Ascent
Ascent

Privacy Policy

Last updated:

1. Data Controller

Ascent Projetos LTDA (hereinafter “Ascent”, “we”, or “the company”) is the controller of personal data collected through the website, Revit plugin, and web platform.

Privacy Contact:

  • Privacy Email: privacidade@ascent.app.br
  • Response Time: Up to 7 business days (per LGPD Art. 18)
  • Business Hours: Monday to Friday, 9am to 6pm (Brasilia time)

2. Data Collected

We collect different types of personal data based on your interaction with Ascent:

Registration Data (Required):

  • Full name
  • Email
  • Company/Organization
  • Phone
  • Geographic location (country, state, city)

Usage Data:

  • Access logs (IP, timestamp, browser)
  • Usage telemetry (which modules you use, frequency)
  • .rvt projects submitted (metadata, not the complete file)
  • Session duration and browsing patterns

Payment Data:

  • Processed exclusively by Stripe (we do not store card numbers)
  • Transaction history and receipts
  • Billing information (CNPJ for companies)

AI-Generated Data:

  • Metrics extracted from your projects (element quantities)
  • Pattern analysis (common errors, optimization opportunities)
  • Personalized suggestions based on your workflow

The collection and processing of your data is based on the following articles of the LGPD (Law No. 13,709/2018):

  • Registration data collected during sign-up
  • You can revoke consent at any time

Contract Execution (Art. 7, II):

  • Data necessary for service provision (email, company)
  • Payment data for subscription processing
  • Access logs for security and auditing

Legitimate Interest (Art. 7, IX):

  • Usage telemetry for product improvements
  • AI analysis for personalized recommendations
  • Fraud prevention and abuse detection

4. AI and Automation Usage

Ascent uses externally trained AI models to offer advanced features. Here is how we operate with transparency:

AI Features:

  • Automatic Quantity Extraction: Processing of BIM elements to generate precise reports of materials and dimensions.
  • Optimization Suggestions: Analysis of your Revit projects to identify patterns and propose efficiency improvements.
  • Usage Pattern Analysis: Identification of workflows to personalize recommendations.

Data Transparency:

  • We DO NOT TRAIN: Your data is never used to train new AI models.
  • We DO NOT SHARE: Data is not shared with third parties for AI purposes.
  • CONTROL: You can disable AI features in your privacy settings.

Security:

  • Processing on secure servers with end-to-end encryption
  • Audited logs of all AI analyses

5. Third-Party Sharing

We share your data only with essential service providers, under confidentiality agreements.

Stripe (Payments):

  • Shared Data: Email, name, transaction amount
  • Purpose: Payment processing and fraud detection
  • Privacy Policy: https://stripe.com/privacy

Supabase (Cloud Storage):

  • Shared Data: All registration and project data
  • Purpose: Secure hosting and data synchronization
  • Location: US servers (GDPR compliant)
  • Privacy Policy: https://supabase.com/privacy

We Do Not Sell Data:

We never sell your personal data to third parties.

6. Data Retention

We keep your data only for as long as necessary. Here is our retention policy:

Registration Data:

  • While your account is active: Fully retained
  • After cancellation: Retained for an additional 5 years (fiscal compliance requirement)

Telemetry Data:

  • Retention: 2 years from collection
  • Afterwards: Anonymized for statistical analysis

Project Data:

  • Under your control: You can delete at any time
  • Backup: We keep backups for 30 days after deletion (for recovery)

Payment Data:

7. Data Subject Rights (LGPD Art. 18)

You have rights guaranteed by the LGPD. Here is how to exercise them:

1. Right of Access:

Obtain a copy of all your data in a portable format (CSV/JSON)

2. Right of Correction:

Correct inaccurate information (name, email, company)

3. Right of Deletion:

Request deletion of all your data (right to be forgotten)

4. Right of Portability:

Receive your data in a structured format for transfer to another service

Withdraw consent for AI analysis and telemetry (with feature restrictions)

How to Exercise Your Rights:

  • User Portal: Go to your dashboard > Settings > Privacy
  • Email: Send a request to privacidade@ascent.app.br
  • Response Time: 15 business days (per LGPD Art. 18, §3)

8. Information Security

We implement technical and administrative measures to protect your data:

Encryption:

  • HTTPS (TLS 1.2+) for all communications
  • AES-256 for data at rest on Supabase

Access Control:

  • RLS (Row Level Security) on the database
  • JWT authentication with secure tokens
  • Restricted employee access (under NDA)

Auditing:

  • Logs of all sensitive data operations
  • Continuous monitoring of suspicious access
  • Automatic alerts for unauthorized access attempts

Security Incidents:

In the event of a data breach, we will notify you via email within 72 hours (per LGPD Art. 34)

9. Changes to This Policy

This Privacy Policy may be updated periodically. When that happens:

Minor Changes (Technical Revisions):

  • Updated without prior notice
  • Check the version history (available at the bottom of this page)

Material Changes (New Rights/Obligations):

  • Email notification 30 days before taking effect
  • You can withdraw consent if you disagree
  • Service continuity during the transition period

Previous Versions:

Available upon request. Contact privacidade@ascent.app.br

10. Contact

Questions about privacy? Contact us:

Data Protection Officer (DPO):

Mailing Address:

Ascent Projetos LTDA
São Paulo - SP
Brazil

Regulatory Authority:

National Data Protection Authority (ANPD)
https://www.gov.br/cidadania/pt-br/acesso-a-informacao/lgpd

Last updated: February 13, 2026

Back to Top