← Back to landing
Dorm Deal privacy commitments

Privacy Policy — Dorm Deal Inc.

This U.S.-focused Policy explains how Dorm Deal collects, uses, discloses, and protects personal information when you use our marketplace and related services.

Effective and last updated: November 1, 2025

Overview

Dorm Deal is a peer-to-peer marketplace for college communities. By accessing or using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.

Who We Are & Scope

  • Controller: Dorm Deal Inc. (legal entity name).
  • Contact: legal@dormdeal.app (see Contact section).
  • Scope: This Policy applies to personal information processed through the Services and does not cover third-party websites or services.

Information We Collect

We collect information: (A) you provide to us; (B) automatically when you use the Services; and (C) from third parties.

A) Information You Provide

  • Account & profile: name, university email, phone, profile photo, campus/affiliation, graduation year.
  • Transactions & listings: items listed or purchased, pricing and shipping preferences, order history.
  • Addresses & payment: billing/shipping addresses (payment cards handled by processors; Dorm Deal does not store full card numbers).
  • Student verification: .edu verification and other signals.
  • Communications & support: messages, survey responses, support requests.

B) Collected Automatically

  • Device/log data: IP address, device type, OS, app version, browser, carrier, device identifiers (IDFV for iOS), crash logs.
  • Usage data: pages/screens viewed, searches, items viewed/added/purchased, referral URLs.
  • Cookies/SDKs: used for essential functionality, analytics, personalization (first-party analytics only - we do NOT use third-party advertising SDKs).
  • Location data: approximate location only (city/campus level) from IP. We do NOT collect precise GPS location.
  • App permissions (with your consent): Camera (for listing photos), Photo Library (for uploading images), Push Notifications (for order updates and messages). All permissions configurable in device settings.

C) From Third Parties

  • Payments: Transaction status and fraud signals from Stripe (our payment processor). Payment card details are handled by Stripe and never stored on Dorm Deal servers.
  • Analytics: First-party analytics only for app performance monitoring. We do NOT use Google Analytics, Facebook SDK, or other third-party tracking.
  • Push Notifications: Expo Push Notification Service for delivering app notifications (order updates, messages).

How We Use Information

  • Provide and improve the Services, including listings, payments, shipping, verification, personalization, bug fixes, and performance analysis.
  • Communicate with you about orders, shipping, account security, support requests, and product updates.
  • Promote safety, detect fraud, and enforce policies.
  • Deliver marketing or recommendations, with consent where required (you can opt out of marketing emails).
  • Comply with legal obligations and enforce the Terms.

Note: This Policy is tailored to U.S. law. If you are located outside the U.S., different legal bases may apply.

How We Share Information

  • Service providers processing data on our behalf (hosting, payments, analytics, messaging, support, security, shipping).
  • Other users to facilitate transactions (e.g., display name, campus, item details).
  • Legal, safety, and enforcement purposes to comply with law or protect rights.
  • Corporate transactions (merger, acquisition, financing, reorganization, bankruptcy) subject to continued protection.
  • With your consent or at your direction.

Dorm Deal does not sell personal information as defined by U.S. state privacy laws. If targeted advertising is deemed “sharing” under California law (CCPA/CPRA), you may opt out using in-app settings or by contacting us.

Cookies, Analytics & Ads

  • Cookies/SDKs support sign-in, session management, preferences, analytics, and personalization. Manage non-essential cookies via browser or device settings.
  • No Third-Party Tracking: We use first-party analytics only to measure app performance and usage. We do NOT track users across other apps or websites for advertising.
  • No Targeted Advertising: We do not use your data for targeted advertising or share it with advertising networks.
  • We currently do not respond to browser Do Not Track signals, but we honor device-level tracking preferences.

Data Retention

We retain personal information as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Criteria include account status, transaction history, and legal requirements. When you request deletion, we delete or anonymize information unless retention is required by law (for example, fraud prevention or tax).

Security

We implement industry-standard security measures including:

  • Encryption in transit: All data transmitted uses TLS/HTTPS encryption
  • Encryption at rest: Sensitive data (meetup locations, contact info) encrypted with AES-256-GCM
  • Payment security: Payment card data processed by PCI-DSS compliant Stripe; never stored on our servers
  • Access controls: Employee access limited to those who need it; audit logging enabled
  • Password security: Passwords hashed with bcrypt

No method of transmission or storage is completely secure. If we learn of a security incident affecting your information, we will notify you as required by law.

Your Rights & Choices (U.S.)

You may:

  • Access, update, or correct profile and account details (in-app or by request).
  • Request deletion of your account and personal information, subject to legal exceptions.
  • Opt out of marketing emails via unsubscribe links or settings and manage push notifications/device permissions.
  • Control location, camera, or storage permissions within device settings.

U.S. state residents (e.g., CA, CO, CT, UT, VA) may have rights to know/access, correct, delete, and opt out of targeted advertising or certain profiling. California residents also have the right to limit the use of sensitive personal information and to request information about financial incentives. Dorm Deal does not sell personal information.

Exercise your rights by emailing privacy@dormdeal.app or using in-app settings. We may request information to verify your identity and will respond within the time required by law. Appeals can be sent with “Appeal” in the subject line.

Children’s Privacy

The Services are not intended for children under 13, and we do not knowingly collect personal information from them. If we learn we have collected information from a child under 13, we will delete it promptly. Contact us if you believe this has occurred.

International Transfers

This Policy is focused on U.S. users. If you access the Services from outside the U.S., your information may be transferred to the United States and other countries where we or our providers operate. Where required, we implement appropriate safeguards.

Changes to This Policy

We may update this Policy periodically. If we make material changes, we will post the updated Policy, revise the Effective Date, and may provide additional notice (for example, in-app or by email). Your continued use of the Services after changes take effect signifies acceptance of the updated Policy.

Contact

Dorm Deal Inc.
[Company Address Line 1]
[City, State ZIP, Country]
Email (privacy): privacy@dormdeal.app
Email (legal): legal@dormdeal.app