Privacy Policy
Last updated: January 28, 2026
Effective date: January 28, 2026
1. Introduction
EstimateBuilderPro LLC ("EstimateBuilderPro," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our software-as-a-service platform for creating estimates, invoices, and managing client relationships (the "Service").
Company Information:
EstimateBuilderPro LLC
1234 Business Ave, Suite 100, Denver, CO 80202, United States
Email: privacy@estimatebuilderpro.com
By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.
2. Information We Collect
2.1 Information You Provide Directly
We collect information you provide directly to us, including:
- Account Information: Name, email address, password, phone number
- Company Information: Business name, address, logo, tax ID, industry type
- Payment Information: Billing address and payment method details (processed securely by Stripe; we do not store full card numbers)
- Client Data: Names, contact information, addresses, and project details of your clients that you enter into the Service
- Financial Data: Estimates, invoices, line items, pricing, and payment records you create
- Communications: Messages you send us, support requests, and feedback
2.2 Information Collected Automatically
When you use our Service, we automatically collect:
- Device Information: Device type, operating system, browser type and version, unique device identifiers
- Log Data: IP address, access times, pages viewed, referring URL, actions taken within the Service
- Usage Data: Features used, interaction patterns, performance data, error reports
- Location Data: General geographic location based on IP address (we do not collect precise GPS location)
2.3 Information from Third Parties
We may receive information from third-party services you connect to your account:
- QuickBooks: Accounting data if you enable the QuickBooks integration
- Authentication Providers: Basic profile information if you sign in via Google or other OAuth providers
3. Legal Bases for Processing (EEA/UK Users)
If you are located in the European Economic Area (EEA) or United Kingdom (UK), we process your personal data based on the following legal grounds:
- Contract Performance: Processing necessary to provide the Service you requested (creating estimates, invoices, managing clients)
- Legitimate Interests: Processing for our legitimate business interests, such as improving our Service, fraud prevention, and security, where these interests are not overridden by your rights
- Consent: Processing based on your explicit consent, such as sending marketing communications (you may withdraw consent at any time)
- Legal Obligation: Processing necessary to comply with legal requirements, such as tax record-keeping and responding to lawful requests
4. How We Use Your Information
We use the information we collect for the following purposes:
4.1 Service Delivery
- Create and manage your account
- Provide, maintain, and improve our Service
- Process transactions and send related information (receipts, confirmations)
- Enable features like estimate generation, invoice creation, and client management
4.2 Communication
- Send technical notices, updates, security alerts, and support messages
- Respond to your comments, questions, and requests
- Send promotional communications (with your consent, where required)
4.3 Analytics and Improvement
- Monitor and analyze trends, usage, and activities
- Develop new products, services, features, and functionality
- Personalize and improve your experience
4.4 Security and Compliance
- Detect, investigate, and prevent fraudulent transactions and abuse
- Protect the rights, property, and safety of EstimateBuilderPro and our users
- Comply with legal obligations and enforce our terms
5. Information Sharing and Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
5.1 Service Providers
We share data with third-party vendors who perform services on our behalf, subject to confidentiality obligations:
- Stripe: Payment processing (Privacy Policy)
- Supabase: Database hosting and authentication (Privacy Policy)
- Resend: Transactional email delivery (Privacy Policy)
- Vercel: Application hosting (Privacy Policy)
5.2 Legal Requirements
We may disclose your information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
5.3 Business Transfers
If EstimateBuilderPro is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership or uses of your personal information.
5.4 With Your Consent
We may share your information with third parties when you have given us explicit consent to do so.
6. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect and track information about your activity on our Service.
6.1 Types of Cookies We Use
| Type | Purpose | Duration |
|---|---|---|
| Essential | Required for the Service to function (authentication, security, preferences) | Session / 1 year |
| Functional | Remember your settings and preferences | 1 year |
| Analytics | Understand how you use our Service to improve it | 2 years |
6.2 Managing Cookies
You can control and manage cookies through your browser settings. Most browsers allow you to:
- View what cookies are stored and delete them individually
- Block third-party cookies
- Block cookies from specific sites
- Block all cookies
- Delete all cookies when you close your browser
Note: Blocking essential cookies may prevent you from using certain features of our Service.
7. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
| Data Type | Retention Period |
|---|---|
| Account information | Duration of account + 30 days after deletion request |
| Financial records (invoices, estimates) | 7 years (legal/tax compliance) |
| Payment transaction data | 7 years (legal/tax compliance) |
| Usage logs | 90 days |
| Support communications | 3 years |
| Marketing preferences | Until consent is withdrawn |
After the retention period expires, we will securely delete or anonymize your data unless retention is required by law or for legitimate business purposes.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:
- Encryption: TLS 1.3 encryption for data in transit; AES-256 encryption for data at rest
- Access Controls: Role-based access controls and multi-factor authentication for internal systems
- Infrastructure: Hosting on SOC 2 Type II compliant infrastructure
- Monitoring: Continuous security monitoring and intrusion detection
- Testing: Regular security assessments and vulnerability testing
- Training: Employee training on data protection and security practices
While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
9. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal data:
9.1 Rights for All Users
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data (subject to legal retention requirements)
- Data Export: Export your data in a portable format (JSON/CSV)
- Opt-out: Unsubscribe from marketing communications at any time
9.2 Additional Rights for EEA/UK Residents (GDPR)
- Restriction: Request restriction of processing in certain circumstances
- Objection: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent at any time where processing is based on consent
- Portability: Receive your data in a structured, commonly used, machine-readable format
- Automated Decisions: Not be subject to decisions based solely on automated processing that significantly affect you
- Complaint: Lodge a complaint with your local data protection supervisory authority
9.3 Additional Rights for California Residents (CCPA/CPRA)
- Know: Know what personal information we collect, use, disclose, and sell
- Delete: Request deletion of your personal information
- Opt-Out of Sale: Opt out of the sale or sharing of your personal information (Note: We do not sell personal information)
- Non-Discrimination: Not be discriminated against for exercising your privacy rights
- Correct: Request correction of inaccurate personal information
- Limit Use: Limit the use and disclosure of sensitive personal information
To exercise your rights: Email us at privacy@estimatebuilderpro.com or use the data export/deletion features in your account settings. We will respond within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.
10. International Data Transfers
Your information may be transferred to, and processed in, countries other than your country of residence. These countries may have data protection laws different from your country.
Our servers are primarily located in the United States. If you are accessing our Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States.
For EEA/UK users: When we transfer personal data outside the EEA/UK, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Transfers to countries with adequacy decisions
- Binding Corporate Rules where applicable
11. Automated Decision-Making
We do not currently use automated decision-making or profiling that produces legal effects or similarly significantly affects you without human involvement. If this changes, we will update this policy and provide appropriate notice and safeguards.
12. Third-Party Services and Links
Our Service may contain links to third-party websites or integrate with third-party services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
We encourage you to review the privacy policy of every site you visit or service you use.
13. Children's Privacy
Our Service is intended for business use and is not directed to individuals under 16 years of age (or 13 in jurisdictions where COPPA applies). We do not knowingly collect personal information from children.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@estimatebuilderpro.com. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.
14. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours (where required by GDPR)
- Notify affected users without undue delay if the breach is likely to result in a high risk to your rights
- Document the breach and our response
- Take immediate steps to contain and remediate the breach
15. Do Not Track Signals
Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. Our Service currently does not respond to DNT signals. However, you can opt out of analytics tracking through your browser settings or by contacting us.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
How we will notify you:
- Post the updated policy on this page with a new "Last updated" date
- Send email notification for material changes
- Display a prominent notice in our Service for significant changes
Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.
17. Governing Law and Dispute Resolution
This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Colorado, United States, without regard to its conflict of law provisions.
Any disputes arising out of or relating to this Privacy Policy shall be resolved through binding arbitration administered by the American Arbitration Association (AAA) in Denver, Colorado, except that you may assert claims in small claims court if your claims qualify.
Note for EEA/UK residents: This section does not limit your right to lodge a complaint with your local data protection authority or seek remedies in the courts of your country of residence.
18. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
EstimateBuilderPro LLC
1234 Business Ave, Suite 100, Denver, CO 80202, United States
Privacy Inquiries: privacy@estimatebuilderpro.com
General Support: support@estimatebuilderpro.com
We aim to respond to all privacy-related inquiries within 30 days.