Privacy
Privacy
PointRoom is built to store as little data as practical for private estimation rooms without accounts.
Last updated: May 21, 2026
Create roomData stored
PointRoom stores room settings, optional room names, participant display names or generated monikers, votes, final results, host and participant sessions, master admin metadata, hashed-IP rate-limit windows, and minimal internal room events needed to operate the service.
Secrets
Host tokens, participant session tokens, and master admin sessions are stored only as hashes. Raw host links and session secrets are shown or sent only when needed for access and are never intended to be logged.
Cookies
PointRoom uses functional cookies for host sessions, participant sessions, master admin sessions, and language preference. There are no analytics, advertising, or cross-site tracking cookies in v1.
Retention
Rooms expire after inactivity and also have a hard lifetime. Cleanup runs automatically and may remove ended rooms, expired rooms, expired sessions, stale rate-limit windows, votes, participants, and internal room events.
Hosting
PointRoom runs on a server managed by the operator. Server-level operational logs may exist for reliability, abuse prevention, troubleshooting, and deployment monitoring.
Your choices
Room hosts can end rooms, lock or unlock new joins, reset votes, and keep the host link private. If you need help with data related to a room, contact the operator with the room public ID.
Security
PointRoom uses hashed secrets, HttpOnly cookies, origin checks, rate limits, noindex room pages, unlisted random room IDs, and privacy-preserving admin views that do not expose participant names or vote values.
Contact
For privacy or security questions, contact the operator of this PointRoom deployment.