Privacy Notice
Last Updated: April 3, 2026
Thizo is committed to protecting the privacy of its users. This Privacy Notice explains what data we collect, why we collect it, how long we retain it, who we share it with, and how you can exercise your rights. By using our services, you agree to the practices described here.
1. Who We Are
Thizo Technologies, Inc. is a US-based AI platform that produces BIM models and construction document sets for architecture, engineering, and interior design firms. Our servers are located in the United States. We do not use offshore data processing or public AI interfaces. For privacy inquiries, contact us at privacy@thizo.co.
2. Data We Collect
We collect the following categories of information when you use our platform:
| Type of Data | Examples | Purpose | Shared With |
|---|---|---|---|
| Account Information | Name, email, firm name, job title | Account creation and authentication | Not shared |
| Project Data | Drawings, specifications, BIM files you upload | Producing deliverables on your behalf | Not shared — remains client property |
| Usage Data | Platform activity, feature usage, session logs | Improving platform performance | Analytics providers (aggregated, anonymized) |
| Communication Data | Emails, support tickets, demo requests | Responding to inquiries and providing support | Internal team only |
| Billing Information | Payment method, transaction history | Processing subscription payments | Payment processor only |
We do not commingle client data. Your project files, firm standards, and historical work are used exclusively to build and refine your firm's own model — never to train, inform, or improve outputs for any other account.
3. How We Use Your Data
We use the data we collect to provide and improve our services, process payments, respond to support requests, send service-related communications, and comply with legal obligations. We do not use your data for advertising purposes or share it with third-party advertisers.
4. Data Retention
We retain your account information for as long as your subscription is active. Project files and deliverables are retained for 90 days after project completion or subscription cancellation, after which they are permanently deleted from our servers. You may request earlier deletion at any time by contacting privacy@thizo.co. Billing records are retained for 7 years as required by law.
5. Third-Party Services
Thizo uses a limited set of trusted third-party services to operate the platform. These include Firebase (authentication and database), Vercel (hosting infrastructure), Resend (transactional email delivery), and payment processing providers. Each of these providers is contractually obligated to protect your data and may not use it for their own purposes.
6. Cookies and Tracking
We use essential cookies to maintain your login session and platform functionality. We do not use advertising cookies or cross-site tracking. Analytics data collected is aggregated and does not identify individual users. You may disable cookies in your browser settings, though this may affect platform functionality.
7. Data Security
Thizo uses US-based servers, encrypted data transmission, and firm-specific access controls. We do not use public AI interfaces or offshore data handling. For a full overview of our security practices, visit our Trust & Security page.
8. Your Rights
Depending on your location, you may have the right to access, correct, or delete your personal data; withdraw consent at any time; request a portable copy of your data; and object to certain types of processing. To exercise any of these rights, contact us at privacy@thizo.co. We will respond within 45 days of receiving a verifiable request.
9. GDPR — European Users
If you are located in the European Economic Area, our lawful basis for processing your personal data is performance of a contract (to deliver the services you have subscribed to) and legitimate interests (to improve our platform and prevent fraud). You have the right to lodge a complaint with your local data protection authority. To exercise your GDPR rights, contact privacy@thizo.co.
10. CCPA — California Residents
California residents have additional rights under the California Consumer Privacy Act. You have the right to know what personal data we have collected about you, request deletion of your personal data, and opt out of the sale of your personal data. Thizo does not sell personal data. To submit a request, contact privacy@thizo.co or visit our Do Not Sell My Personal Information page. We will respond within 45 days.
11. Children's Privacy
Thizo's services are intended for professional use by adults. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has provided us with personal data, contact us at privacy@thizo.co and we will delete it promptly.
12. Changes to This Notice
We may update this Privacy Notice from time to time. When we do, we will update the "Last Updated" date at the top of this page and notify active users by email where required. Your continued use of our services after changes are posted constitutes acceptance of the revised notice.
13. Contact Us
For questions about this Privacy Notice or to submit a data request, contact us at privacy@thizo.co.
This Privacy Notice is provided for informational purposes and does not constitute legal advice. Thizo recommends that your firm consult with qualified legal counsel regarding your specific obligations under applicable privacy law.