BuildIT

Privacy Policy

Effective Date: March 5, 2026

This Privacy Policy (the "Policy") governs the data processing practices of BuildIT ("Company," "we," "us," or "our"). This document outlines our commitment to the privacy of our clients ("Subscribers") and the individuals whose data may be processed through our workflow automation platform (the "Services").

1. Scope and Capacity

BuildIT operates primarily as a Data Processor under various global privacy frameworks. While we act as a Data Controller regarding the account information of our Subscribers, the "Workflow Data" processed through our automation engine is controlled by the Subscriber.

2. Information Collection and Taxonomy

We categorize the data we collect into the following classifications:

  • Customer Relationship Data: Personal identifiers including full name, professional email address, billing coordinates, and organizational affiliation.
  • System and Telemetry Data: Technical metadata including IP addresses, session logs, API call records, and device identifiers necessary for security and performance optimization.
  • Integrated Service Data: Authentication tokens and metadata retrieved from third-party applications (e.g., CRM, ERP, or communication tools) as authorized by the Subscriber to facilitate automation.

3. Purpose of Processing

The Company processes data strictly under the following legal bases:

  • Contractual Necessity: To fulfill our obligations in providing the Services.
  • Legal Obligation: To comply with statutory tax, audit, and regulatory requirements.
  • Legitimate Interests: For the enhancement of platform security, fraud prevention, and internal analytical modeling.

4. Data Retention and Deletion

Data is retained only for the duration of the active subscription or as required to satisfy legal, accounting, or reporting obligations. Upon termination of Services, BuildIT shall, at the Subscriber's election, delete or return all Workflow Data, subject to our standard backup retention cycles.

5. Global Regulatory Compliance

BuildIT maintains a comprehensive data protection program designed to align with international privacy standards, including but not limited to:

  • The General Data Protection Regulation (GDPR): Providing protections for data subjects within the European Economic Area (EEA).
  • The California Consumer Privacy Act (CCPA/CPRA): Granting specific disclosure and opt-out rights to California residents.
  • Cross-Border Transfers: We utilize Standard Contractual Clauses (SCCs) or other recognized transfer mechanisms to ensure data remains protected when moved across jurisdictions.

6. Information Security and Sub-processors

We employ rigorous administrative, technical, and physical safeguards. This includes AES-256 encryption at rest and TLS 1.2+ for data in transit. We maintain a vetted list of sub-processors (such as cloud infrastructure providers) who are contractually bound to the same data protection standards we uphold.

7. Rights of the Data Subject

Qualified individuals may exercise their rights to access, rectification, erasure ("Right to be Forgotten"), and data portability. Inquiries regarding these rights should be directed to our Data Protection Office.

Contact and Inquiries

For formal requests or concerns regarding our privacy practices, please use our contact form.