Privacy Policy

Last Updated: February 11, 2026

1. Introduction

Welcome to PlanMorph ("we," "our," or "us"). PlanMorph operates an online marketplace connecting architects and engineers with clients seeking architectural designs and construction services. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at planmorph.com (the "Platform"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Platform.

2. Information We Collect

2.1 Personal Information You Provide

All Users (Clients, Architects, Engineers, Contractors)

  • Full name (first name and last name)
  • Email address
  • Phone number
  • Password (encrypted and securely stored)
  • Account preferences and settings
  • User role and account status

Professional Users (Architects & Engineers)

  • Professional license number and documentation
  • Years of professional experience
  • Portfolio URL (if provided)
  • Specialization and areas of expertise
  • Professional documents (CV, cover letter, work experience)
  • Document metadata (file size, upload timestamps)

3. How We Use Your Information

To Provide and Maintain Our Services

  • Process user registrations and manage accounts
  • Authenticate users and maintain security
  • Enable design browsing, filtering, and purchasing
  • Facilitate construction service requests (Kenya only)
  • Process payments through our payment partners
  • Deliver purchased design files and documentation

To Communicate With You

  • Send order confirmations and receipts
  • Notify architects of design approval or rejection decisions
  • Notify professionals of account approval status
  • Send password reset instructions
  • Provide customer support and respond to inquiries

4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following circumstances:

Paystack (Payment Processing)

We use Paystack to process payments securely. Paystack is PCI-DSS compliant and handles all payment card data. We never store credit card numbers on our servers.

DigitalOcean Spaces (File Storage)

Design files and professional documents are stored on DigitalOcean Spaces. Download URLs are time-limited and cryptographically signed (60-minute expiration).

Email Service Providers

We use email service providers to send transactional emails including order confirmations, account notifications, and password resets.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

Encryption: Passwords are securely hashed using ASP.NET Identity
HTTPS/TLS: All data transmission is encrypted in transit
JWT Authentication: Secure, stateless authentication (60-minute expiration)
Signed URLs: File downloads are cryptographically signed with limited validity
Role-Based Access: Strict access controls restrict data access

Despite our efforts, no electronic transmission or storage system is 100% secure. We cannot guarantee absolute security of your information.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal obligations)
  • Data Portability: Request transfer of your information to another service

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]
Subject Line: "Privacy Rights Request"

We will respond to your request within 30 days.

7. Regional Privacy Rights

European Economic Area (EEA) - GDPR

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR) including the right to lodge a complaint with your local supervisory authority and the right to data portability in a structured, machine-readable format.

Data Protection Officer: [email protected]

California - CCPA/CPRA

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) including the right to know what personal information is collected and the right to deletion.

We Do NOT Sell Personal Information.

Kenya - Data Protection Act

If you are located in Kenya, you have rights under the Kenya Data Protection Act (2019) including the right to access, object to processing, correct, delete, restrict processing, and data portability. You may lodge a complaint with the Office of the Data Protection Commissioner.

Kenya Contact: [email protected]

8. Children's Privacy

PlanMorph is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected], and we will delete such information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this policy indicates when it was last revised. We will notify you of material changes by posting a prominent notice on our Platform or sending an email to your registered email address.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

General Privacy Inquiries:

Email: [email protected]

Support Email: [email protected]

Website: https://planmorph.com/contact

Data Protection Officer:

Email: [email protected]

Response Time:

We aim to respond to all privacy inquiries within 5 business days and fulfill rights requests within 30 days.

For the most current version of this policy, please visit: https://planmorph.com/privacy-policy