Open layout planner
Legal

Privacy Policy

← Back to Calcufloor Terms of Service

1. Scope

This policy explains how we process personal data when you use Calcufloor.

2. Roles

For the personal data described in this policy, Calcufloor acts as data controller.

3. Personal data we process

3.1 Account data

  • Email address
  • Name (if provided)
  • Company name and VAT number (if provided)

3.2 Project data you provide

  • Geometry, dimensions, and constraints you enter
  • Project and layout names you create
    Note: project names may contain personal data if you choose to include it.

3.3 Technical and usage data

  • IP address
  • Device and browser information
  • Login timestamps
  • Security and abuse-prevention logs (authentication events, suspicious activity indicators)

3.4 Billing data (if you pay)

  • Subscription status, invoices, and payment confirmations

We do not store full card numbers; Stripe processes payments.

4. Purposes and legal bases

4.1 Provide the Service

Account creation, authentication, saving projects, generating outputs.
Legal basis: performance of a contract (GDPR Art. 6(1)(b)).

4.2 Billing, accounting, tax compliance

Legal basis: legal obligation (GDPR Art. 6(1)(c)).

4.3 Security, fraud prevention, abuse detection

Legal basis: legitimate interests (GDPR Art. 6(1)(f)).

4.4 Support communications

Responding to you.
Legal basis: contract necessity and/or legitimate interests depending on the request.

5. Processors and platform data

5.1 Processors we use

We use third-party processors to operate the Service:

Processor Purpose Location
Google Firebase / Google Cloud Authentication and database (project data storage). Firestore location: eur3 (multi-region, Europe) EU & US
AWS (Amazon Web Services) Application infrastructure and storage. Region: us-east-1 (N. Virginia, USA) US
Stripe Payments, billing, and fraud prevention EU & US

We do not sell personal data.

5.2 Firebase Service Data (Google)

When we use Firebase, Google also collects and generates Firebase Service Data (as defined by Google) during the provision and administration of Firebase services. This is distinct from “Customer Data” you store in Firebase. Examples include service usage information, resource identifiers (e.g., application IDs), technical and operational details (including IP addresses), and developer support and feedback communications.

Firebase Service Data setting (disabled). We have disabled the Firebase setting that allows Google to use Firebase Service Data to provide more in-depth analysis, insights, and recommendations about non-Firebase Google services and to improve non-Firebase Google services. If disabled, Google states Firebase Service Data may still be used for other purposes such as providing and improving Firebase services and other services you request (e.g., Google products linked to the Firebase project), in accordance with Google’s privacy policy and applicable terms.

6. International transfers

Because parts of the Service are hosted or operated with processors that may process data outside the EEA (including the United States), personal data may be transferred internationally.

Where required, transfers rely on:

  • an applicable adequacy decision (e.g., EU-U.S. Data Privacy Framework for certified participants), and/or
  • the European Commission’s Standard Contractual Clauses (SCCs) (Implementing Decision (EU) 2021/914), as incorporated into the relevant processor agreements.

7. Retention

  • Account and project data: retained while your account is active; deleted or anonymized after 24 months of inactivity.
  • Tax/accounting records: invoices and payment records retained for 10 years.
  • Security logs: retained as long as necessary for security, fraud prevention, and abuse detection, then deleted or anonymized.

8. Security

We use appropriate technical and organizational measures to protect data, including encryption in transit (TLS) and access controls. No method of storage or transmission is 100% secure.

9. Your rights

Subject to GDPR conditions and exceptions, you can request:

  • Access
  • Rectification
  • Deletion
  • Restriction
  • Objection (where we rely on legitimate interests)
  • Data portability (where applicable)

Contact contact@calcufloor.com.

10. Complaints

You can lodge a complaint with the Belgian Data Protection Authority (GBA/APD) at dataprotectionauthority.be.

11. Children

The Service is not intended for children. We do not knowingly collect children’s personal data.

12. Changes

We may update this policy. We will post the updated version with a new effective date.

← Back to Calcufloor Terms of Service →