Privacy Policy
Effective Date: 30th May 2026 Last Updated: 30th May 2026
Welcome to Roveo.
Roveo is operated by an individual developer based in India (“Developer”, “we”, “our”, or “us”).
This Privacy Policy explains how we collect, use, process, disclose, and safeguard your information when you use the Roveo mobile application and related services (collectively, the “Services”).
Roveo is an AI-powered travel planning platform that helps users organise travel inspiration, analyse travel content shared from social media, and generate personalised travel itineraries and recommendations.
Please read this Privacy Policy carefully. By accessing or using Roveo, you acknowledge that you have read, understood, and agree to this Privacy Policy.
If you do not agree with this Privacy Policy, please do not use the Services.
1. Applicability of This Privacy Policy
This Privacy Policy applies to:
- Individuals who register for or use Roveo;
- Visitors interacting with Roveo services;
- Users who share travel-related content into Roveo for itinerary creation or recommendations.
If you access the Services from outside India, your information may be transferred to, processed, and stored in India or other countries where our service providers operate.
2. Information We Collect
We collect information you provide directly, information collected automatically, and information generated through your use of Roveo.
A. Account Information
When you sign in to Roveo, we collect information provided by authentication providers:
Google Sign-In
- Full name
- Email address
- Profile photo
Apple Sign-In
- Full name (where available)
- Email address, including Apple Private Relay email addresses (privaterelay.appleid.com)
- Profile photo (if provided)
You are responsible for maintaining accurate account information.
B. Travel Content Shared into Roveo
Roveo allows users to share travel-related content into the app through the device share sheet.
When you share content into Roveo, we collect and store:
- The source URL of the content shared into the app;
- Static carousel post images associated with shared content (where applicable);
- AI-generated classifications, place names, destinations, recommendations, and travel insights extracted from shared content.
We do not store raw video content. Videos shared into Roveo are processed transiently to extract travel information and are not retained on our systems.
We do not access your social media accounts. We process only the specific content you explicitly share with us via the share sheet.
We do not claim ownership over third-party content you share into Roveo.
You represent and warrant that you have the right to share or use any content submitted to the Services.
Roveo processes shared content solely for:
- itinerary generation;
- travel planning assistance;
- recommendation personalisation; and
- improving the functionality of the Services.
C. Permissions We Request
Roveo requests only the following device permissions:
Location
With your explicit permission, Roveo may collect precise or approximate location information to:
- provide nearby recommendations;
- personalise itineraries;
- improve travel context and destination suggestions;
- enhance relevance of recommendations.
Location access is optional. You may withdraw or modify location permissions at any time through your device settings. Certain location-based features may become unavailable if permission is disabled.
Notifications
With your permission, Roveo may send push notifications for:
- travel reminders and itinerary updates;
- product updates and new features;
- travel recommendations.
Notification permission can be withdrawn at any time through your device settings. We do not request any other device permissions.
D. Device and Technical Information
We automatically collect certain device and usage information, including:
- Device type and model;
- Operating system and version;
- App version;
- Device identifiers;
- IP address;
- Language and region settings;
- App interaction data;
- Crash reports and diagnostics;
- Session and performance analytics.
E. Communications
If you contact us, we may collect:
- Email correspondence;
- Support messages;
- Feedback or bug reports;
- Communication preferences.
F. Marketing Preferences
Where permitted by law and with your consent, we may collect preferences related to:
- Email communications;
- Promotional messages;
- Travel recommendations;
- Push notifications.
You may opt out at any time using unsubscribe settings or device notification controls.
G. Conversations with Rio
When you chat with Rio inside Roveo, we collect and store:
- the messages you send and the responses Rio provides;
- a summarised version of the conversation, generated once a chat session goes idle, used to preserve context and personalise future recommendations.
Conversation data is used solely to operate and improve the chat experience, including remembering context across sessions and refining recommendations. Please avoid sharing sensitive information (such as government ID numbers, financial details, or health conditions) in chat.
3. How We Use Your Information
We use your information to:
Provide and Operate Roveo
- Create and manage accounts;
- Authenticate sign-ins;
- Deliver AI-powered travel planning;
- Generate itineraries and travel recommendations;
- Organise travel inspiration and saved content.
Personalisation
- Learn travel preferences;
- Improve itinerary suggestions;
- Provide location-aware recommendations;
- Enhance travel relevance.
AI Processing
We use artificial intelligence to:
- Analyse travel-related content shared into Roveo;
- Extract travel places and recommendations;
- Generate itineraries;
- Personalise future travel suggestions.
Travel content and context shared into Roveo is processed by third-party AI providers as described in Section 4. We take steps to minimise personal data included in AI processing requests. AI providers operating on our behalf do not use your content to train their general AI models.
Communications
We may use your information to:
- Send account-related updates;
- Respond to support requests;
- Deliver product updates;
- Send marketing emails and promotional travel recommendations (with consent);
- Send push notifications (with permission).
Analytics and Improvement
We analyse usage data to:
- Improve app performance;
- Understand feature usage;
- Detect bugs or crashes;
- Improve recommendation quality.
Safety and Security
We use information to:
- Prevent fraud or abuse;
- Detect suspicious activity;
- Protect users and infrastructure;
- Enforce our Terms and Conditions.
Legal Compliance
We may process information to comply with applicable laws, legal obligations, or lawful government requests, including the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
4. Third-Party Service Providers
Roveo shares data with third-party service providers solely to operate the Services. These providers fall into the following categories:
- Infrastructure providers - for content URL resolution and processing required to operate core features;
- AI providers - for content analysis, itinerary generation, travel search, and personalised travel assistance;
- Maps providers - for map rendering and location-based features;
- Analytics providers - for app performance monitoring, crash reporting, and feature usage analytics.
Each provider processes only the data necessary for their specific function. No account-level personally identifiable information is included in AI processing requests. AI providers operating on our behalf do not use your content to train their general AI models.
These providers are bound by their own privacy policies and data processing agreements. We do not authorise them to use your data for any purpose beyond operating the Services.
The current list of service providers is available at hello@roveotrip.com on request.
5. Pricing and Third-Party Content Disclaimer
Roveo may display pricing, availability, and booking information sourced from third-party travel providers, including airlines, accommodation platforms, and experience operators.
Roveo is not responsible for the accuracy, availability, or final pricing of any information provided by third-party partners. Displayed prices and availability are subject to change and are determined entirely by the respective third-party provider.
Any booking, purchase, or transaction completed through a third-party provider linked from Roveo is subject to that provider's own terms, conditions, and pricing policies. Roveo accepts no liability for discrepancies between displayed and charged prices, or for any issues arising from third-party bookings.
6. Legal Basis for Processing
Depending on your jurisdiction, we process information based on:
- Your consent;
- Performance of our agreement with you;
- Legitimate interests in operating, securing, and improving Roveo;
- Compliance with legal obligations.
For users in India, we process personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act). We rely on your consent and contractual necessity as the primary bases for processing your personal data.
7. Push Notifications and Marketing
With your consent, we may send:
- Travel reminders and itinerary updates;
- Product updates and new features;
- Promotional offers;
- Travel recommendations;
- Marketing communications.
You may opt out at any time through:
- device notification settings;
- unsubscribe links in emails; or
- by contacting us at hello@roveotrip.com.
Opting out of marketing will not affect essential account or service communications.
8. Data Sharing
We do not sell your personal information.
We may share information only in the following circumstances:
Service Providers
With vendors that help operate Roveo, as listed in Section 4. All service providers are permitted to use your data only for the specific purposes described in this policy.
Legal Requirements
If required by law, court order, or legal process, including requests from Indian regulatory or government authorities.
Safety and Enforcement
To prevent fraud, abuse, or security incidents, or to enforce our Terms and Conditions.
Business Transfers
If Roveo undergoes a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred as part of that transaction. In such cases, your data will remain subject to this Privacy Policy, and you will be notified of any material changes through the app or by email.
9. Data Retention
We retain information only as long as necessary for legitimate business and legal purposes.
| Data Category | Retention Period |
|---|---|
| Account Information | Until account deletion |
| Travel Content and Saved Stamps | Until deleted by user or account deletion |
| Chat Conversations (Rio) | Until account deletion |
| Carousel Images | Until the associated Stamp is deleted or account is deleted |
| Analytics Data | Up to 24 months |
| Support Communications | Up to 3 years |
| Consent Records | As required by applicable law |
We may retain anonymised or aggregated information indefinitely, as this data no longer identifies you personally.
10. Account Deletion
You may request account deletion at any time by emailing hello@roveotrip.com with the subject line: “Account Deletion Request”
Please include the email address associated with your account.
Upon verification, we will:
- delete or anonymise your personal data from active systems within 30 days;
- remove associated account access;
- delete any stored carousel images associated with your Stamps.
Certain information may be retained where legally required or necessary for fraud prevention or dispute resolution.
11. Data Security
We implement reasonable safeguards to protect your information, including:
- encrypted data transmission (TLS) between the app and our servers;
- secure authentication systems;
- access controls limiting who can access personal data;
- monitoring and abuse prevention;
- secure cloud infrastructure.
Raw video or media content shared into Roveo is processed transiently and is not stored. Only extracted metadata and source URLs are retained.
Third-party service providers listed in Section 4 maintain their own security standards and are responsible for the security of data processed on their infrastructure.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at hello@roveotrip.com.
12. Age Restrictions
Roveo is intended for users 18 years of age or older.
The Services are not directed to individuals under 18. We do not knowingly collect personal information from anyone under the age of 18.
If we become aware that a user is under 18, we will take reasonable steps to delete their information and terminate their account.
If you believe a minor has provided personal information to Roveo, please contact us at hello@roveotrip.com.
13. International Users
Roveo is operated from India and is primarily intended for users in India.
If you access Roveo from outside India, you acknowledge that your information may be transferred to and processed in India or other countries where our service providers operate.
We comply with any data localisation requirements notified under the DPDP Act as and when they come into effect.
By using Roveo, you consent to such transfers as permitted by applicable law.
14. Your Rights Under the DPDP Act
As a data principal under the Digital Personal Data Protection Act, 2023, you have the following rights:
- Right to access: request information about the personal data we hold about you and how it is processed;
- Right to correction: request correction of inaccurate or incomplete personal data;
- Right to erasure: request deletion of your personal data, subject to legal retention obligations;
- Right to grievance redressal: raise a complaint with our Grievance Officer;
- Right to withdraw consent: withdraw consent for processing where consent is the basis for processing.
Users in other jurisdictions may have additional rights under their local laws. To exercise any of your rights, contact us at hello@roveotrip.com.
We may verify your identity before fulfilling requests.
15. Third-Party Services and Platforms
Roveo may integrate with or reference third-party platforms and services, including social media platforms.
We are not responsible for the privacy practices of:
- social media platforms from which content is shared into Roveo;
- external websites or services linked from within Roveo;
- third-party booking or travel providers.
Please review the privacy policies of any third-party services separately.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements.
If material changes are made, we will provide notice through the app or by email prior to the changes taking effect.
Continued use of Roveo after updates constitutes acceptance of the revised Privacy Policy.
17. Governing Law
This Privacy Policy is governed by the laws of India.
Any disputes arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts located in Bengaluru, Karnataka, India.
18. Grievance Officer
In accordance with the Information Technology Act, 2000, the IT Rules 2011, and the Digital Personal Data Protection Act, 2023, Roveo has designated a Grievance Officer to address privacy-related complaints and queries.
| Name | Pranav Agrawal |
| Designation | Grievance Officer, Roveo |
| pranav@roveotrip.com | |
| Response Time | Within 30 days of receipt of complaint |
Grievances will be acknowledged and addressed within 30 days of receipt.
19. Information for Users in the European Union, EEA, and United Kingdom
If you are located in the European Union, European Economic Area, or the United Kingdom, additional protections apply to your personal data under the General Data Protection Regulation (GDPR) and the UK GDPR respectively.
Lawful Basis for Processing
We process your personal data on the following lawful bases:
- Consent: for marketing communications, push notifications, and location-based features;
- Contract: to provide the Services you have signed up for, including account management, itinerary generation, and travel planning;
- Legal obligation: to comply with applicable laws and respond to lawful government requests;
- Legitimate interests: to maintain the security and integrity of the Services, prevent fraud and abuse, and improve app performance, where these interests are not overridden by your rights.
Your Rights Under GDPR
In addition to the rights described in Section 14, EU, EEA, and UK users have the following rights:
- Right to data portability: request a copy of your personal data in a structured, machine-readable format;
- Right to object: object to processing based on legitimate interests or for direct marketing purposes;
- Right to restrict processing: request that we limit how we use your data in certain circumstances;
- Right to lodge a complaint: file a complaint with your local Data Protection Authority. In the EU, you may contact the DPA in your member state. In the UK, you may contact the Information Commissioner's Office (ICO) at ico.org.uk.
To exercise any of these rights, contact us at hello@roveotrip.com. We will respond within 30 days.
International Data Transfers
Roveo is operated from India, which is not currently recognised by the European Commission as providing an adequate level of data protection.
When we transfer your personal data outside the EU, EEA, or UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for such transfers.
Our third-party service providers including OpenAI, Google (Firebase and Maps), Mapbox, Mixpanel, and Perplexity maintain their own GDPR-compliant Data Processing Agreements. Where required, we have entered into or will enter into Data Processing Agreements with these providers prior to processing EU user data.
Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
- notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible;
- notify affected users without undue delay where the breach is likely to result in a high risk to their rights and freedoms.
Data Protection Officer
Roveo does not currently meet the threshold requiring the appointment of a Data Protection Officer under Article 37 of the GDPR. If our processing activities change such that a DPO is required, we will appoint one and update this policy accordingly.
20. Information for Users in the United States
If you are a resident of the United States, the following additional rights and disclosures apply depending on your state of residence.
We Do Not Sell Your Personal Information
Roveo does not sell your personal information to third parties. We do not share your personal information with third parties for cross-context behavioural advertising purposes.
Your US Privacy Rights
Depending on your state of residence, you may have the following rights:
- Right to know: request disclosure of the categories and specific pieces of personal information we have collected about you, the purposes for which it is used, and the categories of third parties with whom it is shared;
- Right to delete: request deletion of personal information we have collected from you, subject to certain exceptions;
- Right to correct: request correction of inaccurate personal information we hold about you;
- Right to opt out: opt out of the sale or sharing of personal information. Note: we do not sell or share personal information;
- Right to limit use of sensitive data: limit our use and disclosure of sensitive personal information to necessary purposes;
- Right to non-discrimination: we will not discriminate against you for exercising any of your privacy rights.
These rights apply to residents of California (CCPA/CPRA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and other US states with applicable privacy laws. The specific rights available to you may vary by state.
Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of personal information:
- Identifiers: name, email address, device identifiers, IP address;
- Internet or network activity: app interaction data, session data, crash reports;
- Geolocation data: approximate or precise location where permission is granted;
- User-generated content: travel content and URLs shared into Roveo via the share sheet;
- Inferences: travel preferences and recommendations derived from your usage.
How to Exercise Your US Privacy Rights
To submit a privacy request, email hello@roveotrip.com with the subject line “US Privacy Rights Request”. Please include your state of residence and the right you wish to exercise.
We will respond to verified requests within 45 days. We may extend this period by a further 45 days where necessary, with prior notice. We will not discriminate against you for making a request.
21. Service Discontinuation
In the event that Roveo is discontinued or shut down, we will:
- provide users with at least 30 days advance notice through the app and by email;
- allow users to request a copy of their personal data during the notice period;
- permanently delete all personal data from our systems and those of our service providers upon or before the date of discontinuation;
- confirm deletion to users upon request.
No personal data will be retained after discontinuation beyond what is legally required for fraud prevention, dispute resolution, or regulatory compliance.
22. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements.
If material changes are made, we will provide notice through the app or by email prior to the changes taking effect.
The version date at the top of this policy indicates when it was last updated. Continued use of Roveo after updates constitutes acceptance of the revised Privacy Policy.
23. Governing Law
This Privacy Policy is governed by the laws of India.
Any disputes arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts located in Bengaluru, Karnataka, India.
Users in the EU, EEA, UK, or US may also have rights to raise complaints with their local regulatory authorities as described in Sections 19 and 20.
24. Contact Us
For privacy-related questions, rights requests, or concerns:
Email: hello@roveotrip.com
For general queries, account deletion requests, or support:
Email: hello@roveotrip.com
Roveo
Individual Developer, India