Legal

Privacy Policy

Effective: April 14, 2026

Your privacy, in plain language

RoomPoints helps you find better award stays. To do that, we collect a small amount of information — most of it optional — and we use it only to run and improve the Service. We never sell your personal data.

1. Information We Collect

We collect the following categories of information:

  • Account information. When you sign in, we store your email address and, if you use Google, your name and profile picture provided by Google.
  • Usage data. We keep your search history, favorites, and price alerts so you can come back to them. We also log anonymized usage events to understand what's working and fix bugs.
  • Device and log data. Standard web server logs (IP address, browser type, pages visited, timestamps) so we can operate and secure the Service.
  • Cookies and local storage. We use small storage mechanisms to keep you logged in, remember your preferred language, and cache recent searches for performance.

2. How We Use Information

We use your information to:

  • Provide, personalize, and improve the Service.
  • Send you price alerts and notifications you have opted into.
  • Authenticate you and keep your account secure.
  • Detect and prevent fraud, abuse, and technical issues.
  • Communicate with you about product updates or respond to support requests.

3. Sharing Your Information

We do not sell your personal data. We share information only in these limited cases:

  • Service providers who help us run RoomPoints — such as hosting, analytics, and email delivery — under strict confidentiality.
  • Legal requirements, when we are required to disclose information to comply with valid legal process or protect rights and safety.
  • Business transfers, if RoomPoints is involved in a merger, acquisition, or asset sale — in which case we will notify affected users.

4. Third-Party Services

Signing in with Google uses Google's Identity Services, which may share your basic profile data with us per your Google account settings. Map tiles are served by OpenStreetMap contributors. Each third-party provider has its own privacy policy governing data they collect directly.

5. Data Retention

We retain your account data for as long as your account is active. You can delete your account at any time by contacting us, and we will remove your personal data from our active systems within 30 days, except where retention is required for legal or fraud prevention purposes.

6. Your Rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate information.
  • Request deletion of your data.
  • Object to or restrict certain processing.
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, email us at privacy@roompoints.com.

7. Security

We use encryption in transit (HTTPS), secure authentication tokens, and least-privilege access controls to protect your data. No system is 100% secure, but we work continuously to reduce risk.

8. Children's Privacy

RoomPoints is not directed at children under 13, and we do not knowingly collect personal data from them. If you believe a child has provided us information, please contact us and we will delete it.

9. International Users

RoomPoints is operated from the United States, and your data may be processed there. By using the Service, you consent to the transfer of your information to jurisdictions that may have different data protection laws than your own.

10. Changes to This Policy

We may update this Privacy Policy as the Service evolves. Material changes will be reflected in the "Effective" date above and, when appropriate, communicated to you through the Service or by email.

11. Contact

For any questions about this policy or how we handle your data, reach us at privacy@roompoints.com.