Privacy Policy

Account data — email address, full name, and hashed password when you register. Required to provide the service.

Project data — cost estimate inputs (project name, location, materials, notes) saved by authenticated users in the Cost Estimator tool. You own this data and can delete it at any time.

Chat history — AI assistant conversation messages stored per user session. Linked to your account while signed in.

Feedback — optional text comments and ratings submitted through the feedback widget. May be submitted anonymously.

Error and crash data — stack traces, component names, and browser environment sent to Sentry when the app encounters an unhandled error. All PII (email, IP address, URL query strings, request bodies) is stripped before transmission. See Section 4.

Performance metrics — Core Web Vitals (LCP, CLS, FID) sent to Google Analytics when analytics consent is given. Page views and feature usage events are also collected.

Local analytics — usage events stored only in your browser's localStorage for up to 30 days (maximum 1,000 events). This data never leaves your device and is not shared with anyone.

• Contract — account data is processed to deliver the service you signed up for.
• Legitimate interest — non-PII error monitoring (Sentry, without replay) to maintain application security and stability.
• Consent — Google Analytics and Sentry session replay are only activated after you explicitly accept via the consent banner. You may withdraw consent at any time by clearing your browser storage.

• Authenticate your account and enforce row-level data access
• Store and display your project estimates and chat history
• Diagnose and fix application errors
• Measure feature usage to prioritize improvements (with analytics consent)
• Detect and prevent security threats (rate limiting, anomaly detection)

Supabase — provides authentication and PostgreSQL database hosting. Data is stored in the EU and protected by Supabase's EU–US Data Processing Agreement. All tables use row-level security (RLS) policies so users can only access their own records.

Sentry — receives error reports for application stability monitoring. Before any event is transmitted, our beforeSend hook strips: email addresses, IPv4/IPv6 addresses, URL query strings and fragments, request body content, cookies, and user email/username fields. Only an anonymized user ID is retained so errors can be grouped. The sendDefaultPii flag is disabled. Session replay (recording of UI interactions, text fully masked, all media blocked) is only enabled when you explicitly consent to it and applies to approximately 10% of sessions.

Google Analytics — collects page views and feature interaction events only when you have given analytics consent. Data is processed by Google under their Privacy Policy and EU Standard Contractual Clauses.

OpenAI — AI assistant queries are processed server-side via the OpenAI API. Your messages may be subject to OpenAI's data retention policy (typically 30 days for API usage). We do not send your account details to OpenAI.

We do not sell personal data to any third party.

We do not set traditional HTTP cookies for tracking. We use the browser's localStorage and sessionStorage for:

• Keeping you signed in (Supabase session token)
• Storing your consent preferences
• Saving user interface preferences (theme, filters)
• Local analytics data (device-only, see Section 1)

You can clear all stored data via your browser settings at any time, which will sign you out and reset consent preferences.

• Account and project data — retained until you request deletion.
• Sentry error events — subject to Sentry's configured retention period (default 90 days).
• Google Analytics data — subject to Google's data retention settings (default 14 months).
• Local browser analytics — automatically purged after 30 days; hard cap of 1,000 events.

Depending on your jurisdiction, you have the right to:

• Access — request a copy of data we hold about you.
• Erasure — request deletion of your account and all associated data (right to be forgotten).
• Portability — receive your data in a structured, machine-readable format.
• Correction — update inaccurate personal data held in your profile.
• Objection / Restriction — object to processing based on legitimate interest, or request that we restrict processing while a complaint is resolved.
• Withdraw consent — change analytics and session replay preferences at any time via Cookie preferences (in the site footer). If your browser sends a Do Not Track signal, analytics and session replay default to off.

Access, export, and erasure are self-service for signed-in users at /account/privacy: download a machine-readable copy of your data, or request account deletion. Deletion is scheduled after a 30-day grace period (you can cancel during that window), after which your account and associated data are permanently removed. For any other request, contact us through the site's support channel.

We enforce TLS 1.3 on all connections, row-level security at the database layer, multi-factor authentication support, rate limiting, and brute-force protection. Sentry session tokens (if consent given) are kept in Sentry's infrastructure and are not accessible to our application code.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users within 72 hours of becoming aware of the breach, and report to the relevant supervisory authority where required by law.

This service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has submitted data, please contact us so we can delete it.

We may update this policy when our data practices change. The "Last updated" date at the top of this page will reflect the most recent revision. Continued use of the service after a material change constitutes acceptance of the updated policy.

For privacy questions, data requests, or to report a concern, please contact us through the site's support channel. We aim to respond within 30 days.