The Room

Data and Privacy

Last updated: May 2026

Our commitment

The Room is built on trust. We take the privacy and security of your personal information seriously. This page explains what data we collect, how we use it, how we protect it and what control you have.

What we collect

When you create an account and complete your profile, we collect:

  • +Your name, email address and password (for authentication)
  • +Profile information you provide (headline, location, business name, skills, industry, what you do, what you offer, what you need)
  • +Contact details you choose to share (public email, phone, WhatsApp)
  • +A profile photo (if you upload one)

How we use your data

  • +To display your profile in the member directory (only after admin approval)
  • +To allow other approved members to discover and connect with you
  • +To send you essential communications (approval notifications, password resets)

We do not sell, share or distribute your data to third parties. We do not use your data for advertising. We do not share your data outside of The Room community.

What you control

You have full control over your visibility:

  • +Contact details are hidden by default. Your email, phone and WhatsApp are only visible to other members if you explicitly choose to show them.
  • +You can hide your entire profile from the directory at any time using the visibility toggle in your profile settings.
  • +Your login email is never exposed. The public email field is separate and optional.
  • +You can update or remove any of your information at any time through your profile settings.

Who can see your data

  • +Before approval: only administrators can see your profile for review purposes.
  • +After approval: other approved members can see your profile information in the directory. Contact details are only visible based on your preferences.
  • +General public: your data is never visible to anyone outside the approved community.

How we protect your data

  • +All data is encrypted in transit (HTTPS) and at rest
  • +Passwords are hashed and never stored in plain text
  • +Database access is protected by Row Level Security, meaning users can only access data they are authorised to see
  • +Admin actions (approvals, declines) are logged for accountability
  • +Profile photos are stored in a private storage bucket with access controls

Data retention

Your data is retained for as long as you have an active account. If you wish to have your account and all associated data removed, please contact the administrator. We will delete your profile, contact information and any uploaded files.

Third-party services

We use the following services to operate the platform:

  • +Supabase for authentication, database and file storage
  • +Vercel for hosting

These services are industry-standard, trusted platforms with their own security and privacy commitments.

Questions

If you have any questions about your data or privacy, please reach out to the community administrator.