Privacy

This Privacy Policy explains how we collect, use, and share information when you use SurfaceGrade, including account access, roof image uploads, AI-assisted grading reports, diagnostics, and support. By using the platform, you agree to the practices described here.

Effective: June 25, 2026

Last Updated: June 25, 2026

What information do you collect?: We collect information you provide directly, such as your name, email address, organization details, user role, and support requests. We also collect roof images you upload, generated grading reports, image metadata, IP addresses, browser types, and usage patterns within the platform.
How do you use my information?: We process information to deliver SurfaceGrade functionality, including image upload, roof grading, report storage, organization access control, diagnostics, account administration, service security, and support.
Who do you share information with?: We do not sell your personal data, roof images, or grading data. We may share information with service providers that help us operate the platform, when required by law or enforceable governmental request, or as part of a merger, acquisition, or restructuring.
How long do you keep information?: Application logs are retained for up to 90 days and database backups for up to 90 days. Customers may request earlier deletion of organizational grading data after account termination.
Who controls customer data?: Blueprint Software LLC operates SurfaceGrade as a data processor on behalf of its customers, who act as data controllers for information collected through their organization's accounts, roof images, and grading records. Blueprint Software does not access customer data except as necessary to provide support, maintenance, or comply with legal obligations.
Where is data stored?: SurfaceGrade services and data storage are hosted on Microsoft Azure within the United States. Data may be replicated across Azure regions for backup and disaster recovery. We do not transfer customer data outside the U.S. unless specifically requested or required by contract.
What happens during a security incident?: In the event of a data breach or security incident affecting customer information, we will notify affected organizations without undue delay after becoming aware of the issue and provide relevant details consistent with applicable law and contractual obligations.
What privacy rights do I have?: You may have the right to access, correct, or delete your personal information, depending on your jurisdiction. To exercise your rights, contact us at team@blueprint.software. If you request deletion of your account, we will deactivate your login and remove associated profile data from active systems. Operational logs and backups may be retained for diagnostics, security, or compliance purposes.
Do you use cookies or similar tracking?: Yes. We use cookies and browser storage to maintain user sessions, improve platform performance, and analyze usage. You can control cookies through your browser, but disabling them may affect functionality such as login persistence.
How do you protect information?: SurfaceGrade uses encryption in transit and at rest, role-based access controls, organization isolation, and infrastructure monitoring. While we take industry-standard precautions, no system is entirely immune to risk.
Can this policy change?: Yes. This policy may be revised as our services evolve. Significant changes will be communicated through the platform or via email, and the Last Updated date above reflects the current version.
How can I contact you?: For privacy-related questions, contact us at team@blueprint.software.