BuildPrompt™ Privacy Policy (BuildScan Limited) · Version 2.0 · Effective 29 June 2026
BuildScan Limited (“BuildPrompt”, “we”, “us”, “our”) operates an AI platform that turns construction, infrastructure and real estate data into evidenced, auditable intelligence. This Privacy Policy explains how we collect, use, share and protect personal data in connection with our website at buildprompt.ai and the BuildPrompt service.
This policy is provided as notice under UK GDPR. It does not seek your consent for processing that does not require it. Where consent is required (for example, certain cookies and marketing communications) it is collected separately at the point of collection.
Our role under data protection law depends on the context:
Name, work email address, organisation, job title, telephone number and any other details you provide when you contact us, register interest, attend an event, or create an account.
Information collected automatically when you visit the site, including IP address, approximate location, device and browser type, referring URL, the pages you visit and the time and date of your visit.
For platform users, we log prompts and responses for service-delivery, security and audit purposes only. Customer data, prompts and responses remain the customer’s property and are never used to train our models or improve the service for other customers.
Documents and data are processed within isolated, customer-specific environments using our proprietary technology. Where third-party model providers are used, they operate under contractual data-isolation protocols and zero-retention arrangements, so customer data is not retained, shared or used for training by those providers.
Customers can configure how data, prompts and responses are handled at the enterprise level, including choice of model, region of processing, retention windows and the ability to use only internal models where preferred.
We process personal data on the following bases under Article 6 UK GDPR:
We do not sell personal data. We share personal data only with:
A current list of platform sub-processors is available to customers on request.
Where personal data is transferred outside the UK, we put in place appropriate safeguards under UK GDPR. These include reliance on UK adequacy regulations where they apply, the UK International Data Transfer Agreement (IDTA), or the EU Standard Contractual Clauses together with the UK Addendum. We assess transfers to ensure an essentially equivalent level of protection, and apply additional contractual, technical and organisational measures where necessary.
We retain personal data only for as long as necessary for the purpose for which it was collected. Indicative retention periods:
We operate an Information Security Management System aligned to ISO/IEC 27001:2022 and Cyber Essentials Plus. We apply technical and organisational measures appropriate to the risk, including access controls, encryption in transit and at rest, segregation of customer environments, vulnerability management, secure development practices, audit logging and staff training.
In the event of a personal-data breach affecting your rights and freedoms, we will notify the relevant supervisory authority within 72 hours where required by Article 33 UK GDPR, and affected customers without undue delay.
This website uses only strictly necessary cookies required for it to function. We do not currently set analytics or marketing cookies. If we introduce them in future, we will ask for your consent before doing so.
We do not make decisions about you that produce legal or similarly significant effects based solely on automated processing of your personal data on the website or in our marketing operations. Use of automation within the BuildPrompt platform is determined by the customer (as controller) and governed by the MSA.
BuildPrompt is a business-to-business service and is not directed at children. We do not knowingly collect personal data from anyone under the age of 16. If you believe we hold data relating to a child, please contact us so we can investigate and delete it.
Where we send marketing communications, you can opt out at any time by using the unsubscribe link in the message or by emailing info@buildprompt.ai. Opting out of marketing does not affect service-related communications.
Under UK GDPR and the Data Protection Act 2018, you have the right to:
To exercise any of these rights, contact us at info@buildprompt.ai. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). We would, however, appreciate the chance to address your concerns before you approach the ICO.
Our website may contain links to third-party sites or services. We are not responsible for the content or privacy practices of those third parties, and their use is governed by their own terms and policies.
We comply with privacy laws in the jurisdictions in which we operate. Depending on your country of residence, additional rights may be available to you. We process personal data in accordance with applicable local laws and collect consent where it is required.
We may update this policy from time to time. Where the change is material, we will notify you by email or via the platform before it takes effect. The version number and effective date above will be updated each time the policy changes.
For any questions about this policy or our data practices, please contact: