Privacy Notice

1. Who we are

Bruco Group (Pty) Ltd ("we", "us", "our") is the operator of the Takeoff Pro service and acts as the responsible party / data controller for personal information processed through the Service. We are based in the Republic of South Africa and process personal information in accordance with the Protection of Personal Information Act, 2013 ("POPIA") and, where applicable, the EU/UK General Data Protection Regulation ("GDPR").

2. Personal information we collect

• Account data — name, email address, password (stored hashed), company name.
• Profile and project data — project names, drawings, measurements, items, settings you create in the app.
• Support data — messages and attachments you send via the support form.
• Usage and device data — pages visited, actions taken, browser type, device identifiers, IP address, approximate location derived from IP, log data.
• Billing data — collected and processed by our payment provider Paddle. We receive only the information needed to manage your subscription (e.g. customer ID, plan, status, last four digits of card).

3. Why we use it and our lawful basis

• Provide the Service — create your account, host your projects, deliver features (performance of contract).
• Billing and subscription management — via Paddle (performance of contract / legal obligation).
• Security and fraud prevention — detect abuse, protect the Service (legitimate interests).
• Customer support — respond to your queries and tickets (performance of contract / legitimate interests).
• Product improvement — understand usage to improve features (legitimate interests).
• Legal compliance — meet tax, accounting and other legal obligations (legal obligation).
• Marketing — only with your consent, and you may opt out at any time.

4. Who we share it with

• Hosting and infrastructure providers who host the application, database and uploaded files on our behalf.
• Paddle.com Market Ltd, our Merchant of Record, for the sale of the product, subscription management, payments, tax compliance and invoicing.
• Professional advisers (legal, accounting) where reasonably necessary.
• Authorities where required by law or to protect our rights.

We do not sell personal information.

5. International transfers

Some of our service providers are located outside South Africa or the EEA. Where personal information is transferred internationally we rely on appropriate safeguards, including adequacy decisions and standard contractual clauses, to ensure your information remains protected.

6. Retention

We keep your personal information for as long as your account is active and for a reasonable period afterwards to comply with legal and tax obligations, resolve disputes and enforce our agreements. When information is no longer needed it is deleted or anonymised.

7. Your rights

Subject to applicable law you have the right to: access the personal information we hold about you; correct inaccurate information; request deletion; object to or restrict certain processing; withdraw consent where we rely on it; request portability of your information; and lodge a complaint with a supervisory authority (in South Africa, the Information Regulator).

To exercise any of these rights, email information@brucogroup.co.za. We will respond within the timeframe required by law (and in any event within one month under GDPR).

8. Security

We apply appropriate technical and organisational measures to protect personal information, including encryption in transit, access controls, and authenticated database access. No system is perfectly secure; if you suspect unauthorised access to your account please contact us immediately.

9. Cookies

We use a small number of strictly necessary cookies and local storage entries to keep you signed in and to remember your preferences. We do not use third-party advertising cookies.

10. Contact

For any privacy-related question or request, contact:
Bruco Group (Pty) Ltd
Email: information@brucogroup.co.za