Privacy Policy

Local planning data

The current portfolio workflow stores building records in your browser localStorage. Pro access requires an account and active subscription, but portfolio records are not yet synced to Supabase.

• Building names and assumptions stay in the browser.
• Clearing browser storage removes the local portfolio.
• Do not enter sensitive building-security or personal data into the demo.

Account and billing data

Supabase Auth stores account identity for login. Paddle Billing handles checkout, tax, invoices, payment methods, and subscription management as Merchant of Record.

• The browser receives only public Supabase and Paddle client-side configuration.
• Paddle API keys and Supabase service-role keys are server-only.
• Subscription status is stored so Pro tools can be gated after verified Paddle webhooks.
• No PDF export or document upload is active.

Before production

A production privacy policy should be reviewed by qualified counsel and updated for hosting, analytics, authentication, support, data retention, subprocessors, and user rights.