Privacy Policy
Last updated: 14 May 2026 · Version 1.0
The data controller is Artur Moniz, operating Pipefitter Academy Pro as an individual developer.
Contact: piping.arturmoniz@gmail.com
For EU/EEA users: the processing described in this policy has its legal basis in Article 6(1)(b) GDPR (performance of a contract), Article 6(1)(a) GDPR (consent — for product analytics and optional product-update emails), and Article 6(1)(f) GDPR (legitimate interests — for crash/error monitoring and security) where indicated.
When you sign in with Google, we receive:
We do not receive or store your Google password.
Payments are processed by Stripe (Stripe Payments Europe, Ltd.); we are the seller of record. Stripe handles all payment card data and card processing; we never see or store card numbers. We receive from Stripe only: subscription status, plan type, and transaction IDs. We never see or store card numbers, bank details, or full billing card data.
This data is stored in your personal Firestore document, access-controlled to your account only.
When you use the ISO Assistant, photos or files you upload are sent to our Cloud Function, which forwards them to the Anthropic Claude API for analysis. Images are not stored on our servers after the response is returned. The Anthropic API processes them under Anthropic's Privacy Policy.
Product analytics (PostHog). With your consent, we use PostHog (PostHog Inc., processed on EU infrastructure) to collect usage events such as "calculator opened" or "PDF exported", to understand which features are used and improve the app. Analytics only run after you accept the consent banner; if you decline, no analytics events are sent and PostHog is kept opted out. You can withdraw consent at any time, after which tracking stops and the associated identifiers are reset.
Error & crash monitoring (Sentry). We use Sentry (Functional Software, Inc.) to detect crashes and errors so we can keep the app stable and secure. Before any error is sent, we strip personal data: we do not send your email, IP address, user name, or session replays, and we scrub identifiers from error payloads. This processing relies on our legitimate interest in the security and reliability of the service; you can object at any time by contacting us.
| Purpose | Data used | Legal basis |
|---|---|---|
| Authenticate your account | Google UID, email | Contract |
| Deliver Pro features after payment | Subscription status from Stripe | Contract |
| Save your projects & progress | Projects, quiz scores, preferences | Contract |
| Provide AI-assisted ISO reading | Uploaded images (transient) | Contract |
| Understand feature usage (analytics) | Usage events (PostHog) | Consent (opt-in only) |
| Keep the app stable & secure (crash/error monitoring) | Error reports with personal data stripped (Sentry) | Legitimate interest |
| Send product updates (optional) | Email address | Consent (opt-in only) |
| Service | Purpose | Privacy policy |
|---|---|---|
| Google Firebase (Auth, Firestore, Hosting) | Authentication, database, hosting | firebase.google.com/support/privacy |
| Stripe | Payment processing, subscription management | stripe.com/privacy |
| Anthropic (Claude API) | AI analysis of ISO drawings (ISO Assistant) | anthropic.com/legal/privacy |
| PostHog (EU) | Product usage analytics (only with consent) | posthog.com/privacy |
| Sentry | Crash & error monitoring (personal data stripped) | sentry.io/privacy |
No data is sold to, or shared with, any third party for advertising or profiling purposes.
You have the right to:
To exercise any right, email piping.arturmoniz@gmail.com. We will respond within 30 days.
You may also lodge a complaint with your national supervisory authority (e.g. CNPD in Portugal, ICO in the UK, BfDI in Germany).
California residents have the right to know what personal information is collected, request deletion, and opt out of sale. We do not sell personal information. To exercise your rights, contact us at the email above.
You can delete your account from the Profile tab inside the app, or by emailing us. Account deletion removes all your data from Firestore within 30 days.
All data is transmitted over HTTPS. Firestore access is protected by server-side security rules that restrict each user to their own documents. API keys and secrets are stored exclusively in Google Cloud Secret Manager and are never exposed in the client-side app bundle.
Pipefitter Academy Pro is intended for professional tradespeople and vocational students aged 13 and over (16 in the EU/EEA). We do not knowingly collect data from children under these ages. If you believe a child has provided us with personal data, contact us immediately.
If we make material changes, we will notify you via the app or by email at least 7 days before the change takes effect. The "last updated" date at the top of this page reflects the current version.
Artur Moniz
piping.arturmoniz@gmail.com