Privacy Policy

Who we are

Our website address is: http://architectureplus.eu. owned and operated by ArchitecturePLUS SRL RO 44962236

Comments

Last updated: February 20, 2026

1. Introduction

ArchitecturePLUS (“we”, “us”, “our”) operates the ArchitecturePLUS platform at architectureplus.eu. This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the EU General Data Protection Regulation (GDPR) and Romanian data protection law.

2. Data Controller

The data controller responsible for your personal data is ArchitecturePLUS, registered in Romania. For data protection inquiries, contact us at: privacy@architectureplus.eu

3. Data We Collect

3.1 Account Data

  • Email address (used for authentication and communication)
  • Display name and profile photo (from Google login or manual entry)
  • Authentication provider (Google, email/password)

3.2 Usage Data

  • Design renders generated, edits made, upscales performed
  • Product searches and shopping list items
  • Projects saved (room photos, reference images, design variants)
  • Community gallery posts and interactions

3.3 Images You Upload

  • Room photographs and style reference images
  • AI-generated design renders (stored in Firebase Cloud Storage)
  • Product thumbnails generated for visual search

Important: Your images are processed by Google’s Gemini AI models for design generation. Images are sent to Google Cloud Vertex AI for processing and are subject to Google Cloud’s data processing terms.

3.4 Payment Data

Payment processing is handled entirely by Stripe. We do not store your credit card numbers, CVV, or full card details. We receive from Stripe: transaction IDs, payment status, and the design pack purchased. See Stripe’s Privacy Policy.

3.5 Analytics & Cookies

With your consent, we use Google Analytics 4 (GA4), Google Tag Manager, and optional marketing pixels (Meta, TikTok) to understand usage patterns and improve the platform. You can manage cookie preferences via our cookie consent banner at any time.

4. How We Use Your Data

  • Service delivery: Generate AI design renders, source products, manage projects
  • Billing: Process design pack purchases, track allowance usage
  • Communication: Account verification emails, password resets, payment receipts
  • Analytics: Understand feature usage to improve the platform (with consent)
  • Security: Detect abuse, enforce rate limits, prevent fraud

5. Legal Basis for Processing (GDPR Art. 6)

  • Contract performance: Account management, design generation, billing
  • Consent: Analytics cookies, marketing communications
  • Legitimate interest: Security monitoring, fraud prevention, service improvement
  • Legal obligation: Tax records, invoice generation (Romanian fiscal requirements)

6. Data Sharing & Processors

We share data only with the following processors, all under appropriate data processing agreements:

  • Google Cloud Platform (Firebase, Vertex AI) — hosting, authentication, AI processing, storage
  • Stripe — payment processing
  • SerpAPI — product search (receives search queries, not personal data)
  • Resend — transactional email delivery
  • Google Analytics / GTM — analytics (with consent)

We do not sell your personal data to third parties.

7. Data Retention

  • Account data: Retained while your account is active
  • Projects & images: Retained until you delete them or your account
  • Payment records: Retained for 10 years (Romanian fiscal law)
  • Analytics data: Retained per Google Analytics defaults (14 months)
  • Search cache: Automatically expires after 7 days

8. Your Rights (GDPR Art. 15-22)

You have the right to:

  • Access: Download all your data via Profile → Data Export
  • Rectification: Update your profile information at any time
  • Erasure: Delete your account and all associated data via Profile → Delete Account
  • Data portability: Export your data in machine-readable JSON format
  • Withdraw consent: Manage cookie preferences, unsubscribe from marketing
  • Object: Contact us to object to specific processing activities
  • Complaint: File a complaint with the Romanian ANSPDCP (national supervisory authority)

9. International Transfers

Your data may be processed in the EU and US (Google Cloud, Stripe). Transfers to the US are covered by the EU-US Data Privacy Framework and Standard Contractual Clauses where applicable.

10. Security

We implement appropriate technical and organizational measures including: encrypted data transmission (TLS), Firebase Authentication, server-side billing enforcement, Firestore security rules with field-level access control, and rate limiting.

11. Children

ArchitecturePLUS is not intended for users under 16. We do not knowingly collect data from children under 16.

12. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via email or in-app notification. Continued use after changes constitutes acceptance.

13. Contact

For privacy-related questions or to exercise your rights:
Email: privacy@architectureplus.eu
Address: ArchitecturePLUS, Romania