Privacy Policy

Last updated: February 2026

1. Introduction

BuilderAI Kits ("we," "our," or "us") is committed to protecting your privacy. This policy explains how we collect, process, and safeguard information when you use our AI toolkit services and website.

By using our services you agree to the practices outlined below.

2. Information We Collect

2.1 Provided by You

  • Account Data: Email, display name, and hashed password on sign-up
  • Billing Data: Payment details handled by our PCI-compliant processor
  • Support Messages: Content you send via contact forms or email
  • Kit Inputs: Prompts and data you submit through our API

2.2 Collected Automatically

  • Usage Metrics: API calls, kit usage, latency, and error rates
  • Device Info: Browser, OS, and screen resolution
  • Server Logs: IP addresses, timestamps, and request paths
  • Cookies: Minimal cookies for session management and analytics

3. How We Use Your Data

  • Operate, maintain, and improve our AI toolkit services
  • Process billing and send transaction receipts
  • Send service notifications and security alerts
  • Respond to support requests and feedback
  • Monitor system health and detect abuse
  • Comply with legal and regulatory obligations

4. Data Retention

  • Account Data: Kept until you delete your account
  • API Logs: Aggregated after 14 days, purged after 90 days
  • Kit Inputs/Outputs: Not stored beyond the request lifecycle
  • Billing Records: Retained per financial regulation requirements

5. AI Training Policy

We Do NOT Train on Your Data

Your API inputs and outputs are never used to train, fine-tune, or improve our models. Data passes through the inference pipeline and is discarded immediately after the response is delivered.

6. Data Sharing

We do not sell personal information. Data is shared only when:

  • Infrastructure Providers: Trusted cloud partners operating our compute nodes under strict DPAs
  • Legal Obligation: When required by law or to defend our rights
  • Business Transfer: In the event of a merger or acquisition
  • Your Consent: When you explicitly authorize sharing

7. Security Measures

  • TLS 1.3 for data in transit, AES-256 for data at rest
  • SOC 2 Type II aligned controls
  • Quarterly penetration testing by independent auditors
  • Role-based access with MFA for all internal systems

8. Your Rights

Depending on jurisdiction you may:

  • Access: Request a copy of your data
  • Correct: Fix inaccurate records
  • Delete: Request data erasure
  • Port: Export data in a machine-readable format
  • Object: Opt out of certain processing

Contact privacy@builderaikits.com to exercise these rights.

9. Cookies

  • Essential: Session tokens and CSRF protection
  • Analytics: Anonymous usage statistics
  • Preferences: Theme and locale settings

Manage cookies through your browser settings.

10. International Transfers

Data may be processed in jurisdictions outside your own. We apply appropriate safeguards including Standard Contractual Clauses where required.

11. Children

Our services are not directed at users under 13. We do not knowingly collect data from minors.

12. Policy Updates

We may revise this policy. Material changes will be communicated via email and a banner on our site. The "Last updated" date reflects the latest revision.

13. Contact