Privacy Policy

We collect information you provide directly: - Uploaded files: BOQ documents, contracts, drawings, and specifications submitted for processing. - Account information: Name, email address, and password when you register. - Usage data: Job submissions, processing history, and service usage metrics. We do not collect browsing analytics, device fingerprints, or location data.

Your data is used exclusively for: - AI Processing: Generating quantity take-offs, pricing estimates, schedules, and project management insights. - Service Delivery: Sending you results via email, maintaining your job history, and providing status updates. - Account Management: Authenticating your identity, managing subscriptions, and processing payments. We never use your uploaded documents for AI model training or any purpose beyond delivering your requested service.

- Uploaded files: Stored temporarily on secure servers during processing. Automatically and permanently deleted 24 hours after job completion. - Account data: Stored in an encrypted PostgreSQL database for the duration of your account. - Job metadata: Project name, file name, timestamps, and processing results are retained in your account for your reference. - Deletion: You may request deletion of your account and all associated data at any time by contacting us.

We implement multiple layers of security: - Encryption in Transit: All connections use TLS 1.2+ (256-bit SSL encryption). - Isolated Processing: Each job runs in an isolated Docker container with no access to other users' data. - Password Protection: Passwords are hashed using bcrypt with 12 salt rounds — we never store plaintext passwords. - Session Security: JWT-based sessions with httpOnly cookies prevent cross-site scripting attacks. - Infrastructure: Hosted on hardened servers with restricted access, firewall rules, and regular security updates.

We use the following third-party services: - Google Gemini API: Used for AI document processing. Your documents are sent to Google's API for analysis and are subject to Google's API Terms of Service. Google does not use API data for model training. - Lemon Squeezy: Payment processing for subscriptions. We do not store credit card information — all payment data is handled by Lemon Squeezy. - Resend: Transactional email delivery for job results and account notifications.

You have the right to: - Access: Request a copy of all personal data we hold about you. - Correction: Update or correct any inaccurate information in your account. - Deletion: Request permanent deletion of your account and all associated data. - Export: Download your job history and results. - Withdraw Consent: Opt out of non-essential communications at any time. To exercise any of these rights, contact us at noreply@buildcais.com.

We use only essential cookies: - Authentication Cookie: A secure, httpOnly session cookie required for login functionality (NextAuth). - Language Preference: A localStorage value to remember your language choice (English/Arabic). We do not use tracking cookies, analytics cookies, or advertising cookies. No third-party cookies are set.

For privacy-related questions or requests: Email: noreply@buildcais.com Platform: CAIS — Construction AI Solutions Website: buildcais.com