Legal

Privacy Policy

Last updated · 10 July 2026

1. Overview

Sendinblue ("we", "our", "the studio") designs AI-augmented architecture and visualization services. This Privacy Policy explains what personal information we collect, why we collect it, how we use it, and the rights you have over it. It applies to our website, client portal, checkout, and correspondence with the studio.

2. Information we collect

2.1 Information you provide

  • Identity data: first name, last name, company (optional).
  • Contact data: email address, phone (optional), billing address.
  • Account data: password (stored as a salted hash), preferences.
  • Order data: selected credit pack, promo codes, chosen payment method, currency.
  • Project data: briefs, references, floor plans, and files you upload for a commission.
  • Correspondence: messages you send to the studio.

2.2 Information collected automatically

  • Device and browser metadata, IP address, approximate location.
  • Usage analytics (pages viewed, referrers, session duration).
  • Cookies and similar technologies — see our Cookie Policy.

3. How we use your information

  • To deliver the services and credits you have purchased.
  • To create and manage your studio account and authenticate sessions.
  • To process payments and issue invoices, including bank-transfer instructions.
  • To communicate about your project, deliverables, and updates to our policies.
  • To improve our site, models, and workflow (using anonymized or aggregated data).
  • To meet legal, accounting, and tax obligations.

4. Legal bases

We rely on the following legal bases under the GDPR (and equivalent frameworks): performance of a contract, legitimate interests (running and improving the studio), consent (for optional cookies and marketing), and compliance with a legal obligation.

5. Sharing your data

We do not sell personal data. We share data only with vetted processors, including:

  • Payment processors and banks used to settle invoices.
  • Cloud hosting and content delivery infrastructure.
  • Email delivery, analytics, and customer support tools.
  • Legal, accounting, or regulatory authorities when required by law.

6. International transfers

Some of our processors are located outside the EEA / UK. When we transfer data internationally we rely on adequacy decisions or Standard Contractual Clauses.

7. Retention

Account and order data is retained while your account is active and for up to 7 years thereafter to satisfy tax and accounting requirements. Project files are retained for the duration of the engagement plus 24 months, unless you ask us to delete them sooner.

8. Your rights

  • Access, rectification, and erasure of your personal data.
  • Restriction and objection to certain types of processing.
  • Data portability where applicable.
  • Withdrawal of consent at any time without affecting prior processing.
  • The right to lodge a complaint with your local supervisory authority.

9. Security

We use industry-standard technical and organizational measures — TLS in transit, encryption at rest for sensitive fields, principle-of-least-privilege access, and regular reviews. No system is perfectly secure; we notify affected users of material breaches without undue delay.

10. Children

Sendinblue services are not directed to children under 16 and we do not knowingly collect their data.

11. Changes

We may update this Policy from time to time. Material changes will be announced on this page and, where appropriate, by email.

12. Contact

Data protection requests: [email protected].