Cubica

Legal

Privacy Policy

How Cubica collects, uses, and protects personal information on the platform.

Last updated: July 7, 2026

1. Introduction

Cubica respects your privacy. This Privacy Policy explains what information we collect when you use our platform, customer portals hosted by Organizations, and related services.

Organizations using Cubica may collect additional information from their customers under their own policies. This document describes Cubica's platform processing.

2. Roles

For platform account holders (organization administrators, staff, and contractors), Cubica is typically the data controller for account and usage data.

For end-customer project data entered by an Organization, the Organization is generally the data controller and Cubica acts as a processor hosting and processing that data to provide the Service.

3. Information We Collect

We may collect:

  • Account information such as name, email, phone, organization membership, and password hash
  • Customer and project details entered by Organization users
  • Estimate, invoice, and payment status metadata
  • Photos uploaded to projects or completion records
  • Electronic signatures, signer names, and consent text shown at acceptance
  • Custom domain configuration and DNS verification status
  • Integration tokens and connection metadata (for example, QuickBooks, Stripe Connect, suppliers)
  • Technical logs such as IP address, browser type, hostname, and usage timestamps
  • Cookie, locale, and theme preferences

4. How We Use Information

We use information to:

  • Provide, secure, and improve the Service
  • Authenticate users and enforce role-based access
  • Prepare, send, and record estimates, invoices, and notifications
  • Process platform subscription payments and route customer payments through Stripe
  • Operate integrations requested by Organizations
  • Maintain immutable audit logs for critical business actions
  • Verify custom domains and prevent abuse
  • Comply with legal obligations

5. Sharing and Subprocessors

We do not sell personal information. We share data with service providers that help us operate the Service, under appropriate contractual safeguards. Current categories include:

  • Hosting and deployment (for example, Vercel)
  • Database (for example, Neon Postgres)
  • Email delivery (for example, Resend)
  • Payments (Stripe)
  • File storage (for example, Vercel Blob)
  • Accounting integrations (Intuit QuickBooks, when connected by an Organization)

6. Retention

We retain information as long as needed to provide the Service, meet legal and accounting requirements, and resolve disputes. Approved estimates and acceptance records may be retained for compliance purposes.

7. Security

We use administrative, technical, and organizational measures designed to protect information, including tenant isolation by organization, server-side authorization, and encrypted transport. No method of transmission or storage is completely secure.

8. Your Rights

Depending on your location, you may have rights to access, correct, delete, or export personal information, or to object to certain processing. Contact us to submit a request. Organization customers should also contact the relevant Organization regarding project data.

9. Children

The Service is not directed to children under 13, and we do not knowingly collect their information.

10. International Users

The Service is operated from the United States. If you access the Service from other regions, you consent to processing in the United States and other locations where our providers operate.

11. Changes

We may update this Privacy Policy. The latest version will always be posted on this page with an updated date.

12. Contact

Privacy questions or requests: privacy@cubica.dev.