Privacy Policy

Buildlr ('we', 'us', 'our') operates the websites buildlr.de and buildlr.com and the Buildlr platform (web, iOS, Android). We take the protection of your personal data seriously. This privacy policy explains what data we collect, why we collect it, and your rights under the General Data Protection Regulation (GDPR / DSGVO).

Responsible party (controller): Buildlr, info@buildlr.com

We collect data in the following ways:

• Contact form and demo booking: When you submit a contact form or book a demo, we collect your name, email address, company name, and message. This data is used solely to respond to your inquiry.
• Account registration: When you create a Buildlr account, we collect your name, email address, company name, and role. This data is necessary for providing the service.
• Usage data: We collect anonymized usage statistics to improve the platform. This includes pages visited, feature usage, and session duration. No personally identifiable information is included.
• Technical data: Server logs may contain IP addresses, browser type, and device information. These logs are retained for 30 days for security purposes.

Our website uses essential cookies required for the website to function, as well as optional analytics cookies to improve our service. Analytics cookies are only set after your explicit consent.

On your first visit, a cookie banner will be displayed where you can choose which cookie categories to accept. You can change your preferences at any time using the "Cookie settings" link in the footer.

For a complete overview of all cookies used, see our cookie policy.

Our website is hosted on Firebase (Google Cloud) within the European Union. Our backend services run on Hetzner Cloud servers in Germany. All data is processed and stored within the EU.

We use the following sub-processors:

• Google Firebase (EU) — website hosting and authentication
• Hetzner Cloud (Germany) — backend API and database hosting
• Stripe (EU) — payment processing
• SendGrid (EU) — transactional emails

We process your personal data based on:

• Contract performance (Art. 6(1)(b) GDPR): Processing necessary to provide the Buildlr service.
• Legitimate interest (Art. 6(1)(f) GDPR): Anonymized analytics to improve our service, security monitoring.
• Consent (Art. 6(1)(a) GDPR): Marketing communications (only with explicit opt-in).

Under the GDPR, you have the following rights:

• Right of access: You can request a copy of all personal data we hold about you.
• Right to rectification: You can request correction of inaccurate data.
• Right to erasure: You can request deletion of your personal data ('right to be forgotten').
• Right to data portability: You can request your data in a machine-readable format.
• Right to object: You can object to data processing based on legitimate interest.
• Right to withdraw consent: You can withdraw consent at any time.

To exercise any of these rights, contact us at: info@buildlr.com

We retain personal data only as long as necessary:

• Account data: For the duration of your account plus 30 days after deletion.
• Contact form data: 12 months after the last interaction.
• Server logs: 30 days.
• Invoicing data: 10 years (German tax law requirement).

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit (TLS 1.3) and at rest
• Access controls and role-based permissions
• Regular security audits
• Data processing within the European Union

We may update this privacy policy from time to time. We will notify registered users of material changes via email. The current version is always available on this page.

For privacy-related inquiries, contact us at:

Buildlr
Email: info@buildlr.com

You also have the right to lodge a complaint with a supervisory authority if you believe your data is being processed unlawfully.