Privacy Policy

Last updated: April 25, 2026

1. Introduction

Maintainspect.ai ("Company", "we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website maintainspect.ai and use our AI-powered building inspection platform (the "Service").

Data Controller: MJOP Beheer, Netherlands

Contact: info@maintainspect.ai

Registration: KVK 74763563 | VAT NL860017965B01

2. Scope and Applicability

This Privacy Policy applies to all users of Maintainspect.ai, including but not limited to building inspection professionals, property managers, and property owners. We comply with:

  • GDPR (General Data Protection Regulation) - for users in the European Union
  • Dutch Data Protection Law (AVG - Algemene Verordening Gegevensbescherming)
  • UK GDPR - for users in the United Kingdom
  • Industry Standards: NEN 2767, ASTM E2018, RICS, ISO 15686, and 60+ additional country-specific standards across 10 Western economies (see Terms of Service Section 12)

If you do not agree with our policies and practices, please do not use our Service.

3. Information We Collect

3.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, job title, and address
  • Billing Information: Payment method details (processed securely via Stripe), billing address, invoice records
  • Profile Data: Professional qualifications, certifications, inspection preferences
  • Inspection Data: Building details, property information, inspection reports, photographs, maintenance plans, analysis results
  • Communication: Messages, support tickets, feedback, survey responses

3.2 Information Collected Automatically

  • Usage Data: Pages viewed, time spent, features used, clicks, search queries
  • Device Information: IP address, browser type, operating system, device model
  • Location Data: Approximate geographic location (city/region level), not precise GPS
  • Cookies & Analytics: Session data, preferences, analytics identifiers (via Google Analytics, Vercel Analytics)
  • Photo Metadata: EXIF data, geolocation tags from uploaded building photos (if present)

3.3 Third-Party Information

We may receive information about you from third parties, such as your company administrator if they invite you to use the Service, or from social login providers if you use those options.

4. How We Use Your Information

We use collected information for the following purposes:

  • Service Delivery: Providing, maintaining, and improving the inspection platform and features
  • AI Analysis: Processing building photos and inspection data through AI/computer vision models (GPT-4o) for automated analysis and report generation
  • Account Management: Creating and managing your account, authentication, authorization
  • Billing & Payments: Processing payments, invoicing, subscription management
  • Communications: Sending account updates, technical notices, support responses, product announcements
  • Legal Compliance: Meeting legal obligations, enforcing agreements, protecting rights
  • Security: Detecting, preventing, and addressing fraud, abuse, and security incidents
  • Analytics & Improvement: Analyzing usage patterns to improve the Service (anonymized where possible)
  • Marketing: Sending newsletters and promotional content (with your consent; you can opt-out anytime)

5. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

  • Contract: Processing necessary to fulfill our service agreement with you
  • Consent: Your explicit consent for certain uses (marketing, optional analytics, cookies)
  • Legal Obligation: Complying with tax law, accounting requirements, legal requests
  • Legitimate Interest: Improving security, preventing fraud, analytics (balanced with your rights)

6. Data Sharing and Disclosure

6.1 Service Providers

We may share your data with trusted third parties that help us operate the Service:

  • Supabase: Database hosting, authentication, real-time data services (GDPR-compliant)
  • Stripe: Payment processing (PCI-DSS compliant; we don't store full card numbers)
  • OpenAI: AI analysis of building photos using GPT-4o and vision models
  • Vercel: Website hosting and deployment (GDPR-compliant)
  • Google Analytics: Website traffic analysis (anonymized data)

All service providers are bound by Data Processing Agreements (DPAs) ensuring GDPR compliance.

6.2 Legal Requirements

We may disclose your information if required by law, court order, or regulatory authority in the Netherlands or EU, or to protect our legal rights and the safety of our users.

6.3 Business Transfers

If Maintainspect.ai is involved in a merger, acquisition, bankruptcy, or asset sale, your information may be transferred. We will provide notice before your data becomes subject to a different privacy policy.

6.4 No Sale of Personal Data

We do not sell, trade, or rent your personal information to third parties for commercial purposes.

7. Data Security

We implement comprehensive security measures to protect your information against unauthorized access, alteration, disclosure, or destruction:

  • Encryption: TLS/SSL encryption for data in transit; AES-256 for sensitive data at rest
  • Authentication: Multi-factor authentication (MFA) available for all accounts
  • Access Controls: Role-based access control (RBAC), principle of least privilege
  • Infrastructure: Secure hosting on Supabase and Vercel with regular security audits
  • Monitoring: Continuous security monitoring, intrusion detection, DDoS protection
  • Employee Training: Regular data protection training for all staff
  • Incident Response: Documented procedures for handling data breaches (notification within 72 hours if required by law)

Note: While we implement strong security measures, no system is completely secure. If you believe your account has been compromised, contact us immediately at info@maintainspect.ai.

8. Data Retention

We retain your data for as long as necessary to provide the Service and comply with legal obligations:

  • Account Data: Retained while your account is active; deleted within 30 days of account closure
  • Inspection Reports: Retained for the duration of your subscription; archived for 7 years for legal compliance (Dutch accounting law)
  • Billing Records: Retained for 7 years (required by Dutch tax law)
  • Marketing Data: Retained until you unsubscribe
  • Log Files: Retained for up to 90 days for security purposes
  • Cookies: Depending on type, retained from session end to 24 months

You can request data deletion at any time, subject to legal retention requirements.

9. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Delete your data (subject to legal retention obligations)
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Opt-out of marketing communications, profiling, or automated processing
  • Right to Withdraw Consent: Withdraw consent for any processing at any time

To exercise any of these rights, contact us at info@maintainspect.ai with your request. We will respond within 30 days (or 60 days for complex requests).

10. Cookies and Tracking

10.1 Types of Cookies

  • Essential Cookies: Required for site functionality, authentication, security
  • Analytics Cookies: Track usage patterns to improve the Service (Google Analytics)
  • Preference Cookies: Remember your language, theme, and settings

10.2 Cookie Consent

We obtain your consent before placing non-essential cookies. You can manage cookie preferences in your browser settings or through our consent banner. Disabling cookies may affect Service functionality.

10.3 Third-Party Cookies

Third-party services (Google, Stripe) may set their own cookies. See their privacy policies for details.

11. AI Processing and Automated Decision-Making

Maintainspect.ai uses artificial intelligence to analyze building photos and generate inspection reports:

  • Photo Analysis: Your uploaded images are processed by OpenAI's GPT-4o model for automated visual inspection and defect detection
  • Report Generation: AI generates analysis summaries and recommendations based on inspection data, referencing applicable standards from 10+ countries
  • Human Review Required: All AI outputs MUST be reviewed and verified by qualified professionals before use. You are solely responsible for validating AI-generated content
  • No Profiling: We do not use your data for automated profiling or decisions with legal effects without human review

Important — User Responsibility: AI-generated inspection reports, condition assessments, and recommendations are informational only. You are at all times solely responsible for verifying all output with your specialist knowledge. Maintainspect.ai does not replace professional judgment or physical on-site inspection. See our Terms of Service (Section 8) for full details on user responsibility and liability limitations.

Note on Photo Privacy: Building photos are sent securely to OpenAI for analysis. Photos are not stored by OpenAI for training purposes. See OpenAI's privacy policy for details.

12. Children's Privacy

Maintainspect.ai is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 16, we will delete it immediately. Parents who believe their child has provided information should contact us at info@maintainspect.ai.

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to review their privacy policies before providing any information.

14. International Data Transfers

Maintainspect.ai is hosted in the EU (primarily Netherlands and EU regions). However, some service providers (like OpenAI) may process data in the United States. We ensure adequate safeguards:

  • Standard Contractual Clauses (SCCs): Agreements with US-based providers include SCCs for lawful data transfers
  • Adequacy Decisions: EU-US Data Privacy Framework where applicable

15. Data Protection Officer and Complaints

Questions or Requests? Contact us at:

Email: info@maintainspect.ai

WhatsApp: +31 6 22 20 22 44

Company: MJOP Beheer

KVK: 74763563

Data Protection Authority: If you believe we've violated your privacy rights, you can lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

Website: www.autoriteitpersoonsgegevens.nl | Phone: +31 (0)88 6620 300

16. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes via email or by posting the updated policy on our website. Your continued use of the Service constitutes acceptance of the updated Privacy Policy.

Last Updated: April 25, 2026

Bądź na bieżąco z inspekcją budynków

Otrzymuj porady ekspertów, aktualizacje produktów i informacje branżowe.

Bez spamu. Wypisz się w dowolnym momencie.Newsletter jest w języku angielskim.