Privacy Policy
Last updated: 8 June 2026
1. About Us
BrikTech ("we", "us", "our") is a construction job management platform operated from Australia. We help builders and tradespeople manage jobs, tasks, and client communications.
2. Information We Collect
We collect information you provide directly:
- Account information — name, email address, and password when you register
- Job and task data — job details, task notes, photos, and scheduling information you enter
- Voice recordings — audio you capture using the in-app voice assistant. Audio is transmitted to OpenAI for transcription and intent recognition, then discarded by BrikTech. See section 3.
- Communications — feedback you submit through the app
- Photos — images you upload as part of task completion or documentation
- Billing information — handled by Stripe (see section 3). BrikTech never stores card numbers.
We also collect limited technical data automatically:
- IP address (used for security and rate limiting only)
- Browser type and device type
- Pages visited and actions taken within the app
3. Third-Party Services
BrikTech uses the following third-party services to operate. Each is governed by its own privacy policy:
- Stripe — payment processing for subscriptions. Card details are entered directly on Stripe's servers; we receive only a customer/subscription reference. Stripe Privacy Policy
- OpenAI — voice transcription (Whisper) and intent recognition (GPT) for the voice assistant feature, and automated extraction of selections from quote documents you upload. Audio and document content is sent to OpenAI for processing and is not used by OpenAI to train their models. OpenAI Privacy Policy
- Google Calendar (optional) — we sync task scheduled dates to your Google Calendar when you connect the integration. We store OAuth tokens to maintain this connection and only read and write calendar events related to your BrikTech tasks. Google Privacy Policy
- Xero (optional) — we read accepted quotes from your Xero account to create jobs automatically when you connect the integration. We store OAuth tokens to maintain this connection. We do not write data back to Xero. Xero Privacy Policy
- ClickSend (optional) — SMS notifications when used by your company. ClickSend Privacy Policy
- Resend — transactional email (password resets, notifications). Resend Privacy Policy
- Browser push services — when you enable push notifications, your browser registers a push endpoint with its native push service (Apple, Google, or Mozilla). We transmit notifications to that endpoint; we do not control or receive data from the push service itself.
- Meta Pixel & Conversions API (Facebook/Instagram) — on our public marketing pages only, we use the Meta Pixel and Conversions API to measure our advertising and reach relevant audiences. This may set cookies and share limited event data with Meta (such as page views and when an account is created, with your email address hashed before sending). We never share your job, client, cost, or financial data with Meta. Meta Privacy Policy
You can disconnect optional integrations at any time from your company settings page, which deletes the stored tokens.
Cookies & Advertising
Our public marketing site uses cookies and similar technologies for essential functionality and to measure our advertising through the Meta Pixel (described above). You can opt out of personalised advertising via your Meta ad preferences and manage cookies through your browser settings. The signed-in BrikTech app itself uses only the cookies necessary to keep you logged in and secure — no advertising trackers.
Google API Services — Limited Use
BrikTech's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
When you connect Google Calendar, BrikTech requests the calendar.events scope and uses that access
solely to create, read, and update calendar events that correspond to your BrikTech job tasks and schedules,
at your direction. Specifically:
- We do not use Google user data for advertising, and we do not sell or rent it.
- We do not transfer Google user data to third parties except as necessary to provide or improve this feature, to comply with applicable law, or as part of a merger or acquisition.
- We do not allow humans to read your Google Calendar data, except: with your explicit consent; where necessary for security purposes (such as investigating abuse); to comply with applicable law; or where the data is aggregated and anonymised for internal operations.
- You can revoke BrikTech's access at any time from your company integration settings (which deletes the stored OAuth tokens) or from your Google Account permissions page.
4. How We Use Your Information
- To provide and operate the BrikTech service
- To process subscription payments via Stripe
- To send you password reset emails and operational notifications
- To transcribe voice notes and extract intent for the voice assistant feature
- To sync job data with connected services (Google Calendar, Xero) at your direction
- To improve the app based on usage patterns
- To detect and prevent fraud and abuse
5. Data Storage and Security
Your primary data is stored on servers located in Sydney, Australia. Continuous backups of the database are replicated to encrypted object storage provided by Cloudflare R2; we configure R2 to use Asia-Pacific regions where available. Photos and uploaded documents are stored on the same Sydney-region server.
We implement industry-standard security measures including HTTPS encryption, hashed passwords, rate limiting, and access controls. However, no method of transmission or storage over the internet is 100% secure.
6. Data Sharing
We do not sell, rent, or trade your personal information. We only share data:
- With third-party services listed in section 3, as needed to provide the Service
- When required by law or to protect our legal rights
7. Data Retention and Deletion
We retain your account data for as long as your account remains in our system, including after subscription cancellation, so that you can reactivate and resume work without data loss. You may delete your account at any time from your Profile page. When deleted, your name and email are scrubbed from our records. Your historical contributions to job records (tasks created, photos uploaded, audit log entries) remain attached to the project history so your team's records stay intact, but are no longer associated with your personal identity.
If you require complete erasure of all data associated with you, contact us at the email below and we will action your request within 30 days.
8. Your Rights
Under Australian Privacy Act principles, you have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your account and data
- Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have mishandled your information
9. Cookies
We use a single session cookie to keep you signed in. We do not use advertising or tracking cookies.
10. Children's Privacy
BrikTech is intended for use by adults. We do not knowingly collect information from children under 16.
11. Changes to This Policy
We may update this policy from time to time. Continued use of BrikTech after changes constitutes acceptance of the updated policy.
12. Contact
For privacy questions or requests, contact us at: hello@briktech.net