BuiltNexus Privacy Policy
Effective: January 1, 2025 | Last Updated: November 29, 2025

1. Introduction

BuiltNexus.com ("BuiltNexus", "Company", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services. By using our services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password (hashed), company name
  • Billing Information: Payment method details processed securely via Stripe
  • User Content: Files, documents, images, and data you upload
  • Communications: Support requests, feedback, and correspondence

2.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, timestamps, referring URLs
  • Log Data: Access logs, error logs, security events
  • QR Scan Data: Scan timestamps, locations (if permitted), access attempts

2.3 Cookies & Tracking Technologies

We use cookies and similar technologies. See Section 7 for details on cookie types and your choices.

3. How We Use Your Information

  • Provide, operate, and maintain the Services
  • Process transactions and manage subscriptions
  • Send transactional emails (confirmations, password resets, security alerts)
  • Respond to support requests and communications
  • Detect, prevent, and address fraud, abuse, and security issues
  • Analyze usage to improve and optimize the Services
  • Comply with legal obligations
  • Enforce our Terms of Service

4. Legal Bases for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data based on:

  • Contract Performance: Processing necessary to provide Services you requested
  • Legitimate Interests: Improving services, security, fraud prevention
  • Legal Compliance: Meeting legal and regulatory requirements
  • Consent: Where you have explicitly consented (e.g., marketing communications)

5. Information Sharing & Disclosure

We do NOT sell your personal information. We may share information with:

  • Service Providers: Third parties who help operate our services (hosting, payment processing, email delivery) under strict confidentiality agreements
  • Vendors You Designate: When you share orders or access with vendors through the platform
  • Legal Requirements: When required by law, subpoena, or to protect our rights
  • Business Transfers: In connection with merger, acquisition, or sale of assets (with notice)
  • With Your Consent: In other cases with your explicit consent

6. Data Retention

  • Account Data: Retained while your account is active, plus 30 days after deletion request
  • User Content: Retained until you delete it or your account is terminated
  • Access Logs: Retained for 12-24 months for security and audit purposes
  • Billing Records: Retained for 7 years as required by tax/accounting laws
  • Anonymized Data: May be retained indefinitely for analytics

7. Cookies & Your Choices

Cookie Types:

  • Essential Cookies: Required for authentication, security, and basic functionality. Cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with our services. Optional.
  • Preference Cookies: Remember your settings and preferences. Optional.

Use our cookie consent banner to manage your preferences. You can also control cookies through your browser settings, though this may affect functionality.

8. Data Security

We implement industry-standard security measures including:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Bcrypt password hashing with salt
  • Regular security audits and vulnerability assessments
  • Access controls and authentication requirements
  • Secure, isolated infrastructure

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security and are not responsible for unauthorized access resulting from factors outside our reasonable control.

9. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. For EEA/UK users, we rely on Standard Contractual Clauses and other approved transfer mechanisms to ensure adequate data protection.

10. Your Privacy Rights

10.1 Rights for All Users

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Export: Request your data in a portable format

10.2 Additional Rights (GDPR - EEA/UK)

  • Right to restrict processing
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

10.3 California Privacy Rights (CCPA/CPRA)

California residents have the right to:

  • Know what personal information we collect and how it's used
  • Delete personal information (with exceptions)
  • Opt-out of the sale of personal information (we do not sell)
  • Non-discrimination for exercising privacy rights

11. Exercising Your Rights

To exercise any privacy rights, contact us at: privacy@builtnexus.com

We will verify your identity and respond within 30 days (or 45 days for complex requests). Certain requests may be denied where permitted by law (e.g., legal retention requirements).

12. Children's Privacy

Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@builtnexus.com.

13. Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to review their privacy policies.

14. Do Not Track Signals

We do not currently respond to "Do Not Track" browser signals. You can manage tracking preferences through our cookie consent settings.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email and/or prominent notice on our website. Your continued use of the Services after changes constitutes acceptance of the updated policy.

16. Contact Us

For privacy inquiries or to exercise your rights:

See our Terms of Service for additional legal terms.