Privacy Policy
Last Updated: November 22, 2025
TL;DR: We collect minimal data, process your drawings temporarily, delete files quickly, never sell your data, and comply with GDPR/UK data protection laws.
1. Introduction
DrawSortAI ("we," "us," or "our") operates drawsortai.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our construction drawing classification service.
2. Information We Collect
2.1 Account Information
- Email address: Used for account creation, login, and service communications
- Password: Stored encrypted (hashed) - we never see your actual password
- Account type: Free or Pro tier status
2.2 Files You Upload
- PDF drawings: Temporarily processed to extract text and classify by category
- ZIP archives: Temporarily stored during processing
- Metadata: Filenames, file sizes, upload timestamps
2.3 Usage Data
- Processing logs: Upload times, classification results, error logs
- Corrections: When you correct a classification, we store this to improve our AI model
- Technical data: IP address, browser type, device information (for security and performance)
2.4 Payment Information
- Stripe handles all payments: We never see or store your credit card details
- Billing details: Name, billing address (stored by Stripe, not us)
- Transaction history: Invoice records for Pro subscribers
3. How We Use Your Information
3.1 To Provide the Service
- Process and classify your construction drawings
- Store your sorted files for download
- Manage your account and authentication
- Process payments for Pro subscriptions
3.2 To Improve Our AI Model
- Use your corrections to retrain our classification algorithm
- Analyze text patterns from drawings to improve accuracy
- Note: We only use anonymized text data, never your actual PDF files or personal information
3.3 To Communicate With You
- Send processing completion notifications
- Account and security updates
- Billing and subscription information
- Service announcements (rare, important only)
3.4 To Maintain Security
- Detect and prevent fraud or abuse
- Monitor for security threats
- Enforce our Terms of Service
4. Data Retention and Deletion
4.1 Your Uploaded Files
- Wasabi cloud storage: Deleted within 1 hour of processing completion
- Processed results: Available for 7 days, then automatically deleted
- Downloaded files: Deleted from our servers immediately after download
- Lifecycle policy: Any files missed are auto-deleted after 7 days maximum
4.2 Your Account Data
- Active accounts: Retained as long as your account is active
- Deleted accounts: All data permanently deleted within 30 days of account deletion
- Training data: Anonymized corrections retained indefinitely to maintain model accuracy
4.3 Logs and Analytics
- Error logs: Retained for 90 days
- Processing logs: Retained for 30 days
- Security logs: Retained for 1 year
5. How We Protect Your Data
- Encryption in transit: All data transmitted via HTTPS/TLS
- Encryption at rest: Files stored encrypted on Wasabi S3
- Password security: Bcrypt hashing with salt
- Access controls: Only authorized systems and admin accounts can access data
- Regular security updates: Servers and dependencies kept current
- Rate limiting: Prevents brute force attacks (10 uploads per hour)
- CSRF protection: Prevents cross-site request forgery
6. Data Sharing and Third Parties
6.1 We Share Data With:
- Wasabi (S3 Storage): Stores your uploaded files temporarily during processing
- Stripe (Payments): Processes Pro subscription payments
- Render (Hosting): Hosts our application servers
6.2 We DO NOT:
- ❌ Sell your data to anyone, ever
- ❌ Share your drawings with third parties
- ❌ Use your data for advertising
- ❌ Train AI models for other companies
- ❌ Share your email with marketers
6.3 Legal Obligations
We may disclose your information if required by law, court order, or government request, or to protect our rights and safety.
7. Your Rights (GDPR & UK GDPR)
If you're in the EU or UK, you have these rights:
- Right to Access: Request a copy of all your data we hold
- Right to Rectification: Correct inaccurate data
- Right to Erasure ("Right to be Forgotten"): Delete your account and all associated data
- Right to Restriction: Limit how we process your data
- Right to Data Portability: Export your data in a machine-readable format
- Right to Object: Object to certain processing activities
- Right to Withdraw Consent: Opt out of optional data processing
To exercise any rights, email us at: privacy@drawsortai.com
We will respond within 30 days.
8. International Data Transfers
Your data may be transferred to and processed in:
- United States: Render hosting servers
- European Union: Wasabi EU storage (if you're an EU user)
We ensure adequate safeguards are in place for international transfers, including Standard Contractual Clauses (SCCs) where applicable.
9. Cookies and Tracking
9.1 Essential Cookies
- Session cookie: Keeps you logged in (required for the service to work)
- CSRF token: Security protection (required)
9.2 We DO NOT Use:
- ❌ Advertising cookies
- ❌ Third-party tracking pixels
- ❌ Social media tracking
- ❌ Cross-site tracking
9.3 Analytics (If Implemented)
We may use privacy-focused analytics (e.g., Plausible) that doesn't track individual users. This is optional and anonymized.
10. Children's Privacy
DrawSortAI is not intended for users under 18. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact us immediately at privacy@drawsortai.com.
11. Changes to This Policy
We may update this Privacy Policy occasionally. Changes will be posted on this page with an updated "Last Updated" date. For significant changes, we'll notify you via email.
Continued use of the Service after changes constitutes acceptance of the updated policy.
12. Contact Us
Questions about this Privacy Policy or your data?
- Email: privacy@drawsortai.com
- Data Protection Officer: dpo@drawsortai.com
- Support: support@drawsortai.com
13. Supervisory Authority
If you're in the EU/UK and have concerns about how we handle your data, you have the right to lodge a complaint with your local data protection authority:
- UK: Information Commissioner's Office (ICO) - ico.org.uk
- EU: Your national data protection authority
← Back to Home |
© 2025 DrawSortAI. All rights reserved. |
Terms of Service |
Privacy Policy |
Cookie Policy