Privacy Policy

Last updated: December 2026

1. Introduction

Welcome to RovaSpace ("we", "us", "our", or "Company"). RovaSpace is an AI-powered virtual office platform designed to facilitate remote team collaboration. We are committed to protecting your privacy and ensuring you have a positive experience on our platform.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and services (collectively, the "Service"). Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

A. Information You Provide Directly

  • Account Information: Name, email address, password, phone number, company information, and profile details
  • Workspace Information: Organization name, workspace settings, descriptions, and custom configurations
  • Communication Data: Messages, chat contents, video conference recordings (if enabled), and collaboration documents
  • File Uploads: Any files, images, documents, or media you upload to the Service
  • Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
  • Support Communications: Messages sent to customer support, feedback, and support tickets

B. Information Collected Automatically

  • Device Information: Device type, operating system, browser type, IP address, and device identifiers
  • Usage Data: Pages visited, features used, actions taken, time spent, and interaction patterns
  • Location Information: Approximate location based on IP address (not precise location unless you grant permission)
  • Session Information: Login times, session duration, and authentication data
  • Performance Data: System performance metrics, latency, bandwidth usage, and technical diagnostics

C. Information from Third Parties

  • OAuth Providers: Information from Google, Microsoft, or other authentication providers you use to sign in
  • Calendar Integrations: Calendar data if you authorize integration with Google Calendar or similar services
  • Workspace Administrators: Information provided when admins add you to a workspace
  • Analytics Services: Usage data from third-party analytics platforms

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: Delivering, maintaining, and improving the RovaSpace platform and services
  • User Authentication: Managing user accounts, authentication, and security
  • Communication: Sending service-related announcements, updates, and support responses
  • AI Features: Training and improving AI agents and intelligent features (using anonymized data where applicable)
  • Analytics: Analyzing usage patterns to enhance user experience and platform functionality
  • Billing: Processing payments and managing subscriptions
  • Security: Detecting, preventing, and addressing fraud, abuse, and security incidents
  • Compliance: Complying with legal obligations and enforcing our Terms of Service
  • Marketing: Sending promotional materials (with your consent and opt-out options)

4. Information Sharing and Disclosure

A. Workspace Members

Information about your account, profile, avatar, and communication may be visible to other members of your workspace based on your privacy settings and workspace configuration.

B. Service Providers

We share information with third-party service providers who assist us in operating the Service, including:

  • Cloud hosting and storage providers (AWS S3)
  • Payment processors and financial institutions
  • Analytics and monitoring services
  • Communication and email services
  • Customer support platforms

C. Legal Requirements

We may disclose your information when required by law or when we believe in good faith that disclosure is necessary to:

  • Comply with legal process, court orders, or government requests
  • Enforce our Terms of Service and other agreements
  • Protect the security or integrity of the Service
  • Protect the rights, privacy, safety of our users and the public

D. Business Transfers

If RovaSpace is involved in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding, your information may be transferred as part of that transaction.

5. Data Security

We implement industry-leading security measures to protect your personal information, including:

  • End-to-end encryption for sensitive communications
  • HTTPS/TLS encryption in transit
  • AES-256 encryption for data at rest
  • Regular security audits and penetration testing
  • Role-based access control
  • Multi-factor authentication (MFA) support
  • Secure session management
  • Activity logging and monitoring

However, no method of transmission over the Internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. You use the Service at your own risk.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. Retention periods vary depending on the type of information:

  • Account Information: Retained while your account is active; deleted within 90 days of account deletion
  • Communication Data: Retained according to workspace settings and retention policies
  • Log Files: Generally retained for 12 months for security and compliance purposes
  • Backup Data: May be retained for an extended period for disaster recovery purposes

If required by law, we may retain information longer. You can request deletion of your data subject to legal and operational requirements.

7. Your Rights

Depending on your location, you may have certain rights regarding your personal information:

A. General Rights (All Users)

  • Access: Request what personal information we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Portability: Receive your data in a structured, portable format

B. GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR), including the right to object to processing, restrict processing, and lodge complaints with your supervisory authority.

C. CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, and opt-out of the sale of personal information.

To exercise any of these rights, please contact us at privacy@rovaspace.com. We will respond to your request within the timeframe required by applicable law.

8. Cookies and Tracking Technologies

We use cookies, local storage, and similar tracking technologies to enhance your experience and collect usage data:

  • Session Cookies: Enable you to remain logged in and navigate the Service
  • Persistent Cookies: Remember your preferences and settings
  • Analytics Cookies: Track usage patterns and help us improve the Service
  • Third-party Cookies: Placed by service providers for functionality and analytics

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of the Service. For more information about cookies, visit www.allaboutcookies.org.

9. Third-Party Services

RovaSpace integrates with various third-party services to enhance functionality:

  • Authentication Providers: Google, Microsoft, and other OAuth providers
  • Cloud Storage: AWS S3 for file storage
  • Calendar Services: Google Calendar and similar integrations
  • AI Services: OpenAI and other AI providers for intelligent features
  • Analytics: Third-party analytics services

Each third-party service has its own privacy policy. We recommend reviewing their privacy practices before granting access to your information.

10. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence, which may have different data protection laws. By using RovaSpace, you consent to the transfer of your information to countries outside your country of residence, which may not have the same data protection laws.

When transferring data internationally, we implement appropriate safeguards, including Standard Contractual Clauses and adequacy decisions recognized by applicable authorities.

11. Children's Privacy

RovaSpace is not directed to children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without parental consent, we will delete such information promptly.

Parents or guardians who believe their child has provided information to RovaSpace should contact us immediately at privacy@rovaspace.com.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: privacy@rovaspace.com

Privacy Officer: privacy@rovaspace.com

Address:

We will respond to your inquiry within 30 days or as required by applicable law.

If you are a resident of the European Union and are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.

This Privacy Policy was last updated in December 6. We may update this Privacy Policy periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons. Your continued use of RovaSpace following the posting of revisions constitutes your acceptance of the revised Privacy Policy.