Privacy Policy

This policy explains what personal information BaseRebuild (“we”, “us”) collects when you use our website, web app, and mobile-optimised PWA at baserebuild.com, and how we use, share, retain and protect that information.

It applies to everyone — visitors, free users, Pro subscribers and trial users alike. If you don't agree with anything below, please don't use the service.

We try to collect as little as possible. In practice that means:

Account data

• Email address — required to sign you in, send security alerts, and (if you opt in) product updates.
• Display name and username — chosen by you during onboarding.
• Authentication metadata — password hash, sign-in timestamps, IP address, and browser user-agent so we can spot suspicious access.

Product data

• Habits, tasks, focus sessions, fasting windows, food logs, finance entries, notes — anything you record inside the app.
• Streaks, scores, AI weekly review summaries, and preference settings.

Billing data

• Subscription tier, billing interval, plan-change history, and invoices.
• We never see or store your card details. Payments are handled by our payments processor — we only store an opaque customer ID, the last 4 digits, and the card brand.

Diagnostic data

• Server logs (URL, status code, timestamp, IP) kept for up to 30 days for abuse and incident response.
• Aggregated, non-identifying usage statistics — e.g. “how many users opened the focus timer this week”.

• We don't sell your data. Ever.
• We don't use third-party advertising or retargeting pixels.
• We don't train external AI models on your private content. (See “AI features” below for how Pro's weekly review uses an LLM provider.)
• We don't share your data with data brokers or affiliate networks.

If you're in the EEA or UK, we rely on these bases:

• Contract — to provide the service you signed up for (account, sync, billing).
• Legitimate interest — to keep the service secure, debug issues, and improve features.
• Consent — for non-essential cookies and optional product emails. You can withdraw consent at any time.
• Legal obligation — to keep tax / billing records as required by law.

When you use the AI Weekly Review (a Pro feature), the most recent summary of your habits, focus and finance metrics is sent to a large-language-model provider for processing. Specifically:

• We send aggregated metrics, not raw entries (e.g. “7-day average focus time: 42m”, not the content of any specific note).
• The provider acts as a data processor, doesn't train on the inputs, and the prompts are not retained beyond the API call.
• You can disable AI features in Settings → Privacy at any time.

• All data is stored on managed Postgres in the EU / US, encrypted at rest (AES-256) and in transit (TLS 1.2+).
• Passwords are hashed with industry-standard algorithms; we literally cannot read them.
• Production access is gated by SSO + MFA and limited to named engineers on a need-to-know basis.
• Backups are encrypted and retained for 30 days, then permanently destroyed.

• Account data is kept for as long as your account exists.
• Deleted accounts are scrubbed from primary storage within 30 days; backups age out within 60 days.
• Billing records are kept for 7 years to comply with tax law.
• Server logs roll over after 30 days.

Wherever you are in the world, you can:

• Access — download every record we hold about you in JSON via Settings → Privacy → Export.
• Correct — edit your profile, habits and entries directly in the app.
• Delete — permanently erase your account and all linked data via Settings → Privacy → Delete account.
• Portability — the JSON export is machine-readable and can be moved anywhere.
• Object or restrict — email privacy@baserebuild.com and we'll respond within 30 days.

BaseRebuild is operated globally. Your data may be processed in the United States and the European Union. Where data leaves the EEA / UK, transfers are protected by the European Commission's Standard Contractual Clauses or an equivalent adequacy mechanism.

BaseRebuild is not directed at children under 16, and we do not knowingly collect data from anyone under that age. If you believe a child has signed up, contact us and we'll delete the account immediately.

We'll update the “Last updated” date at the top whenever this policy changes. For material changes, we'll email signed-in users at least 14 days before the new version takes effect.