Privacy Policy

Last updated: June 26, 2026

Who we are

Roster (“Roster”, “we”, “us”) is a contact-hygiene and multi-source contact sync service. You can reach us at privacy@rosterapp.org.

What this policy covers

How we collect, use, store, share, and delete your information when you use Roster — including data we access from third-party sources you choose to connect, such as Google Contacts.

Information we collect

Account data: your email address and authentication identifiers, to create and secure your account.
Contact data you create or import: contacts you add manually or via vCard/CSV import.
Connected-source data: when you connect a source (e.g. Google), the contact records from that source and the OAuth tokens needed to sync them.
Operational data: logs and diagnostics needed to run the service securely. We do not log your OAuth tokens or raw contact field values.

Google user data — what we access and why

If you connect your Google account, with your explicit consent Roster requests:

https://www.googleapis.com/auth/contacts.readonly — read-only access to your Google Contacts.

We use this access only to:

display your contacts inside Roster;
detect duplicate contacts across your connected sources and let you merge them; and
keep your contacts current via incremental, read-only synchronization.

We perform read-only sync with this scope — Roster does not modify or delete your Google Contacts. We do not use Google user data for advertising, and we do not sell it.

Limited Use disclosure

Roster’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we do not transfer or use Google user data for serving advertisements, and we do not allow humans to read this data unless: (a) we obtain your affirmative agreement for specific messages; (b) it is necessary for security purposes (e.g. investigating abuse); (c) it is required to comply with applicable law; or (d) the data is aggregated and anonymized for internal operations.

How we store and protect your data

Data is stored in our managed Postgres database (Supabase) with row-level security scoping every record to its owning user, enforced at the database layer.
OAuth tokens are encrypted at rest (AES-256-GCM) and stored separately from contact content; they are never written to logs.
Data is encrypted in transit (TLS).

Sharing and sub-processors

We do not sell your data. We share it only with infrastructure sub-processors that operate the service on our behalf — currently Supabase (database, authentication) and Netlify (web hosting) — under contractual confidentiality and data-protection obligations. We may disclose data if required by law.

Data retention and deletion

You can disconnect a source at any time; we stop syncing it and delete its stored OAuth tokens.
You can export your data and request hard deletion of your account and all associated contact data, including data derived from Google. Email privacy@rosterapp.org or use in-app controls. Deletion propagates to source-derived snapshots, not just visible records.

Your rights (GDPR / CCPA)

Depending on your location you may have rights to access, correct, export, or delete your personal data, and to withdraw consent. Contact privacy@rosterapp.org to exercise them.

Changes

We will post changes here and update the “Last updated” date; material changes will be communicated through the service.

Contact

Roster — privacy@rosterapp.org