This Privacy Policy explains how BuildEye AI ("we", "our", "us") collects, uses, and protects your personal information when you use the BuildEye AI mobile application. We are committed to handling your data responsibly and transparently.
1. Data Controller
BuildEye AI is operated by an individual developer. For privacy-related inquiries, contact us at drozdsa@gmail.com.
2. Data We Collect
We collect the following categories of personal data:
- Account data: email address, display name, and profile picture URL (if you sign in via Google OAuth).
- Photos: images you upload to the application for automated AI analysis and defect diagnostics.
- Location data: GPS coordinates (latitude, longitude, horizontal accuracy) captured at the time of each photo, strictly where you have granted explicit device-level location permissions.
- Device data: device model, operating system version, app version, and orientation metadata attached to uploaded photos.
- Usage data: project names, construction site addresses, analysis prompts, and in-app activity logs used exclusively for system diagnostics.
- Payment data: handled exclusively by Paddle (our authorized reseller and Merchant of Record); we do not store, view, or process your credit card or banking details.
3. How We Use Your Data
We use your data to:
- Authenticate your identity and maintain your personal user account.
- Process your uploaded photos through the integrated AI model to return structured engineering analysis results.
- Generate downloadable PDF and Excel reports based on your project data.
- Improve the accuracy and reliability of AI analysis over time (using anonymised, aggregated signals only).
- Send transactional emails such as password reset links or billing updates.
- Comply with legal obligations and enforce our Terms of Service.
4. Legal Basis for Processing
We process your personal data on the following legal bases:
- Contract performance: to deliver the software services and subscription features you have signed up for.
- Legitimate interests: to operate, maintain, secure, and improve the application and to detect system abuse.
- Legal obligation: where required by applicable law or financial reporting regulations.
- Consent: for optional device permissions such as GPS access and camera roll access (you may revoke this in your device settings at any time).
5. Third-Party Services
We share relevant data with the following trusted third-party providers solely to operate and run the digital service:
- Supabase - cloud database, object storage, and authentication infrastructure provider. Stores your secure account data, project assets, and photos. Supabase infrastructure is SOC 2 certified.
- Google Gemini API our primary Artificial Intelligence processing provider. Receives uploaded photo data and analysis prompts to generate structured reports. Photos transmitted via the Google Gemini API are handled securely and are not used by Google to train its public underlying AI models.
- Paddle.com - payment processing, billing, and tax collection. Paddle acts as the Merchant of Record and processes your payment details under its own privacy policy.
- Render - backend API hosting. Processes secure application routing and server execution on our behalf.
We do not sell, rent, or trade your personal data to any third party.
6. International Data Transfers
Because BuildEye AI is operated globally, data may be transferred to and maintained on servers located outside of your state, province, or country. For users located within the European Economic Area (EEA) or the UK, we ensure that transfers to third-party processors (such as Supabase or Render) are protected by appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission.
7. Data Retention
We retain your personal data for as long as your user account is active. If you choose to delete your account, your personal profile data, project details, and uploaded photos will be permanently and irreversibly deleted from our live production databases within 30 days, except where retention is strictly required by law (e.g., historical financial transactional records managed under Paddle’s global tax compliance policy).
8. Your Rights
Depending on your geographic location (such as under the GDPR for European users), you may possess the following data protection rights:
- Access: request a copy of the data we hold about you.
- Correction: request correction of inaccurate data.
- Deletion: request the removal of your account and associated data.
- Portability: request an export of your data in a structured, machine-readable format.
- Objection: object to processing based on legitimate interests.
- Restriction: request restriction of processing in certain circumstances.
To exercise any of these rights, email us at drozdsa@gmail.com. We will verify your identity and respond within 30 days.
9. Cookies and Analytics
The BuildEye AI mobile application itself does not use tracking cookies. This landing page website does not utilize invasive tracking or third-party marketing analytics cookies.
10. Children's Privacy
BuildEye AI is a B2B/B2C professional utility app and is not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with data, contact us, and we will remove it promptly.
11. Security Measures
We implement rigorous technical and organisational measures to safeguard your information, including TLS/HTTPS encryption for data in transit, strict Row-Level Security (RLS) policies on the Supabase database layers, and isolated access controls. While we apply standard industry defenses, no digital storage system is completely secure, and we cannot guarantee absolute security.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via in-app notification or email. The "last updated" date at the top of this page reflects the most recent revision.
13. Contact
For any privacy questions or to exercise your data rights, contact us at drozdsa@gmail.com.