Legal
Privacy Policy
Last updated: March 1, 2026
This policy applies to all users of www.floorpln.com regardless of location, including residents of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Indiana, Tennessee, and all other US states.
1. Overview
Floorpln operates www.floorpln.com and provides AI-powered floor plan generation software for residential builders and construction professionals. This Privacy Policy describes what personal information we collect, how we use it, and your rights regarding that information.
By using Floorpln, you agree to the data practices described here. If you do not agree, please do not use our services.
2. Information We Collect
2.1 Information You Provide
- Email address — when you sign up for updates, email plan delivery, or API access.
- Payment information — processed by Stripe; we never store card numbers or bank details.
- Floor plan inputs — bedrooms, bathrooms, square footage, home style, and design parameters.
- Contact form submissions — name, email, message content.
- CRM / builder profile — company name, phone, website if you configure CRM integration.
2.2 Information Collected Automatically
- Usage data — pages visited, features used, generation count, session duration.
- Device and browser — browser type, operating system, screen size, IP address.
- Performance data — page load times, Core Web Vitals (via PostHog analytics).
- Cookies and local storage — session identifiers, preferences, access tokens. See Section 6.
2.3 Information from Third Parties
- Stripe — payment confirmation, customer email, transaction ID.
- PostHog — aggregated analytics events (no PII shared by default).
3. How We Use Your Information
- Provide and improve the floor plan generation service
- Process payments and issue download access
- Send floor plan files to your email when requested
- Respond to support inquiries
- Send product updates (only with your consent; unsubscribe anytime)
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal obligations
- Analyze aggregate usage to improve the product
We do not sell your personal information to third parties. We do not use your data for targeted advertising on other platforms.
4. Data Sharing and Disclosure
We share your information only in the following circumstances:
- Stripe (payment processor) — to process transactions. Stripe is PCI-DSS Level 1 certified. Stripe Privacy Policy
- PostHog (analytics) — anonymized usage events for product improvement.PostHog Privacy Policy
- Resend (email delivery) — to send floor plan files and transactional emails when you request it.
- Legal requirements — if required by law, court order, or to protect the rights and safety of our users.
- Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred. We will provide notice before your data becomes subject to a different privacy policy.
5. Data Retention
- Shared floor plans — retained for 90 days from creation, then automatically deleted.
- Download access tokens — expire after 30 days (one-time) or 32 days (subscription cycle).
- Payment records — retained as required by Stripe and applicable tax laws (typically 7 years).
- Email addresses — retained until you unsubscribe or request deletion.
- Analytics data — retained for 12 months in aggregated form.
6. Cookies and Local Storage
We use browser local storage (not traditional cookies) for:
- floorpln_dl_token — cryptographically signed download access token (expires with purchase).
- floorpln_credits — free download credit balance.
- floorpln_history — local plan generation history (never sent to our servers).
- floorpln_preferences — UI preferences (furniture display, theme).
Third-party services (PostHog, Stripe) may set their own cookies for analytics and fraud prevention. You can disable cookies in your browser settings; some features may not function correctly.
7. California Residents — CCPA / CPRA Rights
Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have the following rights:
- Right to Know — You may request a list of the personal information we have collected about you, the categories of sources, and the business purposes for collection.
- Right to Delete — You may request that we delete your personal information, subject to certain exceptions (legal obligations, security, etc.).
- Right to Correct — You may request correction of inaccurate personal information we hold about you.
- Right to Opt Out of Sale / Sharing — We do not sell or share your personal information for cross-context behavioral advertising. No opt-out action is required.
- Right to Limit Sensitive Data Use — We do not process sensitive personal information beyond what is necessary to provide the service.
- Right to Non-Discrimination — We will not discriminate against you for exercising any CCPA rights.
To exercise your rights, email contact@floorpln.com with subject “CCPA Request”. We will respond within 45 days.
Floorpln is a small business. We collect personal information from fewer than 100,000 consumers annually and do not sell personal information, which limits certain CCPA obligations. We comply voluntarily with all CCPA rights listed above.
8. Other US State Privacy Rights
Residents of the following states have similar privacy rights to those described above and may exercise them by contacting us at contact@floorpln.com:
Virginia (VCDPA)
Right to access, delete, correct, portability, opt out of profiling
Colorado (CPA)
Right to access, delete, correct, portability, opt out of profiling
Connecticut (CTDPA)
Right to access, delete, correct, portability, opt out
Utah (UCPA)
Right to access, delete, portability, opt out of sale
Texas (TDPSA)
Right to access, delete, correct, portability, opt out
Oregon (OCPA)
Right to access, delete, correct, portability, opt out
Montana (MCDPA)
Right to access, delete, correct, portability, opt out
Iowa (ICDPA)
Right to access, delete, portability, opt out of sale
Indiana (INCDPA)
Right to access, delete, correct, portability, opt out
Tennessee (TIPA)
Right to access, delete, correct, portability, opt out
Delaware (DPDPA)
Right to access, delete, correct, portability, opt out
New Hampshire (NHPA)
Right to access, delete, correct, portability, opt out
New Jersey (NJDPA)
Right to access, delete, correct, portability, opt out
Nebraska (NDPA)
Right to access, delete, correct, portability, opt out
We honor all privacy rights requests regardless of your state of residence. Response time: 45 days, extendable by 45 days with notice.
9. Security
We implement industry-standard security measures including:
- TLS/HTTPS encryption for all data in transit
- HMAC-SHA256 signed download tokens (cryptographically unforgeable)
- Rate limiting on all API endpoints
- Stripe PCI-DSS Level 1 compliance for all payment data
- Webhook signature verification for all Stripe events
- No storage of payment card data on our servers
No system is 100% secure. If you believe your data has been compromised, contact us immediately at contact@floorpln.com.
10. Children's Privacy
Floorpln is a professional tool intended for adults (18+). We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us personal information, we will delete it immediately. Contact us at contact@floorpln.com if you believe we have collected information from a minor.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by updating the “Last updated” date and, for significant changes, by email notification to registered users. Continued use of Floorpln after changes constitutes acceptance.
12. Contact Us
For privacy requests, questions, or to exercise your rights:
Floorpln
Email: contact@floorpln.com
Website: www.floorpln.com
Response time: within 45 days of verified request.