Ducta
LEGAL · DRAFT — FOR LEGAL REVIEW

Privacy Policy

Last updated 7 July 2026 · Contact: privacy@ducta.app. The trust claims on this site, backed by the literal facts.

What we store

Ducta stores what your firm puts into it: tender drawings and documents, takeoff geometry, schedules, rate books and price lists, estimates/quotations, and account data (names, emails, firm details, TRN for documents you export). We do not ask for, and you should not enter, payment-card numbers or personal data beyond what a tender requires.

How it's protected

Your data is hosted on enterprise-grade cloud infrastructure, encrypted in transit and at rest. Access to production systems is restricted and audited. Details of our hosting arrangements and current subprocessors are available to customers and design partners on request, under NDA where required.

AI and your data — no training, ever

Drawings and prices sent to the AI are used only to produce your takeoff. Your content is not used to train AI models — ours or any provider's — under contractual terms that prohibit it. Your rate book is your commercial edge; it is never shared with, or visible to, any other firm.

Isolation between firms

Every record is scoped to your firm and the boundary is enforced at the data layer. Access within your firm follows the roles you assign (owner, admin, estimator, viewer).

Subprocessors

We use a small number of vetted infrastructure and AI processing providers. A current list is available to customers on request, and we will notify design partners in writing before adding any other subprocessor.

Retention & deletion

Your data stays until you delete it or your agreement ends. On written request we delete a firm's data within 30 days, subject to legal retention duties. Operational backups age out on the backup schedule.

Your contact

Questions, deletion requests, or a signed DPA: privacy@ducta.app.