Privacy Policy

We collect information you provide directly and information generated when you interact with our website or services.

For users in jurisdictions that require a legal basis for processing (such as the EEA/UK), we rely on one or more of the following: performance of a contract, legitimate interests, consent, and legal obligations.

We do not sell personal information for money. We may share personal information with third parties only as needed to operate our business and services.

We use cookies and similar technologies to operate the site, understand traffic, and improve user experience. Depending on your location, you may be able to manage non-essential cookies through browser settings or consent tools we provide.

We retain personal information for as long as reasonably necessary for the purposes described in this policy, including to provide services, maintain records, resolve disputes, enforce agreements, and comply with legal obligations. Data obtained from third-party platform APIs (such as TikTok, Amazon, Google, Meta, and Shopify) is retained only for the duration required to provide the services and is deleted upon customer request or termination of access, in accordance with each platform’s data retention requirements.

We use administrative, technical, and organizational measures designed to protect personal information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing, and to request a copy of your data. You may also opt out of marketing communications at any time.

California residents may have additional rights under applicable state privacy laws, including rights to know, delete, and correct personal information, subject to exceptions.

We may process information in countries other than your own. Where required, we use appropriate safeguards for cross-border transfers in accordance with applicable law.

When customers connect a Google account, ROA accesses Gmail messages and attachments solely to display them in the ROA CRM inbox, sync customer support and ambassador conversations, and enable email workflows the customer initiates from within ROA.

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we do not use Gmail data to serve advertising; we do not transfer it to third parties except as necessary to provide or improve the user-facing features of ROA, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users; we do not allow humans to read Gmail data except where the user has given affirmative consent for specific messages, where required for security investigations to comply with applicable law, or where the data has been aggregated and anonymized for internal operations; and we do not use Gmail data to develop, improve, or train generalized AI or machine-learning models.

Gmail data is stored encrypted at rest and is deleted upon disconnect of the Google account, at customer request, or upon termination of the customer agreement.

Our website and services are intended for businesses and are not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children.

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the date above. Material changes may also be communicated by other reasonable means.