BuilderDash — job management software for trades
Book a demoStart free trial
FeaturesPricingWhy projectsMobile appKnowledge baseAboutContact
Sign inBook a demoStart free trial

Privacy Policy

Last updated: 25 June 2026

1. Who we are

BuilderDash is a job management software service operated by Sites For Business Limited ("we", "us", "our"), a company registered in England and Wales (Company No. 09238209), registered office 44 High Street, Southampton, SO30 3DR, United Kingdom. VAT number 196 8062 67. We are the data controller for personal data processed through our website (builderdash.app) and the BuilderDash application. For any privacy questions, contact us at hello@builderdash.app.

2. What this policy covers

This policy explains what personal data we collect, why, how we use it, who we share it with, how long we keep it, and the rights you have under UK data protection law (the UK GDPR and the Data Protection Act 2018).

3. The data we collect

Account and contact data: name, business name, email address, phone number, postal and site addresses, and login credentials.

Business content you enter: the data you put into BuilderDash to run your business — enquiries, clients and contacts, quotes, jobs, tasks, site files and photos, timesheets, invoices and supplier details. This may include personal data about your own clients, staff and contacts, for which you are the controller and we are your processor (see section 9).

Payment data: billing details and subscription information. Card payments are processed by Stripe; we do not store your full card number.

Technical data: IP address, browser type, device information, and log data, collected to operate and secure the service.

4. Why we use your data and our lawful basis

We process your data on these lawful bases under the UK GDPR:

To provide the service (performance of a contract): creating and managing your account, delivering BuilderDash's features, processing payments, and providing support.

To run and improve our business (legitimate interests): securing the service, preventing fraud and abuse, understanding usage to improve features, and communicating with you about the service. We balance these interests against your rights.

To meet legal obligations (legal obligation): keeping financial and tax records, and responding to lawful requests.

For optional marketing (consent): only where you have agreed; you can withdraw consent at any time.

5. Cookies

We use essential cookies needed for the website and application to function (for example, keeping you signed in). We also use Google Analytics to understand how visitors use our website, which sets non-essential analytics cookies. We only set non-essential cookies with your consent, which we ask for through our cookie banner when you first visit. You can change or withdraw your choice at any time through the banner or your browser settings.

6. Who we share your data with (subprocessors)

We use trusted third-party providers to deliver the service. Each only processes data as needed to perform its function and under contract:

Supabase — database, authentication and hosting.

Amazon Web Services (S3) — file and photo storage.

Stripe — payment processing and billing.

Xero — accounting integration, where you choose to connect it.

Postmark — sending transactional emails (for example, password resets and notifications).

Google Analytics — website usage analytics.

We do not sell your personal data. We may disclose data where required by law or to protect our legal rights.

7. International data transfers

Some of our providers process data outside the UK, including in the United States. Where data is transferred outside the UK, we rely on appropriate safeguards as required by UK data protection law — such as the UK extension to the EU-US Data Privacy Framework (the "UK-US Data Bridge") where the provider is certified, or the International Data Transfer Agreement and Standard Contractual Clauses. You can request more detail on the safeguards for a specific provider by contacting us.

8. How long we keep your data

We keep your account and business data for as long as your account is active. After account closure, data is retained for a limited recovery period and then deleted, except where we are legally required to keep certain records (for example, financial and tax records, typically for six years). See our account deletion page to request deletion.

9. When you are the controller

When you enter personal data about your own clients, staff or contacts into BuilderDash, you are the data controller for that information and we act as your processor, handling it on your instructions to provide the service. You are responsible for having a lawful basis to enter that data and for informing those individuals as required.

10. Your rights

Under UK data protection law you have the right to: access your data; have inaccurate data corrected; have your data erased; restrict or object to processing; data portability; and to withdraw consent where we rely on it. To exercise any of these, contact hello@builderdash.app. We will respond within the time limits set by law (usually one month).

11. Complaints

If you have a concern about how we handle your data, please contact us first so we can try to resolve it. You also have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority, at ico.org.uk.

12. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit, access controls and isolation of customer data. No system is completely secure, but we work to protect your information and to notify you and the ICO of any breach where required.

13. Changes to this policy

We may update this policy from time to time. We will post the updated version on this page and, where the change is significant, notify you by email.

14. Contact

Sites For Business Limited, 44 High Street, Southampton, SO30 3DR, United Kingdom. Email: hello@builderdash.app.