Privacy Policy

1. Scope of this policy

This policy applies to the confBuild marketing website, the web application, hosted configurators, embedded viewers, contact requests, and related support communication.

2. Personal data we collect

• Account and profile data: name, email address, login method, company details, plan information, and other details you add to your account.
• Project and workspace data: spreadsheets, 3D models, uploaded files, prompts, generated outputs, comments, project settings, and sharing configuration.
• Technical and usage data: browser and device details, approximate location derived from IP, timestamps, referrers, visited pages, feature usage, performance data, and security logs.
• Communication data: contact form submissions, support requests, emails, and other messages you send to us.
• Preference data: client-side settings such as theme choice and similar preferences stored in your browser.

3. How we use personal data

• To create and secure your account, operate the platform, and deliver hosted configurators and embedded experiences.
• To render, store, synchronize, and export your projects, uploads, and generated outputs.
• To provide support, respond to inquiries, and communicate operational, billing, or security information.
• To monitor reliability, prevent abuse, investigate incidents, and improve the product, documentation, and website.
• To comply with legal obligations and enforce our contractual rights.

4. Legal bases for processing

We process personal data on the basis of contract performance when we provide the service you requested, on the basis of legitimate interests when we secure and improve the platform, on the basis of consent where a feature or communication specifically asks for it, and when necessary to comply with legal obligations.

5. Hosting, subprocessors, and AI services

confBuild relies on specialized service providers for hosting, authentication, databases, storage, email delivery, analytics, and AI-assisted functionality. When you use AI features, prompts, uploaded inputs, screenshots, model metadata, and generated results may be processed by external AI providers selected by confBuild to deliver that feature.

These providers only receive the data needed for their role. Depending on the service, they may act as processors on our behalf or as independent parties under their own terms.

6. Cookies, analytics, and local storage

confBuild uses cookies, local storage, and similar technologies to keep sessions active, remember preferences, secure the website, and understand usage patterns.

• Essential storage: used for sign-in, session continuity, security, and settings such as theme selection.
• Website analytics: the marketing site loads Google Analytics in production to measure traffic sources, page usage, and general site performance.
• Your controls: you can block or delete cookies and stored site data in your browser, but parts of the site or app may then stop working correctly.

7. Sharing and disclosures

We do not sell your personal data. We share data only where needed to operate confBuild or where the law requires it.

• With infrastructure and service providers that help us run hosting, storage, authentication, analytics, email, and AI-assisted features.
• With viewers or collaborators when you intentionally publish, share, or embed a configurator or other project output.
• With authorities, courts, or advisors when disclosure is legally required or necessary to protect rights, safety, or the integrity of the service.

8. International data transfers

Some providers we use may process data outside your country, including outside the European Economic Area. Where required, we use contractual safeguards or other lawful transfer mechanisms to protect transferred personal data.

9. Data retention

We retain personal data for as long as reasonably necessary to provide the service, maintain business records, resolve disputes, and meet legal, accounting, or security obligations.

• Account and project data are generally kept while your account remains active or until you request deletion.
• Backups, logs, and generated artifacts may remain for a limited period after deletion for security, fraud prevention, and disaster recovery purposes.
• Support and contact messages may be retained as long as needed to handle your request and maintain an accurate support history.

10. Your rights

Depending on applicable law, you may have the right to request access to your personal data, correction of inaccurate data, deletion, restriction of processing, portability, or objection to certain processing. If processing is based on consent, you may withdraw that consent at any time for future processing. You may also lodge a complaint with a supervisory authority.

11. Security

We use reasonable technical and organizational measures to protect personal data, including encrypted transport, access controls, logging, and role-limited administration. No online service can be completely secure, so you should protect your credentials and only upload content you are authorized to use.

12. Changes to this policy and contact

We may update this Privacy Policy to reflect product, legal, or operational changes. The latest version will always be published on this page with an updated revision date. For privacy requests or questions, contact daniel@confbuild.com.