Privacy Policy

1. Introduction

This Privacy Policy describes how we collect, use, and protect your information when you use our AI-powered application building platform ("Service"). We are committed to protecting your privacy and handling your data responsibly.

2. Information We collect

2.1 Information You Provide

• Account Information: Name, email address, password, and profile information

• Organization Data: Organization name, member information, and team settings

• Application Data: Source code, application configurations, and deployment settings

• Database Credentials: Connection strings and authentication information (encrypted)

• Communication Data: Messages sent through our chat interface and support communications

2.2 Information We Collect Automatically

• Usage Data: Features used, time spent, clicks, and user interactions

• Device Information: Browser type, operating system, IP address, and device identifiers

• Log Data: Server logs, error reports, and performance metrics

• Analytics Data: User behavior patterns and feature usage statistics

2.3 AI Interaction Data

• User interactions with AI assistants for platform improvements (excluding data from third-party integrations)

• Application templates and patterns you create (with personal information removed)

• Important: Data accessed through third-party integrations (including Google Drive, Sheets, Docs, and other external services) is NOT used for AI training or service improvement purposes.

3. How We Use Your Information

3.1 Service Provision

• Provide and maintain our AI-powered development platform

• Generate code and applications based on your requests

• Manage database connections and integrations

• Process deployments and hosting services

• Facilitate team collaboration and organization management

3.2 Service Improvement

• Improve AI model performance and accuracy

• Develop new features and functionality

• Analyze usage patterns to optimize user experience

• Prevent fraud and ensure platform security

3.3 Communication

• Send service-related notifications and updates

• Provide customer support and technical assistance

• Send marketing communications (with your consent)

• Notify you of important changes to our services

3.4 Third-Party Integration Data Usage (Including Google Services)

For data accessed through third-party integrations, including Google Drive, Google Sheets, Google Docs, and other external services:

• Limited Use: We only use your third-party service data to provide the specific functionality you explicitly request (e.g., reading a spreadsheet you select, creating a document you request, querying a database you connect).

• No Training: Your data from third-party integrations is NOT used to train AI models or improve our services beyond your immediate request.

• Real-time Processing Only: Third-party data may be processed by AI providers (Anthropic, OpenAI, Google) in real-time to fulfill your immediate requests, but is not retained for training purposes or stored beyond what is necessary to provide the requested functionality.

• No Analytics: Your third-party integration data is NOT used for usage analytics, pattern analysis, or general service optimization.

• User Control: You explicitly select which files and data from third-party services our platform can access. Access is limited only to the resources you explicitly authorize.

• Compliance: This limited use policy applies to all third-party integrations and complies with Google API Services User Data Policy and similar policies from other service providers.

4. Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

4.1 Service Providers

• Cloud hosting providers (for infrastructure)

• AI model providers (for real-time code generation services - not for model training)

• Database providers (for data storage and management)

• Analytics providers (for usage insights, excluding third-party integration data)

• Authentication providers (for secure user authentication)

Note: When AI model providers process your data, it is only for real-time service delivery. Your data from third-party integrations (Google services, external databases, etc.) is processed only to fulfill your immediate requests and is not used for training AI models.

4.2 Legal Requirements

• To comply with legal obligations and court orders

• To protect our rights and prevent fraud

• To ensure user safety and platform security

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption: Data is encrypted in transit and at rest

• Access Controls: Strict access controls and authentication requirements

• Database Security: Credentials are encrypted and stored securely

• Regular Audits: Security assessments and vulnerability testing

• Incident Response: Procedures for handling security incidents

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Account Data: Until account deletion or closure

• Application Data: Until you delete applications or close your account

• Usage Logs: Typically 12-24 months for security and analytics

• Backup Data: May be retained for up to 90 days in backups

Third-Party Integration Data: Processed in real-time and not retained beyond what is necessary to fulfill your immediate request

7. Your Rights and Choices

7.1 Data Access and Portability

• Request a copy of your personal information

• Export your application data and source code

• Download your organization and team data

7.2 Data Correction and Deletion

• Update your account and profile information

• Delete applications and associated data

• Request account closure and data deletion

7.3 Communication Preferences

• Opt out of marketing communications

• Customize notification settings

• Manage email preferences

8. Third-Party Services

Our Service integrates with third-party services that have their own privacy policies:

• Authentication Providers: WorkOS for secure user authentication and organization management

• AI Providers: Anthropic Claude, OpenAI, Google for AI-powered code generation and assistance

• Integration Services: Nango for third-party API integrations (Google services, Slack, Salesforce, GitHub, etc.)

• Database Providers: Neon PostgreSQL and various database services you choose to connect

• Hosting Providers: Vercel for application deployment

• Storage Providers: Cloudflare R2 for blob storage

• Analytics: Amplitude and other usage analytics and monitoring services (excluding third-party integration data)

• Payment Processing: Stripe for billing and subscription management

When you use these integrations, you are also subject to their respective privacy policies and terms of service.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

• Standard Contractual Clauses (SCCs)

• Adequacy decisions by relevant authorities

• Certification schemes and codes of conduct

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected

• Right to delete personal information

• Right to opt-out of the sale of personal information

• Right to non-discrimination for exercising your rights

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right of access to your personal data

• Right to rectification of inaccurate data

• Right to erasure (right to be forgotten)

• Right to restrict processing

• Right to data portability

• Right to object to processing

13. Cookie Policy

We use cookies and similar technologies to:

• Maintain user sessions and authentication

• Remember user preferences and settings

• Analyze usage patterns and improve our Service

• Provide personalized experiences

You can control cookie settings through your browser preferences.

14. Updates to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website

• Sending email notifications to registered users

• Providing in-app notifications

15. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: support@build0.ai

Website: https://build0.ai

16. Effective Date

This Privacy Policy is effective as of the date listed at the top of this document.