Privacy Policy

Roadmap OS (“we”, “us”, the “Service”) provides product strategy and roadmap tooling as a desktop application and a web application at app.pmroadmapper.com. This page explains what personal information we collect, why we collect it, how we store it, and what choices you have. We aim to be brief, accurate, and free of dark patterns. If anything in here is unclear, contact us — see Section 11.

1. Who we are

Roadmap OS is operated from South Africa. The desktop app is distributed via GitHub Releases at github.com/VelaV33/pm-roadmapper/releases. The web app is at app.pmroadmapper.com. Marketing and product information lives at pmroadmapper.com.

2. What we collect

2.1 Account information

When you create an account we receive your email address and a salted, hashed password (or, if you sign in with Google, an OAuth token plus your email, name, and profile picture from your Google account). We never see your actual password. If you sign in with Google, we receive only the fields Google chooses to share with us — typically email, name, profile picture URL, and a stable Google user ID.

2.2 Roadmap content

The roadmap data you create — sections, rows, OKRs, capacity plans, contacts, comments, attachments, AI conversation history, and any other content you enter into the product — is stored in your account and is visible only to you and to people you explicitly share specific roadmaps with. Per-user database isolation is enforced at the database level via row-level security policies; we cannot accidentally show another user's data because the database itself refuses to return it.

2.3 Files you upload

When you attach a file (PDF, DOCX, image, etc.) it is uploaded to a private storage bucket scoped to your user ID. Other users cannot access your files, and we do not view the contents of your files except when troubleshooting an issue you have explicitly reported to us.

2.4 Technical information

We collect minimal technical metadata required for the Service to function: your IP address (for rate limiting and abuse prevention), your browser/OS user agent string, the version of the desktop app you are running (so the auto-updater can serve you the right binary), and standard server logs from our hosting providers. We do not run third-party analytics, advertising, or tracking pixels.

2.5 AI provider data

Roadmap OS lets you connect your own OpenAI, Anthropic, or Google Gemini API key to use AI-powered features inside the product. When you do this:

• Your API key is stored in your local browser storage (for the web app) or your local app data folder (for the desktop app). It is never transmitted to our servers in plaintext.
• When you trigger an AI action, the request to the AI provider is routed through a stateless proxy on our infrastructure (necessary because browsers block direct calls to the AI providers for security reasons). The proxy forwards your key to the provider, returns the response, and never stores the key, the prompt, or the response.
• The AI provider you chose receives the prompt and any context you sent. Their privacy policy applies to that data, not ours. Review the privacy policy of whichever provider you connect.

3. Why we use it

• To provide the Service. Authenticate you, save your roadmap data, sync between devices.
• To keep the Service secure. Detect and block abuse, enforce rate limits, prevent unauthorized access.
• To send you essential transactional emails. Password reset codes, sign-in confirmations, share-roadmap notifications, and contact invites you explicitly trigger. We do not send marketing email.
• To deliver auto-updates to the desktop app. The desktop app polls our GitHub Releases endpoint for new versions and downloads them automatically.
• To respond to support requests when you explicitly contact us.

We do not sell, rent, or otherwise share your data with third parties for advertising, marketing, or profiling purposes.

4. Where it's stored

The database, file storage, authentication, and edge functions that power Roadmap OS are hosted on Supabase in their eu-west-1 region (Ireland). The web app is hosted on Vercel's global edge network. The desktop app installer is distributed via GitHub Releases. All connections between your device and our backend use HTTPS.

5. Third parties

The full list of subprocessors we share personal data with, and what each one receives:

• Supabase — auth identities, account profiles, roadmap content, file attachments. Subprocessor agreement on their site. EU region.
• Vercel — web app hosting, serverless function execution, request logs. They see your IP and request metadata. Global edge.
• GitHub — desktop app installer distribution. They see your IP when your installed app polls for updates.
• Google — only if you choose Google sign-in. They authenticate you and share your basic profile with us.
• Resend — transactional email delivery. They see your email address and the body of any password-reset, invite, or notification email we send to you.
• Your chosen AI provider (OpenAI, Anthropic, Google) — only if you connect an API key and trigger an AI action. They see your prompt and the context you send.

We do not use any other third parties to process your personal data. We do not run third-party analytics, advertising, or tracking.

6. Cookies and local storage

We use browser local storage (not cookies) to keep you signed in across page reloads. The keys we set under localStorage are: pmr_session (your Supabase access token and refresh token), pmr-web-auth (Supabase JS auth state), and any preference flags the app needs to remember between sessions. We do not set any tracking cookies. We do not use third-party cookies.

The desktop app uses the OS keychain (Windows DPAPI / macOS Keychain / Linux libsecret) to optionally remember your password between launches if you tick "Remember me". This data lives only on your machine; we never receive it.

7. Your rights

Depending on where you live, you may have additional rights under laws such as POPIA (South Africa), GDPR (EU/EEA/UK), or CCPA (California). Regardless of jurisdiction, you can:

• Access all the data we hold about you — your entire account contents are visible to you within the app at any time.
• Correct any of it, directly through the app UI.
• Export a complete JSON backup of your roadmap data via the in-app "Export Backup" feature.
• Delete your account and all associated data. Email us (see Section 11) to request deletion. We will action the request within 30 days.
• Object to specific processing or restrict it. Contact us.
• Lodge a complaint with your local data protection authority if you believe we have mishandled your data. The South African Information Regulator is at inforegulator.org.za.

8. Data retention

We retain your account data for as long as your account is active. If you delete your account, we delete all associated personal data and roadmap content within 30 days, with the exception of:

• Anonymized server logs (no PII), kept for up to 90 days for security and abuse investigation.
• Backup snapshots, which roll off automatically within 30 days.

Inactive accounts (no sign-in for 24 months) may be deleted with 30 days' notice via email.

9. Children

Roadmap OS is intended for use by adults in a professional product management context. It is not directed at children under 16, and we do not knowingly collect data from children under 16. If you believe we have inadvertently collected data from a child, please contact us and we will delete it.

10. Changes to this policy

We may update this policy from time to time. When we do, we update the "Last updated" date at the top. For any material change that affects how we collect or use personal data, we will notify registered users by email at least 14 days in advance. Continued use of the Service after a change takes effect constitutes acceptance of the updated policy.

11. Contact

Questions, requests, or concerns about your privacy? Email hello@pmroadmapper.com. We aim to respond within 5 business days.