Legal

Privacy Policy

How Easy Takeoffs collects, uses, stores, and protects your personal information.

Last updated: May 16, 2026

1. Introduction

Easy Takeoffs (“we,” “our,” or “us”) operates the website at easytakeoffs.com and the Easy Takeoffs web application. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.

By creating an account or using Easy Takeoffs, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the service.

2. Information We Collect

We collect the following categories of information:

Account Information

When you create an account, we collect your first name, last name, email address, password (stored in hashed form), phone number (optional), company name, company size, trade, country, and state or province. We use this information to create and manage your account.

Payment and Billing Information

When you subscribe to a paid plan, you provide payment information directly to Stripe, our payment processor. Stripe collects your name, billing address, credit card or bank details, and the IP address of your transaction. We do not store credit card numbers, CVV codes, or bank account numbers on our servers. We store only your Stripe customer ID, subscription details (plan, status, billing dates), and Stripe invoice references in our database to operate your account and reflect your billing history in the app.

Uploaded Files

When you upload PDF construction drawings, those files are stored securely in cloud storage (Cloudflare R2) under your user account. Files are served via pre-signed URLs and are not publicly accessible. We do not analyze, share, or use the content of your uploaded PDFs for any purpose other than rendering them in the application for your use.

Project and Measurement Data

The projects, documents, measurements (linear, area, and count), annotations, measurement groups, labels, page names, and scale calibrations you create within Easy Takeoffs are stored in our database (hosted on Supabase). This data is associated with your account and is used exclusively to provide the service.

Automatically Collected Information

We collect technical and usage information through three channels:

  • Internal analytics: When you are signed in, we track session information (session ID, duration, page count) and usage events (feature usage, page URLs, user agent). This data helps us understand how the product is used and where to focus improvements.
  • Google Analytics 4: In production, we load Google Analytics 4, which collects page views, session data, and traffic sources via cookies (_ga, _ga_*). You can opt out through your browser settings or by using Google's opt-out browser add-on.
  • Server logs: Our servers log standard technical information such as your IP address, browser type, operating system, and pages visited. This information is used for security monitoring and service improvement.

3. Cookies and Tracking Technologies

Easy Takeoffs uses the following cookies and browser storage mechanisms:

  • Authentication (essential): Supabase stores session tokens in your browser's local storage to maintain your authentication session. These are essential for the service to function and are removed when you sign out.
  • Google Analytics (analytics): In production, _ga and _ga_* cookies are set by Google Analytics 4 to distinguish users and track sessions. These are analytics cookies, not advertising cookies.
  • Cloudflare Turnstile (security): Our authentication forms use Cloudflare Turnstile for bot detection. Turnstile may set tokens in your browser during the verification process. These are used solely for security purposes.
  • Stripe (essential for payments): When you reach Stripe Checkout or open the Stripe Customer Portal, Stripe may set cookies or local storage entries to authenticate your billing session and prevent fraud. These are essential for processing your subscription.

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Easy Takeoffs service
  • Authenticate your identity and manage your account
  • Store and serve your uploaded construction plans
  • Save your measurements, projects, and preferences
  • Process payments, manage your subscription, and handle billing matters (including invoicing, dunning, tax calculation, and refunds where applicable)
  • Send transactional emails related to your account (verification, billing notices, trial reminders, subscription receipts)
  • Send marketing emails about product updates and new features, subject to your email preferences
  • Track product usage to understand how features are used and prioritize improvements
  • Monitor performance and diagnose technical issues
  • Detect and prevent fraud, abuse, and unauthorized access
  • Communicate with you about your account or changes to the service

We do not sell, rent, or trade your personal information to third parties. We do not use your data for advertising purposes.

5. Third-Party Services

We use the following third-party services to operate Easy Takeoffs:

  • Supabase provides user authentication and database hosting. Your account information and project data are stored on Supabase infrastructure.
  • Cloudflare R2 provides file storage. Your uploaded PDF construction drawings are stored on Cloudflare's infrastructure.
  • Stripe provides payment processing for our subscription service. When you subscribe, Stripe collects your billing information and processes your payments according to Stripe's privacy policy and the Stripe Data Processing Agreement. Stripe is a PCI-DSS Level 1 certified payment processor and is responsible for the security of your payment data. Stripe also calculates applicable sales tax and VAT via Stripe Tax, and may retain billing records for up to seven (7) years to comply with tax and accounting law.
  • Google Analytics 4 provides website analytics in production. It processes page view and session data to help us understand traffic patterns and usage.
  • Cloudflare Turnstile provides CAPTCHA and bot protection on our authentication forms. It processes browser signals to distinguish humans from automated access.
  • Resend provides email delivery for both transactional messages (account verification, billing notifications, trial reminders, subscription receipts, security alerts) and marketing messages (product announcements, feature updates, occasional newsletters). Marketing emails respect your email preferences and can be unsubscribed from at any time, either through your account settings or via the unsubscribe link present in every marketing email.

Each of these providers operates under its own privacy policy. We recommend reviewing them for complete details about how they handle data.

6. Data Sharing

We do not sell your personal information to anyone. We share your data only with the third-party service providers listed above, and only to the extent necessary to operate the service. We may also disclose your information if required to do so by law or in response to valid legal process.

7. Data Retention and Deletion

We retain your data for as long as your account is active. You can delete your account at any time from your account settings. When you delete your account:

  • Your profile and account information is permanently deleted
  • All your projects and measurement data are permanently deleted
  • All uploaded PDF files are permanently removed from cloud storage
  • Any active subscription is immediately canceled with Stripe (no further charges)

Anonymized usage analytics (such as session durations and feature usage events) may be retained after account deletion for aggregate service improvement. This data cannot be used to identify you once your account is removed.

Subscription and billing data

Subscription records and transaction history are retained for as long as your account is active. After account deletion, our copies of subscription and billing references are removed from our systems. However, Stripe may retain billing records (transaction history, invoices, refund records) for up to seven (7) years to comply with tax and accounting law, even after we have deleted your Easy Takeoffs account. You can request information about Stripe's data retention practices via Stripe's privacy contact.

Account deletion is permanent and cannot be reversed. We recommend exporting any measurements or data you need before deleting your account.

8. Data Security

We take reasonable measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of all data in transit using TLS/HTTPS
  • Row Level Security (RLS) policies on our database ensuring users can only access their own data
  • Secure authentication with password hashing
  • Pre-signed URLs for file access, ensuring uploaded PDFs are not publicly accessible
  • Rate limiting on authentication and API endpoints
  • Payment data handled exclusively by Stripe, a PCI-DSS Level 1 certified processor; we do not store card numbers on our systems

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If you discover a security vulnerability, please report it to hello@easytakeoffs.com.

9. Your Data Subject Rights

Regardless of where you live, you have the following rights regarding your personal information:

  • Access: You can request a copy of the personal information we hold about you. Most of it is already visible in your account settings.
  • Correction: You can update inaccurate information at any time through your account settings.
  • Deletion: You can delete your account and all associated data through the Danger Zone in your account settings, subject to legal data retention requirements for billing records held by Stripe.
  • Data portability: You can export your measurements and project data via the in-app PDF and CSV export.
  • Opt out of marketing communications: You can opt out of marketing emails at any time through the email preferences in your account settings, or by clicking the unsubscribe link in any marketing email we send. Transactional messages (billing notices, security alerts, account confirmations) will continue regardless, as they are essential to the service.

California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what categories of personal information we collect and the right to request deletion. We do not sell personal information as defined by the CCPA. To exercise any CCPA right, contact us at hello@easytakeoffs.com.

European and UK Residents (GDPR and UK GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and the UK GDPR, including the right to restrict processing, the right to object to processing, and the right to lodge a complaint with your local data protection authority. Our legal bases for processing your personal data are contractual necessity (to provide the service you signed up for), legitimate interest (to improve our product, prevent abuse, and operate our business), and consent (for marketing communications). To exercise any of these rights, contact us at hello@easytakeoffs.com.

10. Governing Law

This Privacy Policy is governed by the laws of the State of Florida, USA, without regard to conflict of law principles. Any disputes regarding privacy matters will be resolved in the state or federal courts located in Orange County, Florida. This does not affect the additional rights granted to you by mandatory data protection law in your jurisdiction (for example, CCPA, GDPR, or UK GDPR), which continue to apply.

11. Children's Privacy

Easy Takeoffs is not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Last updated” date at the top of this page. For changes that materially affect how we collect or use your personal information, we will give you at least thirty (30) days advance notice by email and in-app notice before the change takes effect. Continued use of the service after changes are posted constitutes acceptance of the revised policy. We encourage you to review this page periodically.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your data, contact us at hello@easytakeoffs.com.

Start Your Construction Takeoff Today

Upload your first PDF plan set, set the scale, and pull accurate quantities before lunch. $39 a month after the trial, less than every dedicated competitor.

Get Started Free
14-day free trialNo credit cardCancel anytime