Privacy Policy

Effective Date: 19 May 2026

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use Doofer, our web-based project estimation platform, accessible at doofer.io.

By using our Service, you agree to the terms of this Privacy Policy.

1. Who We Are

The Service is operated by Oleksandr Babita, a sole proprietor (FOP), registered in Ukraine as a third-group taxpayer.

If you have any questions or requests about your personal data, please contact us at alex.babita@doofer.io.

2. Data We Collect

We collect the following categories of data:

A. Personal Data

• Full name
• Email address
• Company name, team role, and department (if provided)
  Profile avatar and notification preferences (if provided)
• Billing and payment details (processed via Paddle)

B. Usage Data

• Login timestamps and account activity
• Server and application logs, which may include IP address and browser/device information
• IP address and browser/device information
• Estimation sessions and shared link usage
• Time and interaction data from stakeholder reviews on shared links (if enabled)

C. Uploaded Content

• Estimation files, project data, and team assignments
• Recordings and documents generated through the platform

D. AI Assistant Data (when you use Dean)

• Chat messages and conversation history sent with each request
• Attachments you upload to Dean, such as images, PDFs, or text files
• Relevant project data accessed by Dean to answer your request or perform actions you authorize
• Queries that may be processed using Anthropic web search or fetch capabilities when relevant to your request

3. How We Use Your Data

We process your personal data to:

• Provide access to the Doofer platform
• Save and manage project estimations
• Operate Dean, our AI assistant, including reading and updating project data when you request it
• Monitor usage for performance and improvement
• Contact you for support, updates, or billing purposes
• Detect misuse or unauthorised access
• Improve our product through usage analytics where enabled

4. Legal Basis for Processing

We process your personal data based on:

• Your consent (e.g., when you register)
• Contractual necessity (to provide services you’ve subscribed to)
• Legitimate interests (to improve and protect our service)
• Legal obligations (e.g., accounting and tax compliance)

5. Data Sharing

We only share your data when necessary and with trusted third parties:

• Paddle – for payment processing
• Google – for sign-in with Google and transactional email delivery
• Anthropic – for AI processing when you use Dean
• Pusher – for real-time in-app notifications
• Analytics providers (e.g., Google Analytics) – for service improvement
• Cloud infrastructure providers (e.g., AWS) – for hosting, storage, and session recordings
• Analytics providers (e.g., Google Analytics), where enabled on our website or app

We never sell your personal data.

6. Data Retention

We retain your personal data as long as:

• You have an active account, or
• It’s required to comply with legal obligations, or
• You haven’t requested deletion
• Dean chat history is maintained in your session and sent with each request. We do not store persistent Dean chat logs on our servers unless required for security, support, or legal purposes

You can delete your account or request data removal by contacting alex.babita@doofer.io.

7. Cookies & Tracking

We use essential cookies to:

• Maintain login sessions, including secure HttpOnly authentication cookies
• Support core platform functionality
• We may also use analytics or similar technologies where enabled to understand usage patterns and traffic sources. Screen and interaction recordings on shared links, when enabled, are stored by Doofer on our infrastructure and are not provided by a separate third-party session replay tool

You can control non-essential cookie preferences via your browser settings. Essential authentication cookies are required for the Service to function.

8. International Transfers

Although we operate from Ukraine, some data may be processed or stored on servers located in the EU or the US (e.g., AWS, Paddle, Google, Anthropic, Pusher). We ensure that such transfers are protected by appropriate safeguards where required.

9. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Object to or restrict processing
• Withdraw consent at any time
• Lodge a complaint with a data protection authority

To exercise any of these rights, contact us at alex.babita@doofer.io.

10. Data Security

We take appropriate technical and organisational measures to protect your data, including:

• HTTPS encryption
• Role-based access control
• Regular data backups
• Secure third-party service integrations

However, no method of transmission over the Internet is 100% secure.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are significant, we’ll notify you via email or through the platform.

12. Contact

If you have questions or concerns, please contact us:

📩 Email: alex.babita@doofer.io
🌍 Website: https://doofer.io