RenosaurSign in

Privacy Notice

Last updated: June 21, 2026

1. Who we are

Renosaur ("Renosaur", "we", "us") operates the Renosaur web application. We act as the data controller of personal data processed in connection with the Service. Contact us at privacy@renosaur.app.

2. What we collect

  • Account data — name, email, hashed password or OAuth identifier, avatar.
  • Profile and renovation data — house name, property type, address (optional), budget, currency, projects, tasks, shopping items, rooms, photos, and receipts you upload.
  • AI inputs and outputs — messages you send to Rex and receipt images we parse, and the model's responses.
  • Support messages — anything you send us by email or in-app.
  • Usage and device data — IP address, device type, browser, pages viewed, and similar telemetry collected via our analytics provider.

3. Why we use it (purposes and legal bases)

  • Provide the Service (account creation, storing your renovation data, running AI features) — performance of contract.
  • Security and fraud prevention — legitimate interests.
  • Product improvement and aggregated analytics — legitimate interests.
  • Customer support — performance of contract / legitimate interests.
  • Marketing emails — only with your consent; you can withdraw at any time.
  • Legal compliance — legal obligation.

4. Who we share data with

  • Service providers / subprocessors — hosting, database, storage, analytics, email, and AI model providers acting on our instructions.
  • Paddle.com — our Merchant of Record. Paddle handles checkout, payments, subscription management, tax compliance, invoicing, and refunds. Paddle processes your payment data as an independent controller; see Paddle's privacy notice.
  • Professional advisers — legal, accounting, and similar advisers under confidentiality.
  • Authorities — where required by law, court order, or to protect rights and safety.

We do not sell your personal data.

5. International transfers

Some of our subprocessors are located outside your country, including outside the UK/EEA. Where data is transferred internationally we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. Retention

We keep your account data for as long as you have an account. When you delete your account, we delete or anonymise your personal data within a reasonable period unless we need to retain it for legal, accounting, or fraud-prevention purposes. Backups are cycled out within our normal backup window.

7. Your rights

Depending on where you live, you may have rights to access, rectify, erase, restrict, port, or object to our processing of your personal data, and to withdraw consent. To exercise these rights, email privacy@renosaur.app; we'll respond within one month. If you are in the UK or EEA you also have the right to complain to your local data protection authority.

8. Security

We use appropriate technical and organisational measures including encryption in transit, access controls, and row-level data isolation to protect personal data. No system is 100% secure; we'll notify affected users and authorities of any breach as required by law.

9. Cookies and analytics

We use a small number of cookies and similar technologies that are strictly necessary to keep you signed in, plus privacy-respecting analytics to count page views. We do not use advertising cookies. You can clear cookies in your browser at any time.

10. Children

Renosaur is not directed to children under 16, and we do not knowingly collect their personal data.

11. Changes

We may update this notice. We'll post the new version here and, for material changes, notify you in the app or by email.