Builder

Privacy Policy

Effective Date: January 24, 2026 · Last Updated: January 24, 2026 · Version 1.0

1. Introduction

Builder ("Company," "we," "our," or "us") is a platform by Nimbusa committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with our website, mobile applications, and related services (collectively, the "Services").

This Privacy Policy applies to all users, including contractors, clients, and administrators.

Your privacy is important to us. If you have questions about this Privacy Policy or our privacy practices, please contact us at nimbusadev@gmail.com.

2. Information We Collect

2.1 Information You Provide Directly

Registration and Profile Information

Communications

Financial Information

Authentication

2.2 Information Collected Automatically

Device and browser information (device type, OS, browser, IP address, device identifiers); usage information (pages visited, links clicked, search queries, features used, actions performed, date/time); cookies and tracking (session, preference, analytics, Firebase, advertising); and location information (approximate from IP, precise if you enable it for contractor searches).

2.3 Information from Third Parties

Payment processing and fraud detection via Stripe (including bank information for payouts); social media profile data if you connect an account (name, email, picture); and, where verification is required, identity verification documents, professional license information, and background check results.

3. How We Use Your Information

3.1 Essential Operations

3.2 Communication

3.3 Improvement and Analytics

3.4 Safety and Compliance

3.5 Marketing (With Your Consent)

Sending newsletters and promotional content, suggesting relevant job matches, and notifying you about features. Note: You can opt out of marketing emails anytime via Settings → Notifications.

4. Data Security

Encryption: data at rest is encrypted with AES-256; all communications use HTTPS/TLS; passwords are stored hashed (never plaintext); sensitive fields (email, phone, address) are encrypted before storage; messages are encrypted in the database.

Security measures: Firebase security rules (row-level access control), optional two-factor authentication, rate limiting, audit logging, immediate security patches, and continuous monitoring. Third-party security: Stripe (PCI-DSS Level 1), Firebase (Google Cloud), and encrypted backups.

No system is 100% secure. We use industry-standard practices but cannot guarantee absolute security. If you believe your account has been compromised, contact nimbusadev@gmail.com immediately.

5. Data Sharing and Disclosure

5.1 Who Has Access to Your Data

Other users (contractors see job postings + client profile info; clients see contractor profiles + credentials; private messages only visible to sender and recipient); service providers (Stripe for payments, Firebase for email/hosting/database, Google Analytics for anonymized usage, identity verification services if needed); legal requirements (court orders, government/law-enforcement requests, fraud prevention); and business transfers (your information may transfer if we merge, acquire, or sell assets — we'll notify you).

5.2 Data We Do NOT Share

6. Your Privacy Rights

You have the right to access your data (Settings → Privacy → Download My Data, or email us; within 30 days), correct it (Settings → Profile), delete it (Settings → Privacy → Delete My Account — permanent; payment records kept 7 years and audit logs 3 years for legal/security reasons; 30-day grace period), port it in machine-readable JSON, withdraw consent for marketing, object to certain processing, and lodge a complaint with your local data protection authority (EU DPA, US FTC, UK ICO).

7. Third-Party Services

Google Analytics tracks anonymous usage statistics (no personal information; opt out in Settings → Privacy). Stripe processes payments and payouts and stores encrypted bank info (Stripe Privacy Policy). Firebase hosts the platform, manages authentication, and stores the database/files (Google Privacy Policy). Our Services may link to third-party sites whose privacy practices we don't control.

8. Cookies and Tracking

Cookies are small files stored on your device to remember preferences and track activity.

CookiePurposeDuration
session_idUser authenticationSession (until logout)
theme_preferenceLight/dark mode1 year
languageLanguage preference1 year
analytics_idGoogle Analytics2 years
notification_prefsNotification settings30 days

You can disable cookies via your browser settings or opt out of analytics in Settings → Privacy. Disabling cookies may limit platform functionality.

9. Data Retention

Data TypeRetention PeriodReason
User profile (deleted)90 daysRecovery window
Messages1 yearUser access
Audit logs3 yearsSecurity/compliance
Payment records7 yearsLegal/tax
Error logs90 daysDebugging
Login attempts30 daysSecurity

After the retention period, data is automatically deleted according to our data retention policy.

10. Children's Privacy

Builder is NOT intended for users under 18 years old. We do not knowingly collect information from children. If we learn we have collected information from a child under 18, we will delete it immediately. If you believe your child has provided information, contact nimbusadev@gmail.com.

11. International Data Transfers

Our servers are located in the United States (Google Cloud). If you access the Services from outside the US, your data may be transferred to the US, US privacy laws apply, and GDPR safeguards (Standard Contractual Clauses) ensure appropriate protection. By using our Services, you consent to this transfer.

12. California Privacy Rights (CCPA)

California residents have the right to know what personal information we collect/use/share, to request deletion (with some exceptions), to opt out of the "sale" of personal information (we don't sell data), and to non-discrimination for exercising these rights. Request at Settings → Privacy → California Privacy Rights.

13. Updates to This Policy

We may update this Privacy Policy to reflect changes in our Services, new legal requirements, or improved privacy practices. We will post updates on this page, update the "Last Updated" date, email you of material changes, and require consent for significant changes.

14. Contact Us

Privacy questions / data requests / security incidents: nimbusadev@gmail.com. For data requests, include your full name, email, request type, and details. Complaints may be directed to your local data protection authority (EU DPA, UK ico.org.uk, US ftc.gov).

15. EU/GDPR Specific Information

We process your data based on consent (marketing), contract (to provide Services), legal obligation, legitimate interest (improvement and security), and public interest (fraud prevention). Where required, our Data Protection Officer can be reached at nimbusadev@gmail.com. Transfers outside the EU use Standard Contractual Clauses and adequacy decisions where applicable.

16. Your Data Rights Summary

RightHow to RequestTimeline
Access your dataSettings → Download My Data30 days
Correct your dataSettings → Edit ProfileImmediate
Delete your dataSettings → Delete My Account30 days (+30-day grace)
Export your dataSettings → Export My Data30 days
Withdraw consentSettings → NotificationsImmediate
Object to processingSettings → Privacy PreferencesImmediate
Lodge a complaintContact data protection authorityVaries

17. Final Notes

By using Builder, you acknowledge that you have read and understand this Privacy Policy, consent to our data practices as described, are at least 18 years old, and understand the risks of online transactions. If you do not agree with our privacy practices, please do not use our Services.

Thank you for choosing Builder by Nimbusa. Questions? Contact us at nimbusadev@gmail.com.