SecurityCareers

Privacy Policy

Effective Date: 02/01/2025

Build Technologies, Inc. (“Build.inc,” “Company,” “we,” “us,” or “our”) is committed to protecting the privacy of individuals who visit our website, engage with our services, and interact with our AI-driven development solutions. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

1. Information We Collect

We collect different types of information based on our interactions with users, clients, and partners, including:

Personal Information: Names, email addresses, phone numbers, job titles, and company affiliations.

Account & Authentication Data: Login credentials, security tokens, and access logs.

Technical & Usage Data: IP addresses, device information, browser type, operating system, pages visited, and timestamps. This includes cookies for Google Analytics.

Business & Transactional Data: Company details, service inquiries, contract details, and transaction records.

AI Interaction Data: Data input into our AI agents for processing and optimization, including queries and emails linked to user accounts.

We do not knowingly collect sensitive personal data (e.g., financial, health, or biometric data) unless explicitly required and permitted by applicable laws.

2. How We Use Your Information

We use collected information to:

  • Provide and enhance our services.
  • Improve our AI agents’ performance through anonymized data training.
  • Facilitate user authentication and secure access to our services.
  • Communicate with users about services, updates, and relevant business opportunities.
  • Analyze and optimize our website and business operations.
  • Comply with legal and regulatory obligations.

AI Agents & Data Processing: Our AI agents process structured data inputs, as well as queries and emails linked to user accounts. These agents do not autonomously collect personal data but process user-provided business-related data.

3. Legal Basis for Processing (GDPR Compliance)

If you are in the European Economic Area (EEA) or the United Kingdom, our processing of your data is justified by one or more legal bases, including:

Consent: When you explicitly agree to data processing (e.g., subscribing to updates).

Contractual Necessity: When data processing is necessary for service delivery.

Legitimate Interests: When processing is required for business operations without infringing on user rights.

Legal Compliance: When we are obligated to collect or retain data due to legal requirements.

4. Data Retention

We retain customer personal information for five years after account closure. This retention period helps us:

  • Maintain business continuity and historical records
  • Address potential legal or compliance requirements
  • Provide continuing service if customers return

Other data retention periods include:

  • Transactional data: Retained for at least five years for audit and compliance purposes.
  • AI interaction data: Retained in anonymized form for ongoing improvements.

We implement data minimization and deletion policies to ensure we do not retain personal data longer than necessary.

5. Data Sharing & Third-Party Access

We may share data with:

Service Providers: Cloud hosting, security, and analytics vendors necessary for operational purposes.

Business Partners: Collaborators assisting in service delivery.

Legal & Regulatory Authorities: Information can be disclosed to comply with legal obligations, including sharing data with legal authorities or regulatory bodies when required by law.

We do not sell personal data to third parties. Data sharing is conducted under strict security and confidentiality agreements as outlined in our Vendor Management Policy.

6. Security Measures

We employ industry-standard security protocols, including:

  • Multi-factor authentication mandatory for all system access
  • Password requirements of at least 12 characters including special characters
  • Data classification according to sensitivity level to ensure appropriate controls
  • Encryption of data at rest and in transit
  • Data transmissions encrypted using AES-256 encryption
  • Role-based access controls and authentication measures
  • Regular security audits
  • Compliance with SOC 2 Type II (currently in observation period), GDPR, CCPA, and other relevant frameworks

Despite these measures, no system is entirely immune to breaches. We promptly address security incidents and notify affected parties as required by law.

7. Your Rights & Choices

Depending on your jurisdiction (EU, UK, USA), you may have the following rights:

Access & Correction: Request a copy of your data and correct inaccuracies.

Erasure: Request deletion of your data, subject to legal retention obligations.

Opt-Out: Withdraw consent or opt-out of certain data processing.

Data Portability: Receive your data in a structured, machine-readable format.

California Privacy Rights: California residents have additional rights under the CCPA.

To exercise these rights, contact us at [Insert Contact Email].

8. International Data Transfers

We operate in the US and Europe, and data may be transferred internationally. When transferring data outside of the EEA or UK, we rely on:

  • Standard Contractual Clauses (SCCs) for GDPR compliance
  • Data Protection Agreements (DPAs) with service providers
  • Other mechanisms as required by applicable law

9. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in regulations or our data practices. The latest version will be available on our website with the effective date noted above.

10. Contact Us

For privacy-related inquiries, reach us at:

Build Technologies, Inc. (“Build.inc”)
2261 Market Street STE 22610 San Francisco, CA 94114 security@build.inc

If you have concerns about our data practices, you may also contact your local data protection authority.

This Privacy Policy is designed to be GDPR, CCPA, and SOC 2 Type II compliant.