The Obvious Builder
Legal

Privacy Policy

Effective date:

This Privacy Policy explains how The Obvious Builder (“we”, “us”, “our”) collects, uses, shares, and protects information when you use our website, application, Builder AI, visual editor, CMS, forms, publishing, templates, community surfaces, and related services (the “Service”).

This policy is a product-specific baseline and should be reviewed by legal counsel before production launch or fundraising diligence.

For rules governing use of the Service, see Terms of Service.

1. Overview

We build software that lets users create, manage, and publish websites. Because the Service includes accounts, workspaces, generated sites, CMS content, form submissions, AI prompts, media uploads, custom domains, subscriptions, and analytics, we process several categories of information to provide and secure the product.

We do not sell personal information. We use personal information to operate the Service, improve it, provide support, process billing, prevent abuse, and comply with legal obligations.

2. Information we collect

A) Account, identity, and workspace data

We collect information such as name, email address, authentication identifiers, avatar, workspace membership, role, invitation status, preferences, selected theme, plan, limits, and administrative settings.

B) Project, site, CMS, and publishing data

We store data you create or configure in the Service, including pages, layouts, styles, components, templates, media, CMS collections, fields, CMS entries, form definitions, published site data, slugs, publication targets, domains, SEO settings, redirects, scripts, and related metadata.

C) Forms and end-user submissions

If you use our forms features, we may process form fields, submissions, timestamps, source pages, anti-abuse metadata, and related workflow data. You are responsible for the content and legality of the forms you publish and for providing any privacy notices required to your own site visitors.

D) Builder AI prompts, outputs, and diagnostics

When you use Builder AI or other AI features, we process prompts, instructions, selected page context, project structure snapshots, generated outputs, patch summaries, diagnostics, and run metadata to provide, debug, secure, and improve the feature.

E) Billing and subscription information

Payments are handled by payment processors such as Stripe. We receive limited billing data such as customer identifiers, plan, subscription status, invoices, billing events, payment method summaries, and renewal dates. We do not store full card numbers on our servers.

F) Usage, device, and security data

We may collect IP address, browser and device information, approximate location, pages viewed, feature usage, editor actions, logs, error reports, performance data, cookie identifiers, and security events.

3. How we use information

  • Provide, operate, publish, maintain, and improve the Service.
  • Authenticate users, manage sessions, workspaces, permissions, and roles.
  • Store and render projects, generated websites, CMS data, forms, and media.
  • Process subscriptions, enforce plan limits, issue invoices, and manage billing.
  • Provide Builder AI, generate outputs, apply updates, and debug AI runs.
  • Detect, prevent, and investigate spam, abuse, fraud, security incidents, and misuse.
  • Respond to support requests, product feedback, and administrative inquiries.
  • Analyze usage and performance to improve reliability and product quality.
  • Comply with law, enforce our Terms, and protect rights, safety, and integrity.

4. Builder AI and AI features

AI features may send prompts, context, project data, and generated outputs to model providers or infrastructure providers acting on our behalf. Outputs may be inaccurate, incomplete, or similar to content generated for others. You are responsible for reviewing AI-generated content before publishing it.

We may use AI interaction metadata to operate, monitor, debug, protect, and improve the Service. We will handle AI-related personal information in accordance with this Privacy Policy and our contracts with subprocessors.

5. Cookies and similar technologies

We use cookies, local storage, pixels, and similar technologies for authentication, session security, workspace routing, preferences, theme settings, fraud prevention, analytics, and product performance. Some cookies are necessary for the Service to work. Others help us understand usage and improve the product.

You can control cookies through your browser settings. Blocking necessary cookies may prevent login, publishing, billing, or editor features from working correctly.

6. How we share information

We share information only as needed for the purposes described in this policy:

  • Service providers: hosting, database, storage, CDN, payment processing, analytics, AI infrastructure, email, logging, monitoring, security, and support vendors.
  • Workspace users: users in the same workspace may see project, billing, role, invitation, or activity data depending on permissions.
  • Published content: sites, templates, profiles, and community content you publish may be public and indexed by search engines or AI systems.
  • Legal, safety, and compliance: to comply with law, enforce agreements, respond to lawful requests, prevent abuse, and protect rights and safety.
  • Business transfers: if we are involved in a merger, acquisition, financing, reorganization, or sale of assets.

7. Data retention

We retain information for as long as needed to provide the Service, maintain security, comply with legal obligations, resolve disputes, enforce agreements, and support backups and audit logs. Retention periods vary by data type, workspace status, plan status, and legal requirements.

Deleted content may remain in backups or logs for a limited period before being overwritten or removed according to our retention practices.

8. Security

We use administrative, technical, and organizational safeguards designed to protect information, including access controls, authentication, logging, secure hosting, and vendor controls. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information. You may also have rights to withdraw consent or lodge a complaint with a supervisory authority.

To exercise rights, contact us at contact@theobviousbuilder.com. We may need to verify your identity and account authority before fulfilling a request.

10. International transfers

We and our providers may process information in countries other than where you live. Where required, we use appropriate safeguards for international transfers, such as contractual protections or other lawful transfer mechanisms.

11. Children

The Service is not directed to children under 13, or a higher age where required by local law. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. If changes are material, we will provide reasonable notice. The effective date above indicates when this policy was last updated.

13. Contact

Questions about privacy? Contact us at contact@theobviousbuilder.com.