Book A Demo

Privacy Policy

Privacy & Cookies Policy

Last updated: 17 September 2025

This Privacy & Cookies Policy explains how BUILDPARTNER TECHNOLOGY LTD
(“BuildPartner”, “we”, “us”) collects and uses your information when you visit
buildpartner.com (WordPress site), use my.buildpartner.com (our web app),
sign up, start a trial, or purchase a plan via Stripe.

We comply with UK GDPR/EEA GDPR and applicable e-privacy rules. If anything here is unclear, contact contact@buildpartner.com.

1) Who we are (Data Controller)

  • Controller: BUILDPARTNER TECHNOLOGY LTD
  • Registered Company Number: 11739530
  • VAT Number: 319584474
  • Registered Office: Suite 345, 50 Eastcastle Street, London, W1W 8EA
  • Email: contact@buildpartner.com

Some services act as processors (e.g., hosting and analytics). Key vendors are listed below.

2) What data we collect

a) Information you provide

  • Account & profile details (name, email, company, password).
  • Billing-related information (handled by Stripe). We do not store full card numbers.
  • Support requests, feedback, and form submissions (e.g., “Book a demo”).

b) Information we collect automatically

  • Device & usage data: IP address, user-agent, browser/OS, pages viewed, clicks, timestamps.
  • Attribution data (on first landing): UTM parameters (e.g., utm_source, utm_medium, utm_campaign, utm_term, utm_content), ad click IDs (gclid, fbclid, wbraid, gbraid), and referrer.
  • First-party identifiers: a short-lived cookie to recognise a visit on our domain (details in Cookies).

c) Information from transactions

  • Stripe Checkout/Subscriptions: plan, amount, currency, status, discounts, trial status.
  • We store non-sensitive Stripe metadata (e.g., your BuildPartner account ID, a first-party visit ID, and landing UTMs) to power reporting. We do not store card numbers.

3) How we use your data (purposes & legal bases)

Purpose Examples Legal basis
Provide & secure the service Account creation, login, core app features, fraud prevention, uptime logs Contract; Legitimate interests
Billing & subscriptions Stripe Checkout, invoices, renewals, refunds, support Contract; Legal obligation
Analytics & product improvement Usage patterns, performance, debugging Legitimate interests
Attribution & marketing measurement Linking ad clicks to sign-ups/purchases; sending conversion signals to ad platforms Legitimate interests; Consent where required (cookies/Consent Mode)
Communications Onboarding, updates, service notices Legitimate interests; Contract
Compliance Record-keeping, responding to lawful requests Legal obligation

If local law requires consent for certain cookies/identifiers, we obtain it via our cookie banner (Consent Mode). You can change preferences at any time via the banner link in the footer.

4) How our attribution & tracking works (plain English)

  • On first visit, our WordPress site sets a first-party cookie and immediately posts the landing URL (including UTMs/click IDs) to our secure API (attrib.buildpartner.com, hosted on AWS in the EU).
  • When you sign up or log in on my.buildpartner.com, we bind that first-party visit to your account ID.
  • When you start a trial or purchase via Stripe Checkout, we include relevant attribution fields in Stripe metadata so every checkout carries its source context.
  • We fire a single clean “Purchase” event on the thank-you page (via Google Tag Manager) so Google Ads and Meta can learn.
  • We may also send a server-side copy of the same event to ad platforms (e.g., Meta Conversions API, Google server-side tag) using privacy-safe hashing and deduplication.
  • Our Admin report links ad clicks to real purchases/renewals (including Safari/iOS journeys) using only first-party data and Stripe records.

We do not sell personal information and we do not use cross-site third-party cookies on our domains.

5) Cookies & similar technologies

We use first-party cookies required for attribution and performance, and we respect your choices through the cookie banner (Consent Mode v2).

Our first-party cookies (examples)

Name Domain Purpose Expiry
bp_xcid .buildpartner.com First-party visit ID used to tie the initial landing to later signup/login and checkout ~30 days
bp_arrival_logged .buildpartner.com Throttle non-ad pageview pings (avoid duplicate network calls) 30 minutes
(App session) my.buildpartner.com Keep you signed in to the web app Session / as configured

Stripe Checkout occurs on Stripe domains; Stripe may set its own cookies to complete payments (see Stripe’s Privacy Policy).

If you consent to marketing/measurement, we may use:

  • Google Tag / Google Ads conversion tags (with Enhanced Conversions using hashed email where available).
  • Meta Pixel (with Advanced Matching of hashed identifiers where available).

You can manage consent via our cookie banner at any time.

6) Analytics, Ads & APIs we use

  • Google Tag Manager (web) to load only the tags you’ve consented to.
  • Google Ads conversions; optional server-side conversion copy via secure endpoint; Enhanced Conversions uses hashed identifiers when permitted.
  • Meta (Facebook) Pixel purchases; optional Conversions API with deduplication using an event ID.
  • Stripe for payments, subscriptions, invoices, webhooks.
  • AWS (EU region) for hosting our attribution API and databases (DynamoDB).

Automatic ad spend (API)

We may connect our own ad accounts via:

  • Google Ads API (read daily campaign spend from our accounts).
  • Meta Marketing API (read daily campaign spend from our ad accounts).

These reads are used internally to calculate ROI; we do not resell or share this data with third parties.

7) Data sharing (processors & recipients)

We share data with trusted providers strictly to run the service:

  • Stripe Payments (billing, invoices, fraud prevention).
  • Amazon Web Services (AWS) (EU region hosting).
  • Analytics/Ads vendors (Google, Meta) only to the extent needed to measure conversions and optimise campaigns, consistent with your consent choices.
  • Email/CRM (if used for onboarding or support).
  • Professional advisers and authorities where required by law.

We have data processing agreements (DPAs) or equivalent safeguards in place with our processors.

8) International transfers

Some providers (e.g., Google, Meta, Stripe) may process data outside the UK/EEA. Where they do, we rely on approved safeguards such as Standard Contractual Clauses (SCCs) and vendor addenda.

9) How long we keep data

  • Attribution arrivals (click rows): typically up to 24 months to analyse performance trends.
  • User/account records: for the life of the account, then up to 24 months after closure.
  • Billing/financial records (Stripe): typically 6 years (legal obligation).
  • Cookies: see the table above (or as configured via Consent Mode).

We keep data longer only if required by law or to resolve disputes.

10) Your rights

Subject to local law, you can:

  • Access your data and get a copy.
  • Rectify inaccurate data.
  • Erase data where applicable.
  • Restrict or object to certain processing (e.g., marketing).
  • Port your data to another provider.
  • Withdraw consent at any time (affects future processing only).
  • Lodge a complaint with the UK ICO or your local authority.

To exercise rights, email contact@buildpartner.com. We’ll respond within one month.

11) Your choices

12) Security

We use encryption in transit (HTTPS/TLS), role-based access, and least-privilege access on AWS and Stripe. No method is 100% secure; we monitor and improve continually.

13) Children

Our services are not directed to children under 16. If you believe a child has provided us personal data, contact contact@buildpartner.com.

14) Changes to this policy

We’ll post updates on this page and change the “Last updated” date. Material changes may also be emailed to account holders.

15) Contact us

BUILDPARTNER TECHNOLOGY LTD
Suite 345, 50 Eastcastle Street, London, W1W 8EA
Email: contact@buildpartner.com
Registered Company Number: 11739530
VAT Number: 319584474