🔒 Privacy

Privacy Policy

RoomShift is built around private deployment. Your facility data never leaves your Cloudflare account. This policy explains what data we handle, how, and your rights as a customer.

📅 Effective: July 2026 🔄 Version: 1.0 📧 Questions: hello@roomshift.net
🔒 Core privacy principle: RoomShift is a private-deployment product. Your facility operational data (rooms, bookings, complaints, staff, reports) is stored in your own Cloudflare account — not in any vendor-controlled shared database. We do not have access to your operational data under normal circumstances.

1Our Privacy Approach

RoomShift is not a multi-tenant SaaS product. Each licensed organization operates its own isolated deployment on its own Cloudflare account. This architectural decision is the foundation of our privacy model.

This Privacy Policy covers two distinct contexts:

  • Vendor-side data: Information we collect when you visit our website, contact us, or purchase a license (e.g. your name, email, organization name)
  • Deployment-side data: Information stored within your private RoomShift deployment (e.g. rooms, bookings, complaints, staff records) — which you control entirely

2What "Private Deployment" Means

When you purchase RoomShift, the software is deployed into your own Cloudflare account. This means:

  • Your database (Cloudflare D1) is created in your account — not ours
  • Your application storage (Cloudflare KV) is in your account — not ours
  • Your domain and DNS records are configured by you
  • Your Cloudflare access policies, firewall rules, and billing are entirely separate from ours
What this means for privacy: RoomShift cannot access your operational data remotely unless you explicitly grant us temporary access for support purposes. Even then, access is governed by your own Cloudflare account permissions.
🇬🇧 UK GDPR Ready 🇦🇪 UAE PDPL Supported 🇦🇺 Australian Privacy Act 🏫 FERPA-Friendly

3Data We Collect (Vendor Side)

When you interact with RoomShift as a prospective or active customer, we may collect:

Data Type Purpose Retention
Name & email address Demo booking, licensing, support communication Duration of customer relationship + 2 years
Organization name License records, invoicing Duration of license + 7 years (legal)
Payment information License purchase processing Handled by payment processor (we retain invoice records only)
Support emails Resolving technical issues 3 years from support interaction
Website visit data Understanding site traffic (privacy-first analytics only) Aggregated, no individual tracking

We do not sell personal data to third parties. We do not use your data for advertising profiling.

4Data Stored in Your Deployment

Depending on how you configure and use RoomShift, your private deployment may store:

  • Room names, locations, capacity, categories, images, and status
  • Booking requests, approvals, rejections, and usage history
  • Facility complaints and issue reports (including those from the public complaint form)
  • Staff and manager names and contact details
  • Admin and user profiles, roles, and login credentials (hashed)
  • System activity and audit events
⚠️ Your responsibility: You are the data controller for all data stored in your deployment. RoomShift is the data processor only in the limited context of the software itself. Avoid storing sensitive medical, financial, or national identity data in room notes or complaints unless your legal team has reviewed the compliance implications.

5Vendor Access to Your Data

In a standard private deployment, RoomShift (the Vendor) does not have access to your operational database or any data stored in your Cloudflare account.

If you request implementation or support services that require access to your deployment, the following applies:

  • Access must be explicitly granted by you through your Cloudflare account settings
  • Access is temporary and scoped to the specific support task
  • We will not retain copies of your data beyond what is necessary to resolve your support request
  • Access events should be logged and reviewed by your IT team

6Cookies & Analytics

The RoomShift marketing website (landingpageroomshift.pages.dev and associated domains) does not use third-party tracking cookies or invasive advertising analytics.

We may use privacy-first, cookieless analytics (such as aggregated page view counting) to understand how visitors interact with the landing page. No personal identifiers are stored or transmitted to third-party advertising platforms.

The RoomShift application itself, deployed in your Cloudflare account, uses session tokens for authentication only. No third-party cookies are placed on your users' devices by the application.

7GDPR & Regional Compliance

RoomShift's private deployment architecture is designed to support customers in meeting their GDPR, UK GDPR, UAE PDPL, and similar data protection obligations. However, compliance is not automatic — it depends on how you configure and use the system.

Compliance considerations by region

  • UK GDPR: Your data stays in your Cloudflare account. You choose the Cloudflare data centre region. We can provide a Data Processing Agreement (DPA) on request.
  • UAE PDPL: Private deployment means your data resides within your infrastructure. Cross-border transfer rules depend on your Cloudflare region choice and who has access to your account.
  • Australia: The Australian Privacy Act requirements regarding data storage location are supported by the private deployment model. Review your Cloudflare region settings accordingly.
  • FERPA (US schools): RoomShift does not aggregate student data. Your deployment is isolated. Review your FERPA obligations with your legal team before storing student-identifiable information in complaints or room notes.

To request a Data Processing Agreement (DPA), contact hello@roomshift.net with the subject line "DPA Request — [Organization Name]".

8Data Retention

Vendor-side data (your contact and licensing information) is retained for the duration of your license relationship plus a reasonable legal retention period, typically 7 years for financial records.

Deployment-side data (rooms, bookings, complaints, users) is entirely under your control. You can delete records, export data, or shut down your deployment at any time. We have no visibility into or control over your retention policies.

If you terminate your license and wish to have your vendor-side contact information removed from our records, contact us at hello@roomshift.net.

9Your Rights

Depending on your jurisdiction, you may have the following rights regarding data we hold about you (vendor-side data only):

  • Right of access: Request a copy of personal data we hold about you
  • Right to rectification: Request correction of inaccurate personal data
  • Right to erasure: Request deletion of your personal data, subject to legal retention obligations
  • Right to portability: Request your data in a portable format
  • Right to object: Object to processing based on legitimate interests
  • Right to restriction: Request that we restrict processing of your data

To exercise any of these rights, contact hello@roomshift.net. We will respond within 30 days.

For data stored within your own RoomShift deployment (rooms, bookings, staff records, etc.), these rights are fulfilled by you as the data controller — not by us.

10Customer Responsibilities

As the operator of your private RoomShift deployment, you are responsible for:

  • Configuring appropriate access controls within Cloudflare
  • Restricting administrator access to trusted staff members
  • Reviewing and rotating admin users periodically
  • Setting up backups and data retention policies appropriate to your jurisdiction
  • Informing your users (staff, students, tenants) about how their data is used within your deployment
  • Ensuring compliance with data protection laws applicable to your organization and region
  • Not storing sensitive medical, financial, or identity data without appropriate legal review

11Security

RoomShift implements the following security controls in the application software:

  • PBKDF2 password hashing with salt for all user credentials
  • Signed session tokens for authentication
  • Login rate limiting and lockout via a companion Cloudflare Worker
  • Audit events for key user and room data mutations
  • Asymmetric license key validation (public key in your deployment, signing key kept private)
  • First-run setup flow that removes default seed credentials

We are committed to resolving confirmed security vulnerabilities in a timely manner. To report a security issue, email hello@roomshift.net with subject "Security Report".

12Contact & DPO

For privacy questions, data subject access requests, DPA requests, or to report a concern:

Privacy Contact

  • 📧 Email: hello@roomshift.net
  • 📋 Subject: "Privacy Request — [Your Name / Organization]"
  • ⏱️ Response time: within 30 days

This policy was last updated in July 2026. We will notify active customers of material changes by email.