LetsBuild privacy policy
Last updated: September 01, 2019
Last updated: September 01, 2019
LetsBuild Belgium SA (previously AproPlan SA) and LetsBuild Denmark ApS (previously Geniebelt ApS) are part of the LetsBuild Group (collectively with any subsidiaries and affiliates, “LetsBuild”, “Company”, “data controller”, “we”, “us”, and/or “our”). This Privacy Policy will explain how the Company uses and protects personal information belonging to account holders for any of our products, AproPlan or GenieBelt, or visitors to our website LetsBuild.com our any other websites on which this Privacy Policy appears, as well as users of the Company’s Services (“Services”), including any software, mobile applications, products, devices or other services offered by Letsbuild. Your personal data will only be used in accordance with this Privacy Policy, which is governed by the European General Data Protection Regulation (GDPR).
Our principles regarding user privacy and data protection:
LetsBuild is a leading provider of cloud-based construction management software. LetsBuild was formed following the merger of two companies: AproPlan SA based in Brussels, Belgium and GenieBelt ApS based in Copenhagen, Denmark. LetsBuild offers two Applications (AproPlan and GenieBelt) that complement each other into one end-to-end solution for the construction phase. LetsBuild is a Data Controller as we determine the purposes and means of processing of personal data. LetsBuild is a Data Processor as we process data on behalf of customers.
For more information, please visit our website LetsBuild.com where you can fill in the form to request a demo.
LetsBuild collects information that personally identifies you and other information about you. This may include:
We may use your personal information for the following purposes:
Running of the Applications: LetsBuild requires basic personal data such as name, email address, phone number, title, company, etc to establish physical persons as account holders on the LetsBuild software platforms. These data are for instance displayed in the Application to list participants of each project and to identify the author of each action. This and other information such as address, country, location and time zone are for instance used to display dates/time in a correct format and to generate reports within the Applications.
Questions, support and requests: if you contact us by email, chat, phone or otherwise, we will use the personal information you provide to answer your question or resolve your problem. Our supporters will also access all other information and statistics they could think useful to improve the quality of the answer.
Order Fulfilment: We may use personal information that you provide to fulfill any orders you may place for Services offered by LetsBuild.
Contacting you about Application updates, other products, services and events: LetsBuild may use your personal information to contact you with information about product updates, services and events that may be of interest to you. LetsBuild may periodically send promotional emails about new features, special offers or other information which LetsBuild thinks the account holder may find interesting, using the email address which the account holder has provided, if the account holder has agreed to receive such information.
Service Improvement: your personal data is also required in order to understand account holder needs and provide the account holder with better service. LetsBuild may use the information to improve our products and services.
Research and Data Analysis: From time to time, LetsBuild may also use the account holder’s information to contact the account holder for market research purposes, surveys, contests and other special offers. If you elect to participate in these services, you may need to provide certain personal information.
Provision and Monitoring of the Services: We will use your personal information to provide you with access to and to support your use of the Services and to monitor your use of the Services.
LetsBuild may also collect and store personal data from website visitors and persons that download resources from LetsBuild’s websites or similar. In general, LetsBuild will collect information on which pages you visit and when (your “electronic footprint”), which browser you are using and which IP-address you are using. LetsBuild may also ask you to provide your name, email address and other personal data to provide you with downloadable/viewable resources on the website or provide access to our newsletter list. This data is used to analyse LetsBuild’s website traffic and usage to improve the website experience for all our users.
LetsBuild will not use your personal data for other purposes than those listed when you provided your consent.
The GDPR grants individuals some rights over their personal data. This Privacy Policy will provide you with information about such rights and a method by which you can exercise them.
I. The right to be informed
With the below exceptions, LetsBuild will not sell, distribute or lease your personal information to third parties unless LetsBuild is required by law to do so. LetsBuild may use your personal information to send you promotional information about third parties which LetsBuild think you may find interesting if you consent to this in advance.
You may at any time request access to the following information about your personal data held by LetsBuild :
For any of the above requests, you may at any time contact LetsBuild by using the contact details provided in the “How to contact us” section below. LetsBuild will take action without undue delay.
II.The right of access
If you wish to access your personal information, you can do so at any time by contacting us using the contact details provided in the “How to contact us” section below. LetsBuild will promptly give you your requested information.
III. The right of rectification
If you wish to correct or update your personal information, you can always do so by changing the relevant settings in your profile account. You have the right to obtain from LetsBuild without undue delay the rectification of inaccurate personal data concerning your person. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed by providing supplementary information. If you believe that any information LetsBuild holds about you is incorrect or incomplete, please write to or email LetsBuild as soon as possible using the contact details provided in the “How to contact us” section below. LetsBuild will promptly correct any information found to be incorrect.
IV. The right of erasure
You have the right to request from LetsBuild the erasure of personal data concerning you without undue delay, and LetsBuild has the obligation to erase personal data without undue delay where one of the following grounds applies:
For any of the above requests, you may at any time contact LetsBuild by using the contact details provided in the “How to contact us” section below. LetsBuild will take action without undue delay.
V. The right to restrict processing and to object
You may choose to restrict the collection or use of your personal information in the following ways:
You have the right to request restriction of processing of your personal data by LetsBuild as follows:
You have the right to withdraw consent given to the processing of your personal data by LetsBuild unless this is regulated by contract or other statutory law. If you have previously agreed to LetsBuild using your personal information for e.g. direct marketing purposes, and you no longer wish us to hold your data, you may change your mind at any time by clicking on the “unsubscribe” link in the marketing emails we send you.
For any of the above requests, you may at any time contact LetsBuild by using the contact details provided in the “How to contact us” section below. LetsBuild will take action without undue delay.
VI. The right to contact the authorities
If you have any complaints about how we handle your personal data, please contact us so we can resolve the issue, where possible. If you need to go further, you have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority (for some of them, see “How to contact the appropriate authorities?” section below).
LetsBuild is committed to ensuring that your information and other personal data collected is secure. In order to prevent unauthorised access or disclosure, LetsBuild has put in place suitable physical, electronic and managerial procedures to safeguard and secure the information LetsBuild collects online.
LetsBuild analyses collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process.
I. Purpose of the security measures
The security measures are documented and will be updated if changes are made.
The technical and organisational measures are subject to future technical advancements and developments. For this purpose, data controllers are permitted to implement alternative, suitable measures which may not fall below the security level for the measures previously set out. Important changes must be documented.
The data processor will implement the following technical and organisational security measures to ensure a level of security appropriate to the processing operations agreed upon and which thus fulfil Article 32 of the General Data Protection Regulation.
The measures are determined according to the following considerations:
The measures are implemented to avoid the personal data being:
II. General security measures
Data center
Protection against loss of data
Security at Application level
Architectural security
Internal IT security
III. Authorisation and access control
All the data processor’s members of staff who have access to personal data have been authorised by the data processor. Authorisations describe the purpose of staff members’ access. Staff only have access to personal data for operational or technical purposes.
The data processor’s staff do not have access to personal data which are not covered by their authorisation. The data processor will keep the number of authorisations at a minimum.
The data processor verifies and updates authorisations on an ongoing basis. Authorisations are changed or revoked when a member of staff changes job title, area of responsibility or conditions of employment.
IV. Workplaces & workplaces at home
We have secured our offices in an efficient way. All employees have badges to unlock the doors if they are securely closed. Visitors have to check in when they come into the office.
The data processor’s processing of personal data is partly carried out via the use of workplaces at home. The data processor’s staff can access the Application from external locations featuring the same security measures as described in “External communications links”. All members of staff have been instructed in using only work computers with full encryption of the hard disk. As outlined above, access to servers for operational or technical purposes is only possible through encrypted remote access, SSH, when connected to the VPN.
V. External communication links & links to other websites
Our website may contain links to other websites of interest. However, once you use such links to leave our site, you should note that LetsBuild does not have any control over third party websites. Therefore, LetsBuild cannot be responsible for the protection and privacy of any information provided by you whilst visiting such sites. Also, third party sites are not governed by this privacy statement. You should exercise caution and study the privacy statement applicable to the website in question.
Communication between the user at the data controller and the LetsBuild Applications is encrypted both for web Application and mobile apps. The servers are configured to allow communication only via encrypted connections and promptly redirects the user to an encrypted connection in case the user attempts to create an insecure connection.
Ordinary mail and text communications to the data subject are not encrypted.
LetsBuild uses third party data processors for the following purposes:
LetsBuild has secured Data Processing Agreements with all such third parties to ensure that LetsBuild user and visitor data is handled in accordance with this Privacy Policy. Some of these third party processors process and/or store data outside of the EU, mainly in the USA. LetsBuild has signed Data Processing Agreements with these parties to ensure the correct and lawful treatment of personal data.
LetsBuild shall process and store the personal data only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to. We will retain your information for as long as we have an ongoing business need to do so. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked, de-identified or erased in accordance with legal requirements. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
We do not knowingly collect personal information from children under the age of 13. If we become aware that we have inadvertently received personal information from a child under the age of 13, we will delete such information from our records.
This policy may change from time to time. The latest effective date will be highlighted at the top of the policy information.
We will update this Privacy Policy when necessary to reflect customer feedback, changes in our program/projects and services or legal changes. When we post changes to this policy, we will revise the “Effective Date” at the top of the Privacy Policy.
If there are material changes to the Privacy Policy or in how LetsBuild will use your personal data, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this Privacy Policy to learn how LetsBuild is processing your information. Please print a copy of this Privacy Policy for your records.
If you want to contact us (for instance, in the context of exercising any rights described above or if you are dissatisfied):