTPS (TLS 1.2+). The pseudonymous data on the analytics side cannot be traced back to your identity. Backend access is restricted by tokens.

9. Cookies and web trackers

The Roovr mobile app does not use cookies. The website roovr.app only uses technical cookies strictly necessary for its operation (no analytics or advertising cookies).

10. Minors

Roovr is intended for a general adult audience. We do not knowingly collect personal data from children under 16. If you believe a minor has shared data with us, contact us for immediate deletion.

11. Changes

This policy may evolve. The most up-to-date version is always available at roovr.app/privacy. Substantial changes will be announced in the app once a contact channel exists.

12. Contact

Yann Curdy
Email: hello@roovr.app
Geneva, Switzerland