Legal · Georend

Privacy Policy

Last updated: [DATE] Effective date: [DATE]

Pascal Group Inc. ("Georend," "we," "us") operates georend.app, the Georend iOS application, and related services (together, the "Service"). This Privacy Policy describes what personal information we collect, how we use and share it, and the choices available to you.

If you live in California, see Section 9 for your CCPA/CPRA rights. If you live in the EU/EEA, UK, or Switzerland, additional GDPR-specific terms must be added by counsel. This draft does not include full GDPR disclosures.

1. Who we are and how to contact us

Pascal Group Inc., a [Delaware] corporation at [ADDRESS], is the controller of personal information processed through the Service.

2. What is personal information

"Personal information" means information that identifies, relates to, or could reasonably be linked to a specific person. Information about a physical space (geometry, wall dimensions, fixtures) is not by itself personal information, but it can become personal information when combined with an address, image, or other identifier.

3. Information we collect

3.1 Information you provide

  • Account information. Name, email, password hash (or Google account identifier when you use Google sign-in), and profile image if you set one.
  • Scan content. The 3D scene data produced by the iOS scanner, including the Pascal-format JSON (walls, slabs, items, zones, guides, scans) and the USDZ file. You choose what spaces to scan and what to upload.
  • Thumbnails. A 2D image of each scan used to preview it in lists.
  • Labels, notes, annotations, comments. Any text, tag, or metadata you add to a scene in the editor.
  • Share links and sharing history. Tokens you generate, the scenes they point to, and expiration state.
  • Communications. Support emails, form submissions, and other messages you send us.
  • Beta-program information. If you join a beta program, records of your participation, signed agreements, and feedback you provide in weekly calls or written submissions.

3.2 Information collected on the iOS device

The iOS app uses on-device sensors and models. The following happen on your device and are not transmitted to us unless stated:

  • Apple RoomPlan captures structural geometry of the space.
  • The iOS ARKit session produces camera frames. The app samples RGB color values from those frames to paint surfaces. The app also runs a Core ML YOLOv8n object detector on frames to identify fixtures (fans, lamps, mirrors) RoomPlan misses.
  • Camera frames themselves are not uploaded to Georend. Only the derived scene data (geometry, per-surface color samples, and detected object labels with their positions) is uploaded.
  • A thumbnail image of the scene is generated on the device and uploaded.

If we change these behaviors, for example if we add a feature that uploads raw imagery, we will update this Privacy Policy and, where required, obtain your consent.

3.2.1 Per-room floor photos (optional, when enabled)

A future release of the Service will, if you opt in, capture a small floor-plane image from the room you are scanning. The capture works like this:

  • The iOS app selects the best floor-facing frame from the AR session.
  • On your device, the app crops that frame to a square tile of up to 512 × 512 pixels, aligned to the floor plane. The crop is intended to contain flooring surface only, not faces, personal belongings, or the broader room.
  • The cropped tile is uploaded alongside the scene data.
  • On our server, the tile is used to help identify the current flooring material (wood, tile, carpet, LVP, and so on) and to tag visible surface condition (scratches, water staining, wear, damage) for your proposal. We may retain the tile with the scene to let contractors override or re-check the classification later.
  • You may disable photo capture for a given scan, or globally, in the iOS app settings. Disabling it turns off automatic material and condition identification. It does not affect the rest of the scan.
  • If you scan a space that is not your own, it is your responsibility to have the authorizations described in Section 14 before enabling photo capture.

We may pass the tile to a third-party vision service to perform the classification. Those services are subject to Section 6 and to written data-handling agreements. We do not use your photos to train general-purpose models of any third party.

3.3 Information collected automatically

  • Device and usage data. IP address, device and operating-system type, browser type, iOS version, app version, crash logs, approximate geographic region derived from IP, and timestamps of key actions (account creation, scan upload, scene save, share-link generation).
  • Cookies and similar technologies. We use first-party cookies on georend.app for authentication (session tokens via Auth.js), CSRF protection, and basic preference storage. We do not currently use third-party advertising cookies. See Section 8.

3.4 Information from third parties

  • Google sign-in. If you sign in with Google, we receive your name, email, Google account ID, and profile image.
  • Service providers. Our storage, authentication, and infrastructure vendors may return operational metadata about your requests (e.g., object-storage upload receipts).

4. How we use information

We use information for the following purposes:

  • Provide the Service. Create your account, authenticate you, store and serve your scans, render the editor, generate share links, and deliver scenes to recipients you share with.
  • Operate the iOS-to-cloud pipeline. Accept two-phase uploads, store USDZ and thumbnail assets, store scene JSON, and serve them back on request.
  • Service communications. Send transactional messages (account confirmation, password reset, share-link events, billing receipts, and security or policy updates). These are not marketing.
  • Improve the Service. Diagnose bugs, understand how features are used in aggregate, and evaluate reliability. Where we aggregate scene data for modeling (e.g., improving the RoomPlan-to-Pascal conversion), we do so on de-identified data only.
  • Security and integrity. Detect and prevent fraud, abuse, account takeover, and violations of our Terms.
  • Legal compliance. Respond to lawful requests, enforce our Terms, and protect our rights.
  • With your consent. Any use described to you at the time of collection and to which you consent.

We do not sell your personal information and we do not use it for cross-context behavioral advertising.

5. Legal bases (for users in relevant jurisdictions)

Where required by law, we rely on: (a) performance of our contract with you, (b) our legitimate interests in running and improving the Service and keeping it secure, (c) your consent (which you can withdraw), and (d) compliance with legal obligations. Counsel should expand this section with purpose-by-purpose basis mapping if you intend to serve EU/UK users.

6. How we share information

We share personal information only as described below.

  • Service providers (processors). We use vendors to operate the Service. Representative categories (subject to change):
    • Cloud database and hosting: [Postgres provider]
    • Object storage: Amazon S3 and/or Cloudflare R2
    • Authentication: Auth.js with Google Sign-In as an optional identity provider
    • Email delivery: [provider]
    • Crash / error monitoring: [provider, if any] These providers process information on our behalf under written contracts.
  • Recipients you share with. If you generate a share link, the scene's geometry, labels, thumbnails, and any notes or annotations you attach become visible to anyone with the token.
  • Collaborators. If a future team feature is enabled, other members of your workspace will see content in that workspace.
  • Legal and safety. We may share information when we have a good-faith belief that disclosure is required to comply with law, legal process, or a government request; to enforce our Terms; or to protect the rights, property, or safety of anyone.
  • Corporate transactions. In connection with a merger, acquisition, financing, or sale of assets, information may be transferred to the other party, subject to commercially reasonable confidentiality.
  • With your direction. Any other sharing you instruct us to do.

7. Retention and deletion

We keep personal information only as long as needed for the purposes described here.

  • Account information: while your account is active and for a reasonable period afterward for legal, tax, accounting, and fraud-prevention purposes.
  • Scans and scene data: until you delete them or delete your account. After deletion, we remove live copies promptly and purge from backups on our standard backup rotation (typically within [30-90] days).
  • Share-link records: until the link is revoked or expires, plus a reasonable period for audit.
  • Logs and security data: typically [90-180] days unless needed for an active investigation.

You can delete individual scans and share links from within the Service. You can delete your account by [describe mechanism, e.g., account settings → Delete account, or email to privacy@georend.app].

8. Cookies and tracking

We use the following cookies on georend.app:

  • Strictly necessary: session authentication, CSRF protection, and load-balancing.
  • Preference: theme and UI settings.
  • Analytics (if enabled): first-party measurement of aggregate usage patterns. [Specify provider or "none currently" once decided.]

We do not set third-party advertising cookies. Global Privacy Control (GPC) signals are honored where applicable.

9. California residents (CCPA/CPRA)

Categories of personal information collected in the last 12 months: identifiers (name, email, IP); internet / network activity; user-generated content (scenes, thumbnails, annotations); commercial information (if you purchase a paid plan); inferences derived from any of the above for purposes of providing the Service.

Sources: directly from you; from your device (iOS app); from third parties you authorize (Google sign-in); automatically from your interaction with the Service.

Purposes: Section 4.

Disclosures for business purposes: we disclose the above categories to our service providers under Section 6.

"Sale" or "share" of personal information: we do not sell personal information and we do not share it for cross-context behavioral advertising.

Your rights under the CCPA/CPRA: right to know, right to delete, right to correct, right to portability, right to limit use of sensitive personal information (we do not currently process sensitive personal information for purposes beyond those permitted without a limitation right), and right to non-discrimination. To exercise any right, email privacy@georend.app from the address on your account or use [designated webform]. We will verify your identity before acting. You may use an authorized agent under the CCPA. We will require written authorization.

10. Children

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact privacy@georend.app and we will delete it.

11. Security

We use administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit (HTTPS), encryption at rest for stored objects, access controls on our database and storage buckets, and credential rotation. No method of transmission or storage is perfectly secure. You are responsible for keeping your account credentials confidential.

12. International transfers

The Service is operated from the United States. If you access it from outside the US, your information will be transferred to and processed in the US. Counsel should add specific safe-transfer mechanisms (Standard Contractual Clauses, UK Addendum, Swiss Addendum, adequacy decisions, transfer impact assessments) before serving EU/UK users.

13. Third-party links and services

The Service may link to or integrate with third-party services. Their privacy practices are governed by their own policies, not by this one.

14. Your responsibilities when scanning spaces

When you scan a physical space, you may capture geometry and color information about someone else's residence, workspace, or belongings. You are responsible for obtaining any permissions required by law or by common courtesy before scanning, and for limiting what you upload and share. If you receive a request from a third party whose space you scanned, you are responsible for responding. We will cooperate with lawful requests addressed directly to us.

15. Changes to this policy

We may update this Privacy Policy from time to time. If a change is material, we will provide notice at least 14 days before it takes effect (by email, in-app notice, or a notice on georend.app), except where a shorter period is required by law. Continued use after the effective date constitutes acceptance.

16. Contact us

Questions, requests, or complaints:

Pascal Group Inc. [STREET ADDRESS] [CITY, STATE, ZIP] privacy@georend.app

If you are not satisfied with our response, you may have the right to complain to a supervisory authority in your jurisdiction.