Privacy Policy

Last Updated: December 2024

This Privacy Policy describes how AskToBuild ("we," "us," or "our") collects, uses, and protects your personal information when you use our website and services.

1. Information We Collect

1.1 Personal Information

We collect personal information that you voluntarily provide to us, including:

• Account Information: Name, email address, password, and profile details
• Contact Information: Communication preferences and support inquiries
• Professional Information: For suppliers - skills, experience, portfolio, and service offerings
• Payment Information: Billing address and payment method details (processed securely through third parties)

1.2 Project Information

When using our AI services, we collect:

• Project Descriptions: Your project ideas, requirements, and goals
• Conversation Data: Messages and interactions with our AI assistant
• Generated Content: PRDs, quotations, and other AI-generated documents
• File Uploads: Documents you upload for additional context

1.3 Technical Information

We automatically collect certain technical information:

• Usage Data: How you interact with our platform, features used, and time spent
• Device Information: Browser type, device type, operating system, and IP address
• Cookies and Tracking: Information stored in cookies and similar technologies
• Log Data: Server logs, error reports, and performance metrics

1.4 Third-Party Information

We may receive information from third-party services:

• Authentication Providers: If you sign in through social media or other services
• Payment Processors: Transaction information from Stripe and other payment providers
• Analytics Services: Aggregated usage statistics and performance data

2. How We Use Your Information

2.1 Service Provision

We use your information to:

• Create and manage your account
• Provide AI-powered PRD and quotation generation
• Process payments and manage subscriptions
• Connect clients with freelancers and suppliers
• Provide customer support and technical assistance

2.2 AI Processing

Your project information is used to:

• Generate personalized Product Requirements Documents
• Create accurate project quotations and cost estimates
• Improve our AI models and response quality
• Provide contextual assistance and recommendations

2.3 Communication

We may use your contact information to:

• Send service-related notifications and updates
• Provide customer support responses
• Share important platform changes or security updates
• Send marketing communications (with your consent)

2.4 Platform Improvement

We analyze usage data to:

• Improve our services and user experience
• Develop new features and functionality
• Monitor platform performance and security
• Conduct research and analytics

3. Information Sharing and Disclosure

3.1 Third-Party Service Providers

We share information with trusted service providers who assist us in operating our platform:

• AI Services: OpenAI for GPT-powered content generation
• Payment Processing: Stripe for secure payment processing
• Cloud Infrastructure: Firebase and other cloud services for data storage and hosting
• Analytics: Google Analytics and similar services for usage analysis

3.2 Business Transactions

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

3.3 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes or government requests
• Protect our rights, property, or safety
• Prevent fraud or abuse of our services
• Enforce our Terms and Conditions

3.4 User Connections

For our freelancer marketplace:

• Supplier profiles are visible to potential clients
• Project information may be shared with interested suppliers
• Communication between clients and suppliers is facilitated through our platform

3.5 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4. Data Security

4.1 Security Measures

We implement appropriate technical and organizational measures to protect your information:

• Encryption: Data is encrypted in transit and at rest
• Access Controls: Limited access to personal information on a need-to-know basis
• Regular Audits: Periodic security assessments and vulnerability testing
• Secure Infrastructure: Industry-standard cloud security practices

4.2 Data Breaches

In the event of a data breach, we will:

• Promptly investigate and contain the incident
• Notify affected users within 72 hours when required by law
• Take steps to prevent future occurrences
• Cooperate with regulatory authorities as necessary

5. Data Retention

5.1 Retention Periods

We retain your information for as long as necessary to:

• Provide our services and maintain your account
• Comply with legal obligations and resolve disputes
• Improve our services and AI models
• Meet business and operational requirements

5.2 Data Deletion

You may request deletion of your personal information, subject to:

• Legal requirements for data retention
• Legitimate business needs for fraud prevention
• Technical limitations of our systems
• Anonymized data that cannot be attributed to you

6. Your Rights and Choices

6.1 Access and Portability

You have the right to:

• Access the personal information we hold about you
• Request a copy of your data in a portable format
• Review and update your account information
• Export your project data and generated content

6.2 Correction and Deletion

You may:

• Correct inaccurate or incomplete information
• Request deletion of your account and associated data
• Object to certain processing activities
• Withdraw consent where processing is based on consent

6.3 Communication Preferences

You can control communications by:

• Updating your notification preferences in account settings
• Unsubscribing from marketing emails
• Contacting us to opt-out of certain communications

6.4 Cookies and Tracking

You can manage cookies through:

• Browser settings to block or delete cookies
• Opt-out tools provided by advertising networks
• Platform settings for analytics and tracking preferences

7. International Data Transfers

7.1 Cross-Border Processing

Your information may be processed in countries other than your residence, including:

• Singapore (our primary operations)
• United States (cloud infrastructure and AI services)
• European Union (some service providers)

7.2 Transfer Safeguards

When transferring data internationally, we ensure:

• Adequate protection through legal frameworks
• Contractual safeguards with service providers
• Compliance with applicable data protection laws

8. Children's Privacy

8.1 Age Restrictions

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.

8.2 Parental Rights

If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

9. Cookies and Tracking Technologies

9.1 Types of Cookies

We use several types of cookies:

• Essential Cookies: Necessary for basic platform functionality
• Analytics Cookies: Help us understand how you use our service
• Preference Cookies: Remember your settings and preferences
• Security Cookies: Protect against fraud and abuse

9.2 Cookie Management

You can control cookies through:

• Browser settings to accept, reject, or delete cookies
• Platform preferences for analytics and tracking
• Third-party opt-out mechanisms where available

10. California Privacy Rights (CCPA)

10.1 California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected, used, and shared
• Right to delete personal information (subject to certain exceptions)
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

10.2 Exercising Rights

To exercise your rights, contact us using the information provided below. We may need to verify your identity before processing your request.

11. European Data Protection (GDPR)

11.1 Legal Basis for Processing

We process your personal information based on:

• Contract: To provide our services as outlined in our Terms
• Legitimate Interest: To improve our services and prevent fraud
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with applicable laws and regulations

11.2 Additional Rights

European residents have additional rights including:

• Right to object to processing based on legitimate interests
• Right to restrict processing under certain circumstances
• Right to data portability for information provided with consent or contract
• Right to lodge a complaint with your local data protection authority

12. Changes to This Privacy Policy

12.1 Policy Updates

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Post the updated policy on our website
• Send notification via email to registered users
• Provide notice through our platform interface

12.2 Continued Use

Your continued use of our services after changes take effect constitutes acceptance of the updated Privacy Policy.

13. Contact Information

13.1 Privacy Questions

For questions about this Privacy Policy or our privacy practices, contact us at:

Email: it.doctor@forthrighttech.com Subject Line: Privacy Policy Inquiry

13.2 Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at:

Email: it.doctor@forthrighttech.com

13.3 Mailing Address

AskToBuild
Singapore

13.4 Response Time

We will respond to privacy-related inquiries within 30 days of receipt, or sooner as required by applicable law.

---

This Privacy Policy is effective as of the last updated date shown above. We encourage you to review this policy periodically to stay informed about how we protect your privacy.