Privacy Policy
SlabDraw ("we," "us," "our"), operating out of Houston, Texas, respects your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights.
1. Information We Collect
Account Information
When you sign up, we collect your username, email address, company / workspace name, and hashed password. We never store your password in plain text.
Payment Information
We do not collect or store your credit card or bank account information. All payment processing is handled by Stripe. Stripe provides us with limited information including transaction status, last four digits of card, card brand, billing zip, and a customer identifier.
Content You Create
We store the data you create in the Service: slab drawings, estimates, invoices, customer contacts, material libraries, vendor records, payment terms, and related files. This is "Your Content" as described in our Terms of Use.
Usage Information
We automatically collect limited technical information including IP address, browser type and version, operating system, pages viewed, and timestamps. This is used for security, debugging, and improving the Service.
Support Communications
If you contact support via the in-app Help form, email, or bug reports, we collect the content of your message, your email address, and any screenshots you attach.
2. How We Use Information
We use the information we collect to:
- Provide, maintain, and improve the Service.
- Process payments and manage subscriptions through Stripe.
- Send account notifications, trial reminders, and billing emails.
- Respond to support requests and diagnose technical issues.
- Detect, prevent, and respond to fraud, abuse, or security threats.
- Comply with legal obligations (tax records, subpoenas, etc.).
3. How We Share Information
We do not sell your personal information. We share information only in the following limited cases:
- Service providers: Stripe (payments), SMTP email providers (transactional email), cloud hosting providers. These providers are contractually required to use your information only as needed to provide services to us.
- Legal compliance: We may disclose information if required by law, subpoena, court order, or to protect the rights, property, or safety of SlabDraw, our users, or the public.
- Business transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
4. Cookies and Tracking
We use essential cookies for authentication (keeping you signed in), session management, and remembering UI preferences such as theme. We do not use third-party advertising trackers. Cookies set during authentication are HTTP-only and secure, and expire when you sign out.
5. Data Security
We use industry-standard security practices including HTTPS/TLS encryption for all traffic, hashed passwords (bcrypt), principle-of-least-privilege database access, and regular security patching. However, no system is perfectly secure, and we cannot guarantee absolute security.
6. Data Retention
We retain your account information and Your Content for as long as your account is active. Upon account closure, we retain the data for up to 30 days to allow recovery, after which it is permanently deleted, except where longer retention is required by law (e.g., transaction records for tax purposes, typically up to 7 years).
7. Your Rights
You have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Update your account information directly via the Profile page, or contact us for corrections we cannot make automatically.
- Deletion: Close your account from the Billing or Profile page, or contact us to request deletion.
- Export: Export your estimates and invoices as PDF at any time. For a full data export including customer and material records, contact us.
- Opt-out: Opt out of non-essential emails via unsubscribe links or by contacting support. Transactional emails (billing, security) cannot be opted out of while your account is active.
8. Children
The Service is not directed to individuals under 18. We do not knowingly collect personal information from anyone under 18. If we learn we have collected such information, we will delete it.
9. International Users
The Service is operated in the United States. If you access it from outside the U.S., your information will be transferred to, stored in, and processed in the U.S. By using the Service, you consent to this transfer.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced via email or in-app notification. The "Effective" date at the top reflects the latest version.
11. Contact
Questions about privacy or your data? Email us at support@slabdraw.com. For formal privacy requests, include "Privacy Request" in the subject line.