Privacy policy | Termerly

In summary: Roaderly is committed to protecting your privacy. We collect only the information necessary to provide our feedback management and public roadmap services. Your data is never sold to third parties, and you maintain full control over your information.

1. Introduction

This Privacy Policy describes how Roaderly ("we", "our" or "the platform") collects, uses, stores, and protects the personal information of users who use our platform to report feedback, track product development progress, and participate in public roadmaps.

By using Roaderly, you accept the practices described in this policy. If you do not agree with any of the terms set forth herein, we ask that you do not use our services.

2. Information We Collect

2.1. Account and Registration Information

When you register with Roaderly, we collect:

Identification data: Full name, email address
Access credentials: Encrypted password (we never store passwords in plain text)
Authentication information: Session tokens managed through Firebase Authentication
Registration method: If you register via Google or other authentication providers, we receive your basic profile information

2.2. Feedback and Content Information

To provide our feedback management and public roadmap services, we store:

Boards: Board name, description, thematic area, visibility settings (public/private)
Posts (Feedbacks/Tickets): Title, description, reproduction steps, observed and expected results, status
Stages: Progress phases (Proposed, Backlog, In Progress, Done), visibility configuration
Interactions: Votes on feedback, comments, activity tracking
Change history: Creation and modification dates of boards, posts, and stages
Attachments: Files and images uploaded to feedback reports

2.3. Usage and Technical Information

We automatically collect certain information when you use Roaderly:

Navigation data: Pages visited, time spent, interactions with the platform
Device information: Browser type, operating system, IP address, unique identifiers
Cookies and similar technologies: We use session cookies to maintain your authentication and analytics cookies to improve our service
Server logs: Access logs, technical errors, and performance metrics

2.4. Communications

We store communications you have with us:

Technical support emails
Inquiry or suggestion messages
Responses to satisfaction surveys
In-app feedback and feature requests

3. How We Use Your Information

We use the collected information for the following purposes:

3.1. Service Provision

Create and maintain your Roaderly account
Enable you to create, manage, and organize feedback boards
Allow users to submit feedback, bug reports, and feature requests
Display public roadmaps showing the progress and status of feedback
Facilitate voting and commenting on feedback posts
Enable administrators to manage boards, stages, and visibility settings
Provide filtering, sorting, and search functionality across feedback

3.2. Improvement and Development

Analyze usage patterns to improve user experience
Identify and resolve technical issues
Develop new features based on user needs
Conduct A/B testing and platform optimization
Enhance feedback collection and prioritization tools

3.3. Communication

Send you important notifications about your account
Inform you about service updates or feature releases
Notify you of activity on your feedback posts (votes, comments, status changes)
Respond to your support requests
Send you periodic updates (only if you have given consent)

3.4. Security and Compliance

Detect, prevent, and respond to fraud or suspicious activities
Protect the integrity and security of the platform
Comply with legal and regulatory obligations
Enforce our Terms of Service

4. Legal Basis for Data Processing

We process your personal information based on the following legal bases:

Contract performance: To provide the services you have requested
Consent: When you have given us explicit permission to process certain data
Legitimate interest: To improve our services, prevent fraud, and maintain security
Legal obligation: When the law requires us to process or retain certain information

Roaderly does not sell or rent your personal information to third parties. We share information only in the following circumstances:

5.1. Service Providers

We work with trusted service providers who help us operate the platform:

Firebase (Google): User authentication and session management
PostgreSQL/Neon: Secure database storage
Cloudinary: Multimedia file storage and management
Sentry: Application error and performance monitoring
Hotjar: User behavior analysis to improve experience
Resend: Transactional email delivery
Notion: Performance testing and monitoring (Lighthouse integration)
Google PageSpeed Insights: Performance analysis

All these providers are contractually obligated to protect your information and can only use it according to our instructions.

5.2. Legal Compliance

We may disclose your information if required by law or in response to:

Court orders or legal subpoenas
Legitimate government requests
Protection of our legal rights or defense against claims
Emergency situations involving danger to people's safety

5.3. Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5.4. Public Feedback and Roadmaps

Content you submit as feedback (posts) on public boards is visible by design to anyone with access to the public roadmap. This includes:

Feedback titles and descriptions
Comments and discussions
Vote counts
Author information (name and profile)
Current status and stage

You can control the visibility of specific boards through administrator settings if you have the appropriate permissions.

6. Data Security

We implement technical and organizational security measures to protect your information:

6.1. Technical Measures

Encryption: All communications use HTTPS/TLS. Passwords are encrypted before storage
Access control: Robust authentication systems with Firebase
Secure cookies: We use HTTP-only cookies with secure configuration in production
Continuous monitoring: Threat detection systems and security analysis through Sentry
Regular backups: Automatic database backups
Environment separation: Dedicated development, staging, and production environments

6.2. Organizational Measures

Limited access to personal data only for authorized personnel
Periodic security reviews and audits
Security incident response procedures
Regular team training in privacy best practices

Important: No method of Internet transmission or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this policy:

Account data: As long as your account remains active
Boards, posts, and feedback: Until you decide to delete them or close your account
Usage data and logs: Generally between 90 days and 2 years, depending on the type of information
Support communications: Up to 3 years for reference and service improvement
Legal obligations: We may retain certain information if required by law

8. Your Rights Regarding Your Data

Depending on your location, you may have the following rights regarding your personal information:

8.1. Access and Portability

Request a copy of all personal information we have about you
Export your feedback data in a structured, machine-readable format

8.2. Rectification

Correct inaccurate or outdated information
Update your profile and settings at any time
Edit your feedback posts and comments

8.3. Deletion

Request deletion of your account and associated data
Delete specific boards, posts, or comments whenever you wish
Request removal of your personal information from public roadmaps

8.4. Restriction and Objection

Limit how we process your information in certain circumstances
Object to data processing based on legitimate interest
Opt out of receiving marketing communications

When processing is based on your consent, you can withdraw it at any time
This will not affect the lawfulness of processing prior to withdrawal

8.6. Lodge Complaints

You have the right to lodge a complaint with the data protection authority in your jurisdiction

To exercise any of these rights, contact us through the means indicated in the "Contact" section.

9. Cookies and Tracking Technologies

9.1. Types of Cookies We Use

Essential cookies:

__session: Authentication cookie to securely maintain your session
Duration: Up to 14 days or until you log out (configurable up to 300,000ms)

Analytics cookies:

Hotjar: To understand how you interact with the platform
Help us identify areas for improvement in user experience

You can control and manage cookies in your browser settings. Please note that disabling certain cookies may affect Roaderly's functionality, especially session cookies necessary to keep you authenticated.

10. International Data Transfers

Roaderly operates primarily on the web, and some of our service providers may be located outside your country of residence. When we transfer data internationally:

We ensure adequate data protection safeguards exist
We use standard contractual clauses approved by data protection authorities
We verify that providers comply with recognized privacy standards

11. Children's Privacy

Roaderly is not directed at individuals under 18 years of age. We do not knowingly collect personal information from minors. If we discover that we have collected information from a minor without appropriate parental consent, we will delete that information immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

12. Links to Third-Party Sites

Roaderly may contain links to third-party websites or services. We are not responsible for the privacy practices of these sites. We recommend reading the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or for legal, operational, or regulatory reasons.

When we make material changes:

We will update the "Last Updated" date at the top
We will notify you by email if the changes are significant
In some cases, we may request your explicit consent

We recommend reviewing this policy regularly to stay informed about how we protect your information.

14. Applicable Legal Framework

Roaderly is committed to complying with applicable data protection laws, including but not limited to:

General Data Protection Regulation (GDPR) of the European Union
California Consumer Privacy Act (CCPA)
Other local data protection legislation as applicable

15. Business Use of Roaderly

If you use Roaderly on behalf of an organization or company:

Your organization will be responsible for data processed through the platform
Roaderly acts as a data processor under your instructions
Your organization must ensure it has appropriate legal bases to use our services
Additional terms may apply through a Data Processing Agreement (DPA)
Administrators are responsible for configuring appropriate visibility settings for boards and stages

16. Transparency and User Participation

Roaderly is designed to promote transparency and user participation in product development. This means:

Public feedback is visible by design: When you submit feedback on public boards, your contributions help inform product decisions and are visible to other users
Voting is tracked: Your votes on feedback posts are recorded to help prioritize features
Comments are public: Discussions on public feedback posts are visible to all users
Progress is transparent: The status and stage of feedback items are publicly visible on roadmaps

You can always control what information you share by choosing whether to participate in public discussions or limit your activity to private boards (if available).