BulidoBulidoBulido
PricingContact
BulidoBulido
Features
Quote and estimate creatorServices catalogueClients databaseProjectsCompany overviewCompany website
PricingContact

On this page

  • §1. Data controller
  • §2. Scope of application
  • §3. Purposes and legal bases of processing
  • §4. Scope of processed data
  • §5. Data recipients (subprocessors)
  • §6. Data transfers outside the EEA
  • §7. Client rights
  • §8. Data security
  • §9. Cookies
  • §10. Changes to the Privacy Policy

BULIDO Privacy Policy

Version:
1.0
Effective date:
April 22, 2026

Important: This English version is provided for convenience only. In case of any discrepancy, the Polish version prevails.

§1. Data controller

The controller of personal data of BULIDO Clients is:

Entigo Radosław Suchowierski ul. Bolesława Chrobrego 23, 78-230 Karlino, Poland Tax ID (NIP): 6721984998, REGON: 363952676 E-mail: contact@bulido.com

(hereinafter: "Controller")

For matters concerning the protection of personal data, please contact: contact@bulido.com.

§2. Scope of application

  1. This Privacy Policy governs the processing of personal data of:
    1. BULIDO Clients (account owners, persons representing the Client), for this data, the Controller acts as the controller.
    2. Visitors to bulido.com: processing limited to cookies and analytical data.
  2. Personal data of the Client's end clients (e.g., persons for whom the Client issues quotes), entered by the Client into BULIDO, is processed by the Controller as a processor under a separate Data Processing Agreement (DPA), which is an annex to the Terms of Service. This Privacy Policy does not regulate the processing of such data, in this respect, the provisions of the DPA and the privacy policies of individual Clients apply.

§3. Purposes and legal bases of processing

Purpose of processing Legal basis (GDPR) Retention period
Conclusion and performance of the Agreement (provision of BULIDO Service) Art. 6(1)(b) GDPR (performance of contract) Duration of the Agreement + retention period under the Terms (up to 90 days after Account expiration)
Issuing and storing invoices, tax settlements Art. 6(1)(c) GDPR (legal obligation, tax law, accounting law) 5 years from the end of the tax year
Handling support requests, correspondence, technical assistance Art. 6(1)(f) GDPR (legitimate interest of the Controller) Up to 3 years from the last contact
Service usage analytics, statistics, product improvement Art. 6(1)(f) GDPR (legitimate interest, Service development) Up to 36 months
Marketing of own services (newsletter, BULIDO offers) Art. 6(1)(f) GDPR + consent under applicable e-communications law Until consent is withdrawn / objection raised
Establishment, exercise, or defense of claims Art. 6(1)(f) GDPR (legitimate interest) Statutory limitation period (usually 6 years under Polish law)

§4. Scope of processed data

The Controller processes in particular:

  • name and surname / company name,
  • e-mail address,
  • phone number (if provided),
  • company data (Tax ID, REGON, registered address), if provided,
  • billing data,
  • authentication data (login, encrypted password),
  • technical data (IP address, session ID, device type, event log data),
  • data related to Service usage.

§5. Data recipients (subprocessors)

The Controller uses the services of the following entities to which it entrusts the processing of personal data:

Entity Service scope Processing location Transfer basis (if outside EEA)
DigitalOcean LLC Infrastructure hosting, database, backups Frankfurt, Germany (EEA) Standard Contractual Clauses (SCC)
Stripe Payments Europe Ltd. Payment processor Ireland (EEA) not applicable
Brevo (Sendinblue SAS) Transactional and marketing e-mail France (EEA) not applicable
OpenAI, L.L.C. OCR of accounting documents (receipts, invoices); generation of textual content for the Client's public website USA EU-U.S. Data Privacy Framework + SCC
Google Ireland Ltd. (Google Analytics) Website analytics EU / USA EU-U.S. Data Privacy Framework + SCC
Functional Software, Inc. (Sentry) Application error monitoring; session replay and performance traces (with consent) USA EU-U.S. Data Privacy Framework + SCC

The current list of subprocessors with a description of their services is set out in this Privacy Policy and is updated in case of changes.

§6. Data transfers outside the EEA

Some subprocessors (including OpenAI, Google, Sentry) are located in the USA. Data transfers to these entities take place on the basis of:

  • a European Commission adequacy decision (EU-U.S. Data Privacy Framework), if the entity has joined it, or
  • Standard Contractual Clauses (SCC) approved by the European Commission.

§7. Client rights

The Client has the right to:

  1. access their personal data and receive a copy,
  2. rectification of incorrect or incomplete data,
  3. erasure of data (right to be forgotten), subject to provisions requiring further storage (e.g., invoice data),
  4. restriction of processing,
  5. data portability in a commonly used format,
  6. object to processing based on the legitimate interest of the Controller,
  7. withdraw consent to processing at any time (if processing is based on consent),
  8. lodge a complaint with a supervisory authority: in Poland, the President of the Personal Data Protection Office (uodo.gov.pl).

To exercise these rights, the Client may contact the Controller at: contact@bulido.com.

§8. Data security

  1. The Controller applies technical and organizational measures to ensure protection of processed personal data, adequate to the risk, including:
    1. encryption of connections (TLS/HTTPS),
    2. password encryption,
    3. role-based access control,
    4. regular data backups,
    5. monitoring of security incidents.
  2. In case of a personal data breach, the Controller acts in accordance with the procedures set out in Articles 33–34 GDPR.

§9. Cookies

  1. The bulido.com website uses cookies for the following purposes:
    1. essential for the Service (session maintenance),
    2. analytical (visit statistics, Google Analytics),
    3. functional (remembering preferences).
  2. Non-essential cookies are activated only after the user gives consent.
  3. The user can manage cookies in their browser settings.

§10. Changes to the Privacy Policy

  1. The Controller may amend this Privacy Policy in case of changes in law, changes to the scope of the Service, or modification of the subprocessor list.
  2. The Client will be informed of significant changes by e-mail or via notification in the Account panel at least 14 days in advance.

This Privacy Policy is drawn up in three language versions: Polish, English, and German. In case of discrepancies, the Polish version prevails.

BulidoBulidoBulido

Bulido is quoting and estimating software for builders, contractors and renovation companies — put together estimates and quotes faster, stay on top of projects and payments, and save time by automating the day-to-day work.

Company details

Entigo

ul. Bolesława Chrobrego 23

78-230 Karlino

VAT: 672 198 49 98

Contact

  • +48 799 201 902
  • contact@bulido.com
  • Blog
  • About us
  • Careers
  • Terms of Service
  • Privacy Policy
  • Help

© 2026 Bulido. All rights reserved.