This Privacy Policy describes how Obrazo collects, uses, and shares information when you use our website, our software service, and any related services (collectively, the "Service").
By using Obrazo, you agree to the practices described in this policy. If you don't agree, don't use the Service.
We collect three categories of information:
| Category | Examples |
|---|---|
| Account information | Name, email address, password (stored encrypted), business name, contractor license number, phone, mailing address |
| Billing information | Payment card details (handled by our payment processor — we don't store full card numbers), billing address |
| Business profile | Your logo, your bio, your warranty terms, your pricing, your list of services |
| Customer information you upload | Customer names, addresses, phone numbers, email addresses, project details, photos |
| Proposal content | Site notes, scope details, materials selected, pricing entered, generated proposal documents |
| Support communications | Emails, chat messages, and other communications you send us |
| Category | Examples |
|---|---|
| Device and connection | IP address, browser type, operating system, device type, time zone |
| Usage | Pages visited, features used, timestamps, error logs |
| Cookies | Session cookies for login, language preference cookie, basic analytics — see Cookies |
If you sign in using a third-party service (such as Google), we receive basic profile information from that service (your name, email, and profile picture) to create your account.
We use the information we collect to:
We do not use your data, your customers' data, or your generated proposals for advertising or to train AI models.
We share information only as needed to run the Service. The categories of recipients are:
We use third-party companies to help us operate. They access the data only to perform their function and are contractually required to protect it. Our current service providers include:
The current list of subprocessors is available on request from privacy@obrazo.co.
When you send a proposal to a customer, the proposal content (including your name and contact details) is delivered to the email address you specify.
We may disclose information if required by law, court order, or other legal process, or if we believe disclosure is necessary to protect the rights, property, or safety of Obrazo, our users, or the public.
If Obrazo is involved in a merger, acquisition, or sale of all or part of its assets, your information may be transferred as part of that transaction. We'll notify you of any change in ownership or use of your information.
When you generate a proposal, our software sends relevant information to our AI vendor (currently Anthropic) to assemble the proposal text. This typically includes:
Anthropic processes this data only to generate the requested proposal and is contractually prohibited from using it to train their models. Anthropic's privacy practices are described at anthropic.com/legal/privacy.
If you have concerns about specific customer information being sent to an AI vendor, you can omit or redact that information before generating a proposal. The fields you fill in are the fields that get sent.
We use a small number of cookies and similar technologies:
We don't use third-party advertising trackers, retargeting pixels, or social media trackers on our marketing pages.
Most browsers let you control cookies through your settings. If you block strictly necessary cookies, the Service may not work correctly.
We keep your information for as long as your account is active and as needed to provide the Service. Specifically:
If you cancel your subscription, we keep your account data for 30 days in case you reactivate, then delete it permanently (except for billing records and any data we're legally required to retain).
We take reasonable steps to protect your information, including:
No system is perfectly secure. If we discover a breach affecting your data, we'll notify you and applicable authorities as required by law.
If you discover a security issue, please report it to security@obrazo.co. We appreciate responsible disclosure.
You have the right to:
To exercise any of these rights, email privacy@obrazo.co. We'll respond within 30 days.
If you're a California resident, the California Consumer Privacy Act gives you specific rights regarding your personal information:
To exercise your rights, email privacy@obrazo.co with "CCPA Request" in the subject. We may need to verify your identity before responding.
We don't sell personal information and we don't share personal information for cross-context behavioral advertising.
If you're in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation gives you the rights described in Section 9, plus the right to lodge a complaint with your local data protection authority.
Our legal basis for processing your data is one of:
If you'd like to contact us about GDPR matters, email privacy@obrazo.co. We don't currently have an EU representative; if you're an EU resident and would like to use the Service, please reach out so we can confirm we can serve you appropriately.
Obrazo is a tool for businesses and is not intended for use by children under 16. We don't knowingly collect personal information from children. If you believe we've collected information from a child, contact privacy@obrazo.co and we'll delete it.
Obrazo is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S. (and potentially other countries where our service providers operate). U.S. data protection laws may differ from those in your country.
Where required, we use appropriate safeguards (such as standard contractual clauses) to protect your information when it's transferred internationally.
We may update this policy from time to time. When we make material changes, we'll notify you by email or by an in-product notice at least 30 days before the changes take effect, except for changes required by law (which may take effect sooner). The "Last updated" date at the top of this policy reflects when it was last changed.
For privacy questions or to exercise any of the rights described above:
Mailing address: TBD (Dana Point, CA).