DIYKBDesign

Privacy Policy

Effective Date: February 7, 2026 · Last Updated: February 7, 2026

DIYKB, LLC (“DIYKB,” “we,” “us,” or “our”) operates the website located at diykbdesign.com and related services (collectively, the “Platform”). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our Platform, create an account, upload content, or otherwise interact with our services.

We are committed to protecting your privacy. Please read this policy carefully. By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Platform.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Information: name, email address, phone number, ZIP code, and password when you register.
  • Profile Information: username, avatar image, and optional biographical details.
  • Uploaded Content: photographs of kitchens, bathrooms, outdoor spaces, or other rooms you upload for AI visualization.
  • Material Preferences: selections for countertops, cabinets, fixtures, lighting, colors, and other design choices.
  • Quote Requests & Lead Information: project scope, budget range, timeline, contact details, and any notes you submit when requesting a contractor quote.
  • Communications: messages, emails, or other correspondence you send to us or to contractors through the Platform.
  • Payment Information: if applicable, payment details are processed by our third-party payment processor and are never stored on our servers.

1.2 Information Collected Automatically

  • Device & Browser Data: IP address, browser type and version, operating system, device identifiers, screen resolution, and language preferences.
  • Usage Data: pages visited, features used, time spent on pages, click patterns, referring URLs, and search queries within the Platform.
  • Geolocation Data: approximate location derived from your IP address or, with your consent, precise location from your device to connect you with local contractors.
  • Image Metadata (EXIF): when you upload photos, we may extract metadata including GPS coordinates, camera model, timestamp, and orientation. This data helps us determine your service area and optimize image processing.
  • Cookies & Similar Technologies: see Section 5 below.

1.3 Information from Third Parties

  • OAuth Providers: if you sign in via Google or another OAuth provider, we receive your name, email address, and profile picture as authorized by you.
  • Analytics Providers: aggregated and de-identified data from analytics services.
  • Contractors & Partners: feedback, project status updates, or other information provided by contractors you engage through the Platform.

2. How We Use Your Information

We use your information for the following purposes:

  • Provide & Improve the Platform: generate AI visualizations, display your designs, operate the community feed, and improve our algorithms.
  • Contractor Matching: connect you with vetted contractors and showrooms in your area based on your project details and location.
  • Communications: send transactional emails (account verification, password resets, quote confirmations), service announcements, and, with your consent, marketing communications.
  • Safety & Security: detect and prevent fraud, abuse, and unauthorized access; enforce our Terms of Service; comply with legal obligations.
  • Analytics & Research: understand usage patterns, diagnose technical issues, and develop new features.
  • Legal Compliance: comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

3. How We Share Your Information

We do not sell your personal information. We may share your information with:

3.1 Contractors & Showroom Partners

When you request a quote or use the “Apply to My Space” feature, we share relevant information with the matched contractor or showroom, including:

  • Your name and contact information
  • Project details, material selections, and generated visualizations
  • Your ZIP code or general location

You will be informed before any data is shared with a specific contractor.

3.2 Service Providers

We engage trusted third-party companies to perform services on our behalf, including but not limited to:

  • Cloud Infrastructure & Hosting: servers, databases, and content delivery.
  • AI Processing: image generation and analysis. Images are transmitted securely under enterprise data processing agreements.
  • Authentication: identity verification and secure login.
  • Email Delivery: transactional emails such as account verification and quote confirmations.
  • Error Monitoring: technical error tracking to maintain Platform reliability (no personal content is transmitted).

For a detailed list of our service providers, you may submit a request to privacy@diykbdesign.com.

3.3 Legal & Safety Disclosures

We may disclose your information if required by law, subpoena, court order, or government request, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to an emergency.

3.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Platform before your information becomes subject to a different privacy policy.

4. Data Retention

  • Account Data: retained for as long as your account is active. Upon account deletion, personal data is purged within 30 days, except where retention is required by law.
  • Uploaded Images: temporary uploads are automatically deleted within 24 hours after processing. Saved generations are retained for as long as your account is active.
  • Quote & Lead Data: retained for up to 24 months after the last interaction to facilitate ongoing projects and contractor follow-up.
  • Server Logs: automatically deleted after 90 days.
  • Aggregated/De-identified Data: may be retained indefinitely for analytics and service improvement.

5. Cookies & Tracking Technologies

We use the following categories of cookies and similar technologies:

  • Strictly Necessary: authentication tokens, session management, CSRF protection, and security cookies. These cannot be disabled.
  • Functional: remember your preferences, selected materials, and display settings.
  • Analytics: understand how visitors use the Platform, measure performance, and identify errors. We use privacy-respecting analytics that do not create cross-site profiles.

We do not use third-party advertising cookies or participate in cross-site behavioral advertising networks.

You can control cookies through your browser settings. Disabling strictly necessary cookies may impair Platform functionality.

6. Your Privacy Rights

6.1 Rights Under California Law (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know & Access: request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Delete: request deletion of your personal information, subject to certain legal exceptions.
  • Correct: request correction of inaccurate personal information.
  • Opt Out of Sale/Sharing: we do not sell or share your personal information for cross-context behavioral advertising. No opt-out is necessary.
  • Non-Discrimination: we will not discriminate against you for exercising any of your privacy rights.
  • Limit Use of Sensitive Personal Information: you may request that we limit our use of sensitive personal information (such as precise geolocation) to purposes necessary to provide the Platform.

To exercise these rights, email us at privacy@diykbdesign.com or use the account settings page. We will verify your identity before processing your request and respond within 45 days as required by law.

You may designate an authorized agent to submit requests on your behalf. We may require the agent to provide written proof of authorization and verify your identity directly.

6.2 Rights for All Users

Regardless of your location, you may:

  • Access and update your personal information through your account settings.
  • Delete your account and associated data at any time.
  • Opt out of marketing emails by clicking the “Unsubscribe” link in any marketing email or updating your notification preferences.
  • Request a copy of your data in a portable, machine-readable format.
  • Withdraw consent for optional data processing at any time.

6.3 Do Not Track

We honor Do Not Track (DNT) browser signals. When we detect a DNT signal, we disable non-essential analytics tracking for that session.

7. Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256) for all personal data and uploaded content.
  • Row-level security policies on our database ensuring users can only access their own data.
  • Secure authentication via OAuth 2.0 and bcrypt-hashed passwords.
  • Regular security audits and dependency vulnerability scanning.
  • Access controls limiting employee access to personal data on a need-to-know basis.
  • Automated rate limiting and abuse detection systems.

Despite these measures, no method of transmission or storage is 100% secure. If you become aware of any unauthorized access to your account, please contact us immediately at security@diykbdesign.com.

8. Children’s Privacy

The Platform is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal information, please contact us at privacy@diykbdesign.com.

9. International Data Transfers

Our Platform is hosted in the United States. If you access the Platform from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Platform, you consent to this transfer. We ensure that all data transfers comply with applicable legal requirements and that appropriate safeguards are in place.

10. Third-Party Links

The Platform may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services before providing them with your information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (sent to the address associated with your account) or by posting a prominent notice on the Platform at least 30 days before the changes take effect. Your continued use of the Platform after the effective date of the revised policy constitutes your acceptance of the changes.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

  • Email: privacy@diykbdesign.com
  • Mail: DIYKB, LLC — Attn: Privacy, California, USA

If you are a California resident and are not satisfied with our response, you may file a complaint with the California Attorney General’s Office at oag.ca.gov.