Privacy

We know privacy policies aren’t the most exciting read. But when you trust Capsa with your project information, you deserve to know what happens to it — clearly, honestly, and without legal waffle.

This policy explains how we handle your data when you use Capsa’s SaaS platform, mobile app, website, or marketing channels. It covers:

Who we are
What data we collect (and why)
How long we keep it
Who else helps us process it
What rights you have over it

We keep this policy updated so there are no surprises.

Who We Are

We’re Capsa Software Ltd, a UK-based company on a mission to make construction projects simpler, clearer, and easier to manage.

Capsa is part of the MAKE Group. Capsa was originally developed at MAKE to solve the challenges of managing construction projects. While Capsa operates as an independent company, we may share certain data with MAKE where it’s necessary for operational support, improving our services, or for other legitimate business purposes.

MAKE will never use your Capsa data for its own marketing unless you’ve given explicit consent.

The Data We Collect

Depending on how you use Capsa, we may collect:

Identity Data — e.g. your name, email, phone number, organisation, address.
Financial Data — e.g. payment details, billing address, subscription history.
Project Data — e.g. project details, drawings, documents, photos.
Technical Data — e.g. log-in history, usage, device info, support tickets.
Website Data — e.g. information you provide on our website (contact/demo forms), plus analytics and cookies that help us improve the site.
Grouped / Meta Data — e.g. statistics on how Capsa is used (number of documents, projects, users). This data is anonymised and never tied to an individual.

How We Collect It

Directly from you when you sign up, create projects, upload files, book demos, or contact support.
Automatically through your use of Capsa (e.g. device logs, version history, analytics).
From our website when you fill in forms or browse (cookies, analytics, contact details).
From third parties when you connect tools or services to Capsa (e.g. payments, email delivery).

How We Use Your Data

We only use your data where it’s necessary to:

Provide and improve Capsa’s services
Process payments and manage subscriptions
Support you if you need help
Keep your account secure and compliant
Send you updates (if you’ve opted in)
Improve our website and marketing
Meet our legal obligations

How Long We Keep Data

We don’t keep personal data forever. Different types of data have different lifespans:

Identity & account data — kept for as long as you have an active account. Deleted 12 months after account closure.
Financial & payment data — retained for 6 years to comply with tax and accounting laws.
Project data (drawings, documents, uploads) — kept for the life of your project subscription. If you archive in Capsa Vault, it remains until you delete it or cancel Vault.
Technical data (logs, usage, support tickets) — generally retained for 24 months.
Marketing data (CRM contacts, mailing lists) — kept until you unsubscribe or ask us to delete it.
Grouped/meta data — anonymised and may be retained indefinitely to help us improve Capsa.

Who We Share Data With

We use a small set of trusted third parties (“sub-processors”) to help deliver Capsa. They provide things like hosting, payments, and support.

Hosting & storage (Contabo, Google Firebase)
Payments (Stripe)
Email delivery (Brevo)
Customer support (Zendesk)
CRM (Capsule)
Development tools (GitHub, Storybook)

We publish a full, up-to-date Sub-Processor Register in the Resources & Downloads section of our website — so you always know who’s involved.

We may also share limited personal data with MAKE (our parent construction company) where we have a legitimate interest in doing so — for example, to improve how Capsa is used in real projects, or for internal reporting. MAKE will never use your Capsa data for marketing unless you’ve explicitly agreed.

International Transfers

Some of our providers — and our own development team — are based outside the UK/EEA. Where that’s the case, we make sure appropriate safeguards (like Standard Contractual Clauses) are in place so your data is protected to UK/EU standards.

Protecting Your Data

We take data security seriously. Measures include:

Encrypted connections (SSL/TLS)
Password hashing and access controls
Secure hosting infrastructure
Limited, role-based access for our team and suppliers

Your Rights

You have the right to:

Access the data we hold about you
Correct inaccurate data
Delete your data (subject to legal or contractual requirements)
Restrict or object to processing
Request a copy of your data (portability)

To exercise these rights, contact us at support@capsaapp.com.

Changes to This Policy

We update this policy from time to time. If the changes are significant, we’ll let you know directly. Otherwise, the latest version will always be here on our website.

Contact Us

Got questions? Email support@capsaapp.com — we’ll be happy to help.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.