This Privacy Policy explains how Estimoro (“Estimoro,” “we,” “us,” or “our”) collects, uses, shares, and protects information in connection with our cloud-based construction estimating and takeoff platform, including our websites, web and mobile applications, and related services (collectively, the “Service”).
By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with it, please do not use the Service. This Policy should be read together with our Terms of Service.
Estimoro provides software that helps contractors and construction professionals upload project plans and drawings, generate AI-assisted takeoffs and estimates, and manage related projects, customers, proposals, and invoices.
For the purposes of the EU/UK General Data Protection Regulation (“GDPR”), Estimoro acts as a data controller for personal information about account holders and website visitors, and as a data processor for personal information contained in Customer Content that our customers upload and process through the Service.
Data controller: [Estimoro legal entity name], [Company Address]. Questions can be directed to privacy@estimoro.com.
We collect the following categories of information:
When you use the Service, you and your authorized users may upload or generate content, including construction plans and drawings (PDFs and images), project details, customer and contact records, measurements and takeoffs, estimates, proposals, invoices, and field notes (collectively, “Customer Content”). Customer Content may contain personal information about your own clients and contacts. You are responsible for that information and for having an appropriate legal basis to provide it to us for processing (see Section 12).
If you connect a third-party integration (for example, an accounting platform such as Intuit QuickBooks Online), we receive information from that service as authorized by you, such as customer, invoice, and accounting records needed to synchronize data with the Service.
We use information for the following purposes:
Where required by law, we rely on the following legal bases under GDPR: performance of a contract, our legitimate interests (in operating and improving the Service), your consent (for example, certain cookies and marketing), and compliance with legal obligations.
A core function of the Service is the automated analysis of construction documents using artificial intelligence. When you upload plans and drawings, relevant content may be transmitted to and processed by AI model providers that act as our subprocessors (see Section 8) in order to extract measurements, identify scope, and generate estimates and related outputs.
We use text messages (SMS) primarily to deliver one-time verification codes and important account or security notices. By providing your mobile number and completing verification, you consent to receive these transactional messages.
We engage the following categories of subprocessors to deliver the Service. This list may change as the Service evolves; the current list and entity details are to be maintained by Estimoro.
We retain personal information and Customer Content for as long as your account is active and as needed to provide the Service. After account termination, we retain or delete information in accordance with our retention schedule and applicable law, and we may retain limited records as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. We may retain aggregated and de-identified data indefinitely.
We implement administrative, technical, and organizational measures designed to protect information, including encryption in transit, access controls, tenant isolation between organizations, and authentication safeguards. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
In the event of a data breach affecting your personal information, we will notify you and applicable authorities as required by law.
We are based in the United States and may process and store information in the United States and other countries where we or our subprocessors operate. Where we transfer personal information from the EEA, UK, or Switzerland, we use appropriate safeguards such as the European Commission's Standard Contractual Clauses or other lawful transfer mechanisms.
When you upload or enter information about your own clients, customers, or other third parties (for example, contact details on a customer record, proposal, or invoice), you act as the controller of that information and Estimoro acts as your processor. You are responsible for:
Subject to applicable law, you may have the right to access, correct, update, delete, restrict, or object to the processing of your personal information; to data portability; and to withdraw consent. You also have the right to lodge a complaint with a supervisory authority.
Depending on your state of residence (for example, California, Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws), you may have the right to know or access the personal information we collect, use, and disclose; to correct or delete it; to data portability; and to opt out of the “sale” or “sharing” of personal information or targeted advertising. We do not sell or share personal information as those terms are defined, and we do not use it for cross-context behavioral advertising. You also have the right not to be discriminated against for exercising your rights, and, where applicable, to appeal a decision on your request.
California “Shine the Light.” California residents may request information about disclosures of personal information to third parties for their direct marketing purposes; we do not make such disclosures.
To exercise any of these rights, contact us at privacy@estimoro.com. We will verify your request and respond within the time required by applicable law. Where Estimoro processes personal information on behalf of a customer (as a processor), we will refer requests to that customer (see Section 12).
The Service is intended for business use and is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will take steps to delete it.
The Service may contain links to, or integrate with, third-party websites and services that we do not control. This Policy does not apply to those third parties, and we are not responsible for their privacy practices. Review their policies before providing them information.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by updating the “Last updated” date and, where appropriate, by additional notice through the Service or by email. Your continued use of the Service after changes become effective constitutes acceptance of the revised Policy.
If you have questions or concerns about this Privacy Policy or our data practices, contact us at: