Privacy Policy

Last updated: January 1, 2024

Our Privacy Commitment

At ROME, privacy isn't just a feature, it's our foundation. We've built our entire platform using zero-knowledge architecture, which means we cannot access your messages, calls, or personal data even if we wanted to. This policy explains how we protect your privacy and what limited data we handle.

1. Information We Cannot Access

Due to our zero-knowledge architecture, we cannot access:

  • Your messages and their content
  • Your voice and video calls
  • Your contact lists
  • Your media files (photos, videos, documents)
  • Your AI interaction history
  • Your banking transaction details

2. Information We Collect

We collect minimal information necessary to provide our service:

  • Account Information: Username, encrypted email, and account creation date
  • Technical Data: Device type, app version, and connection metadata (not content)
  • Usage Analytics: Aggregated, anonymous usage statistics
  • Crash Reports: Technical logs to improve app stability (no personal data)

3. How We Use Information

The limited information we collect is used solely to:

  • Facilitate account creation and authentication
  • Improve our service through anonymous analytics
  • Provide customer support
  • Detect and prevent security threats
  • Comply with legal obligations

4. Data Encryption and Security

All your data is protected by:

  • End-to-End Encryption: Messages encrypted on your device, decrypted only by recipients
  • Zero-Knowledge Architecture: We cannot decrypt your data
  • Perfect Forward Secrecy: Unique encryption keys for each conversation
  • Secure Key Exchange: X25519 key agreement protocol
  • Authenticated Encryption: ChaCha20-Poly1305 cipher

5. Data Sharing and Disclosure

We do not sell, trade, or share your personal information with third parties. We may disclose limited metadata (not content) only when:

  • Required by valid legal process
  • Necessary to protect our users' safety
  • Essential to maintain service security

6. Your Rights and Control

You have complete control over your data:

  • Delete Messages: Messages are deleted from our servers when you delete them
  • Account Deletion: Permanently delete your account and associated data
  • Data Export: Export your data in a readable format
  • Privacy Settings: Control who can contact you and see your information

7. Third-Party Services

ROME integrates with licensed financial institutions for banking features. These partnerships are governed by separate privacy policies that will be clearly presented before you use these services. Our zero-knowledge architecture ensures that transaction content remains private.

8. International Transfers

Since we cannot access your encrypted data, international data transfers pose no privacy risk. Metadata may be processed in different countries but is always protected by the same security standards.

9. Children's Privacy

ROME is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information immediately.

10. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will notify you of any material changes through the app or by email. Continued use of ROME after such changes constitutes acceptance of the updated policy.