PRIVACY POLICY

Version 1.0
Effective Date: 01 July 2026

We are firmly committed to safeguarding the privacy of our business customers and individual users. This Privacy Policy details the types of information we collect, the rigorous security methodologies we implement, and our strict non-retention pipeline regarding structural engineering data.

Because our software operates as an ephemeral processing pipeline, our operational posture minimizes privacy risks and aligns cleanly with the structural confidentiality requirements of engineering firms, corporate entities, and global compliance regulations.

0. Definitions

For purposes of these Privacy Policy:

1. The Zero-Retention Engineering Data Policy

Our platform treats your proprietary structural engineering files and calculation data using a privacy-focused zero-retention architecture designed to minimize data persistence and storage risks.

1.1 In-Memory Transience: When an active user uploads structural calculation datasets to the web application, that data is pushed into transient, volatile memory (RAM) within our compute instances. This data is utilized exclusively to run automated error-checking routines and generate Outputs for display within the User's active browser session.

1.2 Automatic session-based deletion on Session Termination: No structural engineering files, calculation records, layout dimensions, geometry logs, coordinate mappings, or resultant technical drawings are ever written to hard drives, persistent cloud disks, or database tables. The moment a user logs out, closes their web browser tab, or encounters a system timeout, all associated calculation data is automatically deleted at the conclusion of the session lifecycle from our infrastructure memory. We do not store, evaluate, or possess historical access to your engineering intellectual property.

1.3 Training Exclusions: Under no circumstances is user-provided structural data or proprietary calculation metrics used, evaluated, or maintained for machine learning optimization, algorithmic training, or historical software analytics.

1.4 Professional Certification Disclaimer: The Service does not retain uploaded engineering data for professional certification, regulatory compliance verification or engineering code-compliance review. All structural datasets and calculation files are handled exclusively within transient memory during active sessions and are irreversibly deleted upon session termination.

2. Categories of Information We Collect

To establish accounts, enforce secure access, maintain audit logs and operational records, and manage post-paid subscription invoicing, we must collect and maintain specific, non-ephemeral administrative data ("Account Data").

2.1 Data Retention

We retain different categories of information for different periods depending upon operational, legal, accounting, security, and compliance requirements.

Data Category Typical Retention Period
Account Profile Information and Authentication Credentials For the duration of the account relationship and for a reasonable period thereafter as necessary for operational, legal, security, accounting, tax, or compliance purposes.
User Activity Analytics and Admin Audit Logs Up to three (3) years.
Billing, Accounting, Tax, and Transaction Records Up to ten (10) years, or longer if required by applicable law.

We may retain information for longer periods where necessary to comply with legal obligations, resolve disputes, enforce agreements, investigate fraud or abuse, or protect our legal rights.

3. Cloud Infrastructure & Regional Data Processing

The technical architecture of the Service is built upon secure cloud infrastructure provided by third-party hosting partners ("Cloud Infrastructure Providers").

4. Organization Separation & Multi-Tenancy

The Service utilizes a multi-tenant software architecture designed to maintain logical separation between Organizations and their respective data environments.

Operational metadata, account activity records, audit logs, and administrative information associated with an Organization may be made available to that Organization's authorized Administrators for account management, usage monitoring, security oversight, and administrative reporting purposes.

Operational metadata, account activity records, audit logs, and administrative information may also be accessed by authorized personnel of the Service Operator where reasonably necessary to operate, secure, maintain, support, investigate, audit, or administer the Service, or to comply with legal obligations.

Such information is accessible only to authorized users within the same Organization and is not made available to other Organizations, unrelated customers, competitors, or unauthorized third parties.

We implement technical and organizational measures designed to prevent unauthorized cross-Organization access to account information and operational records.

4.1 User Content Responsibilities

Users remain responsible for ensuring that they possess all necessary rights, permissions, authorizations, and legal authority to upload, process, and utilize any content submitted to the Service. Additional obligations and restrictions regarding uploaded content are set forth in the Terms of Service.

We do not actively review engineering content submitted during processing sessions; however, we reserve the right to investigate suspected violations of this Privacy Policy, the Terms of Service, or applicable laws.

5. Third-Party Services, Security, and Cookies

We do not sell, rent, or lease personal information to third-party marketers. We share personal information only with trusted service providers and sub-processors where reasonably necessary to operate the Service, process payments, fulfill legal obligations, provide customer support, maintain security, or administer subscriptions.

Vendor Category Purpose
Cloud Infrastructure Provider Hosting, data processing, account management, and platform operation.
Content Delivery and Network Services Delivery of website assets, routing, performance optimization, and security.
Payment Processors, Payment Gateways, and Merchant of Record Providers Subscription billing, payment processing, invoicing, fraud prevention, tax handling, and related financial operations.
Email and Communication Providers Transactional notifications, account communications, and support correspondence.

The specific service providers used to support the Service may change from time to time as our business, technical, operational, or legal requirements evolve. We may add, replace, or discontinue service providers without updating this Privacy Policy, provided that such providers are engaged for substantially similar purposes and are subject to appropriate confidentiality, security, and data protection obligations.

We share personal information with third-party service providers only to the extent reasonably necessary for them to perform services on our behalf. Such providers are contractually or legally obligated to protect information appropriately and may not use the information for their own independent marketing purposes.

5.1 Security Measures

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction.

However, no method of transmission or storage can be guaranteed to be completely secure, and we cannot guarantee absolute security.

5.2 Cookies and Similar Technologies

The Service may utilize cookies, session identifiers, and similar technologies necessary for authentication, security, user preferences, operation of the Service, and service improvement activities.

We do not currently use advertising cookies or third-party behavioral advertising technologies.

5.3 Security Incidents

We will make reasonable efforts to notify affected Users within a reasonable timeframe consistent with applicable law.

Such notice may be provided via email, dashboard notification, or other appropriate communication channels.

6. Statutory Rights & Privacy Requests

We are committed to handling personal information in a manner that is consistent with applicable privacy, data protection, and security principles.

Subject to applicable law, Users and Organizations may request access to, correction of, updating of, or deletion of their personal information maintained by us.

Because engineering data submitted to the Service is processed using a transient session-based architecture and is automatically removed following session termination, we generally do not retain historical engineering files or calculation datasets that can later be retrieved, exported, or returned upon request.

Requests to access, correct, update, or delete personal information may be submitted through the contact methods identified at the end of this Privacy Policy.

We may decline or delay requests to delete information where retention is reasonably necessary to:

Where deletion is requested, certain information may be retained for these limited purposes even if the account is closed or access to the Service has ceased.

Billing records, seat allocation records, invoice histories, payment records, and related audit logs may be retained for the duration necessary to support accounting requirements, tax obligations, subscription administration, and dispute resolution.

6.1 Children’s Privacy

The Service is intended for business, professional, and organizational use and is not directed to individuals under the age of 18.

We do not knowingly collect personal information from children under the age of 18. If we become aware that personal information has been collected from a child without appropriate parental or legal guardian consent where required by applicable law, we will take reasonable steps to delete such information.

6.2 Dispute Resolution

Any dispute relating to this Privacy Policy shall be governed by the dispute resolution provisions set forth in the Terms of Service.

7. Policy Adjustments

We reserve the right to modify this Privacy Policy or our associated Terms of Service at any time to reflect cloud modifications, vendor shifts, or updated legal guidelines.

Registered Admin Accounts will receive a direct notification via email or clear dashboard notification if substantial changes are made to how administrative profile data is protected.

Continued use of the Service following the effective date of such changes constitutes acceptance of the updated Privacy Policy. Where required by us, Users may be required to review and affirmatively accept updated versions before continuing to use the Service.

7.1 Consistency with Terms of Service

This Privacy Policy shall be read together with the Terms of Service.

In the event of any conflict between the two documents, the disclaimers, limitations of liability, and restrictions on reliance contained in the Terms of Service shall prevail.

Both documents collectively govern the User’s relationship with the Service.

7.2 Survival

The provisions of this Privacy Policy that by their nature should survive termination shall remain in full force and effect after termination of the User’s account or cessation of use of the Service. This includes, without limitation, Sections 1 (Zero-Retention Engineering Data Policy), 5 (Third-Party Services, Security, and Cookies), 6 (Statutory Rights & Compliance), and 7.1 (Consistency with Terms of Service).

8. Contact Information

If you have questions regarding this Privacy Policy, personal data processing practices, privacy rights requests, or account information management, you may contact us using the contact information made available through the Service or on our official website.

Privacy-related requests will be reviewed and processed within a reasonable timeframe consistent with applicable legal requirements.

9. General Provisions

9.1 Interpretation

Headings, titles, and section labels in this Privacy Policy are provided for convenience only and shall not affect the meaning or interpretation of any provision. References to "including" shall be construed as "including without limitation.".

9.2 Waiver

No failure or delay by the Service Operator in enforcing any provision of this Privacy Policy shall operate as a waiver of such provision or of any other rights.

Any waiver must be expressly stated in writing and signed by the Service Operator to be effective.

A single or partial exercise of any right shall not preclude any other or further exercise of that right or any other right.