Last Updated: June 5, 2026

Privacy Policy

At Concolabs, we value your trust. This policy describes how we collect, use, protect, and handle your data across our platforms, mobile apps, and integration endpoints.

1. Information We Collect

We collect personal information that you provide to us directly when creating workspaces, purchasing enterprise licenses, or configuring sync endpoints. This includes:

  • Identity Data: Full name, organizational email, mobile number, company name, and job title.
  • Integration Data: Connection strings, credentials, and API access tokens for integrated ERP tools (e.g., Procore, Autodesk, Sage, QuickBooks).
  • CAD & Document Files: Floor plans, DWG files, project specs, and material catalog values uploaded for BOQ extraction.
  • Billing Data: Credit card hashes, transaction records, and invoice parameters handled by our secure payment partners (Stripe).

2. How We Use Information

We use collected parameters to deliver our core services, build 3D rendering profiles, and ensure database consistency. This includes:

  • Automating material take-offs and generating PDF/Excel bill-of-quantities sheets.
  • Syncing project logs, invoice schedules, and labor metrics across remote jobsites using SQLite offline replication.
  • Providing customer support and debugging API integration timeouts.
  • Monitoring system health, detecting SQL injection risks, and defending cloud instances against network attacks.

3. Information Sharing & Disclosure

Concolabs does not sell, lease, or trade your construction drawing values or team records to third-party brokers. We share data only in these defined cases:

  • Subprocessors: We coordinate with SOC-2 compliant hosting providers (AWS, Google Cloud Platform) and database instances to maintain backend state.
  • Client Integrations: If you explicitly authorize a third-party app in our developer dashboard, we share specific sync channels as instructed.
  • Legal Mandates: We may disclose parameters if required by federal law, binding regulatory rulings, or valid court subpoenas.

4. Data Security

Our operations framework is engineered to safeguard your drawing repository and financial sheets:

  • All network routes are protected with HTTPS, HTTP/2, and TLS 1.3 encryption.
  • Drawing assets and CAD objects are encrypted at-rest using FIPS 140-2 validated AES-256 modules.
  • Engineering logs are monitored 24/7 for suspicious authentication failures, unauthorized key queries, or data leaks.
  • We conduct annual third-party security reviews and host active vulnerability disclosure channels.

5. Your Privacy Rights

Depending on your operating location (including GDPR, UK GDPR, and CCPA guidelines), you hold statutory control rights over your personal profile records:

  • Right to Access: You can query a full copy of your account profile records and stored database rows.
  • Right to Rectify: You can edit incorrect address values or profile numbers from the workspace panel.
  • Right to Delete: You can request complete termination of your workspace records and related drawing replicas.
  • Right to Restrict: You can opt-out of specific integrations, analytics reporting, or corporate newsletters.

6. Policy Updates

We may modify this policy periodically to align with product updates, developer APIs, or statutory regulations. Any revisions will be announced by modifying the Last Updated date pill at the top of this document. For significant changes, we will send an email alert to all registered workspace administrators.

If you have questions, inquiries, or feedback regarding our privacy practices, please contact us at: privacy@concolabs.com