Privacy Policy

The data controller for personal data processed through the Service is the operator of IFC Builder. For privacy-related requests, use the contact channel described in the marketing site’s contact section or the email address you use for product support, if provided to you.

• Account and authentication. If you sign in (for example with Google via Firebase Authentication), we process identifiers such as your user ID, email address, display name, and profile photo URL as supplied by the identity provider.
• Service data you provide. Content you upload or generate in the Service, including IFC and related project files, chat messages, prompts, and application settings stored for your account.
• Technical and usage data. Information such as browser type, device type, approximate location derived from IP, timestamps, and in-app events. We may use Firebase / Google Analytics or similar tools to understand how the Service is used.
• Cookies and similar technologies. We use cookies or local storage as needed for session management, preferences, and analytics where enabled.

• Providing, securing, and improving the Service (including AI-assisted IFC generation and viewing).
• Authenticating users and maintaining sessions.
• Storing your files and chat history as part of the product experience.
• Measuring usage, troubleshooting, and protecting against abuse or security incidents.
• Complying with legal obligations and enforcing our Terms of Service.

When you use AI features, your prompts and relevant model context may be sent to third-party AI providers to generate responses or code. Do not submit secrets, credentials, or personal data of third parties unless you are entitled to share them. Retention and subprocessors depend on our providers’ terms and configuration.

Where the GDPR or UK GDPR applies, we rely on: performance of a contract; legitimate interests (e.g. security, product improvement, analytics where balanced with your rights); consent where required (e.g. certain cookies or marketing); and legal obligations.

We share data with service providers who help us run the Service, such as:

• Cloud hosting, storage, and database providers.
• Authentication (e.g. Google / Firebase).
• Analytics (e.g. Firebase Analytics / GA4 when configured).
• AI inference providers used to power chat and generation features.

We may disclose information if required by law, to protect rights and safety, or as part of a merger or acquisition subject to appropriate safeguards.

Your data may be processed in countries outside your country of residence, including the United States. Where required, we use appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms.

We keep personal data only as long as needed for the purposes above, including backup and legal requirements. You may delete certain content or your account where the product allows; residual copies may persist for a limited period in backups.

We implement technical and organizational measures appropriate to the risk. No method of transmission or storage is 100% secure.

Depending on your location, you may have rights to access, rectify, delete, restrict, or object to processing, data portability, and withdrawal of consent. You may lodge a complaint with a supervisory authority. To exercise rights, contact us using the details on our site.

The Service is not directed at children under 16 (or the minimum age in your jurisdiction). We do not knowingly collect personal data from children.

We may update this Privacy Policy from time to time. We will post the revised version with a new effective date. Continued use after changes constitutes acceptance where permitted by law.