Privacy Policy
Last updated: 30 May 2026
This Privacy Policy explains how BUILDAI LIMITED ("BUILDAI", "we", "us" or "our"), a company incorporated in Hong Kong, collects, uses, stores, discloses, and protects personal data in connection with our website, communications, business services, consumer services, digital products, subscriptions, and related technology services.
BUILDAI respects personal data privacy and aims to comply with the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong ("PDPO") where applicable.
1. Scope
This Privacy Policy applies to personal data we collect through:
- Our website and online forms;
- Email, messaging, calls, meetings, and business communications;
- Quotations, invoices, contracts, and payment processes;
- AI system implementation, workflow automation, consulting, support, and related services;
- Client onboarding, project management, and customer support;
- Digital products, templates, online courses, subscriptions, memberships, AI tools, and other consumer-facing services;
- User accounts, product access, support requests, and service usage.
This Privacy Policy does not apply to third-party websites, platforms, payment processors, AI model providers, cloud providers, or other services that are not controlled by BUILDAI. Those third parties have their own privacy policies.
2. Personal Data We May Collect
Depending on your relationship with us, we may collect:
- Name, job title, company name, and business role;
- Email address, phone number, messaging account, and business contact details;
- Billing details, invoice information, payment reference, and transaction information;
- Company address, business registration details, and project information;
- Meeting notes, support requests, communications, and feedback;
- Account details such as username, login email, account status, subscription status, product access records, and support history;
- Records of purchases, downloads, course access, membership use, tool usage, and service activity;
- Website usage information such as IP address, browser type, device information, pages visited, and approximate location;
- Information contained in documents, files, systems, workflows, databases, or knowledge bases provided by a client for a project;
- User-submitted content such as prompts, instructions, uploaded files, images, documents, messages, workflow descriptions, and other materials provided when using our services;
- Technical information needed for implementation, such as system configuration, integration requirements, logs, diagnostics, and error reports.
We do not intentionally request passwords, full payment card details, private keys, API secrets, government identity documents, financial account credentials, or highly sensitive personal data through ordinary website forms or unsecured channels.
3. Purposes of Collection and Use
We may collect and use personal data for the following purposes:
- Responding to enquiries and arranging meetings;
- Preparing proposals, quotations, invoices, and contracts;
- Providing AI system design, AI agent implementation, workflow automation, integration, consulting, support, and related services;
- Providing digital products, subscriptions, memberships, online courses, templates, AI tools, downloads, and account access;
- Managing client relationships and project communications;
- Processing payments and maintaining accounting records;
- Creating, authenticating, managing, and supporting user accounts;
- Managing subscriptions, renewals, cancellations, refunds, product access, and customer support;
- Setting up, testing, troubleshooting, maintaining, and improving systems and workflows;
- Personalizing, operating, maintaining, securing, and improving our website, products, and services;
- Providing customer support and technical assistance;
- Managing security, access control, fraud prevention, and service integrity;
- Complying with legal, regulatory, tax, accounting, audit, and record-keeping obligations;
- Protecting our rights, property, business interests, and legal position;
- Sending service-related notices and, where permitted, business updates or marketing communications.
We will not use personal data for a new purpose that is unrelated to the original purpose of collection unless permitted by law or with appropriate consent where required.
4. AI, Client Data, and User-Submitted Content
In some projects or services, clients and users may provide documents, business data, internal policies, customer records, operational data, prompts, messages, uploaded files, images, workflow descriptions, or other information for use in AI systems, knowledge bases, automations, integrations, digital products, or support workflows.
Unless otherwise agreed in writing:
- We use client-provided data and user-submitted content only for the relevant project, product, support, security, improvement, and service purposes described in this Privacy Policy;
- We do not sell client data or user-submitted content;
- We do not use client confidential information or user-submitted private content to train public AI models under our control;
- We may process client data and user-submitted content using third-party AI model providers, cloud services, software tools, or infrastructure providers where reasonably necessary to provide the services;
- Clients and users are responsible for ensuring they have the right to provide data to us and for removing unnecessary sensitive data before submission.
Clients and users should not provide sensitive personal data, regulated data, passwords, API keys, private keys, full financial account credentials, identity documents, health information, children's data, or other sensitive information unless a secure method and written scope have been agreed.
AI outputs may be generated by third-party AI model providers or software systems. Users should review AI outputs before relying on them, especially where the output may affect legal, financial, employment, compliance, safety, or other important decisions.
5. Payment Information
Payments may be processed by third-party payment processors such as Stripe or other providers.
BUILDAI does not store full payment card numbers, card security codes, or full payment credentials. Payment processors may collect and process payment card information, billing information, fraud prevention information, and transaction data according to their own terms and privacy policies.
We may receive and store limited payment-related information, such as billing name, billing email, invoice details, payment status, payment reference, transaction amount, currency, refund status, and payment processor identifiers, for accounting, customer support, fraud prevention, dispute handling, and legal compliance purposes.
6. Cookies and Website Analytics
Our website may use cookies or similar technologies to operate the website, understand usage, improve performance, and support security.
You may disable cookies through your browser settings, but some website functions may not work properly.
If we use analytics, advertising, or tracking tools, those tools may collect information according to their own policies. We will aim to describe material tools on our website where appropriate.
7. Disclosure of Personal Data
We may disclose personal data to:
- Our directors, employees, contractors, consultants, and authorized representatives;
- Cloud hosting providers, AI model providers, software vendors, analytics providers, communication tools, project management tools, payment processors, and other service providers;
- Professional advisers, including lawyers, accountants, auditors, insurers, and compliance advisers;
- Banks, payment processors, and financial institutions for billing and payment purposes;
- Regulators, government authorities, courts, law enforcement agencies, or other parties where required or permitted by law;
- A potential buyer, investor, successor, or assignee in connection with a business transaction, restructuring, merger, or transfer, subject to appropriate confidentiality protections where applicable.
We require service providers to handle personal data only as necessary for the services they provide to us and to apply appropriate security measures.
8. Cross-Border Transfers
Your personal data may be stored or processed in Hong Kong or other jurisdictions where our service providers, cloud providers, AI model providers, or business partners operate.
Where personal data is transferred outside Hong Kong, we will take steps that we consider reasonable and appropriate to protect the data, taking into account the nature of the data, the purpose of processing, and the service providers involved.
9. Data Security
We take reasonable steps to protect personal data against unauthorized or accidental access, processing, erasure, loss, or use.
Security measures may include access controls, password protection, encryption where appropriate, secure communication channels, role-based permissions, audit logs, limited access, and internal handling procedures.
No method of transmission or storage is completely secure. Clients and users should avoid sending sensitive credentials or unnecessary personal data through unsecured channels.
10. Data Retention
We retain personal data only for as long as reasonably necessary for the purposes for which it was collected or as required for legal, tax, accounting, audit, contractual, security, dispute resolution, or legitimate business purposes.
Project records, invoices, contracts, user account records, subscription records, product access records, support records, and business correspondence may be retained for a period necessary to comply with legal and accounting obligations, provide services, resolve disputes, prevent fraud, and protect our legitimate interests.
When personal data is no longer required, we will take reasonable steps to delete, anonymize, or securely retain it in accordance with applicable requirements and our operational needs.
11. Direct Marketing
We may use your business or personal contact details to send updates about our services, products, insights, offers, or events where permitted by law.
We will not use your personal data for direct marketing where consent is required unless we have obtained the necessary consent.
You may opt out of marketing communications at any time by contacting us or using the unsubscribe method provided in the relevant message.
12. Access and Correction
Under the PDPO, you may have the right to request access to and correction of your personal data held by us.
To make a data access or correction request, please contact us using the details below. We may need to verify your identity before responding. We may charge a reasonable fee for handling a data access request where permitted by law.
Depending on the service you use, you may also be able to update certain account information directly through your account settings.
13. Account Closure and Deletion Requests
If you have an account with BUILDAI, you may contact us to request account closure or deletion of certain personal data.
We may need to retain some information where required or permitted for legal, accounting, tax, audit, security, fraud prevention, dispute resolution, service integrity, or legitimate business purposes.
14. Children's Privacy
Our services are intended for business clients and individual users who are able to enter into a valid contract. Our services are not directed to children under the age of 18.
We do not knowingly collect personal data from children under 18. If you believe that a child has provided personal data to us, please contact us so that we can take appropriate steps.
15. Third-Party Links and Services
Our website or services may contain links or integrations to third-party websites, platforms, APIs, or tools. We are not responsible for the privacy practices, security, or content of third-party services.
You should review the privacy policies and terms of those third parties before using them.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be posted on our website with the revised "Last updated" date.
17. Contact Us
For questions about this Privacy Policy or to make a data access or correction request, please contact:
BUILDAI LIMITED
Email: contact@buildai-limited.com